MyCity » Ambulanta -> Arhiva Ambulante » Online Armor?

Online Armor?

Napisano na dan: 23.1.2009

Online Armor?

Sledeća strana

Pagination

Odgovori

zrdesing Poslao: 23 Jan 2009 22:59 Idi na vrh
offline zrdesing Građanin Pridružio: 21 Apr 2008 Poruke: 102 Gde živiš: Maklosevac, Nasice, Hrvatska	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav svima! Evo ovako..... Prije koju minutu cim sam ukljucio Online Armor firewall poceo mi je izbacivati da neke internet stranice zele promijenit localhost 127.0.0.1 u sljedece..... evo prilazem i export iz OA firewall-a. Type,Date/Time,Action,Description New Host Entry Detected,23.1.2009 22:59:55,Blocked,127.0.0.1 virus-alert-center.com New Host Entry Detected,23.1.2009 22:59:54,Blocked,127.0.0.1 www.virus-alert-center.com New Host Entry Detected,23.1.2009 22:59:52,Blocked,127.0.0.1 ultraantivirus2009.com New Host Entry Detected,23.1.2009 22:59:51,Blocked,127.0.0.1 www.ultraantivirus2009.com New Host Entry Detected,23.1.2009 22:59:49,Blocked,127.0.0.1 trafikfind.com New Host Entry Detected,23.1.2009 22:59:48,Blocked,127.0.0.1 www.trafikfind.com New Host Entry Detected,23.1.2009 22:59:47,Blocked,127.0.0.1 sys-scanner.com New Host Entry Detected,23.1.2009 22:59:45,Blocked,127.0.0.1 www.sys-scanner.com New Host Entry Detected,23.1.2009 22:59:44,Blocked,127.0.0.1 spywareinfo.com New Host Entry Detected,23.1.2009 22:59:42,Blocked,127.0.0.1 www.spywareinfo.com New Host Entry Detected,23.1.2009 22:59:37,Blocked,127.0.0.1 sgviralscan.com New Host Entry Detected,23.1.2009 22:59:33,Blocked,127.0.0.1 www.sgviralscan.com New Host Entry Detected,23.1.2009 22:59:32,Blocked,127.0.0.1 sg9scanner.com New Host Entry Detected,23.1.2009 22:59:31,Blocked,127.0.0.1 www.sg9scanner.com New Host Entry Detected,23.1.2009 22:59:28,Blocked,127.0.0.1 scan4plus.com New Host Entry Detected,23.1.2009 22:59:28,Blocked,127.0.0.1 www.scan4plus.com New Host Entry Detected,23.1.2009 22:59:25,Blocked,127.0.0.1 pcantivirusscanneronline.com New Host Entry Detected,23.1.2009 22:59:24,Blocked,127.0.0.1 www.pcantivirusscanneronline.com New Host Entry Detected,23.1.2009 22:59:20,Blocked,127.0.0.1 myfasterpc.com New Host Entry Detected,23.1.2009 22:59:19,Blocked,127.0.0.1 www.myfasterpc.com New Host Entry Detected,23.1.2009 22:59:13,Blocked,127.0.0.1 liveprotectionupdate.cn New Host Entry Detected,23.1.2009 22:59:12,Blocked,127.0.0.1 www.liveprotectionupdate.cn New Host Entry Detected,23.1.2009 22:59:07,Blocked,127.0.0.1 isafeantivir.com New Host Entry Detected,23.1.2009 22:59:06,Blocked,127.0.0.1 www.isafeantivir.com New Host Entry Detected,23.1.2009 22:58:59,Blocked,127.0.0.1 in5is.com New Host Entry Detected,23.1.2009 22:58:57,Blocked,127.0.0.1 www.in5is.com New Host Entry Detected,23.1.2009 22:58:55,Blocked,127.0.0.1 griehe.com New Host Entry Detected,23.1.2009 22:58:53,Blocked,127.0.0.1 www.griehe.com New Host Entry Detected,23.1.2009 22:58:11,Blocked,127.0.0.1 defender2008.com New Host Entry Detected,23.1.2009 22:58:07,Blocked,127.0.0.1 www.defender2008.com New Host Entry Detected,23.1.2009 22:57:28,Blocked,127.0.0.1 childhe.com New Host Entry Detected,23.1.2009 22:57:25,Blocked,127.0.0.1 www.childhe.com New Host Entry Detected,23.1.2009 22:56:17,Blocked,127.0.0.1 astrumavrpro.com New Host Entry Detected,23.1.2009 22:56:07,Blocked,127.0.0.1 www.astrumavrpro.com Evo HJT loga. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:06:40, on 23.1.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Tall Emu\Online Armor\oasrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Tall Emu\Online Armor\oacat.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe C:\Program Files\Tall Emu\Online Armor\oaui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe C:\Program Files\Tall Emu\Online Armor\oahlp.exe C:\Program Files\Netropa\Onscreen Display\OSD.exe C:\Program Files\Winamp\Winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Microsoft Office\Office10\EXCEL.EXE C:\WINDOWS\msagent\AgentSvr.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oacat.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- End of file - 5549 bytes Bilo kakva pomoc u vezi toga. Ja se ispricavam ako sam promasio temu.

Profil

dr_Bora Poslao: 23 Jan 2009 23:20 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Te promene u Hosts file-u su legitimnog porekla i svrha im je blokiranje pristupa tim sajtovima (koji služe za distribuciju malware-a). Upise u Hosts file je verovatno izvršio Spybot S&D ili neki drugi zaštitni program.

Profil

zrdesing Poslao: 23 Jan 2009 23:32 Idi na vrh
offline zrdesing Građanin Pridružio: 21 Apr 2008 Poruke: 102 Gde živiš: Maklosevac, Nasice, Hrvatska	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok. Hvala na pomoci! Dopuna: 23 Jan 2009 23:32 Da to je bilo od spybota. Jer bas sam napravio update. Pa sam ponovo otiso na imunizaciju, pa je OA opet izbacio isto.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Online Armor?

Ko je trenutno na forumu

Ukupno su 3309 korisnika na forumu :: 82 registrovanih, 8 sakrivenih i 3219 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 4783 - dana 08 Dec 2025 18:21

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 4. Ozrenska, 4thFlavian, A.R.Chafee.Jr., aleph_one, amaterSRB, bakovaca, Black Luster Soldier, boranin45, Borski1977, borya90, BraneS, bukefal, coaaco, Comisa, cyprus, Daba75, dankisha, Dioniss, divison, Dixtrix, Djota1, dmarx1, dulleo, Dungorth, dzoni19, Dzoni70, ElvisP, fijufijukrozkapiju55, galerija, goxin, gregorxix, GT, Hippolyte Mondain, HrcAk47, iceburn, icemilos, igorkozar83, ILGromovnik, ivan_8282, Jose, Još malo pa deda, Komentator, Kubovac, laki_bb, Lep1na, Lieutenant, ljuba, Macalone, mainstream, Makarid, Malahit, marko_s, mercedesamg, Misterrno, mocnijogurt, mrkanidja, opt1, Pekman, Peruta, Pilence, Podljub, Prečanin30, RajkoB, rakivan, raso76, saputnik plavetnila, Sevetar, Sonic, sova72, spalev, Stanlio, Tamić, tubular, uljmanac, Velizar Laro, vensla, Vilson, Vlado82, vlado_pg, Volkhov-M, zillbg, 223223

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by