Opterećenje CPU-a

1

Opterećenje CPU-a

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 728
  • Gde živiš: Loznica

Od kada mi je podignut sistem primetio sam da sve sporije radi nego pre. Kada sam otvorio task manager video sam da je CPU 100% zauzet.
screenshot:


.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 6.0.2900.5512
Run by White Knight at 21:39:01 on 2011-07-20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.180 [GMT -7:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\White Knight\Application Data\dwm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\White Knight\Application Data\Microsoft\conhost.exe
C:\WINDOWS\Bfolyb.exe
svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Winamp\winampa.exe
C:\program files\relevantknowledge\rlvknlg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\DOCUME~1\WHITEK~1\LOCALS~1\Temp\Bcl.exe
C:\Documents and Settings\White Knight\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\White Knight\Desktop\dds.scr
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=w7th2
uInternet Settings,ProxyServer = http=127.0.0.1:56242
mSearchAssistant = hxxp://start.facemoods.com/?a=w7th2&s={searchTerms}&f=4
uWinlogon: Shell=explorer.exe,c:\documents and settings\white knight\application data\dwm.exe
uWindows: Load=c:\docume~1\whitek~1\locals~1\temp\csrss.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - c:\program files\dealply\DealPlyIE.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
uRun: [Google Update] "c:\documents and settings\white knight\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Google] c:\documents and settings\white knight\application data\googlebpw.exe
uRun: [8DDYX0ZBPZ] c:\docume~1\whitek~1\locals~1\temp\Bcl.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [XMZH42I4GI] c:\windows\Bfolyb.exe
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [Super-Charger] c:\program files\msi\super-charger\StartSuperCharger.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [conhost] c:\documents and settings\white knight\application data\microsoft\conhost.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [facemoods] "c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe" /md I
mRun: [RelevantKnowledge] c:\program files\relevantknowledge\rlvknlg.exe -boot
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
.
============= SERVICES / DRIVERS ===============
.
R2 SSHNAS;SSHNAS;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]
.
=============== Created Last 30 ================
.
2011-07-21 03:36:44 143872 ----a-w- c:\windows\system32\xvid.ax
2011-07-20 19:41:03 -------- d-----w- c:\program files\The KMPlayer
2011-07-20 07:30:08 -------- d-s---w- c:\documents and settings\white knight\UserData
2011-07-20 06:22:19 175616 ----a-w- c:\windows\system32\unrar.dll
2011-07-20 06:22:18 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-07-20 06:22:17 73216 ----a-w- c:\windows\system32\ff_vfw.dll
2011-07-20 06:22:17 645632 ----a-w- c:\windows\system32\xvidcore.dll
2011-07-20 06:22:17 240640 ----a-w- c:\windows\system32\xvidvfw.dll
2011-07-20 06:22:17 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-07-20 06:22:17 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-07-20 06:22:14 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-07-20 02:16:23 -------- d-----w- c:\documents and settings\white knight\application data\facemoods.com
2011-07-20 01:27:14 -------- d-----w- c:\program files\URUSoft
2011-07-19 23:34:14 -------- d-----w- c:\program files\facemoods.com
2011-07-19 23:31:31 -------- d-----w- c:\program files\RelevantKnowledge
2011-07-19 23:30:54 -------- d-----w- c:\program files\DealPly
2011-07-19 23:30:35 -------- d-----w- c:\program files\themexp.org
2011-07-19 19:06:44 -------- d-----w- c:\windows\system32\Adobe
2011-07-19 18:27:05 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-07-19 18:24:42 -------- d-----w- c:\windows\ShellNew
2011-07-19 17:22:02 215920 ----a-w- c:\windows\system32\muweb.dll
2011-07-19 17:22:02 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-07-19 17:22:01 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-07-19 17:14:44 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Microsoft Help
2011-07-18 02:03:06 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-07-18 02:03:06 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-07-18 01:52:16 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-07-18 01:47:51 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2011-07-18 01:47:51 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2011-07-18 01:46:54 361600 -c----w- c:\windows\system32\dllcache\tcpip.sys
2011-07-18 01:46:10 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-07-18 01:46:10 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-07-18 01:46:10 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-07-18 01:46:09 2069376 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-07-18 01:45:41 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-07-18 01:45:26 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-07-18 01:45:26 -------- d-----w- c:\windows\system32\PreInstall
2011-07-18 01:45:24 -------- d--h--w- c:\windows\$hf_mig$
2011-07-18 01:43:47 236544 ----a-w- c:\windows\Bfolyb.exe
2011-07-17 04:24:03 177 ----a-w- c:\documents and settings\white knight\application data\update.bat
2011-07-17 04:24:02 287 ----a-w- c:\documents and settings\white knight\application data\akle.exe
2011-07-17 03:54:01 236544 ----a-w- c:\windows\Bfolya.exe
2011-07-17 03:53:57 180736 ----a-w- c:\documents and settings\white knight\application data\dwm.exe
2011-07-17 03:53:44 1113088 ----a-w- c:\windows\system32\sshnas21.dll
2011-07-17 03:53:35 172032 ----a-w- c:\documents and settings\white knight\application data\microsoft\conhost.exe
2011-07-17 03:53:21 311932 ----a-w- c:\documents and settings\white knight\application data\twmb.exe
2011-07-16 23:59:57 27904 ----a-w- c:\windows\system32\drivers\VIAAGP1.SYS
2011-07-16 23:59:52 -------- d-----w- c:\windows\system32\ReinstallBackups
2011-07-16 23:59:32 306688 ----a-w- c:\windows\IsUninst.exe
2011-07-16 23:59:25 -------- d-----w- c:\documents and settings\white knight\WINDOWS
2011-07-16 20:55:39 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Adobe
2011-07-16 20:43:06 -------- d-----w- c:\program files\BitTorrent
2011-07-16 20:42:35 -------- d-----w- c:\documents and settings\white knight\application data\BitTorrent
2011-07-16 20:26:15 83072 -c--a-w- c:\windows\system32\dllcache\wdmaud.sys
2011-07-16 20:26:15 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys
2011-07-16 20:21:59 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-07-16 20:19:03 -------- d-----w- c:\documents and settings\white knight\application data\BSplayer Pro
2011-07-16 20:19:03 -------- d-----w- c:\documents and settings\white knight\application data\BSplayer
2011-07-16 20:19:02 -------- d-----w- c:\program files\Webteh
2011-07-16 19:28:25 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Google
2011-07-16 19:00:26 -------- d-s---w- c:\windows\system32\Microsoft
.
==================== Find3M ====================

