[ velibor75 @ 13.11.2008. 19:59 ] @
| posto sam totalna neznalica dajte pomozite kako da otklonim ovo.Javlja mi se svaki put kada ovorim slike koje sam pohranio u racunaru,kada se to pojavi samo se restartuje a izbacuje mi 0x7c911e5a i 0x00018204 |
|
[ magna86 @ 13.11.2008. 20:13 ] @
koji AntiVirus koristis?
jel ti izbacije neku windows gresku? imas li neki registry cleaner? aj ovako.. Wise Registry Cleaner 3 Free , skini i skeniraj komp http://www.wisecleaner.com/download.html onda..skeniraj sa MBAM-om http://www.malwarebytes.org/mbam.php ako i dalje imas problem...posavi HjT log skini ga odavde. http://www.majorgeeks.com/download5554.html Stavi HjTu zaseban folder na Desktop i nazovi forder npr. Velibor Promeni naziv i programa u npr. Elite.exe Pokrenes HijackThis,i izaberi opciju "Do a system scan and save the logfile" Na kraju skeniranja program ce izbaciti tekstualni log,taj log kopiraj ovde ( opcije copy / paste) [ velibor75 @ 13.11.2008. 21:02 ] @
koristim nod32 a evo i liste
[ magna86 @ 13.11.2008. 23:56 ] @
procesi su ~Ok..
prvo nam daj vise informacija... jel koristis neki poseban program za pregled slika ili klasican windowsov? jel se to desava u nekom posebnom folderu gde se nalaze slike ili..? itd... mi cemo proveriti jel neki malware pravi problem skini ovaj program http://www.gmer.net/gmer.zip Izaberi Rootkit/Malware Tab na vrhu,klikni na Scan. kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard. U polju za pisanje poruke na forumu klikni desno dugme misa i odaberi opciju Paste. *postavi Gmer log *postavi svez HijackThis log -( po gore napisanom uputstvu) [ velibor75 @ 14.11.2008. 07:38 ] @
koristim obican windowsov program za pregled slika i nisam primjetio da se desava na drugim folderima nego samo na ovom folderu gdje su slike,a kada budem kuci postavit cu novi log od http://www.gmer.net/gmer.zip ,pa da vidimo sta ce on da pokaze.
HVALA UNAPRIJED [ Goran Mijailovic @ 14.11.2008. 14:54 ] @
Citat: magna86: mi cemo proveriti jel neki malware pravi problem skini ovaj program http://www.gmer.net/gmer.zip Izaberi Rootkit/Malware Tab na vrhu,klikni na Scan. Hm vidim da se u poslednje vreme favorizuje taj gmer, ne znam sta fali Blacklightu? Download ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe [ velibor75 @ 14.11.2008. 17:56 ] @
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-11-14 18:56:19 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.14 ---- SSDT sptd.sys ZwCreateKey [0xF8446AC8] SSDT sptd.sys ZwEnumerateKey [0xF8446C22] SSDT sptd.sys ZwEnumerateValueKey [0xF8446F9A] SSDT sptd.sys ZwOpenKey [0xF844698E] SSDT sptd.sys ZwQueryKey [0xF8447064] SSDT sptd.sys ZwQueryValueKey [0xF8446EFC] SSDT sptd.sys ZwSetValueKey [0xF84470EC] ---- Kernel code sections - GMER 1.0.14 ---- ? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process. ? C:\WINDOWS\System32\Drivers\SPTD9869.SYS The process cannot access the file because it is being used by another process. .text dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 F7AF84F0 16 Bytes [ 6B, F5, 87, 6F, 4D, 9F, DA, ... ] .text dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 + 11 F7AF8501 31 Bytes [ 70, AF, F7, BB, 67, 4A, 1C, ... ] ? C:\WINDOWS\System32\Drivers\dtscsi.sys The process cannot access the file because it is being used by another process. ---- User code sections - GMER 1.0.14 ---- .text C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe[164] kernel32.dll!SetUnhandledExceptionFilter 7C810386 5 Bytes JMP 0056DBBD C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Windows Live Messenger/Microsoft Corporation) ---- Kernel IAT/EAT - GMER 1.0.14 ---- IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F844F89E] sptd.sys IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F8465D86] sptd.sys IAT ftdisk.sys[ntoskrnl.exe!IoGetAttachedDeviceReference] [F844FE24] sptd.sys IAT ftdisk.sys[ntoskrnl.exe!IoGetDeviceObjectPointer] [F844FD28] sptd.sys IAT ftdisk.sys[ntoskrnl.exe!IofCallDriver] [F844FEF4] sptd.sys IAT dmio.sys[ntoskrnl.exe!IofCallDriver] [F844FEF4] sptd.sys IAT dmio.sys[ntoskrnl.exe!IoGetAttachedDeviceReference] [F844FE24] sptd.sys IAT dmio.sys[ntoskrnl.exe!IoGetDeviceObjectPointer] [F844FD28] sptd.sys IAT PartMgr.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F84651AE] sptd.sys IAT PartMgr.sys[ntoskrnl.exe!IoDetachDevice] [F844FA5A] sptd.sys IAT atapi.sys[ntoskrnl.exe!IofCompleteRequest] [F846504A] sptd.sys IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F844F8F2] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F8442AD2] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F8442C0E] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F8442B96] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F844376C] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F8443642] sptd.sys IAT disk.