MyCity » Zaštita od zlonamernih programa » Za sta se koriste ovi Malware

Za sta se koriste ovi Malware

Napisano na dan: 19.3.2009

Za sta se koriste ovi Malware
Sledeća strana Pagination

Idi na vrh

Poslao: 19 Mar 2009 12:44
Idi na vrh
offline
  • aloe  Male
  • Super građanin
  • Pridružio: 01 Nov 2004
  • Poruke: 1270
  • Gde živiš: Beograd

Da li neko moze da mi kaze koju su stetu mogli da nanesu ovi Malware

Malwarebytes' Anti-Malware 1.34
Verzija baze podataka: 1868
Windows 5.1.2600 Service Pack 2

19.3.2009 12:18:18
mbam-log-2009-03-19 (12-16-33).txt

Tip skeniranja: Kompletno Skeniranje (C:\|D:\|E:\Smajli
Skeniranih objekata: 333818
Proteklo vreme: 1 hour(s), 6 minute(s), 52 second(s)

Inficirani procesi u memoriji: 0
Inficirani moduli u memoriji: 0
Inficirani ključevi u registru: 12
Inficirane vrednosti u registru: 5
Inficirani podaci u registru: 3
Inficirane fascikle: 2
Inficirane datoteke: 10

Inficirani procesi u memoriji:
(Maliciozne stavke nisu detektovane)

Inficirani moduli u memoriji:
(Maliciozne stavke nisu detektovane)

Inficirani ključevi u registru:
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Drivers (Rogue.Multiple) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> No action taken.
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\xml.xmlordersexport (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\xml.xmlordersimport (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\xml.xmlstatemetexport (Trojan.FakeAlert) -> No action taken.

Inficirane vrednosti u registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\UpdateWin (Worm.Sdbot) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\UpdateWin (Worm.Sdbot) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\UpdateWin (Worm.Sdbot) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\UpdateWin (Worm.Sdbot) -> No action taken.
HKEY_CURRENT_USER\SYSTEM\CurrentControlSet\Control\Lsa\UpdateWin (Worm.Sdbot) -> No action taken.

Inficirani podaci u registru:
HKEY_CLASSES_ROOT\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (C:\WINDOWS\system32\spywarewarning.mht) Good: (http://www.google.com/) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Inficirane fascikle:
C:\Documents and Settings\All Users\Application Data\SalesMon (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SalesMon\Data (Rogue.Multiple) -> No action taken.

Inficirane datoteke:
C:\WINDOWS\system32\wpx91.cpx (Trojan.Downloader) -> No action taken.
E:\WUTemp\setup_en.exe (Rogue.Installer) -> No action taken.
C:\WINDOWS\system32\shell31.dll (Trojan.Agent) -> No action taken.
C:\winxplogon.sys (Fake.Dropped.Malware) -> No action taken.
C:\Documents and Settings\MarkSoft konsalting\My Documents\My Music\My Music.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\MarkSoft konsalting\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\MarkSoft konsalting\My Documents\My Videos\My Video.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\MarkSoft konsalting\My Documents\My Documents.url (Trojan.Zlob) -> No action taken.
C:\syst.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\lich.dat (Stolen.Data) -> No action taken.


Tj. st kradu?



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
Poslao: 19 Mar 2009 13:28
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Teško je dati precizan odgovor na tvoje pitanje.

U logu se vide rogue aplikacije i trojani koji ih reklamiraju/instaliraju (cilj je da ti prodaju program koji radi ništa), ostaci nekog rootkit-a (verovatno vezan za ove prethodne), neki download-eri (koji instaliraju drugi malware) i bot (može da služi za slanje spam-a, vršenje DDOS-ova, itd).



