Win32.Vitro kako da ga se reshim ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 09-09-16.02 - NEO 17.09.2009 8:53.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.389.1033.18.1023.672 [GMT 4,5:30]
Running from: c:\documents and settings\NEO\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 090916-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-08-17 to 2009-09-17 )))))))))))))))))))))))))))))))
.

2009-09-16 11:56 . 2009-09-16 11:56 -------- d-sh--w- c:\documents and settings\NEO\PrivacIE
2009-09-16 09:38 . 2009-09-16 09:38 -------- d-----w- c:\program files\BORGChat
2009-09-16 09:17 . 2009-09-16 09:38 -------- d-----w- c:\program files\NetChat
2009-09-16 09:11 . 2009-09-16 09:11 0 ----a-w- c:\documents and settings\NEO\settings.dat
2009-09-16 09:10 . 2009-09-16 09:10 -------- d-----w- c:\documents and settings\NEO\Application Data\Malwarebytes
2009-09-16 09:10 . 2009-09-10 10:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-16 09:10 . 2009-09-16 09:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-16 09:10 . 2009-09-10 10:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-16 09:10 . 2009-09-16 09:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-14 10:23 . 2009-09-14 10:24 -------- d-----w- c:\windows\system32\NtmsData
2009-09-14 05:52 . 2009-09-14 05:52 -------- d-----w- c:\program files\Common Files\AntiGA 2.0 Addon Tools
2009-09-14 05:28 . 2009-09-14 05:28 -------- d-sh--w- c:\documents and settings\NEO\IETldCache
2009-09-14 04:58 . 2009-08-07 08:48 100352 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-09-14 04:58 . 2009-09-14 12:34 -------- d-----w- c:\windows\ie8updates
2009-09-14 04:57 . 2009-07-03 17:09 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-09-14 04:57 . 2009-07-03 17:09 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-09-14 04:55 . 2009-09-14 04:57 -------- dc-h--w- c:\windows\ie8
2009-09-14 04:38 . 2009-09-14 05:27 -------- d-----w- c:\windows\SxsCaPendDel
2009-09-14 04:19 . 2009-09-14 04:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-09-12 11:09 . 2009-09-12 11:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
2009-09-12 07:32 . 2009-09-15 12:48 -------- d-----w- c:\documents and settings\NEO\Contacts
2009-09-12 06:50 . 2009-09-12 06:57 -------- d-----w- C:\INSTALLDIR
2009-09-12 06:02 . 2005-12-16 15:48 65 ----a-w- C:\LiveXP.bat
2009-09-12 06:00 . 2009-09-12 06:01 -------- d-----w- C:\winxp_ws USB LIVE
2009-09-12 05:38 . 2009-09-12 05:38 -------- d-----w- c:\documents and settings\NEO\Application Data\Media Player Classic
2009-09-12 05:37 . 2003-06-25 11:35 266360 ----a-w- c:\windows\system32\TweakUI.exe
2009-09-11 13:23 . 2009-03-10 17:48 453512 ----a-w- c:\windows\system32\KB905474\wgasetup.exe
2009-09-11 13:23 . 2009-09-14 05:43 -------- d-----w- c:\windows\system32\KB905474
2009-09-11 12:17 . 2009-09-11 12:17 -------- d-----w- C:\DISNEY
2009-09-11 12:00 . 2009-09-11 12:00 126 ----a-w- c:\documents and settings\NEO\Local Settings\Application Data\fusioncache.dat
2009-09-11 12:00 . 2009-09-11 13:22 -------- d-----w- c:\documents and settings\NEO\Local Settings\Application Data\ApplicationHistory
2009-09-09 13:42 . 2008-04-14 03:42 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-09-09 13:39 . 2009-09-09 13:39 -------- d-----w- c:\program files\MSXML 4.0
2009-09-03 12:52 . 2006-10-26 15:26 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-09-03 12:42 . 2009-09-03 12:42 -------- d-----w- c:\program files\Microsoft Works
2009-09-03 12:37 . 2009-09-03 12:37 -------- d-----w- c:\program files\Microsoft.NET
2009-09-03 12:34 . 2009-09-03 12:34 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-09-03 12:31 . 2009-09-03 12:40 -------- d-----w- c:\windows\SHELLNEW
2009-09-03 12:29 . 2009-09-03 12:29 -------- d-----r- C:\MSOCache
2009-09-03 12:11 . 2009-09-03 12:11 -------- d--h--w- c:\windows\PIF
