Problem sa drajverom.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 14-02-03.01 - Mihajlo 02/05/2014 14:42:42.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.220 [GMT 1:00]
Running from: c:\documents and settings\Mihajlo\My Documents\ComboFix.exe
Command switches used :: c:\documents and settings\Mihajlo\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\win
c:\win\names.txt
.
.
((((((((((((((((((((((((( Files Created from 2014-01-05 to 2014-02-05 )))))))))))))))))))))))))))))))
.
.
2014-02-04 17:19 . 2014-02-05 12:55 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2014-02-04 15:46 . 2014-02-04 15:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2014-02-02 16:37 . 2014-02-02 16:40 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-02-02 16:37 . 2014-02-02 16:37 -------- d-----w- c:\documents and settings\Mihajlo\Application Data\Malwarebytes
2014-02-02 16:37 . 2014-02-02 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2014-02-02 13:29 . 2014-02-02 13:29 -------- d-----w- c:\documents and settings\Mihajlo\Local Settings\Application Data\TechSmith
2014-02-02 13:29 . 2014-02-02 13:29 -------- d-----w- c:\documents and settings\Mihajlo\Local Settings\Application Data\Help
2014-02-02 13:28 . 2002-05-08 02:02 110592 ----a-w- c:\windows\system32\tsccvid.dll
2014-02-02 13:28 . 2014-02-02 13:28 -------- d-----w- c:\program files\TechSmith
2014-01-17 02:18 . 2014-01-17 02:17 1194185 ----a-w- c:\windows\unins000.exe
2014-01-17 01:58 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2014-01-17 01:58 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2014-01-17 01:58 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2014-01-17 01:58 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2014-01-17 01:58 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2014-01-17 01:58 . 2014-01-17 01:58 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2014-01-17 01:58 . 2014-01-17 01:58 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2014-01-16 23:18 . 2008-05-21 08:48 9694440 ----a-w- c:\windows\Bildschirmschoner.scr
2014-01-15 22:47 . 2014-01-15 22:47 -------- d-----w- c:\windows\San Andreas Mod Installer
2014-01-15 22:34 . 2014-01-17 01:59 -------- d-----w- c:\program files\Rockstar Games
2014-01-14 14:43 . 2014-01-14 14:43 -------- d-----w- c:\program files\CCleaner
2014-01-11 12:12 . 2008-04-14 01:41 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2014-01-11 12:12 . 2008-04-14 01:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2014-01-11 12:12 . 2001-08-17 09:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2014-01-11 12:12 . 2001-08-17 09:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2014-01-11 12:12 . 2008-04-13 20:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2014-01-11 12:12 . 2008-04-13 20:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-04 17:20 . 2014-02-04 17:21 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys.1391604623968
2014-01-18 14:54 . 2013-12-30 03:57 60416 ----a-w- c:\windows\ALCFDRTM.VER
2014-01-02 15:20 . 2014-01-02 15:20 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-30 03:57 . 2013-12-30 03:57 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2013-12-21 17:22 . 2013-12-21 17:22 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2013-12-18 17:13 . 2013-12-18 14:47 2311840 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2013-12-18 14:47 . 2013-12-18 14:47 18368 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VSA\9.0\1033\ResourceCache.dll
2013-12-18 00:20 . 2013-12-18 00:20 112832 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2013-12-13 09:30 . 2013-12-13 08:31 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-12-13 09:30 . 2013-12-13 08:31 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-12-13 08:34 . 2013-12-13 08:31 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-12-13 08:31 . 2013-12-13 08:31 22328 ----a-w- c:\documents and settings\Mihajlo\Application Data\PnkBstrK.sys
2013-12-12 05:09 . 2008-04-14 12:00 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-12 05:09 . 2008-04-14 12:00 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-27 20:21 . 2012-06-13 15:35 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59 . 2012-02-29 14:08 150528 ----a-w- c:\windows\system32\imagehlp.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-06-13 . E17798E1E6FF1CA9C67B8576570E05EE . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"="c:\documents and settings\Mihajlo\Application Data\BitTorrent\BitTorrent.exe" [2014-02-03 900696]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2014-02-04 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-12-14 577536]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-09-24 98304]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2014-01-01 18:43 138096 ----atw- c:\documents and settings\Mihajlo\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
c:\program files\Mobogenie\DaemonProcess.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Updates Free]
c:\program files\Software Updates Free\Software Checker.exe [BU]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Mihajlo\\Application Data\\BitTorrent\\BitTorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\Mihajlo\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\KMPProcess.exe"=
.
R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [6/13/2012 4:45 PM 13616]
R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [6/13/2012 4:45 PM 5632]
R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [6/13/2012 4:45 PM 13616]
R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [1/22/2013 4:05 AM 16640]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [1/2/2014 4:20 PM 243128]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [12/20/2013 6:49 PM 103040]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2/2/2014 5:37 PM 40776]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;"c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" --> c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [?]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [3/30/2009 3:09 AM 239336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-04 18:05 1211720 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 05:09]
.
2014-02-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-299502267-152049171-842925246-1003Core.job
- c:\documents and settings\Mihajlo\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2014-01-01 18:43]
.
2014-02-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-299502267-152049171-842925246-1003UA.job
- c:\documents and settings\Mihajlo\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2014-01-01 18:43]
.
2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-12-28 06:17]
.
2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-12-28 06:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.windowsxlive.net
TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2014-02-05 14:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(688)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Completion time: 2014-02-05 14:53:33
ComboFix-quarantined-files.txt 2014-02-05 13:53
ComboFix2.txt 2014-02-04 13:25
.
Pre-Run: 4,313,427,968 bytes free
Post-Run: 4,319,465,472 bytes free
.
- - End Of File - - 0A1D2B2A32D9453183C4AD20B85DA335
8F558EB6672622401DA993E1E865C861

