Показано с 1 по 2 из 2.

registry editor, task manager disabled, tools folder option missing, presence of mark.worm.exe and antivirus.exe in start menu

  1. #1
    Junior Member Репутация
    Регистрация
    13.02.2009
    Сообщений
    1
    Вес репутации
    29

    registry editor, task manager disabled, tools folder option missing, presence of mark.worm.exe and antivirus.exe in start menu

    please help me. the virus is creating unwanted folders in my PC. I cannot use my tools folder option to verify the contents of the hidden files. i cannot use my registry editor, i cannot open task manager because they are disabled by the administrator. there are updates in my d drive which look like windows update but actually they are virus. i deleted them but i am not sure as of now if these will come back after i restart the computer.
    there are antivirus.exe and mark.worm.exe in my directory. if i have anew antivirus and i click the close icon, the message is this program will be removed and uninstalled, do you want to continue??

    thanks in advance for your help.


    gemma
    Вложения Вложения

  2. #2
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,165
    Вес репутации
    967
    Please download in my signature special avz, put it in new folder on desktop.
    Please execute this script in avzhttp://virusinfo.info/showthread.php?t=9207)
    (Do remember before execution scripts to exit antivirus and disconnect from internet, disable System Restore )

    Код:
    begin
    SearchRootkit(true, true);
    SetAVZGuardStatus(True);
     QuarantineFile('F:\Mark.W0rm.exe','');
     QuarantineFile('F:\autorun.inf','');
     QuarantineFile('C:\DCIM.exe','');
     QuarantineFile('C:\autorun.inf','');
     DelBHO('{A057A204-BACC-4D26-9990-79A187E2698E}');
     DelBHO('{8b43f452-9bd2-5204-4268-975584d454f9}');
     QuarantineFile('C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2008 DVD\EDICT.EXE','');
     QuarantineFile('C:\Documents and Settings\gemma\Start Menu\Programs\Startup\yyy.exe','');
     QuarantineFile('C:\Documents and Settings\gemma\Start Menu\Programs\Startup\ppp.exe','');
     QuarantineFile('C:\Documents and Settings\gemma\Start Menu\Programs\Startup\Mark.W0rm.exe','');
     QuarantineFile('C:\Documents and Settings\gemma\Local Settings\Mark.W0rm.exe','');
     QuarantineFile('C:\WINDOWS\system32\DRIVERS\xaudio.sys','');
     QuarantineFile('C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys','');
     QuarantineFile('C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys','');
     TerminateProcessByName('c:\documents and settings\gemma\start menu\programs\startup\ppp.exe');
     QuarantineFile('c:\documents and settings\gemma\start menu\programs\startup\ppp.exe','');
     DeleteFile('c:\documents and settings\gemma\start menu\programs\startup\ppp.exe');
     DeleteFile('C:\Documents and Settings\gemma\Local Settings\Mark.W0rm.exe');
     DeleteFile('C:\Documents and Settings\gemma\Start Menu\Programs\Startup\Mark.W0rm.exe');
     DeleteFile('C:\Documents and Settings\gemma\Start Menu\Programs\Startup\ppp.exe');
     DeleteFile('C:\Documents and Settings\gemma\Start Menu\Programs\Startup\yyy.exe');
     DeleteFile('C:\autorun.inf');
     DeleteFile('C:\DCIM.exe');
     DeleteFile('F:\autorun.inf');
     DeleteFile('F:\Mark.W0rm.exe');
    BC_ImportAll;
    ExecuteSysClean;
    BC_Activate;
    ExecuteRepair(6);
    ExecuteRepair(8);
    ExecuteRepair(9);
    ExecuteRepair(2);
    ExecuteRepair(11);
    ExecuteRepair(17);
    RebootWindows(true);
    end.
    Please upload the quarantine according to appendix 3 of rules(http://virusinfo.info/showthread.php?t=9184) , by link http://virusinfo.info/upload_virus_eng.php?tid=39679
    After that make a set of logs according to rules: http://virusinfo.info/showthread.php?t=9184

Похожие темы

  1. Task Manager have been disabled
    От ytzik в разделе Помогите!
    Ответов: 6
    Последнее сообщение: 21.02.2012, 00:29
  2. virus causing file folders missing, regedit and task manager disabled
    От ramirez_44 в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 22.07.2010, 10:55
  3. Ответов: 8
    Последнее сообщение: 01.06.2010, 07:56
  4. registry and task manager
    От kagiri в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 14.10.2009, 07:07
  5. Task Manager & Registry Editor Disabled
    От ask в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 14.02.2009, 21:14

Свернуть/Развернуть Ваши права в разделе

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •  
Page generated in 0.01564 seconds with 20 queries