I have a virus that I am unable to remove
I have a virus that I am unable to remove
Download the latest version of AVPTool: http://ftp.kaspersky.com/devbuilds/AVPTool/ and repeat the automatic healing.
Close/unload all the programs excepted AVZ and Internet Explorer
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script
After reboot:Код:begin SearchRootkit(true, true); SetAVZGuardStatus(True); QuarantineFile('C:\Documents and Settings\Others\Start Menu\Programs\Startup\smss.lnk',''); QuarantineFile('C:\WINDOWS\system32\rzbjtd\smss.exe',''); QuarantineFile('s42e0.dll',''); DeleteFile('s42e0.dll'); DeleteFile('C:\WINDOWS\system32\s42e0.dll'); DeleteFile('C:\WINDOWS\system32\rzbjtd\smss.exe'); DeleteFile('C:\Documents and Settings\Others\Start Menu\Programs\Startup\smss.lnk'); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(true); end.
- Execute following script in Manual Healing
- Remove Bonjour: http://virusinfo.info/showthread.php?t=42263Код:begin CreateQurantineArchive('C:\quarantine.zip'); end.
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat a log file.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the C:\quarantine.zip here: http://virusinfo.info/upload_virus_eng.php?tid=43845
- Attach a new log to your new post..
thanks for your help. Everything seemed to work out perfectly. I have uploaded the requested file.
here is the file - I had trouble saving it correctly. Thanks in advance for all of your help
Bongofury
Последний раз редактировалось Rene-gad; 15.04.2009 в 18:50. Причина: wrong log file removed
For the last time:
1. Pls. upload the quarantine
2. Pls. make a log file avptool_syscheck.zip
I hope that I have successfully uploaded the file this time
We still have not received either your quarantine or your log file.
Последний раз редактировалось Rene-gad; 16.04.2009 в 10:07. Причина: added ;)
when running the manual cure the report comes up blank
Do you do it in this way: http://avptool.virusinfo.info/en/AVPTool_manual.htm ?
Yes I am using http://avptool.virusinfo.info/en/AVPTool_manual.htm ? , but the system information comes up blank
Добавлено через 47 минут
hopefully this time I have had success with uploading the zip file
Последний раз редактировалось bongofury; 20.04.2009 в 06:36. Причина: Добавлено
No, we did not get any quarantine from you. Try from different browser, for example: http://portableapps.com/apps/internet/firefox_portable
Download from my signature avz and make 2 logs according to rules:http://virusinfo.info/showthread.php?t=9184 ( don't need to update)
*Нажми и выполни, если хочешь чтобы помощь улучшилась и ускорилась
*MyFirefox Portable
special avz @ rapidshare.com
md5: 2091925798B7909E010E3F7E328C5F0D