Poslao: 26 Avg 2008 00:56
|
offline
- bokily
- Građanin
- Pridružio: 25 Maj 2008
- Poruke: 104
- Gde živiš: ns
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:50:26 AM, on 8/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\o2flash.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bojana\Desktop\TR3.exe\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.rs/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{28FD9ACB-9DA9-4DE9-A9AF-514E18EB214B}: NameServer = 80.74.164.249 80.74.160.38
O20 - AppInit_DLLs:
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 6287 bytes
|
|
|
|
Poslao: 26 Avg 2008 16:12
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Poz...
Pokreni HijackThis, skeniraj i čekiraj sledeću liniju:
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
Klikni Fix checked.
Inače, postoji li neki konkretan problem?
|
|
|
|
|
Poslao: 26 Avg 2008 23:16
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Ikonica file-a se promeni i onda ne možeš da ga otvoriš?
Može li primer nekog takvog file-a? Šta je u pitanju, neki tekst, program, slika?
Ako imaš neki takav file a da nije prevelik, priloži ga uz poruku (korišćenjem opcije Prikači fajl).
Odradićemo još jednu proveru...
Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Program settings....
U prozoru koji se otvori, pod Troubleshooting, čekiraj opciju Disable avast! self-defence i klikni OK.
Takođe, klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection.
Napomena: Ne zaboravi da uključiš ove opcije po završetku čišćenja.
Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.
|
|
|
|
Poslao: 27 Avg 2008 00:04
|
offline
- bokily
- Građanin
- Pridružio: 25 Maj 2008
- Poruke: 104
- Gde živiš: ns
|
Fajl koji je promenio ikonicu je bio mp3,ali desilo mi se i sa textom .
ComboFix 08-08-26.01 - Bojana 2008-08-26 23:43:04.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.419 [GMT 2:00]
Running from: C:\Documents and Settings\Bojana\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\LocalService\Application Data\wsnpoem
C:\Documents and Settings\LocalService\Application Data\wsnpoem\audio.dll
C:\Documents and Settings\NetworkService\Application Data\wsnpoem
C:\Documents and Settings\NetworkService\Application Data\wsnpoem\audio.dll
C:\WINDOWS\system32\wsnpoem
C:\WINDOWS\system32\wsnpoem\audio.dll
C:\WINDOWS\system32\wsnpoem\video.dll
.
((((((((((((((((((((((((( Files Created from 2008-07-26 to 2008-08-26 )))))))))))))))))))))))))))))))
.
2008-08-26 22:05 . 2008-08-26 22:05 169 --a------ C:\WINDOWS\adidsl.ini
2008-08-26 22:03 . 2008-08-26 22:03 <DIR> d-------- C:\Program Files\SAGEM
2008-08-24 01:48 . 2008-08-24 01:49 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007
2008-08-24 01:48 . 2008-08-24 01:48 <DIR> d-------- C:\Documents and Settings\Bojana\Application Data\TuneUp Software
2008-08-24 01:48 . 2008-08-24 01:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-08-24 01:48 . 2007-05-16 09:41 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-08-24 01:47 . 2008-08-24 01:47 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-23 23:00 . 2008-08-23 23:03 <DIR> d-------- C:\Program Files\Wise Registry Cleaner 3
2008-08-23 20:09 . 2008-08-23 20:21 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-22 01:26 . 2008-08-22 01:26 <DIR> d-------- C:\Program Files\CCleaner
2008-08-20 21:04 . 2008-08-20 21:04 0 --a------ C:\WINDOWS\nsreg.dat
2008-08-18 21:21 . 2008-08-18 21:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nokia
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-26 20:05 31 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg
2008-08-26 20:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-26 20:03 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-20 11:26 --------- d-----w C:\Program Files\COMODO
2008-08-20 11:26 --------- d-----w C:\Documents and Settings\Bojana\Application Data\Comodo
2008-08-20 10:41 --------- d-----w C:\Program Files\Astonsoft
2008-08-20 08:35 --------- d-----w C:\Program Files\Nokia
2008-08-18 19:23 --------- d-----w C:\Documents and Settings\Bojana\Application Data\Nokia
