Opterećenje CPU-a

1

Opterećenje CPU-a

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 728
  • Gde živiš: Loznica

Od kada mi je podignut sistem primetio sam da sve sporije radi nego pre. Kada sam otvorio task manager video sam da je CPU 100% zauzet.
screenshot:


.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 6.0.2900.5512
Run by White Knight at 21:39:01 on 2011-07-20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.180 [GMT -7:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\White Knight\Application Data\dwm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\White Knight\Application Data\Microsoft\conhost.exe
C:\WINDOWS\Bfolyb.exe
svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Winamp\winampa.exe
C:\program files\relevantknowledge\rlvknlg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\DOCUME~1\WHITEK~1\LOCALS~1\Temp\Bcl.exe
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\White Knight\Desktop\dds.scr
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=w7th2
uInternet Settings,ProxyServer = http=127.0.0.1:56242
mSearchAssistant = hxxp://start.facemoods.com/?a=w7th2&s={searchTerms}&f=4
uWinlogon: Shell=explorer.exe,c:\documents and settings\white knight\application data\dwm.exe
uWindows: Load=c:\docume~1\whitek~1\locals~1\temp\csrss.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - c:\program files\dealply\DealPlyIE.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
uRun: [Google Update] "c:\documents and settings\white knight\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Google] c:\documents and settings\white knight\application data\googlebpw.exe
uRun: [8DDYX0ZBPZ] c:\docume~1\whitek~1\locals~1\temp\Bcl.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [XMZH42I4GI] c:\windows\Bfolyb.exe
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [Super-Charger] c:\program files\msi\super-charger\StartSuperCharger.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [conhost] c:\documents and settings\white knight\application data\microsoft\conhost.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [facemoods] "c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe" /md I
mRun: [RelevantKnowledge] c:\program files\relevantknowledge\rlvknlg.exe -boot
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
.
============= SERVICES / DRIVERS ===============
.
R2 SSHNAS;SSHNAS;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]
.
=============== Created Last 30 ================
.
2011-07-21 03:36:44 143872 ----a-w- c:\windows\system32\xvid.ax
2011-07-20 19:41:03 -------- d-----w- c:\program files\The KMPlayer
2011-07-20 07:30:08 -------- d-s---w- c:\documents and settings\white knight\UserData
2011-07-20 06:22:19 175616 ----a-w- c:\windows\system32\unrar.dll
2011-07-20 06:22:18 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-07-20 06:22:17 73216 ----a-w- c:\windows\system32\ff_vfw.dll
2011-07-20 06:22:17 645632 ----a-w- c:\windows\system32\xvidcore.dll
2011-07-20 06:22:17 240640 ----a-w- c:\windows\system32\xvidvfw.dll
2011-07-20 06:22:17 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-07-20 06:22:17 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-07-20 06:22:14 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-07-20 02:16:23 -------- d-----w- c:\documents and settings\white knight\application data\facemoods.com
2011-07-20 01:27:14 -------- d-----w- c:\program files\URUSoft
2011-07-19 23:34:14 -------- d-----w- c:\program files\facemoods.com
2011-07-19 23:31:31 -------- d-----w- c:\program files\RelevantKnowledge
2011-07-19 23:30:54 -------- d-----w- c:\program files\DealPly
2011-07-19 23:30:35 -------- d-----w- c:\program files\themexp.org
2011-07-19 19:06:44 -------- d-----w- c:\windows\system32\Adobe
2011-07-19 18:27:05 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-07-19 18:24:42 -------- d-----w- c:\windows\ShellNew
2011-07-19 17:22:02 215920 ----a-w- c:\windows\system32\muweb.dll
2011-07-19 17:22:02 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-07-19 17:22:01 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-07-19 17:14:44 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Microsoft Help
2011-07-18 02:03:06 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-07-18 02:03:06 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-07-18 01:52:16 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-07-18 01:47:51 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2011-07-18 01:47:51 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2011-07-18 01:46:54 361600 -c----w- c:\windows\system32\dllcache\tcpip.sys
2011-07-18 01:46:10 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-07-18 01:46:10 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-07-18 01:46:10 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-07-18 01:46:09 2069376 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-07-18 01:45:41 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-07-18 01:45:26 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-07-18 01:45:26 -------- d-----w- c:\windows\system32\PreInstall
2011-07-18 01:45:24 -------- d--h--w- c:\windows\$hf_mig$
2011-07-18 01:43:47 236544 ----a-w- c:\windows\Bfolyb.exe
2011-07-17 04:24:03 177 ----a-w- c:\documents and settings\white knight\application data\update.bat
2011-07-17 04:24:02 287 ----a-w- c:\documents and settings\white knight\application data\akle.exe
2011-07-17 03:54:01 236544 ----a-w- c:\windows\Bfolya.exe
2011-07-17 03:53:57 180736 ----a-w- c:\documents and settings\white knight\application data\dwm.exe
2011-07-17 03:53:44 1113088 ----a-w- c:\windows\system32\sshnas21.dll
2011-07-17 03:53:35 172032 ----a-w- c:\documents and settings\white knight\application data\microsoft\conhost.exe
2011-07-17 03:53:21 311932 ----a-w- c:\documents and settings\white knight\application data\twmb.exe
2011-07-16 23:59:57 27904 ----a-w- c:\windows\system32\drivers\VIAAGP1.SYS
2011-07-16 23:59:52 -------- d-----w- c:\windows\system32\ReinstallBackups
2011-07-16 23:59:32 306688 ----a-w- c:\windows\IsUninst.exe
2011-07-16 23:59:25 -------- d-----w- c:\documents and settings\white knight\WINDOWS
2011-07-16 20:55:39 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Adobe
2011-07-16 20:43:06 -------- d-----w- c:\program files\BitTorrent
2011-07-16 20:42:35 -------- d-----w- c:\documents and settings\white knight\application data\BitTorrent
2011-07-16 20:26:15 83072 -c--a-w- c:\windows\system32\dllcache\wdmaud.sys
2011-07-16 20:26:15 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys
2011-07-16 20:21:59 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-07-16 20:19:03 -------- d-----w- c:\documents and settings\white knight\application data\BSplayer Pro
2011-07-16 20:19:03 -------- d-----w- c:\documents and settings\white knight\application data\BSplayer
2011-07-16 20:19:02 -------- d-----w- c:\program files\Webteh
2011-07-16 19:28:25 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Google
2011-07-16 19:00:26 -------- d-s---w- c:\windows\system32\Microsoft
.
==================== Find3M ====================

