proces pod nazivom System zauzima 99 % CPU

1

proces pod nazivom System zauzima 99 % CPU

offline
  • Pridružio: 01 Jun 2012
  • Poruke: 5

Proces pod nazivom system zauzima 99 % CPU i sve mi je maksimalno usporeno. Nemam anti virus.



DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by Marko at 16:43:47 on 2012-06-01
Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.512.151 [GMT 2:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Marko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Documents and Settings\Marko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Marko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\marko\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{43435BE5-4420-4503-ADED-4A681AC7D0BF} : DhcpNameServer = 8.8.8.8 8.8.4.4
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-04-17 15:57:26 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-17 15:57:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-11 13:12:06 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:10:58 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 12:35:52 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 16:49:43,42 ===============


mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U toku rješavanja slučaja, zamolio bih te da se pridržavaš sledećeg:
Detaljno čitati moja uputstva ( ili uputstva kolega koji će me zamjenjivati) i raditi isključivo po njima;
Ne tražiti istovremeno pomoć na drugom mjestu;
Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budeš dobio uputstvo;
U toku intervencije ne koristiti USB memorijske uređaje, dok to ne budem zatražio;
Ukoliko ne odgovorim u roku od 48h, osvježi temu novim post-om;
Ukoliko se ne javiš u roku od 5 dana, zatvorićemo slučaj.

Za više informacija o pravilima Ambulante MyCity foruma: LINK



Arrow

Preuzmi aswMBR i sačuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobiješ sljedeću poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme
No

Pod AV Scan: sa QuickScan prebaci na (none) baš kao na slici.


Klikni na Scan.

Kada završi skeniranje ( Scan finished successfully ) klikni Save log.
Sačuvaj aswMBR log na Desktop.
Sadržaj tog loga iskopiraj u temi.

offline
  • Pridružio: 01 Jun 2012
  • Poruke: 5

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-02 19:55:55
-----------------------------
19:55:55.765 OS Version: Windows 5.1.2600 Service Pack 3
19:55:55.765 Number of processors: 1 586 0x800
19:55:55.765 ComputerName: COMPUTER_1 UserName: Marko
19:56:14.500 Initialize success
19:58:01.406 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:58:01.406 Disk 0 Vendor: WDC_WD1600JB-00GVA0 08.02D08 Size: 152627MB BusType: 3
19:58:01.421 Disk 0 MBR read successfully
19:58:01.421 Disk 0 MBR scan
19:58:01.421 Disk 0 Windows XP default MBR code
19:58:01.421 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 19610 MB offset 63
19:58:01.421 Disk 0 Partition - 00 0F Extended LBA 133014 MB offset 40162500
19:58:01.437 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 133006 MB offset 40162563
19:58:01.453 Disk 0 scanning sectors +312576705
19:58:01.500 Disk 0 malicious Win32:MBRoot code @ sector 312576708 !
19:58:01.500 Disk 0 PE file @ sector 312576730 !
19:58:01.562 Disk 0 scanning C:\WINDOWS\system32\drivers
19:58:10.937 Service scanning
19:58:28.328 Modules scanning
19:58:55.562 Disk 0 trace - called modules:
19:58:55.562 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys
19:58:55.578 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82366ab8]
19:58:55.578 3 CLASSPNP.SYS[f8595fd7] -> nt!IofCallDriver -> \Device\00000059[0x82391f18]
19:58:55.578 5 ACPI.sys[f84ec620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82368940]
19:58:55.578 Scan finished successfully
19:59:01.359 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Marko\Desktop\MBR.dat"
19:59:01.359 The log file has been saved successfully to "C:\Documents and Settings\Marko\Desktop\aswMBR.txt"

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Ponovo pokreni aswMBR.
Klikni na Scan.
Kada zavrsi skeniranje, Klikni na Fix.
Kada zavrsi popravku (Fix), izaberi Save Log i sacuvaj log na desktop.
Potrebno je restartovati racunar.
Kopiraj sadrzaj aswMBR loga nazad u temu.




