TR/ATRAPS.Gen2 virus

1

TR/ATRAPS.Gen2 virus

offline
  • boksi  Male
  • Ugledni građanin
  • Pridružio: 11 Jun 2008
  • Poruke: 472

Napisano: 04 Jun 2012 23:20

Ovaj virus mi se pojavio a Avira ne moze da ga obrise sta da radim?

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Boris at 23:09:14 on 2012-06-04
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2037.1118 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\uTorrent\uTorrent.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: DeviceVM Url Search Hook: {0063bf63-bfff-4b8f-9d26-4267df7f17dd} - c:\windows\system32\dvmurl.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GR469A~1.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
uRun: [uTorrent] "d:\utorrent\uTorrent.exe" /MINIMIZED
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe"
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
TCP: DhcpNameServer = 89.216.1.40 89.216.1.50
TCP: Interfaces\{79DC8D92-019E-4A94-8F91-3F1CC53E2DFC} : DhcpNameServer = 89.216.1.40 89.216.1.50
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GRA32A~1.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GR469A~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\boris\appdata\roaming\mozilla\firefox\profiles\tq1etcya.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-5-25 36000]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/04/21 20:02:53];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-3-13 87536]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-5-25 83392]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-13 22528]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2012-4-21 256512]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2012-4-21 398720]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
.
=============== Created Last 30 ================
.
2012-06-03 18:58:57 719872 ----a-w- c:\windows\system32\devil.dll
2012-06-03 18:58:57 70656 ----a-w- c:\windows\system32\i420vfw.dll
2012-06-03 18:58:57 369152 ----a-w- c:\windows\system32\avisynth.dll
2012-06-03 18:58:57 32256 ----a-w- c:\windows\system32\AVSredirect.dll
2012-06-03 18:58:54 -------- d-----w- c:\program files\AviSynth 2.5
2012-06-01 05:54:08 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{128c5d09-5c11-4bcd-9c37-a9b948d3d8df}\mpengine.dll
2012-05-28 08:58:45 -------- d-----w- c:\users\boris\appdata\roaming\uTorrent
2012-05-26 07:45:33 -------- d-----w- c:\users\boris\appdata\local\{CA9A95B7-ADD3-4408-BF0B-C39B3929AD8E}
2012-05-26 07:45:28 -------- d-----w- c:\users\boris\appdata\local\{45202387-D79B-4061-BF55-1204DA8D84A0}
2012-05-25 18:57:17 -------- d-----w- c:\users\boris\appdata\roaming\Avira
2012-05-25 18:51:44 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-25 18:51:44 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-05-25 18:51:40 -------- d-----w- c:\programdata\Avira
2012-05-25 18:51:40 -------- d-----w- c:\program files\Avira
2012-05-23 15:16:32 -------- d-----w- c:\users\boris\appdata\local\{BAF274C4-F8E6-4FA3-8826-06800FFD635F}
2012-05-23 15:16:29 -------- d-----w- c:\users\boris\appdata\local\{65D32298-0FCD-4FF0-A3C6-F41D0EB4AE2D}
2012-05-19 20:33:33 -------- d-----w- c:\users\boris\appdata\local\{8B1CAF35-E4A0-408D-BEF4-8682D6E3E470}
2012-05-19 20:33:30 -------- d-----w- c:\users\boris\appdata\local\{A80ECC70-3152-437B-A1F3-400D50E17C9D}
2012-05-19 05:57:54 -------- d-----w- c:\users\boris\appdata\local\{B6873037-E24E-4D08-B185-B07849A672EB}
2012-05-19 05:57:52 -------- d-----w- c:\users\boris\appdata\local\{E426A70B-C2B1-4B5B-B8E5-B5B138F39F19}
2012-05-16 10:32:30 -------- d-----w- c:\users\boris\appdata\local\{56F04E7D-DA06-4D7F-9CA5-BF318CAC2AA7}
2012-05-16 10:32:27 -------- d-----w- c:\users\boris\appdata\local\{2F1BF0D6-6007-4270-887B-02F341E26491}
2012-05-14 09:56:34 -------- d-----w- c:\users\boris\appdata\local\{63B3E7ED-FB29-45D4-88F1-F2961BE0C624}
2012-05-14 09:56:32 -------- d-----w- c:\users\boris\appdata\local\{7E437570-C481-4AB0-A14B-ACB9EA9B48E5}
2012-05-14 06:45:53 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-05-12 12:03:21 -------- d-----w- c:\users\boris\appdata\local\{4849CD94-6CC3-43C0-92D3-EDB18640C37B}
2012-05-12 12:03:19 -------- d-----w- c:\users\boris\appdata\local\{D7FC1E66-475E-4132-A775-6679B7FA6618}
2012-05-11 10:29:30 -------- d-----w- c:\users\boris\appdata\local\{BAC5D7B2-955D-4054-B95B-AFD758AC3131}
2012-05-11 10:29:28 -------- d-----w- c:\users\boris\appdata\local\{CA0EC607-81F5-4ECE-9227-1E4DA420EBC8}
2012-05-11 10:29:02 -------- d-----w- c:\users\boris\appdata\local\{E2C3EE90-2A95-4345-B492-B7EDF30A69E5}
2012-05-11 10:28:58 -------- d-----w- c:\users\boris\appdata\local\{CECA781E-867B-422B-BB72-FEA9331BEFCC}
2012-05-10 08:48:28 -------- d-----w- c:\users\boris\appdata\local\{342E2014-6C4F-4CA9-84FE-FE70E4D0D4D5}
2012-05-10 08:48:25 -------- d-----w- c:\users\boris\appdata\local\{EB763644-D427-45E2-9550-AE5CD6ABBF4D}
2012-05-09 05:05:16 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 05:05:11 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-05-09 05:05:10 989184 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-05-09 05:05:10 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-05-09 05:05:10 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-05-09 05:05:00 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 05:04:59 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-09 05:04:58 2342400 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 05:04:57 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 05:04:56 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-05-09 05:04:56 1074176 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 05:04:55 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-09 05:04:55 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-09 05:04:55 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-08 18:40:53 -------- d-----w- c:\users\boris\appdata\local\{2174536C-3407-4D0F-BBBC-C3FC552894C3}
2012-05-08 18:40:51 -------- d-----w- c:\users\boris\appdata\local\{8E4FE846-8457-447C-954A-A54660FF0E97}
.
==================== Find3M ====================
.
2012-06-04 20:22:24 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-04 20:22:24 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-04 19:00:47 16608 ----a-w- c:\windows\gdrv.sys
2012-04-21 19:48:13 801792 ----a-w- c:\windows\system32\FntCache.dll
2012-04-21 19:48:13 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-04-21 19:48:13 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-04-21 19:48:13 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-04-21 19:48:12 3181568 ----a-w- c:\windows\system32\mf.dll
2012-04-21 19:48:12 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-04-21 18:01:02 505128 ----a-w- c:\windows\system32\msvcp71.dll
2012-04-21 18:01:02 353576 ----a-w- c:\windows\system32\msvcr71.dll
2012-04-21 18:01:02 29480 ----a-w- c:\windows\system32\msxml3a.dll
2012-04-21 17:47:27 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-03-08 16:37:20 302448 ----a-w- c:\windows\WLXPGSS.SCR
2006-05-03 10:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 11:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 13:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll
2010-01-06 22:00:00 107520 --sha-r- c:\windows\system32\TAKDSDecoder.dll
.
============= FINISH: 23:10:19.76 ===============



