PDA

Pogledaj cijelu verziju : nekakav -ware, nemogu ocistiti



Kron
29-12-2008, 23:02
frend mi je nakupio gluposti, i sve sam mu po par puta skenirao sa nod32 i spybotom te sve ocistio, sad ne pokazuje nista ali prilikom otvaranja foldera ili linkova na netu izbaci mu poruku "You have finished downloading "enter-random-amateur-pr0n-name-here". Would you like to watch it?" i pise yes, no i sto god kliknemo otvara mu net na stranicu XXX sadrzaja.


ima li jos kakav program s cim bi mogli skenati ili nema nade?

SkunK
29-12-2008, 23:23
Kako stojiš s Windows updateom?

Pri bootu - F8 -> Safe mod :

Skeniranje :

- Nod32 full scan
- Spybot S&D full scan
- Po mogucnosti scan s ad-awareom(ili spyware doctor ili webrootov antispyware ali obadvoje treba kupiti da bi ti ocistili spyware/adware)
- Skini hijackthis i pukni log ovdje

Kron
29-12-2008, 23:47
windowsi mi nam je friško instaliro jedan barba :P
tako da ne znam verziju

probati cu ono pa javim.


btw jel mogu u isto vrijeme odba dva skena radit? da ustedim vrijeme

SkunK
30-12-2008, 00:16
1. Nemogu. Ušteda vremena :roll:

2. Kakve veze "friška" verzija Windowsa ima s Windows updateom? Isto, nisi naveo koji tocno Windows ali siguran sam 90% da nisi niti napravio update + stavio neki od SP-a što ti je garancija za zarazu cim se prakticki spojis na Internet.

C
30-12-2008, 03:12
Samo ta "garancija" nema reklamaciju. 8)

Kron
30-12-2008, 09:31
version 2002 service pack 2


jel to to?

SkunK
30-12-2008, 12:50
To je service Pack 2. Jel imas originalne Windowse?

Deadwalker
30-12-2008, 13:04
Kao sto ti je Reiko rekao, skeniraj s onim alatima cijeli sistem i javi rezultat(pazi da ti alati budu update-ani inace su beskorisni). Ako pomocu njih nista ne nađeš, onda ti preostaje reinstalacija windowsa... I da, ako nisi, napravi windows update, također može pomoci...

Kron
30-12-2008, 14:31
evo loga


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:40:28, on 30.12.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\T-Com Antidialer\T-Com Antidialer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.net.hr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: GigaNet.com - {DE2C5EF2-DFBF-49B0-BBF2-3B2805A52722} - C:\WINDOWS\system32\dhofozr.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan]SSOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA]S"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [NeroFilterCheck]SC:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl]S"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [egui]S"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

SkunK
30-12-2008, 16:03
Nisi odgovorio jesu li Windowsi original?

Inače, mozes slobodno ubiti ove stvari iz hijackthis-a :

O2 - BHO: GigaNet.com - {DE2C5EF2-DFBF-49B0-BBF2-3B2805A52722} - C:\WINDOWS\system32\dhofozr.dll Trojan koji dize popupe

Ovo ostalo mi se cini cistim, u svakom slucaju skeniraj opet s hijackthis, onda oznaci ovo sto sam ti gore naveo i stisni delete ili sta vec...

Kron
30-12-2008, 21:15
satro sam ga :friends:


hvala puno, pogotovo Reiku

SkunK
30-12-2008, 21:49
Np, jel radi sve kako treba sad?

Inace, opet izbjegavas pitanje jesu li Winsi original :)

Kron
30-12-2008, 23:57
[izbjegavanje_odgovra]sve radi :thumbs2: [/izbjegavanje_odgovora]


:P