https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Pozdrav.
@White Knight
Koji AntiVirus koristis? Koji je prvi i osnovni korak ka zasticenom sistemu?

Imas dosta besplatnih resenja koji mogu vrlo dobro da te posluze.
Ovde mozes naci dodatne informacije o izboru AV-a ako ti je potrebno.
http://www.mycity.rs/Antivirus-programi/


Izaberi neki AntiVirus koji tebi odgovara i instaliraj ga. Azuriraj antivirus i odradi Full Scan sistema.

Po zavrsenom skeniranju ponovo pokreni DDS program i kopiraj svez DDS.txt log.
log Attach.txt prikaci uz poruku koristeci opciju '' Prikači fajl ''.

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 728
  • Gde živiš: Loznica

.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 6.0.2900.5512
Run by White Knight at 11:38:23 on 2011-07-21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.217 [GMT -7:00]
.
AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\White Knight\Application Data\dwm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\White Knight\Application Data\Microsoft\conhost.exe
C:\WINDOWS\Bfolyb.exe
svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\WHITEK~1\LOCALS~1\Temp\Bcl.exe
C:\Documents and Settings\White Knight\Desktop\dds.scr
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=w7th2
uInternet Settings,ProxyServer = http=127.0.0.1:56242
mSearchAssistant = hxxp://start.facemoods.com/?a=w7th2&s={searchTerms}&f=4
uWinlogon: Shell=explorer.exe,c:\documents and settings\white knight\application data\dwm.exe
uWindows: Load=c:\docume~1\whitek~1\locals~1\temp\csrss.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - c:\program files\dealply\DealPlyIE.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
uRun: [Google Update] "c:\documents and settings\white knight\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Google] c:\documents and settings\white knight\application data\googlebpw.exe
uRun: [8DDYX0ZBPZ] c:\docume~1\whitek~1\locals~1\temp\Bcl.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [XMZH42I4GI] c:\windows\Bfolyb.exe
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [Super-Charger] c:\program files\msi\super-charger\StartSuperCharger.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [facemoods] "c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe" /md I
mRun: [conhost] c:\documents and settings\white knight\application data\microsoft\conhost.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [RelevantKnowledge] c:\program files\relevantknowledge\rlvknlg.exe -boot
mRun: [TNOD UP] "c:\program files\tnod user & password finder\TNODUP.exe" /i
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-4-9 107256]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-4-9 731840]
R2 SSHNAS;SSHNAS;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]
.
=============== Created Last 30 ================
.
2011-07-21 17:04:36 -------- d-----w- c:\program files\TNod User & Password Finder
2011-07-21 16:52:14 -------- d-----w- c:\documents and settings\white knight\application data\ESET
2011-07-21 16:52:10 -------- d-----w- c:\documents and settings\white knight\local settings\application data\ESET
2011-07-21 16:49:43 -------- d-----w- c:\program files\ESET
2011-07-21 03:36:44 143872 ----a-w- c:\windows\system32\xvid.ax
2011-07-20 19:41:03 -------- d-----w- c:\program files\The KMPlayer
2011-07-20 07:30:08 -------- d-s---w- c:\documents and settings\white knight\UserData
2011-07-20 06:22:19 175616 ----a-w- c:\windows\system32\unrar.dll
2011-07-20 06:22:18 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-07-20 06:22:17 73216 ----a-w- c:\windows\system32\ff_vfw.dll
2011-07-20 06:22:17 645632 ----a-w- c:\windows\system32\xvidcore.dll
2011-07-20 06:22:17 240640 ----a-w- c:\windows\system32\xvidvfw.dll
2011-07-20 06:22:17 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-07-20 06:22:17 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-07-20 06:22:14 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-07-20 02:16:23 -------- d-----w- c:\documents and settings\white knight\application data\facemoods.com
2011-07-20 01:27:14 -------- d-----w- c:\program files\URUSoft
2011-07-19 23:34:14 -------- d-----w- c:\program files\facemoods.com
