pokupio sam nekog nametnika

[Flytech]

nod mi daje ovu poruku-

Citiraj:

Web page:
http://www.winantiviruspro.com/pages...B268D869044B7D

Description:
Access to the web page was blocked by IMON. The web page is on the list of websites with potentially dangerous content.

jel neko zna kae to & kak da se tog riješim?
napravio sam full scan sa ad-awareom (našo je par tracking cookija) i on demand scan s nodom (našo je 1 zaražen file).....al ova poruka mi se i dalje javlja u firefoxu (i u IE)....

[KnezTame]

Elwido + SpyBoot Search and destroy

S tim da prvo pogasi system restore, onda napravi sken s ovim gore i to u full modu, nakon toga restartaj racunalo, ponovo vrati system restore.

Ak to ne pomogne, onda digni windowse u Safe modu (F8 prije neg kaj se pocnu dizat windoze) pa onda na istin nacin procesljaj racunalo

[Buger]

NOD32 podesiš ovako

http://www.wilderssecurity.com/showthread.php?t=37509

pa ad-aware, pa spybot, pa avg anti-spyware pa hijack this i log file pasteaš ovdje

[Joke]

Ako ti NOD ne bude mogao pobrisat taj zarazeni file onda provaj preko Tuneup Shreddera naci lokaciju fajla i brisi.

[Flytech]

Citiraj:

Autor blablu

NOD32 podesiš ovako

http://www.wilderssecurity.com/showthread.php?t=37509

pa ad-aware, pa spybot, pa avg anti-spyware pa hijack this i log file pasteaš ovdje

podešen mi je tak odavno
mislim da je spybot riješio stvar....

[Flytech]

spybot ipak nije riješio stvar....sad je na redu avg...
hijack this čuvam za kraj

[greenfly]

Što ti piše u NOD-ovom Threat logu ,,,,?? baci screenshot!!!!

[Flytech]

Citiraj:

Autor greenfly

Što ti piše u NOD-ovom Threat logu ,,,,?? baci screenshot!!!!

evo ovo je iz threat loga

Citiraj:

Time Module Object Name Threat Action User Information
14.3.2007 22:22:56 IMON file http://82.98.235.61/execpyd.exe?uid=...B268D869044B7D Win32/Adware.Toolbar.SearchColours application Connection terminated KARLO-1\Karlo
14.3.2007 22:22:47 IMON file http://69.31.80.179/9ta01.dll a variant of Win32/Adware.BHO.V application KARLO-1\Karlo
14.3.2007 22:22:37 IMON file http://82.98.235.61/ms_s_2.dll?uid=1...B268D869044B7D Win32/Spy.VBStat.J trojan Connection terminated KARLO-1\Karlo
14.3.2007 22:22:35 IMON file http://82.98.235.61/nauj/really.dll?...B268D869044B7D Win32/BHO.G trojan Connection terminated KARLO-1\Karlo
14.3.2007 22:05:47 IMON file http://82.98.235.61/nauj/really.dll?...B268D869044B7D Win32/BHO.G trojan Connection terminated KARLO-1\Karlo
14.3.2007 22:05:46 IMON file http://82.98.235.61/execpyd.exe?uid=...B268D869044B7D Win32/Adware.Toolbar.SearchColours application Connection terminated KARLO-1\Karlo
13.3.2007 22:06:06 IMON file http://82.98.235.61/execpyd.exe?uid=...B268D869044B7D Win32/Adware.Toolbar.SearchColours application Connection terminated KARLO-1\Karlo
13.3.2007 22:05:56 IMON file http://82.98.235.61/ms_s_2.dll?uid=E...B268D869044B7D Win32/Spy.VBStat.J trojan Connection terminated KARLO-1\Karlo
13.3.2007 22:05:47 IMON file http://69.31.80.179/9ta01.dll a variant of Win32/Adware.BHO.V application KARLO-1\Karlo
13.3.2007 22:05:37 IMON file http://82.98.235.61/nauj/really.dll?...B268D869044B7D Win32/BHO.G trojan Connection terminated KARLO-1\Karlo
12.3.2007 19:56:13 IMON file http://82.98.235.61/execpyd.exe?uid=...B268D869044B7D Win32/Adware.Toolbar.SearchColours application Connection terminated KARLO-1\Karlo
12.3.2007 19:56:05 IMON file http://82.98.235.61/nauj/really.dll?...B268D869044B7D Win32/BHO.G trojan Connection terminated KARLO-1\Karlo
11.3.2007 19:48:00 IMON file http://82.98.235.61/ms_s_2.dll?uid=E...B268D869044B7D Win32/Spy.VBStat.J trojan Connection terminated KARLO-1\Karlo

znači trojanac...kaj sad?
probo sam ad-aware, spybot i avg...

[KnezTame]

Kaj nist neide?

Ajd ovak probaj:

Skini si ljepo Ewido; Link

Odi u safe mode (F8 prije podizanja windoza) pa iz safe moda napravi full scan.
Isto tak obavezno iskljuci system restore prije skeniranja.

E da pocisti si cookie i temporary fileove; recimo c Ccleaner

[greenfly]

klikni na jednog od tih objekata u threat-u , maksimaliziraj, idi sa strelicom na objekt da ti se pojavi natpis o akciji koju je nod poduzeo "ili nije mogao poduzeti" i onda baci screenshot!!!!


jer ako je IMOn blokirao---onda nisi ništa pokupio ,to ćeš vidjeti u NOD 32 System tools,,pod quarantine!!! tu možeš isto vidjeti koja je akcija poduzeta,,

Imaš li kakvih posljedica (usporavanje,,,,itd)???

[Flytech]

@ knez tame: budem tak napravio...pa javim

[Flytech]

Citiraj:

Autor greenfly

klikni na jednog od tih objekata u threat-u , maksimaliziraj, idi sa strelicom na objekt da ti se pojavi natpis o akciji koju je nod poduzeo "ili nije mogao poduzeti" i onda baci screenshot!!!!

pod action piše Connection Terminated

[greenfly]

Gledaj recimo: OVO

Skeniraj nodom ali "scan and cleen"-----ako nema crvenih ...nema beda!!


Uvijek ti preostaje hijack . pa brisanje,,,...

[Flytech]

Citiraj:

Autor greenfly

Gledaj recimo: OVO

Skeniraj nodom ali "scan and cleen"-----ako nema crvenih ...nema beda!!


Uvijek ti preostaje hijack . pa brisanje,,,...

kužim kaj oćeš reć sa screenshotom...al meni tu pod information je prazno (i neće se niš pojavit)
napravio sam scan & clean i počistio 1 file...al nije pomoglo

[greenfly]

Ne kužim,, kad skenaš on-demand,da li ti baci koji "crveni"???????
I,,,ako da, da li su to oni koje si gore postao -u threatu ????

[Flytech]

napravio sam on demand i našo neki win32 adware (isto ko u threat logu) i bacio ga u quarantine...da ga pobrišem?