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi MCShield sa sljedeće adrese:

http://www.mcshield.net/download/MCShield-Setup.exe

Instaliraj MCShield i sačekaj da se završi uvodno skeniranje.

Kad se završi uvodno skeniranje, ubacuj sve USB memorijske uređaje redom u USB port i svaki zadrži u portu dok MCShield ne izbaci poruku da je skeniranje završeno. Ukoliko imaš više USB uređaja, zabilježi negdje kojim su redom ubacivani.

Objašnjenje: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd.

Idi na Start -> All Programs -> MCShield -> Logs -> AllScans

Otvoriće ti se izvještaj u Notepad-u čiji sadržaj treba da postaviš u poruku

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Evo izvoli
>>> MCShield AllScans.txt <<<

-----------------------------




MCShield ::Anti-Malware Tool:: mcshield.net/

>>> v 3.0.4.27 / DB: 2014.2.2.1 / Windows XP <<<


2/5/2014 7:34:06 PM > Drive C: - scan started (no label ~20 GB, NTFS HDD )...



=> The drive is clean.


2/5/2014 7:34:07 PM > Drive D: - scan started (no label ~49 GB, NTFS HDD )...



=> The drive is clean.


2/5/2014 7:34:07 PM > Drive E: - scan started (no label ~8 GB, NTFS HDD )...



=> The drive is clean.





MCShield ::Anti-Malware Tool:: mcshield.net/

>>> v 3.0.4.27 / DB: 2014.2.2.1 / Windows XP <<<


2/5/2014 7:35:22 PM > Drive H: - scan started (no label ~3812 MB, FAT32 flash drive )...



---> Note: traces of file replicators have been found!

---> Executing generic S&D routine...


