AV prijavljuje Trojanca!

AV prijavljuje Trojanca!

offline
  • Pridružio: 28 Feb 2009
  • Poruke: 190
  • Gde živiš: Beograd

U toku rada komp mi izbaci poruku da IE ne moze ucitati trazenu stranu.Prilikom skeniranja kompa, AVG mi je prijavio Trojanca:

Infection:
Trojan horse SHeur2.BTEC
Object:
C:\Documents and settings\All users\Documents\Settings\cbss.dll
Result:
Moved to Virus Vault
Process:
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

Takodje mi je i Malwarebytes' Anti-Malware prijavio sledece:

Inficirani kljuèevi u registru: 1
Inficirani kljuèevi u registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbssreg (Trojan.Agent) -> No action taken.

Nakon sto je zavrseno skeniranje sa Malware-om komp mi se resetovao.

Pokusao sam sa HEAL kada je AVG prijavio trojanca ali nije pomoglo.

Sta raditi?

Evo logova...


DDS (Ver_09-09-29.01) - NTFSx86
Run by Milan at 17:11:53.89 on Fri 11/27/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.237 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\WinFast\WFDTV\DVBTAP.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Bandoo\BndCore.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Documents and Settings\Milan\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://www.krstarica.com
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0 ce\reader\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Windows Live pomagac za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: TBSB00982 Class: {da3d342f-ff20-4e31-9e82-22334155730c} - c:\program files\antbar\ant.com toolbar\tbu02012\tbcore3.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: BandooIEPlugin Class: {eb5cee80-030a-4ed8-8e20-454e9c68380f} - c:\program files\bandoo\plugins\ie\ieplugin.dll
BHO: TBSB00982 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\antbar\ant.com toolbar\tbcore3.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ant.com Toolbar: {6cd56c02-cb4d-41b5-a0fe-b479061ccb41} - c:\program files\antbar\ant.com toolbar\tbu02012\tbcore3.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - No File
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Magentic] c:\progra~1\magentic\bin\Magentic.exe /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [WinFast Schedule] c:\program files\winfast\wfdtv\WFWIZ.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [WinampAgent] c:\program files\winamp\winampa.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup
mRun: [WinFastDTV] c:\program files\winfast\wfdtv\DTVSchdl.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
StartupFolder: c:\docume~1\milan\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700}
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236764830906
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1236778031203
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl.sun.com/webapps/download/AutoDL?BundleId=29223
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: cbssreg - c:\documents and settings\all users\documents\settings\cbss.dll
AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-2 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-12-2 27784]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-2 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-12-28 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-12-28 297752]
R2 Bandoo Coordinator;Bandoo Coordinator;c:\progra~1\bandoo\Bandoo.exe [2009-9-6 1516480]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2008-6-1 34064]
R2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [2009-7-5 10752]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-2 38224]
R3 PAC7302;Eye 312;c:\windows\system32\drivers\PAC7302.SYS [2009-11-23 457856]
R3 ReallusionVirtualAudio;Reallusion Virtual Audio;c:\windows\system32\drivers\RLVrtAuCbl.sys [2009-11-23 31616]
S2 gupdate1c98d25e3423983;Google Update Service (gupdate1c98d25e3423983);c:\program files\google\update\GoogleUpdate.exe [2009-2-12 133104]