https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6082

Pozdrav.
@White Knight
Koji AntiVirus koristis? Koji je prvi i osnovni korak ka zasticenom sistemu?

Imas dosta besplatnih resenja koji mogu vrlo dobro da te posluze.
Ovde mozes naci dodatne informacije o izboru AV-a ako ti je potrebno.
http://www.mycity.rs/Antivirus-programi/


Izaberi neki AntiVirus koji tebi odgovara i instaliraj ga. Azuriraj antivirus i odradi Full Scan sistema.

Po zavrsenom skeniranju ponovo pokreni DDS program i kopiraj svez DDS.txt log.
log Attach.txt prikaci uz poruku koristeci opciju '' Prikači fajl ''.

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 728
  • Gde živiš: Loznica

.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 6.0.2900.5512
Run by White Knight at 11:38:23 on 2011-07-21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.217 [GMT -7:00]
.
AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\White Knight\Application Data\dwm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\White Knight\Application Data\Microsoft\conhost.exe
C:\WINDOWS\Bfolyb.exe
svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\WHITEK~1\LOCALS~1\Temp\Bcl.exe
C:\Documents and Settings\White Knight\Desktop\dds.scr
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=w7th2
uInternet Settings,ProxyServer = http=127.0.0.1:56242
mSearchAssistant = hxxp://start.facemoods.com/?a=w7th2&s={searchTerms}&f=4
uWinlogon: Shell=explorer.exe,c:\documents and settings\white knight\application data\dwm.exe
uWindows: Load=c:\docume~1\whitek~1\locals~1\temp\csrss.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - c:\program files\dealply\DealPlyIE.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
uRun: [Google Update] "c:\documents and settings\white knight\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Google] c:\documents and settings\white knight\application data\googlebpw.exe
uRun: [8DDYX0ZBPZ] c:\docume~1\whitek~1\locals~1\temp\Bcl.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [XMZH42I4GI] c:\windows\Bfolyb.exe
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [Super-Charger] c:\program files\msi\super-charger\StartSuperCharger.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [facemoods] "c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe" /md I
mRun: [conhost] c:\documents and settings\white knight\application data\microsoft\conhost.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [RelevantKnowledge] c:\program files\relevantknowledge\rlvknlg.exe -boot
mRun: [TNOD UP] "c:\program files\tnod user & password finder\TNODUP.exe" /i
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-4-9 107256]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-4-9 731840]
R2 SSHNAS;SSHNAS;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]
.
=============== Created Last 30 ================
.
2011-07-21 17:04:36 -------- d-----w- c:\program files\TNod User & Password Finder
2011-07-21 16:52:14 -------- d-----w- c:\documents and settings\white knight\application data\ESET
2011-07-21 16:52:10 -------- d-----w- c:\documents and settings\white knight\local settings\application data\ESET
2011-07-21 16:49:43 -------- d-----w- c:\program files\ESET
2011-07-21 03:36:44 143872 ----a-w- c:\windows\system32\xvid.ax
2011-07-20 19:41:03 -------- d-----w- c:\program files\The KMPlayer
2011-07-20 07:30:08 -------- d-s---w- c:\documents and settings\white knight\UserData
2011-07-20 06:22:19 175616 ----a-w- c:\windows\system32\unrar.dll
2011-07-20 06:22:18 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-07-20 06:22:17 73216 ----a-w- c:\windows\system32\ff_vfw.dll
2011-07-20 06:22:17 645632 ----a-w- c:\windows\system32\xvidcore.dll
2011-07-20 06:22:17 240640 ----a-w- c:\windows\system32\xvidvfw.dll
2011-07-20 06:22:17 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-07-20 06:22:17 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-07-20 06:22:14 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-07-20 02:16:23 -------- d-----w- c:\documents and settings\white knight\application data\facemoods.com
2011-07-20 01:27:14 -------- d-----w- c:\program files\URUSoft
2011-07-19 23:34:14 -------- d-----w- c:\program files\facemoods.com