Attach
https://www.mycity.rs/must-login.png

Dopuna: 04 Jun 2012 23:25

RootRepeal mi ne radi a kad pokrenem GMER resetuje komp ,tako da moze da mi obori sistem...

Dopuna: 04 Jun 2012 23:40

ROOTREPEAL CRASH REPORT
-------------------------
Windows Version: Windows Vista SP0
Exception Code: 0xc0000005
Exception Address: 0x00422bf2
Attempt to read from address: 0x00000004

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Pozdrav...

Možeš li napisati koji fajl Avira detektuje ili okačiti screenshot poruke o detekciji.

http://www.mycity.rs/Pitanja-i-predlozi/Pravljenje-screenshota.html



Arrow

Preuzmi Rootkit Unhooker na Desktop.

Dvoklikom pokreni program;

odaberi Report karticu;

klikni Scan i u prozoru koji se otvori štrikliraj stavke:

SSDT
Shadow SSDT
Processes
Drivers
Stealth Code
Files
Code Hooks

klikni OK i sačekaj završetak skeniranja.


Kada skeniranje bude završeno, klikni File > Save Report i sačuvaj izvještaj.

Izvještaj programa Rootkit Unhooker priloži uz poruku korišćenjem opcije Prikači fajl.

offline
  • boksi  Male
  • Ugledni građanin
  • Pridružio: 11 Jun 2008
  • Poruke: 472

Moram da napomenem da sam u medjuvremenu izbrisao Aviru i instalirao AVG ,skenirao komp i nisam nasao viruse,ipak evo izvestaja..


https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ne sjećam se da sam ti rekao da deinstaliraš Aviru i instaliraš AVG.
Moraš precizno pratiti moja uputstva.


