Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

heuristics.reserved.word.exploit

[es] :: Zaštita :: heuristics.reserved.word.exploit

[ Pregleda: 1327 | Odgovora: 3 ] > FB > Twit

Postavi temu Odgovori

Autor
Pretraga teme: Traži
Markiranje Štampanje RSS

izida
stojanovic aleksandar
bgd

Član broj: 97823
Poruke: 1886
93.93.194.*

Sajt: www.youtube.com/watch?v=9..


+22 Profil

icon heuristics.reserved.word.exploit08.06.2009. u 17:33 - pre 193 meseci


jel zna neko sta je ovo? pronalazi ga samo Malwarebytes' Anti-Malware,kad pokusam da ga obrisem trazi mi restart racunara,posle toga kad ga ponovo skeniram opet je sve tu,pokusam da skeniram sa Malwarebytes' Anti-Malware u safe mode-u ali onda nista ne pronadje,kad normalno pokrenem racunar opet su tu....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:32:19 PM, on 6/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\Girder\Girder.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - Startup: Girder3.lnk = C:\Program Files\Girder\Girder.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F072851F-0E44-4759-8E42-A895D5D63804}: NameServer = 93.93.192.2,93.93.192.3
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5551 bytes
 
Odgovor na temu

kristi1

Član broj: 151211
Poruke: 2012
*.ptt.rs.

Sajt: www.mycity.rs/Ambulanta


+88 Profil

icon Re: heuristics.reserved.word.exploit08.06.2009. u 17:45 - pre 193 meseci
Jesi probao sa AVG da skeniras, plasim se da je fajl infektor.
 
Odgovor na temu

izida
stojanovic aleksandar
bgd

Član broj: 97823
Poruke: 1886
93.93.194.*

Sajt: www.youtube.com/watch?v=9..


+22 Profil

icon Re: heuristics.reserved.word.exploit08.06.2009. u 18:32 - pre 193 meseci
probao sam sa AVG-om,Ad-Aware-om,Spybot-om i nista ga nije pronaslo,sad sam obrisao taj folder C:\downloads i ponovo skenirao i ovog puta nista nije nasao!!!
jel moguce da je bio nekakav false positive posto je taj folder bio prazan?
 
Odgovor na temu

kristi1

Član broj: 151211
Poruke: 2012
*.ptt.rs.

Sajt: www.mycity.rs/Ambulanta


+88 Profil

icon Re: heuristics.reserved.word.exploit08.06.2009. u 19:13 - pre 193 meseci
Moguce je i to, ali opet mi je nesto sumnjivo tu, ili ga je mbam opbrisao, pa je nesto posle brljavio, nisam ni ja siguran. Ako nemas probleme onda nema potrebe da se brines. U HJT logu je sve ok, mada to ne mora nista da znaci, ali nije fajl infektor, ja sam se zeznuo, tako da samo uzivaj.
Opet gledam, services.exe hmmm, boga mi sve mirise na monstruma

[Ovu poruku je menjao kristi1 dana 08.06.2009. u 20:37 GMT+1]
 
Odgovor na temu

[es] :: Zaštita :: heuristics.reserved.word.exploit

[ Pregleda: 1327 | Odgovora: 3 ] > FB > Twit

Postavi temu Odgovori

Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.