2008-08-18 19:21 --------- d-----w C:\Program Files\Common Files\Nokia
2008-07-04 10:14 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-07-04 10:14 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-26 18:41 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-06-26 18:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-06-26 02:31 --------- d-----w C:\Documents and Settings\LocalService\Application Data\PC Suite
2008-06-26 02:07 --------- d-----w C:\Documents and Settings\Bojana\Application Data\PC Suite
2008-06-26 02:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-06-20 09:47 249,592 ----a-w C:\WINDOWS\system32\cssdll32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-03-20 00:36 1267040]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-06-20 11:47 66912]
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-06-20 11:47 66912 --a------ C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2005-11-30 16:56 1306624]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 00:56 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-14 13:02 7573504]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2005-12-13 08:49 217088]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672]
"NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-11-12 13:38 3096576]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-12 10:58 16264192 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-09-09 05:20 88203 C:\WINDOWS\AGRSMMSG.exe]
"nwiz"="nwiz.exe" [2006-06-14 13:02 1519616 C:\WINDOWS\system32\nwiz.exe]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-08-26 22:04:57 839680]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
R0 O2MDRDR;O2MDRDR;C:\WINDOWS\system32\DRIVERS\o2media.sys [2006-08-18 09:04]
R0 O2SDRDR;O2SDRDR;C:\WINDOWS\system32\DRIVERS\o2sd.sys [2006-06-21 11:09]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-04 00:56]
R3 e4usbae;USB ADSL2 LAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbae.sys [2006-05-04 18:50]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2006-03-02 19:25]
S3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys []
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
2008-08-23 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-02 19:35]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Bojana\Application Data\Mozilla\Firefox\Profiles\3bvtnnln.default\
FF -: plugin - C:\Program Files\Yahoo!\Shared\npYState.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-08-26 23:44:26
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-08-26 23:45:05
ComboFix-quarantined-files.txt 2008-08-26 21:45:03
Pre-Run: 30,403,735,552 bytes free
Post-Run: 30,394,847,232 bytes free
132
|
|
|
|
Poslao: 27 Avg 2008 17:11
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Ovako...
Ovo je, u principu, čist kompjuter. ComboFix je uklonio par zaostataka ranije infekcije, no ništa konkretno tu nije bilo.
Što se tiče onog screenshot-a koji si poslala... A i tih ostalih file-ova koje pominješ.
Jedino što mi pada na pamet je da su nazivi file-ova promenjeni, tj. da je uklonjena ekstenzija iz naziva file-a.
Npr, ako se file zvao neka_pesma.mp3 (s tim da je mp3 obično sakriveno/nevidljivo) i ako je preimenovan u neka_pesma, došlo bi do promene ikonice i Windows ne bi znao sa kojim programom da pokrene taj file (a tebi bi moglo da izgleda kao da file još uvek ima isti naziv).
Ako te zanimaju neka dodatna pojašnjenja, ideje, itd. možeš otvoriti temu u forumu Windows i obrazložiti o čemu se radi (jer, ja ne moram biti u pravu - možda je nešto drugo u pitanju a ne samo preimenovani file-ovi).
U svakom slučaju, problem nema veze sa malware-om.
Stoga, Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK
Sačekaj da se proces deinstalacije završi
Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji
Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore
To je sve...
|
|
|
|
Poslao: 27 Avg 2008 18:45
|
offline
- bokily
- Građanin
- Pridružio: 25 Maj 2008
- Poruke: 104
- Gde živiš: ns
|
Uradila sam deinstalaciju po uputstvu.U svakom slucaju iskljucen je malware kao uzrok,sto mi je vrlo bitno.
Hvala jos jednom.
|
|
|
|