Hello,
I would appreciate very much if you could help me...
I have this virus on my computer for sure and maybe some more...
Please take a look at my log file and send me a script if possible...
Thanks in advance!!!
Hello,
I would appreciate very much if you could help me...
I have this virus on my computer for sure and maybe some more...
Please take a look at my log file and send me a script if possible...
Thanks in advance!!!
Close/unload all the programs excepted AVZ and Internet Explorer
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script
After reboot:Код:begin SearchRootkit(true, true); SetAVZGuardStatus(True); StopService('e30f8b9e'); QuarantineFile('C:\WINDOWS\System32\drivers\e30f8b9e.sys',''); DeleteFile('C:\WINDOWS\System32\drivers\e30f8b9e.sys'); BC_ImportAll; ExecuteSysClean; BC_DeleteSvc('e30f8b9e'); BC_Activate; RebootWindows(true); end.
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat 3 log files in accordance with the rules.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the quarantine in accordance with Appx. 3 of the rules.
- Attach 3 logs to your new post..
Thanks for your quick reply!!!
I executed the script,it deleted e30f8b9e.sys,but seems there is problem again...Antivirus is still founding that Trojan.Win32.Patched.cx
I am attaching new log file,please take a look at it...
- Repeat 3 log files in accordance with the rules. - just read?
Maybe I am clean now,I started DrWeb-CureIt and it disinfected 6 files and restored them from WindowsXP CD...so it appears I am clean now...but my Kaspersky icon in system tray is still greyed and I can not enable protection...
I am sending 3 logfiles that you requested,so please check it...
Thanks!
you should uninstall avptool.
*Нажми и выполни, если хочешь чтобы помощь улучшилась и ускорилась
*MyFirefox Portable
special avz @ rapidshare.com
md5: 2091925798B7909E010E3F7E328C5F0D