aaa ovo je drugi padez. ne znam da li c
e problem
ocigledno problem nije uklonjen, a bilo je stetocina.
test:
mi c
eo mi ceo mi cemo
mi ceo
mi ceo
sad nece da otkusa mi cemo
mi ceo
mi cemo
evo sta je nasao sumnjivo, 2 stetocine, pa sam u hjt ugasiu ova 2 procesa
O1 - Hosts: 193.169.12.6 samner.net
O2 - BHO: MSN helper - {A06292D3-9517-4A01-93C0-665C87BA3631} - ljxd.dll (file missing)
u registry pojavljuju se dve reference za ljxd.dll ali izgleda da na disku nema tog fajla
hkey classes root clsid .... inprocserver32
hkey local machine software classes clsid ... inprocserver32
pa kaze za ovaj dll fajl: LJXD.DLL Trojan.Agent/Gen-Downloader[Packed]
File Behavior
LJXD.DLL has been seen to perform the following behavior:
* The Process is packed and/or encrypted using a software packing process
* Found on infected systems and resists interrogation by security products
Country Of Origin
The filename LJXD.DLL was first seen on Sep 9 2009 in the following geographical regions of the Prevx community:
* The United States on Sep 9 2009
* Europe on Sep 9 2009
File Name Aliases
LJXD.DLL can also use the following file names:
* LJXD.DLL.Q_804A400_Q
* 39198195.DLL
Filesizes
This file has been seen with the following file size:
* 41,984 bytes
evo za ovo isto sumnjivo:
O1 - Hosts: 193.169.12.6 samner.net
193.169.12.6 IP address location & more:
IP address [?]: 193.169.12.6 Copy [Whois] [Reverse IP]
IP country code: BZ
IP address country: ip address flag Belize
http://whois.domaintools.com/samner.net
Domain Name: SAMNER.NET
Registrant:
N/A
Sergey Egorov ()
Muranovskaya 15-87
Moskva
Moskovskaya oblast,127349
RU
Tel. +007.4953814717
Creation Date: 19-Jun-2009
Status:SUSPENDED
Note: This Domain Name is Suspended.
In this status the domain name is InActive and will not function.