2009-09-03 09:27 . 2009-09-03 09:27 -------- d-----w- c:\windows\Sun
2009-09-03 07:32 . 2009-09-03 07:32 -------- d-----w- c:\program files\MSECache
2009-09-03 06:13 . 2009-09-03 06:13 -------- d-----w- c:\documents and settings\NEO\Application Data\FastStone
2009-09-03 06:12 . 2009-09-03 06:12 -------- d-----w- c:\program files\FastStone Image Viewer
2009-09-03 04:53 . 2009-08-17 16:04 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-09-03 04:53 . 2009-08-17 16:04 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-09-03 04:53 . 2009-08-17 16:03 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-09-03 04:53 . 2009-08-17 16:02 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-03 04:53 . 2009-08-17 16:05 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-03 04:53 . 2009-08-17 16:05 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-09-03 04:53 . 2009-08-17 16:06 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-09-03 04:53 . 2009-08-17 16:06 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-09-03 04:53 . 2009-08-17 16:10 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-03 04:52 . 2009-09-03 04:52 -------- d-----w- c:\program files\Alwil Software
2009-09-03 04:50 . 2009-09-03 04:50 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2009-09-03 04:50 . 2009-09-03 04:50 -------- d-----w- c:\program files\IObit
2009-09-02 10:55 . 2009-09-02 10:55 -------- d-----w- c:\program files\FastStone Screen Capture
2009-09-02 09:38 . 2009-09-16 12:05 -------- d-----w- c:\program files\Everything
2009-09-02 07:24 . 2009-09-11 04:41 11661344 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-09-01 18:19 . 2009-09-01 18:19 0 ----a-w- c:\windows\nsreg.dat
2009-09-01 18:19 . 2009-09-01 18:19 -------- d-----w- c:\documents and settings\NEO\Local Settings\Application Data\Mozilla
2009-09-01 18:15 . 2009-09-01 18:15 -------- d-----w- c:\windows\system32\Adobe
2009-09-01 18:13 . 2009-09-01 11:01 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-01 18:13 . 2003-08-05 06:14 77056 ----a-r- c:\windows\system32\drivers\viasraid.sys
2009-09-01 18:13 . 2009-09-01 18:13 -------- d-----w- c:\program files\VIA
2009-09-01 18:13 . 2009-09-01 10:59 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-01 18:12 . 2002-10-29 06:20 40960 ----a-r- c:\windows\system32\drivers\fetnd5b.sys
2009-09-01 18:12 . 2002-09-12 09:29 6016 ----a-r- c:\windows\system32\ntsim.sys
2009-09-01 18:12 . 2003-07-02 00:12 27904 ----a-w- c:\windows\system32\drivers\VIAAGP1.SYS
2009-09-01 18:11 . 2009-09-01 18:11 -------- d-----w- c:\documents and settings\NEO\WINDOWS
2009-09-01 18:08 . 2009-09-01 18:08 -------- d-----w- c:\program files\Lavalys
2009-09-01 18:00 . 2008-04-14 03:42 7680 -c--a-w- c:\windows\system32\dllcache\migregdb.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-16 10:10 . 2009-09-01 10:15 -------- d-----w- c:\program files\MSN Messenger
2009-09-14 05:16 . 2009-09-01 09:47 98384 ----a-w- c:\documents and settings\NEO\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-11 04:41 . 2009-09-02 07:24 139820 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-09-09 04:59 . 2009-09-01 10:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-09-03 12:41 . 2009-09-01 09:29 -------- d-----w- c:\program files\MSBuild
2009-09-02 09:19 . 2009-09-01 10:29 -------- d-----w- c:\documents and settings\NEO\Application Data\DAEMON Tools Lite
2009-09-02 07:23 . 2009-09-01 11:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Doctor Web
2009-09-02 07:22 . 2009-09-01 11:41 -------- d-----w- c:\program files\DrWeb
2009-09-01 18:10 . 2009-09-01 18:10 -------- d-----w- c:\program files\VIA Technologies, Inc
2009-09-01 17:59 . 2009-09-01 17:59 -------- d-----w- c:\program files\microsoft frontpage
2009-09-01 17:54 . 2009-09-01 17:54 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-01 17:53 . 2009-09-01 17:53 -------- d-----w- c:\program files\Windows Media Connect 2