2011-07-19 23:31:31 -------- d-----w- c:\program files\RelevantKnowledge
2011-07-19 23:30:54 -------- d-----w- c:\program files\DealPly
2011-07-19 23:30:35 -------- d-----w- c:\program files\themexp.org
2011-07-19 19:06:44 -------- d-----w- c:\windows\system32\Adobe
2011-07-19 18:27:05 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-07-19 18:24:42 -------- d-----w- c:\windows\ShellNew
2011-07-19 17:22:02 215920 ----a-w- c:\windows\system32\muweb.dll
2011-07-19 17:22:02 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-07-19 17:22:01 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-07-19 17:14:44 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Microsoft Help
2011-07-18 02:03:06 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-07-18 02:03:06 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-07-18 01:52:16 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-07-18 01:47:51 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2011-07-18 01:47:51 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2011-07-18 01:46:54 361600 -c----w- c:\windows\system32\dllcache\tcpip.sys
2011-07-18 01:46:10 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-07-18 01:46:10 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-07-18 01:46:10 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-07-18 01:46:09 2069376 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-07-18 01:45:41 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-07-18 01:45:26 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-07-18 01:45:26 -------- d-----w- c:\windows\system32\PreInstall
2011-07-18 01:45:24 -------- d--h--w- c:\windows\$hf_mig$
2011-07-18 01:43:47 236544 ----a-w- c:\windows\Bfolyb.exe
2011-07-17 04:24:03 177 ----a-w- c:\documents and settings\white knight\application data\update.bat
2011-07-17 04:24:02 287 ----a-w- c:\documents and settings\white knight\application data\akle.exe
2011-07-17 03:54:01 236544 ----a-w- c:\windows\Bfolya.exe
2011-07-17 03:53:57 180736 ----a-w- c:\documents and settings\white knight\application data\dwm.exe
2011-07-17 03:53:44 1113088 ----a-w- c:\windows\system32\sshnas21.dll
2011-07-17 03:53:35 169472 ----a-w- c:\documents and settings\white knight\application data\microsoft\conhost.exe
2011-07-17 03:53:21 311932 ----a-w- c:\documents and settings\white knight\application data\twmb.exe
2011-07-16 23:59:57 27904 ----a-w- c:\windows\system32\drivers\VIAAGP1.SYS
2011-07-16 23:59:52 -------- d-----w- c:\windows\system32\ReinstallBackups
2011-07-16 23:59:32 306688 ----a-w- c:\windows\IsUninst.exe
2011-07-16 23:59:25 -------- d-----w- c:\documents and settings\white knight\WINDOWS
2011-07-16 20:55:39 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Adobe
2011-07-16 20:43:06 -------- d-----w- c:\program files\BitTorrent
2011-07-16 20:42:35 -------- d-----w- c:\documents and settings\white knight\application data\BitTorrent
2011-07-16 20:26:15 83072 -c--a-w- c:\windows\system32\dllcache\wdmaud.sys
2011-07-16 20:26:15 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys
2011-07-16 20:21:59 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-07-16 20:19:03 -------- d-----w- c:\documents and settings\white knight\application data\BSplayer Pro
2011-07-16 20:19:03 -------- d-----w- c:\documents and settings\white knight\application data\BSplayer
2011-07-16 20:19:02 -------- d-----w- c:\program files\Webteh
2011-07-16 19:28:25 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Google
2011-07-16 19:00:26 -------- d-s---w- c:\windows\system32\Microsoft
.
==================== Find3M ====================
.
2011-07-16 20:23:09 44 ----a-w- c:\windows\system32\msssc.dll
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25:27 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07:50 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-26 11:07:50 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-25 14:47:19 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-04-25 14:47:19 667136 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 14:47:19 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-04-25 12:56:44 369664 ----a-w- c:\windows\system32\html.iec
.
============= FINISH: 11:40:35.06 ===============