2011-07-19 23:31:31 -------- d-----w- c:\program files\RelevantKnowledge
2011-07-19 23:30:54 -------- d-----w- c:\program files\DealPly
2011-07-19 23:30:35 -------- d-----w- c:\program files\themexp.org
2011-07-19 19:06:44 -------- d-----w- c:\windows\system32\Adobe
2011-07-19 18:27:05 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-07-19 18:24:42 -------- d-----w- c:\windows\ShellNew
2011-07-19 17:22:02 215920 ----a-w- c:\windows\system32\muweb.dll
2011-07-19 17:22:02 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-07-19 17:22:01 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-07-19 17:14:44 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Microsoft Help
2011-07-18 02:03:06 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-07-18 02:03:06 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-07-18 01:52:16 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-07-18 01:47:51 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2011-07-18 01:47:51 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2011-07-18 01:46:54 361600 -c----w- c:\windows\system32\dllcache\tcpip.sys
2011-07-18 01:46:10 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-07-18 01:46:10 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-07-18 01:46:10 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-07-18 01:46:09 2069376 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-07-18 01:45:41 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-07-18 01:45:26 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-07-18 01:45:26 -------- d-----w- c:\windows\system32\PreInstall
2011-07-18 01:45:24 -------- d--h--w- c:\windows\$hf_mig$
2011-07-18 01:43:47 236544 ----a-w- c:\windows\Bfolyb.exe
2011-07-17 04:24:03 177 ----a-w- c:\documents and settings\white knight\application data\update.bat
2011-07-17 04:24:02 287 ----a-w- c:\documents and settings\white knight\application data\akle.exe
2011-07-17 03:54:01 236544 ----a-w- c:\windows\Bfolya.exe
2011-07-17 03:53:57 180736 ----a-w- c:\documents and settings\white knight\application data\dwm.exe
2011-07-17 03:53:44 1113088 ----a-w- c:\windows\system32\sshnas21.dll
2011-07-17 03:53:35 169472 ----a-w- c:\documents and settings\white knight\application data\microsoft\conhost.exe
2011-07-17 03:53:21 311932 ----a-w- c:\documents and settings\white knight\application data\twmb.exe
2011-07-16 23:59:57 27904 ----a-w- c:\windows\system32\drivers\VIAAGP1.SYS
2011-07-16 23:59:52 -------- d-----w- c:\windows\system32\ReinstallBackups
2011-07-16 23:59:32 306688 ----a-w- c:\windows\IsUninst.exe
2011-07-16 23:59:25 -------- d-----w- c:\documents and settings\white knight\WINDOWS
2011-07-16 20:55:39 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Adobe
2011-07-16 20:43:06 -------- d-----w- c:\program files\BitTorrent
2011-07-16 20:42:35 -------- d-----w- c:\documents and settings\white knight\application data\BitTorrent
2011-07-16 20:26:15 83072 -c--a-w- c:\windows\system32\dllcache\wdmaud.sys
2011-07-16 20:26:15 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys
2011-07-16 20:21:59 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-07-16 20:19:03 -------- d-----w- c:\documents and settings\white knight\application data\BSplayer Pro
2011-07-16 20:19:03 -------- d-----w- c:\documents and settings\white knight\application data\BSplayer
2011-07-16 20:19:02 -------- d-----w- c:\program files\Webteh
2011-07-16 19:28:25 -------- d-----w- c:\documents and settings\white knight\local settings\application data\Google
2011-07-16 19:00:26 -------- d-s---w- c:\windows\system32\Microsoft
.
==================== Find3M ====================
.
2011-07-16 20:23:09 44 ----a-w- c:\windows\system32\msssc.dll
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25:27 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07:50 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-26 11:07:50 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-25 14:47:19 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-04-25 14:47:19 667136 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 14:47:19 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-04-25 12:56:44 369664 ----a-w- c:\windows\system32\html.iec
.
============= FINISH: 11:40:35.06 ===============