2009-09-01 11:55 . 2009-09-01 10:04 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-01 11:27 . 2009-09-01 11:23 -------- d-----w- c:\program files\AutoCAD R14
2009-09-01 11:14 . 2009-09-01 11:14 -------- d-----w- c:\program files\Ask Search Assistant
2009-09-01 11:14 . 2009-09-01 11:14 -------- d-----w- c:\program files\Messenger Plus! Live
2009-09-01 11:14 . 2009-09-01 11:14 -------- d-----w- c:\program files\Windows Live
2009-09-01 11:09 . 2009-09-01 11:09 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-09-01 11:09 . 2009-09-01 11:09 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-09-01 11:09 . 2009-09-01 11:09 -------- d-----w- c:\documents and settings\NEO\Application Data\TuneUp Software
2009-09-01 11:08 . 2009-09-01 11:07 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-09-01 11:07 . 2009-09-01 11:07 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-09-01 11:07 . 2009-09-01 11:07 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-01 11:07 . 2009-09-01 10:44 -------- d-----w- c:\documents and settings\NEO\Application Data\Ahead
2009-09-01 11:02 . 2009-09-01 11:02 -------- d-----w- c:\documents and settings\NEO\Application Data\Corel
2009-09-01 11:00 . 2009-09-01 11:00 -------- d-----w- c:\program files\Common Files\Corel
2009-09-01 10:59 . 2009-09-01 10:59 -------- d-----w- c:\program files\Corel
2009-09-01 10:44 . 2009-09-01 10:41 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-09-01 10:43 . 2009-09-01 10:40 -------- d-----w- c:\program files\Common Files\Ahead
2009-09-01 10:41 . 2009-09-01 10:41 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-09-01 10:41 . 2009-09-01 10:41 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-09-01 10:40 . 2009-09-01 10:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-09-01 10:40 . 2009-09-01 10:40 -------- d-----w- c:\program files\Nero
2009-09-01 10:29 . 2009-09-01 10:29 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-01 10:05 . 2009-09-01 09:53 -------- d-----w- c:\documents and settings\NEO\Application Data\Skype
2009-09-01 10:01 . 2009-09-01 10:00 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-09-01 09:55 . 2009-09-01 09:55 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-09-01 09:55 . 2009-09-01 09:55 -------- d-----w- c:\documents and settings\NEO\Application Data\skypePM
2009-09-01 09:51 . 2009-09-01 09:51 -------- d-----w- c:\program files\Skype
2009-09-01 09:51 . 2009-09-01 09:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-09-01 09:51 . 2009-09-01 09:51 -------- d-----w- c:\program files\Common Files\Skype
2009-09-01 09:50 . 2009-09-01 09:50 -------- d-----w- c:\program files\7-Zip
2009-09-01 09:46 . 2009-09-01 09:46 -------- d-----w- c:\documents and settings\NEO\Application Data\ATI
2009-09-01 09:41 . 2009-09-01 09:40 -------- d-----w- c:\program files\ATI Technologies
2009-09-01 09:39 . 2009-09-01 09:38 -------- d-----w- c:\program files\Canon
2009-09-01 09:29 . 2009-09-01 09:29 -------- d-----w- c:\program files\Reference Assemblies
2009-09-01 09:28 . 2009-09-01 09:28 -------- d-----w- c:\program files\CCleaner
2009-09-01 09:20 . 2009-09-01 09:21 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-01 09:20 . 2009-09-01 09:20 -------- d-----w- c:\program files\Java
2009-08-05 09:01 . 2008-04-14 03:42 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:37 . 2008-04-14 03:42 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2008-04-14 03:41 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-21 06:52 . 2009-07-21 06:52 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-21 06:52 . 2009-07-21 06:52 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-17 19:01 . 2008-04-14 03:41 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 19:13 . 2009-04-27 08:52 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 17:09 . 2009-04-27 08:55 915456 ----a-w- c:\windows\system32\wininet.dll
.