=============== Created Last 30 ================

2009-11-23 20:07 56 a---h--- c:\windows\system32\ezsidmv.dat
2009-11-23 20:02 <DIR> --d--r-- c:\program files\Skype
2009-11-23 19:11 <DIR> --d----- c:\docume~1\milan\applic~1\Reallusion
2009-11-23 16:10 60,032 ac------ c:\windows\system32\dllcache\usbaudio.sys
2009-11-23 16:10 60,032 a------- c:\windows\system32\drivers\USBAUDIO.sys
2009-11-23 16:08 81 ---shr-- c:\windows\CT4CET.bin
2009-11-23 16:07 5,632,000 a------- c:\windows\system32\RLVirtualCamera.ocx
2009-11-23 16:07 31,616 a------- c:\windows\system32\drivers\RLVrtAuCbl.sys
2009-11-23 16:07 <DIR> --d----- c:\program files\common files\Reallusion
2009-11-23 16:07 <DIR> --d----- c:\program files\Reallusion
2009-11-23 16:02 457,856 a------- c:\windows\system32\drivers\PAC7302.SYS
2009-11-23 16:02 48,128 a------- c:\windows\system32\Remove.exe
2009-11-23 16:02 302 a------- c:\windows\system32\Remover.ini
2009-11-23 16:02 <DIR> --d----- c:\program files\common files\Eye 312
2009-11-23 16:02 6,656 a------- c:\windows\system32\CoInst_070614.dll
2009-11-23 16:02 129,024 a------- c:\windows\system32\SP7302.ax
2009-11-23 16:02 14,336 a------- c:\windows\system32\P7302USD.dll
2009-11-23 16:02 566 a------- c:\windows\system32\SP7302.ini
2009-11-23 16:02 <DIR> --d----- c:\windows\PixArt
2009-11-23 16:02 <DIR> --d----- c:\program files\common files\Pac7302
2009-11-19 02:56 <DIR> --d----- c:\docume~1\milan\applic~1\EA
2009-11-19 02:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\EA
2009-11-16 23:24 <DIR> --d----- c:\program files\Advanced GIF Animator
2009-11-16 23:18 6,144 a--sh--- C:\Thumbs.db
2009-11-15 02:33 <DIR> --d----- c:\docume~1\milan\applic~1\DScaler4
2009-11-06 10:30 <DIR> --d----- c:\program files\common files\Adobe Systems Shared
2009-11-06 10:09 <DIR> --d----- c:\program files\Photoshop CS2
2009-10-30 08:34 <DIR> --d----- c:\windows\SSMaui Wowee
2009-10-30 08:34 49,664 a------- c:\windows\SSMaui Wowee.scr
2009-10-30 08:33 802,816 a------- c:\windows\FeedingFrenzy.scr
2009-10-30 08:33 57,344 a------- c:\windows\system32\Big Kahuna Reef.scr
2009-10-30 08:32 389,120 a------- c:\windows\Adventure Inlay.scr
2009-10-30 08:32 <DIR> --d----- c:\program files\GameHouse Games Collection

==================== Find3M ====================

2009-10-25 10:38 3,398 a------- c:\windows\system32\PerfStringBackup.TMP
2009-09-23 22:18 7,060 a------- c:\documents and settings\milan\FMCodec.dat
2009-08-07 14:48 5,543 a------- c:\program files\Yurecnik.ini
2009-01-17 17:03 258 a------- c:\program files\Mini-YuRecnik.ini
2009-01-17 16:59 28,702 a------- c:\program files\Uninstal.exe
2009-01-17 16:59 1,998 a------- c:\program files\uninstal.log
1999-08-02 10:47 387,072 a------- c:\program files\YuRecnik.exe
1999-08-02 10:40 219,648 a------- c:\program files\MiniYuRecnik.exe
1999-08-02 10:35 9,559 a------- c:\program files\YURECNIK.HLP
1999-08-02 10:35 57 a------- c:\program files\Yurecnik.CNT
1999-07-29 10:43 2,447,472 a------- c:\program files\Reci.dat
1996-09-06 13:08 30,070 a------- c:\program files\Fb_deflt.dic
1996-02-23 16:26 469,504 a------- c:\program files\Fb_11k8.dll
1996-02-23 15:59 34,816 a------- c:\program files\Fb_spch.dll
1996-02-23 15:48 4,608 a------- c:\program files\Fb_timer.dll
1996-02-23 15:46 29,184 a------- c:\program files\Fb_ngn.exe
1996-02-23 15:21 16,896 a------- c:\program files\Uraspec.exe
1996-02-23 15:17 18,432 a------- c:\program files\Dictmgr.exe
1993-11-29 09:32 16,896 a------- c:\program files\Monologw.exe

============= FINISH: 17:12:46.25 ===============


mycity.rs/must-login.png



mycity.rs/must-login.png


mycity.rs/must-login.png


mycity.rs/must-login.png


Napominjem da sam tek iz cetvrtog puta uspeo da skeniram komp sa GMER-om.