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F8465E4A] sptd.sys IAT \WINDOWS\system32\DRIVERS\CLASSPNP.SYS[ntoskrnl.exe!IoDetachDevice] [F84548C6] sptd.sys IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!IofCompleteRequest] [F846504A] sptd.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F8465056] sptd.sys IAT \SystemRoot\system32\DRIVERS\cdrom.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F8465E4A] sptd.sys IAT \SystemRoot\system32\DRIVERS\rdbss.sys[ntoskrnl.exe!IofCallDriver] [F844FCC6] sptd.sys IAT \SystemRoot\system32\DRIVERS\mrxsmb.sys[ntoskrnl.exe!IofCallDriver] [F844FCC6] sptd.sys ---- User IAT/EAT - GMER 1.0.14 ---- IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [01AA7376] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[2348] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [01AA73CC] C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) ---- Devices - GMER 1.0.14 ---- Device \FileSystem\Ntfs \Ntfs 82397A40 AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset ) Device \Driver\NetBT \Device\NetBT_Tcpip_{46876A5D-454B-410C-BFFC-2AB21CC5D36D} 81F450E8 Device \Driver\00000062 \Device\00000043 sptd.sys Device \Driver\NetBT \Device\NetBT_Tcpip_{40B24E24-FBB4-4CDF-AAD1-E341856549D6} 81F450E8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 823970E8 Device \Driver\dmio \Device\DmControl\DmConfig 823970E8 Device \Driver\dmio \Device\DmControl\DmPnP 823970E8 Device \Driver\dmio \Device\DmControl\DmInfo 823970E8 Device \Driver\Ftdisk \Device\HarddiskVolume1 823E03A0 Device \Driver\Ftdisk \Device\HarddiskVolume2 823E03A0 Device \Driver\Cdrom \Device\CdRom0 820820E8 Device \FileSystem\Rdbss \Device\FsWrap 81EC90E8 Device \Driver\Cdrom \Device\CdRom1 820820E8 Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\Cdrom \Device\CdRom2 820820E8 Device \Driver\NetBT \Device\NetBt_Wins_Export 81F450E8 Device \Driver\NetBT \Device\NetbiosSmb 81F450E8 Device \Driver\Disk \Device\Harddisk0\DR0 82397C78 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 81EDA0E8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 81EDA0E8 Device \FileSystem\Npfs \Device\NamedPipe 81F620E8 Device \Driver\Ftdisk \Device\FtControl 823E03A0 Device \FileSystem\Msfs \Device\Mailslot 8215FA50 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target1Lun0 81EBD0E8 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target1Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 81EBD0E8 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\dtscsi \Device\Scsi\dtscsi1 81EBD0E8 Device \Driver\dtscsi \Device\Scsi\dtscsi1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \FileSystem\Cdfs \Cdfs 81F6C0E8 ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s0 -1457031614 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 1495843787 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 1215622671 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF9 0xFA 0x5D 0x0B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x26 0xD9 0x9B 0x8E ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x2D 0xE5 0x3D 0xE1 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x56 0x18 0x4F 0x07 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF9 0xFA 0x5D 0x0B ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x26 0xD9 0x9B 0x8E ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x2D 0xE5 0x3D 0xE1 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x56 0x18 0x4F 0x07 ... ---- Files - GMER 1.0.14 ---- File C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\v4sivjuu.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}\cache\alexa_5bd64ff29cb33eae75f60604d0353199.xml 0 bytes ---- EOF - GMER 1.0.14 ---- izvinite sto je ovaj gmer tako veliki [ magna86 @ 14.11.2008. 21:26 ] @
Citat: Goran Mijailovic: Hm vidim da se u poslednje vreme favorizuje taj gmer, ne znam sta fali Blacklightu? Download ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe hm..ja prvi put cujem..za taj program...hehe ali za gmair znam sta sve moze i znam kad da racunam na njega  @velibore..postavi i HijackThis log (pre toga rename-uj program i folder po gore napisanom uputstvu)  [ Goran Mijailovic @ 15.11.2008. 09:18 ] @
Meni je nekako najlaksi za rad, a trebao bi da znas jer je medju prvima antirootkit alatima bas bio blacklight proizvod poznate AV kompanije http://www.f-secure.com/blacklight/ i jos jedan programcic od Marka Russinovicha koji se zove RootkitRevealer http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx
[ magna86 @ 15.11.2008. 16:24 ] @
nisam znao..ali cu probati oba,definitivno
tnx za info [ velibor75 @ 20.11.2008. 17:22 ] @
sa malim zakasnjenjem evo i ovo
Copyright (C) 2001-2025 by www.elitesecurity.org. All rights reserved.
|