MyCity » Zaštita od zlonamernih programa » Za sta se koriste ovi Malware

Ko je trenutno na forumu
 

Ukupno su 1670 korisnika na forumu :: 263 registrovanih, 16 sakrivenih i 1391 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 4fat, 8u47, 9k38, _Rade, A.R.Chafee.Jr., advokat84, airliners, aleph_one, Alexa77, Alexandar-1973, Alojzije, alternator, Antiterorista, ArchaBasha, ArmFPGA, Aska, Asparagus, Asteker, AudioTehnica, Avalon015, B61, Battlehammer, BB, Belac91, bestguarder, bigfoot, BlackGeorge1804, bojan581, bojanM84, bojcistv, Bojke549, Bokiboks, boracbl1389, Boris.A, Boroš, BOXRR, Brankojle, brufen, Bubimir, bukefal, Burovnyak, C-Gun, cemix, cenejac111, Chainsaw, CHARLIE JA., cifra, CikaKURE, Ciri1994, coaa, CrazyDiablo, cvale, Czrweni, Daba75, dane007, Dare, darionis, darkojbn, DavidA, Dd41d41, dearg, dekan.m, deki1001, Despot1, Dimitrije Paunovic, djboj, djonsule, DJUNTA, djuradj, Djuza, DonRumataEstorski, Draganeli, draganl, DrNeoCortex, Drugard72, Duk011, dukikan, dulleo, Dungorth, Dusko Nikolin, Dzigy, Džekson, ElGenius, EXIT78, FGR, filip1326, Fliper, fokac, Frunze, gajasvi, Gerilac, gobrad, Goran 0000, grunff2, GUARIN, halkin gol, Hans Gajger, Hardenberg, hatman, HogarStrashni, HrcAk47, ibssa, Igrutinovic, ILGromovnik, In_hero, istina, Jan, Jaxupa, Jeremiah, Jester, Jezekijel, jodzula, Jomini, Još malo pa deda, kaput21, Kazablankasrb, kibihrchak, Knovakov, Kobrim, kolateralnasteta, Komanca, koom0001, kori, Koser, Kruger, Krusarac, Kubovac, kybonacci, laganini123, Lazur_01, leptirleptir, Levi, Limeni91, livada123, Lucije Kvint, luka35, macak44, Manjane, markolopin, MaRtInsrbija1993, Mastrum Ridkali, Maverik, maxim_von_burdengate, mean_machine, mercedesamg, MGBRBG, Mickey91, Might is Right, Mihailo Gazdić, Miki 84, Milan A. Nikolic, mile33, milivoje_vatrogasac, Milos82, Milun24, miodrag, mir, mir juzni, mist-mist, Mitch22, moldway, Mozgonja, museum, Ne doznajem se u oružje, nelezele, nevjerna beba, Njubara, Nole, Nomica, ObicanUser, operniki, Orc, Otto Grunf, pacika, paja69, paladin71, Panta1992, Papadubi, Parker, pein, Pekman, Perudin_92, Petar888, Petarvu, Petrusci, Pewac21, pietro, Podgoritza, Polemarchoi, promajauglavi, Prometeus, raf87, RajkoB, rambod, raster12, RD84, read-only, Rebel Frank, redstar011, Remarqe, repac, Rok A Bit, Rothmans, royst33, sabros, samocitam, samsung, sap, saputnik plavetnila, Seeker, Sevetar, Sharpshooter, skok, Smiljkovich, Sone1983, Srky Boy, ssekir75, sspp, stalja, steksi, Stoilkovic, Su 57, svnedelja, tamno.nebo, Tandrkalo, taz1cl, The Boss, TheDictator, Tila Painen, Timočka Divizija, trinitrotoluen, troki1971, trutcina, Tumansky, v82, Valter071, Vanderx, Vaske8990, vlada13874, vladaa012, vlajkox, voja64, Vojkan Petrovic, volimpivuvolimrakiju, Volkhov-M, vrlenija, Vujkeu, vuk77, vukovi, W123, Warrior, yiyi, zemljanin, ZetaMan, zexon, Zgembo78, Zimbabwe, Zmaj Ognjeni Vuk, zmajognjeniivan, Zorge, Zrcalo, Zukov, 127