>>> H:\preseed.exe - Malware > Deleted. (14.02.05. 19.35 preseed.exe.610806; MD5: 56dec30ef90d4b0439349bb23dc32b51)

>>> H:\VirtualBox.exe - Malware > Deleted. (14.02.05. 19.35 VirtualBox.exe.714897; MD5: 56dec30ef90d4b0439349bb23dc32b51)

>>> H:\Igrice.exe - Malware > Deleted. (14.02.05. 19.35 Igrice.exe.942571; MD5: 56dec30ef90d4b0439349bb23dc32b51)

>>> H:\$AVG.exe - Malware > Deleted. (14.02.05. 19.35 $AVG.exe.305157; MD5: 56dec30ef90d4b0439349bb23dc32b51)

>>> H:\.disk.exe - Malware > Deleted. (14.02.05. 19.35 .disk.exe.336173; MD5: 56dec30ef90d4b0439349bb23dc32b51)

>>> H:\casper.exe - Malware > Deleted. (14.02.05. 19.35 casper.exe.657171; MD5: 56dec30ef90d4b0439349bb23dc32b51)

>>> H:\syslinux.exe - Malware > Deleted. (14.02.05. 19.35 syslinux.exe.434458; MD5: 56dec30ef90d4b0439349bb23dc32b51)

>>> H:\Remove_LiLi.bat - Suspicious > Renamed. (MD5: 61fdd053e0f0fbafcf89fdd2986711e6)

> Resetting attributes: H:\Igrice < Successful.

> Resetting attributes: H:\$AVG < Successful.

> Resetting attributes: H:\.disk < Successful.

> Resetting attributes: H:\casper < Successful.

> Resetting attributes: H:\syslinux < Successful.

> Resetting attributes: H:\preseed < Successful.

> Resetting attributes: H:\VirtualBox < Successful.


=> Malicious files : 7/7 deleted.
=> Suspicious files : 1/1 renamed.
=> Hidden folders : 7/7 unhidden.

____________________________________________

::::: Scan duration: 11sec :::::::::::::::::
____________________________________________

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da uradimo još jednu provjeru.

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 05 Feb 2014 19:51

Skinuo sam program i kada je samo skeniralo ja sam kliknuo da skenia opet i restartovao mi se komp i nista mi se ne pojavljuje?

Dopuna: 05 Feb 2014 19:53

sada sam probao oopet i kada sam skenirao nista mi se ne pojavljuje nista nije skeniralo

Dopuna: 05 Feb 2014 19:55

evo ovo mi se pojavi kad skeniram nista xd

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Idemo onda ovako:

Preuzmi aswMBR sa ovog ili ovog linka i sacuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobijes sledecu poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi.

Proveri da je pod AV Scan: izabrana opcija QuickScan

Klikni na Scan.

Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log.
Sacuvaj aswMBR log na Desktop.
Sadrzaj tog loga iskopiraj u temi.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Evo ovo a jel ovo sada sam skinuo neki antivirus?

mycity.rs/must-login.png

• 1Ovo se svidja korisniku: Fireskull
  
  Registruj se da bi pohvalio/la poruku!

Kakvo je sada stanje?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 05 Feb 2014 20:16

Pa kada sam sve ovo skinuo racunar mi brze radi vise mi se ne pojavljuje ono upozorenje uopste Jel to to?

Dopuna: 05 Feb 2014 20:21

Jel sada sve obrisano:Keylogger, jednog Crva i gomilu Adware-a?

• 1Ovo se svidja korisniku: Fireskull
  
  Registruj se da bi pohvalio/la poruku!

Da, to bi bilo to. Ostaje ti još da uradiš sljedeće:




Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti i 7 koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sljedeće:

ComboFix /Uninstall

Primjeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.





Nemaš AV program na sistemu.
Ukoliko nemaš novaca ili ne želiš da ga izdvojiš za neki komercijalni AV program, na raspolaganju ti se nalaze kvalitetni besplatni AV programi poput Avast Free, AVG Free, Avira Free, Microsoft Security Essentials, Panda Cloud AV, itd.
Nemoj koristiti piratske verzije AV programa!!!





MCShield zadrži na sistemu jer će te čuvati od napasti sa USB diskova.





Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.





S obzirom da si imao keylogger na sistemu savjetujem ti da promijeniš sve lozinke koje si koristio na tom računaru.