https://www.mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6082

Arrow Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 728
  • Gde živiš: Loznica

ComboFix 11-07-21.02 - White Knight 07/21/2011 16:46:06.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.225 [GMT -7:00]
Running from: c:\documents and settings\White Knight\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk
c:\documents and settings\unlock\wrar380.exe
c:\documents and settings\White Knight\Application Data\7za.exe
c:\documents and settings\White Knight\Application Data\dwm.exe
c:\documents and settings\White Knight\Application Data\facemoods.com
c:\documents and settings\White Knight\Application Data\googlebpw.exe
c:\documents and settings\White Knight\Application Data\Microsoft\conhost.exe
c:\documents and settings\White Knight\Application Data\Setup.exe
c:\documents and settings\White Knight\Application Data\twmb.exe
c:\documents and settings\White Knight\WINDOWS
c:\program files\facemoods.com
c:\program files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoods.crx
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoods.png
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsApp.dll
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsEng.dll
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe
c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
c:\program files\facemoods.com\facemoods\1.4.17.8\uninstall.exe
c:\program files\facemoods.com\sqlite3.dll
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\ncncf.dat
c:\program files\RelevantKnowledge\nscf.dat
c:\program files\RelevantKnowledge\rlls.dll
c:\program files\RelevantKnowledge\rlls64.dll
c:\program files\RelevantKnowledge\rloci.bin
c:\program files\RelevantKnowledge\rlservice.exe
c:\program files\RelevantKnowledge\rlvknlg64.exe
c:\program files\TNod User & Password Finder\TNODUP.exe
c:\windows\Bfolyb.exe
c:\windows\system32\msssc.dll
c:\windows\system32\sshnas21.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
-------\Service_SSHNAS
.
.
((((((((((((((((((((((((( Files Created from 2011-06-21 to 2011-07-21 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 14:02 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-04-29 17:25 . 2008-04-14 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-26 11:07 . 2008-04-14 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-25 14:47 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-04-25 14:47 . 2008-04-14 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 14:47 . 2008-04-14 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-04-25 12:56 . 2008-04-14 12:00 369664 ----a-w- c:\windows\system32\html.iec
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-09-20 . AB9E8F44D2F80A8060BEFB29192F4249 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}]
2011-05-29 09:15 78600 ----a-w- c:\program files\DealPly\DealPlyIE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-28 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-07-11 74752]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2029640]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-04-14 99840]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-12 83360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4/9/2009 3:18 PM 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [4/9/2009 3:19 PM 731840]
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1614895754-1177238915-1003Core.job
- c:\documents and settings\White Knight\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 19:28]
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1614895754-1177238915-1003UA.job
- c:\documents and settings\White Knight\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 19:28]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.facemoods.com/?a=w7th2
uInternet Settings,ProxyServer = http=127.0.0.1:56242
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
HKCU-Run-Google - c:\documents and settings\White Knight\Application Data\googlebpw.exe
HKCU-Run-XMZH42I4GI - c:\windows\Bfolyb.exe
HKCU-Run-Xvid - c:\program files\Xvid\CheckUpdate.exe
HKLM-Run-Super-Charger - c:\program files\MSI\Super-Charger\StartSuperCharger.exe
HKLM-Run-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe
HKLM-Run-TNOD UP - c:\program files\TNod User & Password Finder\TNODUP.exe
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.8\uninstall.exe
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files\relevantknowledge\rlvknlg.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-21 16:55
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3760)
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
.
**************************************************************************
.
Completion time: 2011-07-21 17:00:21 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-22 00:00
.
Pre-Run: 9,763,426,304 bytes free
Post-Run: 10,371,883,008 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - AD8C70ED7983DB1D56AC252E3889FD10

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6082

Arrow Otvoriti Notepad i iskopirati sledeci tekst:

SkipFix::

DDS::
uStart Page = hxxp://start.facemoods.com/?a=w7th2


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

..............................................................................