Arrow Korak 1

Deinstaliraj AVG jer će ometati rad CF-a u drugom koraku. To obavezno uradi kroz Start -> Control Panel -> Programs and Features.



Arrow Korak 2

Preuzmi sUBs-ov ComboFix sa sljedeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati fajl, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:provjeriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izvještaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obilježeni tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izvještaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primjetiš da izvještaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje fajla C:\ComboFix.txt uz poruku.

offline
  • boksi  Male
  • Ugledni građanin
  • Pridružio: 11 Jun 2008
  • Poruke: 472

Napisano: 05 Jun 2012 6:23

Obrisao AVG ,skinuo combo on krene pa se iskljuci zasto?

Dopuna: 05 Jun 2012 10:29

Odrade dovde i to je sve...


offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow

Pokreni sistem u Safe Mode režimu i odatle pokušaj pokrenuti ComboFix.

http://www.mycity.rs/MyCity-Laboratorija/Kako-uci-u-Safe-Mode-2.html

offline
  • boksi  Male
  • Ugledni građanin
  • Pridružio: 11 Jun 2008
  • Poruke: 472

Napisano: 05 Jun 2012 13:56

Ne mogu da dobijem meni za safe mode pritiskam F8 ko lud on i dalje ucitava Windows ,tako nekoliko puta..

Dopuna: 05 Jun 2012 14:02

nema sanse ne moze

Dopuna: 05 Jun 2012 14:06

Jos da dodam od kad sam pokrenuo combo ne mogu da vidim slike na kompu i plus firefox zeza nesto..

evo kako mi pokazuje ikone slika



offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nisi mi postavio izvještaj ComboFix-a.

Prikači uz poruku C:\ComboFix.txt.

offline
  • boksi  Male
  • Ugledni građanin
  • Pridružio: 11 Jun 2008
  • Poruke: 472

Pa ne moze da odradi combo fix zato nema izvestaj

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow

Onda CF nije uzrok nemogućnosti problema koji imaš sa slikama. Koliko puta si pokušao ComboFix u normalnom režimu?

Preuzmi svježu kopiju CF-a sa sljedeće adrese na Desktop:

Bleeping Computer

Arrow

Ponovo ga pokušaj pokrenuti u normalnom režimu. Ukoliko ga ni onda ne uspiješ pokrenuti to je zbog infekcije koju vjerovatno imaš na sistemu i stoga moraš više puta pokušati pokrenuti ComboFix.

Ukoliko se ComboFix ne pokrene ni nakon dvadesetog pokušaja, napiši u poruci i sačekaj dalja uputstva.


Kada ga uspiješ pokrenuti:

u prozoru koji se otvori klikni "I Agree".
U toku rada, ComboFix će:provjeriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izvještaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obilježeni tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izvještaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primjetiš da izvještaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje fajla C:\ComboFix.txt uz poruku.

Ko je trenutno na forumu
 

Ukupno su 1129 korisnika na forumu :: 105 registrovanih, 11 sakrivenih i 1013 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: aboris, amaterSRB, armor, arzak, awathorn, banebeograd, Bobrock1, Boris90, branko7, brundo65, Bubimir, burevesnik, CallMeIshmael, cavatina, ccoogg123, chavaledeni, CrazySerb_MLD, dankisha, darkangel, davison20, DeerHunter, Dejan84, Denaya, Djokkinen, dok80, doklevise, DonRumataEstorski, Dostanic09, draganca, Ehinacea, esx66, FileFinder, Fog of War, Frunze, galijot, geo.dule, Georgius, gomago, goran.vvv, gorican, Griffon vulture, helen1, Insan, kairos, kaptain, Kriglord, krlebgd77, kybonacci, Leonov, LonelyWolf, Lord Nem, mean_machine, Mendonca, micke83, MIg, mikki jons, Milan A. Nikolic, mile23, misa1xx, misaru, Miskohd, mkukoleca, mnn2, Nemanja.M, nenooo, nikoladim, ninareflex, novator, opt1, Outis, pacika, panda1, panzerwaffe, Parker, Plava bluza, rajkoplje, raptorsi, Recce, RobinHood12, Romibrat, ruger357, Shinobi, slonic_tonic, Snorks, sovanova95, srbijaiznadsvega, stalja, Steeeefan, strn, Stuka76, theNedjeljko, vasa.93, virked, VJ, Vlad000, vlahale, Voja1978, vukdra, vukovi, wizzardone, Wrangler, x9, Zi0mek, zoranis, Čivi