new theart

[akram fattoum]

hello this report for scan help me please thanks

[Rene-gad]

Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore


- Execute following script in Manual Cure

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
 StopService('sysdrv32');
 QuarantineFile('C:\WINDOWS\system32\drivers\sysdrv32.sys','');
 DeleteFile('C:\WINDOWS\system32\drivers\sysdrv32.sys');
 DeleteService('sysdrv32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
BC_DeleteSvc('sysdrv32');
SetAVZPMStatus(True);
RebootWindows(true);
end.

After reboot execute following script in Manual Cure

Код:

begin
CreateQurantineArchive('C:\quarantine.zip');
end.

- Upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.
- Repeat a log file and attach a log to your new post..

Your system needs Service Pack 3 and patches immediatelly!!! Pls. do it after healing asap.

[akram fattoum]

thanks the new thread is

thanks

[Rene-gad]

Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore

You hadn't done it! Could you explain - why? I cannot.

- Execute following script in Manual Cure

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
 StopService('sysdrv32');
 QuarantineFile('C:\WINDOWS\system32\drivers\sysdrv32.sys','');
 DeleteFile('C:\WINDOWS\system32\drivers\sysdrv32.sys');
 DeleteService('sysdrv32');
 DeleteFileMask('C:\Program Files\Alexa Toolbar','*.*',true);
 DeleteDirectory('C:\Program Files\Alexa Toolbar');
 DelBHO('{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}');
 DelBHO('{EA582743-9076-4178-9AA6-7393FDF4D5CE}');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
BC_DeleteSvc('sysdrv32');
SetAVZPMStatus(True);
RebootWindows(true);
end.

After reboot execute following script in Manual Cure

Код:

begin
CreateQurantineArchive('C:\quarantine.zip');
end.

- Upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.Where is your Quarantine after the 1st script?
- Repeat a log file and attach a log to your new post..

Your system needs Service Pack 3 and patches immediatelly!!!I'm missing it.

[akram fattoum]

thanks



my new theard is the zip files


nb : the systeme d'ont reboot in the safe mode

[Rene-gad]

Either you'll read my messages and do what I said or I'll close the topic and ban you for systematically violations of the rules:
- system restore is not disabled
- service pack 3 is not installed
- you'd open just the 3rd thread for the same system.

the systeme d'ont reboot in the safe mode

Logs and scripts have to be done only in normal mode

[akram fattoum]

thank you not angry I disable the restoration system and I'm just tells you it is a File Type Description
C: \ PROGRA ~ 1 \ KASPER ~ 1 \ KASPER ~ 2 \ mzvkbd3.dll do not cancel service on a cd and I found another file please inform me thank you

Upload resultFile saved as 091117_105359_quarantine_4b025697b0160.zip
File size 609
MD5 2ebf8e007f2199bbe2440ef0adce4ac2

File uploaded, thank you!

[Rene-gad]

Execute the script

Код:

begin
 ClearQuarantine;
 QuarantineFile('C:\WINDOWS\system32\DRIVERS\avfsfilter.sys','');
 CreateQurantineArchive('C:\virus.zip');
end.

Upload C:\virus.zip: Link for uploading is here: http://virusinfo.info/upload_virus_eng.php?tid=60345

J:\Pokemon Red Studio\Install\BRODCAST\DSSAGENT.EXE

Do you know this program? If yes:
disable Kaspersky
Main Window of Kaspersky, Settings/THREATS AND EXCLUSIONS/SELECTING TRUSTED APPLICATIONS
add this program to the trusted applications

after that

main window of Kaspersky,
link Quarantine,
copy this file to the desktop and then move him to quarantine
with right mouse button choose a Sent file to analysis in context menu.

Enable Kaspersky monitor.