------- Sigcheck -------

[-] 2009-04-27 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Everything"="c:\program files\Everything\Everything.exe" [2009-03-13 602624]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2009-09-02 1216272]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]

c:\documents and settings\NEO\Start Menu\Programs\Startup\
BORGChat.lnk - c:\program files\BORGChat\BORGChat.exe [2007-4-1 1041920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\BORGChat\\BORGChat.exe"=

R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [01.09.2009 22:43 77056]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [03.09.2009 09:23 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [03.09.2009 09:23 20560]
R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [03.09.2009 09:20 305936]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [01.09.2009 15:39 603904]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16.09.2009 13:40 38224]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-17 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 17:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.plusnetwork.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\NEO\Application Data\Mozilla\Firefox\Profiles\gw5vk63c.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - component: c:\documents and settings\NEO\Application Data\Mozilla\Firefox\Profiles\gw5vk63c.default\extensions\{1a36a50b-4575-4ab6-ae15-a9bbbad6952f}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\NEO\Application Data\Mozilla\Firefox\Profiles\gw5vk63c.default\extensions\lazarus@interclue.com\platform\WINNT_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-17 08:57
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(656)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3884)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Completion time: 2009-09-17 8:59
ComboFix-quarantined-files.txt 2009-09-17 04:28

Pre-Run: 20.284.104.704 bytes free
Post-Run: 20.349.788.160 bytes free

233 --- E O F --- 2009-09-14 12:35




Evo izveshtaja.

btw

Imam tu jos 3 PC ja koji su na istoj mrezi, ali kod njih nidam nashao ovaj virus. Jeli moguche da se ne shiri preko mreze ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nema na ovoj masini aktivnog malwera, problem su te druge particije.

Preuzmi Dr.Web CureIt (~13 MB).
Restartuj kompjuter u Safe Mode (uputstvo za Safe Mode)

Dvoklikom pokreni launch.exe, nakon čega će se pojaviti uvodni prozor - klikni Start

Pojaviće se obaveštenje o započinjanju uvodnog skeniranja - klikni OK

Sačekaj nekoliko minuta da Dr.Web CureIt izvrši Express Scan; ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju

Klikni Options > Change settings F9; u prozoru koji će se otvoriti, dečekiraj opciju Heuristic Analysis a zatim klikni OK

U glavnom prozoru obeleži opciju Complete scan a zatim klikni i Dr.Web CureIt će započeti skeniranje

Ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju

Kada skeniranje bude završeno, klikni Select all taster (ukoliko je dostupan), a zatim klikni Cure i,
u meniju koji se otvori, klikni Move incurable:


Po završetku procesa, klikni File > Save report list i sačuvaj log na Desktopu

Iskopiraj sadržaj Dr.Web CureIt loga u temu na forumu.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 18 Sep 2009 9:31

Skenirao sam sa Stingerom i sa Malwerbites, nisu nashli nista.

Sad chu sa Dr. Web, u safe mode, pa chu da ti postavim log.




Sorry sto kasnim, tu se deshava PIVOLEND )))

Dopuna: 18 Sep 2009 10:11

Skenira (na drugom, zarazenom PC ju)

Dr.Web je do sad prinashao da je combofix "probably a virus" ))