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...


U uputstvu piše da se preuzme program Gmer sa datog linka, a ne da se koristi već postojeća stara verzija.

Skini novi Gmer i ponovi skeniranje.

offline
  • Pridružio: 28 Feb 2009
  • Poruke: 190
  • Gde živiš: Beograd

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Arrow Preuzmi The Avenger na Desktop.
Raspakuj arhivu u neki folder

Dvoklikom pokreni avenger.exe

Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa:


Files to delete:
c:\documents and settings\all users\documents\settings\cbss.dll

Registry keys to delete:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbssreg



Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti

Kompjuter će se restartovati (u određenim slučajevima: dva puta) i započeti će proces čišćenja/skeniranja

Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u

Iskopiraj sadržaj dobijenog loga u temu na forumu.

offline
  • Pridružio: 28 Feb 2009
  • Poruke: 190
  • Gde živiš: Beograd

Logfile of The Avenger Version 2.0, (c) by Swandog46
swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: file "c:\documents and settings\all users\documents\settings\cbss.dll" not found!
Deletion of file "c:\documents and settings\all users\documents\settings\cbss.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Registry key "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbssreg" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ima li sada bilo kakvih detekcija?

offline
  • Pridružio: 28 Feb 2009
  • Poruke: 190
  • Gde živiš: Beograd

Napisano: 27 Nov 2009 22:22

Sad sam skenirao komp Malwarebytes'-om i opet je pronasao istu stvar...

Malwarebytes' Anti-Malware 1.41
Verzija baze podataka: 3242
Windows 5.1.2600 Service Pack 3

11/27/2009 10:20:32 PM
mbam-log-2009-11-27 (22-20-29).txt

Tip skeniranja: Brzo Skeniranje
Skeniranih objekata: 103576
Proteklo vreme: 4 minute(s), 37 second(s)

Inficirani procesi u memoriji: 0
Inficirani moduli u memoriji: 0
Inficirani kljuèevi u registru: 1
Inficirane vrednosti u registru: 0
Inficirani podaci u registru: 0
Inficirane fascikle: 0
Inficirane datoteke: 0

Inficirani procesi u memoriji:
(Maliciozne stavke nisu detektovane)

Inficirani moduli u memoriji:
(Maliciozne stavke nisu detektovane)

Inficirani kljuèevi u registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbssreg (Trojan.Agent) -> No action taken.

Inficirane vrednosti u registru:
(Maliciozne stavke nisu detektovane)

Inficirani podaci u registru:
(Maliciozne stavke nisu detektovane)

Inficirane fascikle:
(Maliciozne stavke nisu detektovane)

Inficirane datoteke:
(Maliciozne stavke nisu detektovane)

Dopuna: 27 Nov 2009 22:58

Sad sam pustio scan i AVG-om pa cu javiti da li je on nesto nasao...

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Deaktiviraj TeaTimer:

http://www.mycity.rs/Uputstva/Iskljucivanje-zastitnog-softvera.html


Sada skeniraj MBAM-om i ukloni tu detektovanu stavku. Nakon ovoga više ne bi trebala da se pojavljuje.

Ko je trenutno na forumu
 

Ukupno su 989 korisnika na forumu :: 40 registrovanih, 7 sakrivenih i 942 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: AleksSE, Apok, babaroga, Bane san, Ben Roj, Bobrock1, brundo65, calvi, draganl, Hans Gajger, ivan979, kunktator, Leonov, Marko Marković, mean_machine, milenko crazy north, MiroslavD, nenooo, nextyamb, nikoladim, pein, Romibrat, ruger357, saputnik plavetnila, sasa87, Sass Drake, savaskytec, SD izvidjac, stankolich, strelac07, Toper, tubular, Tvrtko I, UAV operator, vathra, vladaa012, voja64, wizzardone, wolverined4, |_MeD_|