Arrow Korak 2

Postavi mi novi DDS izvještaj.

offline
  • Pridružio: 01 Jun 2012
  • Poruke: 5

Mogu da kliknem samo na FixMBR

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nema Fix?! Ne klikaj na FixMBR i zatvori aswMBR. Isprati sljedeće korake:

Arrow

Preuzmi sUBs-ov ComboFix sa sljedeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati fajl, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:provjeriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izvještaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obilježeni tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izvještaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primjetiš da izvještaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje fajla C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 01 Jun 2012
  • Poruke: 5

ComboFix 12-06-02.02 - Marko 02.06.2012 21:01:49.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.512.349 [GMT 2:00]
Running from: c:\documents and settings\Marko\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\AutoRun.inf
.
.
((((((((((((((((((((((((( Files Created from 2012-05-02 to 2012-06-02 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-17 15:57 . 2012-04-17 15:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-17 15:57 . 2012-04-17 15:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-11 13:12 . 2008-11-27 04:45 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:10 . 2008-11-27 04:45 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 12:35 . 2008-04-14 00:01 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-01-21 296056]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-06-15 13:02 15141768 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\Games\\CS 1.6 v42 FULL\\hl.exe"=
"c:\\Program Files\\CityVilleBot\\CVBot.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
.
S2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\Drivers\ousbehci.sys [2005-07-15 45696]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\DRIVERS\ousb2hub.sys [2005-07-15 56960]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-515967899-1177238915-1003Core1cd06a3f41aadfc.job
- c:\documents and settings\Marko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-04-22 19:36]
.
2011-05-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-515967899-1177238915-1003UA.job
- c:\documents and settings\Marko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-04-22 19:36]
.
2012-05-22 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-515967899-1177238915-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 15:02]
.
2012-05-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-515967899-1177238915-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 15:02]
.
2011-06-25 c:\windows\Tasks\User_Feed_Synchronization-{AF4678D5-5F64-473C-B8A2-AFE90D174049}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
FF - ProfilePath -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2012-06-02 21:48
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-06-02 21:56:01
ComboFix-quarantined-files.txt 2012-06-02 19:55
.
Pre-Run: 11.473.850.368 bytes free
Post-Run: 11.446.546.432 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - CCD6792FFB33A29AFA0CB4194B06D239

Imao sam jedan problem, prikacio sam sliku.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Da uradimo još jednu provjeru da budemo načisto sigurni.

Arrow

Preuzmi AVZ Antiviral Toolkit sa sljedećeg linka :

http://devbuilds.kaspersky-labs.com/devbuilds/AVZ/avz4.zip


Raspakuj arhivu u neki folder (uputstvo), a zatim:
pokreni AVZ (dvoklikom na ikonicu);

u meniju izaberi File > Standard Scripts;

u prozoru koji se otvori štrikliraj opciju 2 i klikni Execute Selected Scripts;

klikni Yes;

po završetku skeniranja dobićeš obavještenje: Script Executed;

izađi iz programa.


Uploaduj fajl virusinfo_syscheck.zip koji se nalazi u avz\log folderu na forum (koristi opciju Prikači fajl).

offline
  • Pridružio: 01 Jun 2012
  • Poruke: 5

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U postavljenim izvještajima nema tragova aktivne infeckije. Međutim, potrebno je još da uradiš sljedeće korake:


Arrow Korak 1

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti i 7 koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sljedeće:

ComboFix /Uninstall

Primjeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.



Arrow Korak 2

Potrebno je deinstalirati AVZ Antiviral Toolkit.
Pokreni AVZ (dvoklikom na ikonicu);

U meniju izaberi File>Standard Scripts;

U prozoru koji se otvori štrikliraj opciju 6 i klikni na Execute Selected Scripts;

Klikni Yes;

Po završetku postupka dobićeš obavještenje: Script Executed;

Izađi iz programa i obriši folder gdje je program raspakovan.




Arrow Korak 3

Isključen ti je firewall i potrebno ga je uključiti.
Idi u Start -> Control Panel -> Windows Firewall, označi On i klikni na OK.



Arrow Korak 4

Nemaš instaliran AV program. Izaberi jedan po tvom izboru i instaliraj ga.
Ukoliko nemaš novaca ili ne želiš da ga izdvojiš za neki komercijalni AV program, na raspolaganju ti se nalaze kvalitetni besplatni AV programi poput Avast Free, AVG Free, Avira Free, Microsoft Security Essentials, Panda Cloud AV, itd.
Nemoj koristiti piratske verzije AV programa!!!



Idea

Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield.
Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.


Home Page MCShield-a: http://amf.mycity.rs/mcshield/

Više o MCShield-u možeš saznati u ovoj temi: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html

Facebook stranica MCShield-a: http://www.facebook.com/MCShield



Exclamation

Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.



Otvori temu u Windows potforumu i tamo iznesi svoj problem.

Pozdrav.

Ko je trenutno na forumu
 

Ukupno su 518 korisnika na forumu :: 26 registrovanih, 1 sakriven i 491 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Arsenije, burevesnik, Drug pukovnik, hatman, havoc995, Jovan Nenad, Konda, ladro, Lazarus, maiden6657, MB120mm, miodrag, Ne doznajem se u oružje, nenad_l, Njemac, Parker, Petar35, proka89, RiV, shaja1, vladom6, Vlajman1957, zlatkoa987, zziko, 125