https://www.mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Arrow Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 728
  • Gde živiš: Loznica

ComboFix 11-07-21.02 - White Knight 07/21/2011 16:46:06.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.225 [GMT -7:00]
Running from: c:\documents and settings\White Knight\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk
c:\documents and settings\unlock\wrar380.exe
c:\documents and settings\White Knight\Application Data\7za.exe
c:\documents and settings\White Knight\Application Data\dwm.exe
c:\documents and settings\White Knight\Application Data\facemoods.com
c:\documents and settings\White Knight\Application Data\googlebpw.exe
c:\documents and settings\White Knight\Application Data\Microsoft\conhost.exe
c:\documents and settings\White Knight\Application Data\Setup.exe
c:\documents and settings\White Knight\Application Data\twmb.exe
c:\documents and settings\White Knight\WINDOWS
c:\program files\facemoods.com
c:\program files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoods.crx
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoods.png
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsApp.dll
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsEng.dll
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
c:\program files\facemoods.com\facemoods\1.4.17.8\uninstall.exe
c:\program files\facemoods.com\sqlite3.dll
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\ncncf.dat
c:\program files\RelevantKnowledge\nscf.dat
c:\program files\RelevantKnowledge\rlls.dll
c:\program files\RelevantKnowledge\rlls64.dll
c:\program files\RelevantKnowledge\rloci.bin
c:\program files\RelevantKnowledge\rlservice.exe
c:\program files\RelevantKnowledge\rlvknlg64.exe
c:\program files\TNod User & Password Finder\TNODUP.exe
c:\windows\Bfolyb.exe
c:\windows\system32\msssc.dll
c:\windows\system32\sshnas21.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
-------\Service_SSHNAS
.
.
((((((((((((((((((((((((( Files Created from 2011-06-21 to 2011-07-21 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 14:02 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-04-29 17:25 . 2008-04-14 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-26 11:07 . 2008-04-14 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-25 14:47 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-04-25 14:47 . 2008-04-14 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 14:47 . 2008-04-14 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-04-25 12:56 . 2008-04-14 12:00 369664 ----a-w- c:\windows\system32\html.iec
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-09-20 . AB9E8F44D2F80A8060BEFB29192F4249 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}]
2011-05-29 09:15 78600 ----a-w- c:\program files\DealPly\DealPlyIE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-28 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-07-11 74752]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2029640]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-04-14 99840]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-12 83360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4/9/2009 3:18 PM 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [4/9/2009 3:19 PM 731840]
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1614895754-1177238915-1003Core.job
- c:\documents and settings\White Knight\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 19:28]
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1614895754-1177238915-1003UA.job
- c:\documents and settings\White Knight\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 19:28]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.facemoods.com/?a=w7th2
uInternet Settings,ProxyServer = http=127.0.0.1:56242
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
HKCU-Run-Google - c:\documents and settings\White Knight\Application Data\googlebpw.exe
HKCU-Run-XMZH42I4GI - c:\windows\Bfolyb.exe
HKCU-Run-Xvid - c:\program files\Xvid\CheckUpdate.exe
HKLM-Run-Super-Charger - c:\program files\MSI\Super-Charger\StartSuperCharger.exe
HKLM-Run-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe
HKLM-Run-TNOD UP - c:\program files\TNod User & Password Finder\TNODUP.exe
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.8\uninstall.exe
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files\relevantknowledge\rlvknlg.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-21 16:55
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3760)
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
.
**************************************************************************
.
Completion time: 2011-07-21 17:00:21 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-22 00:00
.
Pre-Run: 9,763,426,304 bytes free
Post-Run: 10,371,883,008 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - AD8C70ED7983DB1D56AC252E3889FD10

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Arrow Otvoriti Notepad i iskopirati sledeci tekst:

SkipFix::

DDS::
uStart Page = hxxp://start.facemoods.com/?a=w7th2


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

..............................................................................

