Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

problem sa dialer-om

[es] :: Zaštita :: problem sa dialer-om

[ Pregleda: 2117 | Odgovora: 6 ] > FB > Twit

Postavi temu Odgovori

Autor
Pretraga teme: Traži
Markiranje Štampanje RSS

ika1
Ivan Marković
b i lux
Lazarevac

Član broj: 33372
Poruke: 11
*.itsnet.info.



Profil

icon problem sa dialer-om08.01.2007. u 15:13 - pre 210 meseci
jel zna neko kako da ga izbrišem sa računara.razmnožava se u C:\WINDOWS\Temp folderu ali ne nalazi se tu jer ja obrišem ceo taj folder i on se opet pojavi za pola satai ako ga ostavi duže izbacuje i po 10 konekcija i sve ikonice se vide dole kod sata (valjda system tray).pošto koristim wireless on mi ne utiče na konekciju ali me mnogo nervira jer moram stalno da gasim te prozore.system restore mi je oduvek isključen tako da se ne nalazi ni tamo.koristim spybot , adaware i nod32 , a malopre sam instalirao i neki a-squared Anti-Dialer i on ih pronadje i obriše ali se opet javljaju.neki od naziva su idd485.tmp.exe i idd4F6.tmp.exe i win12F.tmp.exe.
[IMG]http://i2.tinypic.com/v2wg7c.jpg[/IMG]
 
Odgovor na temu

Goran Mijailovic

Član broj: 12684
Poruke: 6907



+437 Profil

icon Re: problem sa dialer-om08.01.2007. u 15:26 - pre 210 meseci
Hm neki genericki odgovor bi bio: iskljuci system restore i skeniraj iz safe moda pomocu a2, NOD32, spybot s'n'd i ad awareom

/edit

da sad vidim sys restore je iskljucen onda samo ovaj drugi deo saveta
 
Odgovor na temu

ika1
Ivan Marković
b i lux
Lazarevac

Član broj: 33372
Poruke: 11
*.itsnet.info.



Profil

icon Re: problem sa dialer-om08.01.2007. u 15:32 - pre 210 meseci
već sam radio iz safe moda
[IMG]http://i2.tinypic.com/v2wg7c.jpg[/IMG]
 
Odgovor na temu

Goran Mijailovic

Član broj: 12684
Poruke: 6907



+437 Profil

icon Re: problem sa dialer-om08.01.2007. u 17:09 - pre 210 meseci
Bilo bi dobro da napises koji virus je prijavljen od strane av programa.

Iskljuci se sa neta odnosno zabrani sve konekcije u firewallu, onda probaj da ocistis sa Kaspersky AV 6.0 ili Pandom 2007 posto NOD 32 ne uspeva.

Mozes da probas i neki od on-line skenera imaju ga skoro sve AV kompanije na svojim sajtovima.
 
Odgovor na temu

Goran Mijailovic

Član broj: 12684
Poruke: 6907



+437 Profil

icon Re: problem sa dialer-om08.01.2007. u 17:15 - pre 210 meseci
takodje pogledaj i sledece linkove:

http://www.commentcamarche.net...s-w32-nebuler-et-backdoor-wrag

http://www.sur-la-toile.com/vi...roubleshooting-et-Online-.html

http://www.infos-du-net.com/fo...ishost-cool-rootkit-agent-help

Izgleda da si pazario Dialer.Agent.z
 
Odgovor na temu

aco murija

Član broj: 112932
Poruke: 89
*.dynamic.sbb.co.yu.



Profil

icon Re: problem sa dialer-om08.01.2007. u 17:39 - pre 210 meseci
Nekada je dovoljno ak odesh u documentend seting i fizički obrishes sve iz internet-kesha.
dakle: c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\
Isto pobrishesh i kolacice: c:\Documents and Settings\LocalService\Cookies\
AdAware poterash takodje.
ovu mafiju - dialere uglavnom ne vide AV program
 
Odgovor na temu

ika1
Ivan Marković
b i lux
Lazarevac

Član broj: 33372
Poruke: 11
*.itsnet.info.



Profil

icon Re: problem sa dialer-om08.01.2007. u 18:16 - pre 210 meseci
ma necete verovati ali bas sve sam probao sa svim stvarima iskljucen mi je sistem restore , skenirao sam iz safe moda ama bas sve i i dalje se javlja.tj sad sam ceprkao po registry bazi , zatvorio neke portove,tačnije neki ms rpc port 135 (kao njega najvise napadaju) i nema ga vec 20-ak minuta.videcemo sta ce biti.evo hijack log pa ko se razume neka pomogne:

Logfile of HijackThis v1.99.1
Scan saved at 19:17:00, on 8.1.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\alcohol 120%\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
D:\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\TBPanel.exe
C:\WINDOWS\System32\mysvcc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
D:\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MICROSTAR\Bluetooth Software\BTTray.exe
C:\PROGRA~1\MICROS~3\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\XP\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [msvcc25] svcchost.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [mysvcig38] mysvcc.exe
O4 - HKLM\..\RunServices: [msvcc25] svcchost.exe
O4 - HKLM\..\RunServices: [mysvcig38] mysvcc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] D:\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\adobe\Reader\reader_sl.exe
O8 - Extra context menu item: Download All by FlashGet - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Iz&vezi u Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Istra?ivanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20B845BF-450F-4C1E-AF60-3CC380CDE328} (get_atlcom Class) - http://apps.corel.com/nos_dl_m.../plugin/IENetOpPluginNOSSO.ocx
O20 - Winlogon Notify: rpcc - C:\WINDOWS\System32\rpcc.dll
O20 - Winlogon Notify: winetn32 - C:\WINDOWS\SYSTEM32\winetn32.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\alcohol 120%\Alcohol 120\StarWind\StarWindService.exe

[IMG]http://i2.tinypic.com/v2wg7c.jpg[/IMG]
 
Odgovor na temu

[es] :: Zaštita :: problem sa dialer-om

[ Pregleda: 2117 | Odgovora: 6 ] > FB > Twit

Postavi temu Odgovori

Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.