Показано с 1 по 5 из 5.

Reinstall or cureable?

  1. #1
    Junior Member Репутация
    Регистрация
    24.02.2009
    Сообщений
    3
    Вес репутации
    29

    Reinstall or cureable?

    Hi!
    My computer is better after Norman VC discovered "Pobernah.DAM" in my Sys32 folder.Still,the Microsoft update page doesn't work(although automatic update does),I have to update pages to make them work properly,on loading pages Google loads in a separate window and I can't install SuperAntiSpyware or AntiMalware.For some reason I'm not allowed to send attachments.My account is activated.
    Sincerely
    Последний раз редактировалось Torkelse; 25.02.2009 в 15:32. Причина: Adding attachments

  2. #2
    Junior Member Репутация
    Регистрация
    24.02.2009
    Сообщений
    3
    Вес репутации
    29

    Maybe this will work

    And it did!
    Вложения Вложения

  3. #3
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,165
    Вес репутации
    967
    Did you make scan with cureit or avptool ? They should both know your trojans already.
    I think your case is cureable, you have a rootkit&trojan that block a lot of "anti" programs, because of this you are unable install programs, that you had mentioned in your post
    Ok, from theory to practice:
    First of all, please disable Norman and uninstall it completely trough add/remove programs and restart computer. ( Norman will not allow to us curing your system.)
    Then, be sure that you are disconnected from internet and execute this script:
    Код:
    begin
    SearchRootkit(true, true);
    SetAVZGuardStatus(True);
     QuarantineFile('D:\71b89ba60f582ce4f9af\update\update.exe','');  
     QuarantineFile('C:\WINDOWS\system32\UACbmnudovn.dll','');  
     QuarantineFile('C:\WINDOWS\system32\UACbnwxympp.dll','');  
     QuarantineFile('C:\WINDOWS\system32\UACejwmtklo.dll','');  
     QuarantineFile('C:\WINDOWS\system32\UACybwrrvkp.dll','');  
     QuarantineFile('\\?\globalroot\systemroot\system32\UACejwmtklo.dll',''); 
     QuarantineFile('C:\WINDOWS\system32\drivers\UACiwqvdlqm.sys',''); 
     QuarantineFile('C:\WINDOWS\system32\drivers\cis1284.sys','');
     DeleteFile('\\?\globalroot\systemroot\system32\UACejwmtklo.dll');
     DeleteFile('C:\WINDOWS\system32\drivers\UACiwqvdlqm.sys');
     DeleteFile('C:\WINDOWS\system32\UACbmnudovn.dll');
     DeleteFile('C:\WINDOWS\system32\UACbnwxympp.dll');
     DeleteFile('C:\WINDOWS\system32\UACejwmtklo.dll');
     DeleteFile('C:\WINDOWS\system32\UACybwrrvkp.dll');
    BC_ImportAll;
    ExecuteSysClean; 
     BC_DeleteSvc('UACiwqvdlqm');
    BC_Activate;
    ExecuteRepair(6);
    ExecuteRepair(8);
    ExecuteRepair(9);
    SetAVZPMStatus(true);
    RebootWindows(true);
    end.
    System will reboot.
    Please upload to us a quarantine(read Appendix#3 of the rules) by link http://virusinfo.info/upload_virus_eng.php?tid=40454
    Then download avptool( http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/ ) , cureit( ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe ) and scan all your system (not with both at same time
    After all, please make a fresh set of the logs in next post of this topic (like in your second post), we shall continue.
    Последний раз редактировалось drongo; 25.02.2009 в 17:51.

  4. #4
    Junior Member Репутация
    Регистрация
    24.02.2009
    Сообщений
    3
    Вес репутации
    29

    Posting

    Thank you so very,very much!Computer is working normally.
    I have sent virusfile and here is the rest.
    Вложения Вложения

  5. #5
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,165
    Вес репутации
    967
    I am glad to hear. File that you did upload to us is clean, it is from norman antivirus
    By the way, your antivirus- you should better install something more powerful I prefer kaspersky, but it is up to you.(in that case you can uninstall superuntispyware at all )
    Your hosts file is too big- it can cause downgrade of your internet connection speed.
    Logs don't show sign of virus infection, but they are showing tracks from norman antivirus and a lot of different on -line antivirus scanners (it could downgrade of your internet connection speed too)
    Try ccleaner- it is freeware cleaning good utility
    About system restore- you can enable it, but it doesn't help much, so consider use another program that will create image of system disk. For example: acronis.
    P.S. About thanks, you can click on "thanks " button in my posts and also http://virusinfo.info/showthread.php?t=28583 is very welcome
    Almost have forgotten, please execute this script in avz for removing avz driver and registry traces:
    Код:
    begin
    SetAVZPMStatus(false);
    ExecuteStdScr(6);
    RebootWindows(true); 
    end.
    Последний раз редактировалось drongo; 26.02.2009 в 14:40. Причина: Добавлено

Похожие темы

  1. Now I can't reinstall my Kaspersky internet security. please help
    От akram fattoum в разделе Malware Removal Service
    Ответов: 0
    Последнее сообщение: 12.09.2010, 09:46
  2. can't reinstall kav again
    От napoleonis в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 03.04.2010, 20:11
  3. can't reinstall app
    От napoleonis в разделе Malware Removal Service
    Ответов: 2
    Последнее сообщение: 22.12.2009, 07:27

Свернуть/Развернуть Ваши права в разделе

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •  
Page generated in 0.01356 seconds with 20 queries