Arrow Preuzmi Security Check i sacuvaj ga na Desktop.

Dvoklikom pokreni program.
Pritisnite bilo koji taster da nastavis skeniranje i pricekaj dok program ne dovrsi analizu.
Ukoliko te tvoj Firewall program upozori na aktivnost Security Check-a dozvoli mu klikom na Allow ili slicno tome.
Po zavrsetku procesa otvorice ti se notepad ( checkup.txt ) sa izvestajem.
Kopiraj sadrzaj tog izvestaja u sledecoj poruci.

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 728
  • Gde živiš: Loznica

ComboFix 11-07-24.03 - White Knight 07/25/2011 11:46:16.5.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.254 [GMT -7:00]
Running from: c:\documents and settings\White Knight\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\White Knight\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
- REDUCED FUNCTIONALITY MODE -
.
.
((((((((((((((((((((((((( Files Created from 2011-06-25 to 2011-07-25 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 14:02 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-04-29 17:25 . 2008-04-14 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-09-20 . AB9E8F44D2F80A8060BEFB29192F4249 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-07-21_23.55.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-24 23:06 . 2008-04-14 07:15 15104 c:\windows\system32\drivers\usbscan.sys
+ 2011-07-24 23:06 . 2008-04-14 07:15 15104 c:\windows\system32\dllcache\usbscan.sys
+ 2011-07-24 23:06 . 2001-08-18 05:36 5632 c:\windows\system32\ptpusb.dll
+ 2011-07-24 23:06 . 2008-04-14 12:42 159232 c:\windows\system32\ptpusd.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}]
2011-05-29 09:15 78600 ----a-w- c:\program files\DealPly\DealPlyIE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-28 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-07-11 74752]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2029640]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-04-14 99840]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-12 83360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4/9/2009 3:18 PM 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [4/9/2009 3:19 PM 731840]
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1614895754-1177238915-1003Core.job
- c:\documents and settings\White Knight\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 19:28]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1614895754-1177238915-1003UA.job
- c:\documents and settings\White Knight\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 19:28]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyServer = http=127.0.0.1:56242
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 11:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2392)
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
.
Completion time: 2011-07-25 11:50:41
ComboFix-quarantined-files.txt 2011-07-25 18:50
ComboFix2.txt 2011-07-25 18:24
ComboFix3.txt 2011-07-25 18:05
ComboFix4.txt 2011-07-25 17:47
ComboFix5.txt 2011-07-25 18:44
.
Pre-Run: 10,003,554,304 bytes free
Post-Run: 9,992,712,192 bytes free
.
- - End Of File - - CF5BDE1981AF8E41A7FF3B8DB35CC44B



Results of screen317's Security Check version 0.99.17
Windows XP Service Pack 3
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ESET Smart Security
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:

Adobe Reader X (10.1.0)
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6082

Ovde vise nema aktivnog malware-a. Reci mi kako ti sad radi racunar?

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 728
  • Gde živiš: Loznica

Sada radi još sporije nego ranije i dosta ''secka'', treba mu dosta vremena da učita windows kada ga uključim.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6082

Hajde ponovo pokreni DDS i postavi mi svez DDS.txt a log Attach.txt okaci uz poruku koristeci opciju Prikaci fajl

Ko je trenutno na forumu
 

Ukupno su 512 korisnika na forumu :: 43 registrovanih, 6 sakrivenih i 463 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, amstel2, Apok, babaroga, Bane san, bato, dejina811, Demostant, Djokislav, Dorcolac, Drug pukovnik, dule10savic, dzoni19, flash12, galijot, GUARIN, helen1, kalens021, Lucije Kvint, MarKhan, Markoni29, Mercury, mikrimaus, miodrag, ok, ozzy, pacika, panonski mornar, Profica, rovac, ruma, S-lash, Sirius, Skijavoneska, sosko, srecko81, stegonosa, suton, Toni, trajkoni018, VJ, vladas87, yrraf