Arrow Preuzmi Security Check i sacuvaj ga na Desktop.

Dvoklikom pokreni program.
Pritisnite bilo koji taster da nastavis skeniranje i pricekaj dok program ne dovrsi analizu.
Ukoliko te tvoj Firewall program upozori na aktivnost Security Check-a dozvoli mu klikom na Allow ili slicno tome.
Po zavrsetku procesa otvorice ti se notepad ( checkup.txt ) sa izvestajem.
Kopiraj sadrzaj tog izvestaja u sledecoj poruci.

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 728
  • Gde živiš: Loznica

ComboFix 11-07-24.03 - White Knight 07/25/2011 11:46:16.5.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.254 [GMT -7:00]
Running from: c:\documents and settings\White Knight\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\White Knight\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
- REDUCED FUNCTIONALITY MODE -
.
.
((((((((((((((((((((((((( Files Created from 2011-06-25 to 2011-07-25 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 14:02 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-04-29 17:25 . 2008-04-14 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-09-20 . AB9E8F44D2F80A8060BEFB29192F4249 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-07-21_23.55.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-24 23:06 . 2008-04-14 07:15 15104 c:\windows\system32\drivers\usbscan.sys
+ 2011-07-24 23:06 . 2008-04-14 07:15 15104 c:\windows\system32\dllcache\usbscan.sys
+ 2011-07-24 23:06 . 2001-08-18 05:36 5632 c:\windows\system32\ptpusb.dll
+ 2011-07-24 23:06 . 2008-04-14 12:42 159232 c:\windows\system32\ptpusd.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}]
2011-05-29 09:15 78600 ----a-w- c:\program files\DealPly\DealPlyIE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-28 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-07-11 74752]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2029640]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-04-14 99840]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-12 83360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4/9/2009 3:18 PM 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [4/9/2009 3:19 PM 731840]
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1614895754-1177238915-1003Core.job
- c:\documents and settings\White Knight\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 19:28]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1614895754-1177238915-1003UA.job
- c:\documents and settings\White Knight\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 19:28]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyServer = http=127.0.0.1:56242
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 11:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2392)
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
.
Completion time: 2011-07-25 11:50:41
ComboFix-quarantined-files.txt 2011-07-25 18:50
ComboFix2.txt 2011-07-25 18:24
ComboFix3.txt 2011-07-25 18:05
ComboFix4.txt 2011-07-25 17:47
ComboFix5.txt 2011-07-25 18:44
.
Pre-Run: 10,003,554,304 bytes free
Post-Run: 9,992,712,192 bytes free
.
- - End Of File - - CF5BDE1981AF8E41A7FF3B8DB35CC44B



Results of screen317's Security Check version 0.99.17
Windows XP Service Pack 3
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ESET Smart Security
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:

Adobe Reader X (10.1.0)
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Ovde vise nema aktivnog malware-a. Reci mi kako ti sad radi racunar?

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 728
  • Gde živiš: Loznica

Sada radi još sporije nego ranije i dosta ''secka'', treba mu dosta vremena da učita windows kada ga uključim.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Hajde ponovo pokreni DDS i postavi mi svez DDS.txt a log Attach.txt okaci uz poruku koristeci opciju Prikaci fajl

Ko je trenutno na forumu
 

Ukupno su 947 korisnika na forumu :: 28 registrovanih, 6 sakrivenih i 913 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: acatomic, babaroga, bojan_t, bojcistv, DPera, Dragon Order, elenemste, esx66, Frunze, galerija, HrcAk47, Kibice, kunktator, kuntalo, Lieutenant, marsovac 2, Milan A. Nikolic, Milos ZA, MiroslavD, mocnijogurt, nenad81, raptorsi, Sirius, SlaKoj, TBF1D, Trpe Grozni, User98, vathra