Вложение 235912
Вложение 235913
Computer is so slow it is impossible to work with, DON'T KNOW much about virus, please help. Thank you
Вложение 235912
Вложение 235913
Computer is so slow it is impossible to work with, DON'T KNOW much about virus, please help. Thank you
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- Execute following script in Manual disinfection
After reboot execute following script in Manual disinfectionКод:begin SearchRootkit(true, true); SetAVZGuardStatus(True); ClearQuarantine; DelBHO('{E7F15AC4-E0A9-43F0-921B-70DFEA621220}'); QuarantineFile('C:\WINDOWS\system32\796525\796525.dll',''); DelBHO('{65768B48-B004-4B26-9BAC-A3BAC39643D1}'); DelBHO('{5E5EFA8F-9F53-418E-B78E-44866667A404}'); QuarantineFile('C:\WINDOWS\system32\199638\199638.dll',''); QuarantineFile('C:\WINDOWS\system32\218538\218538.dll',''); DelBHO('{ABD45510-9B22-41cd-9ACD-8182A2DA7C63}'); DelBHO('{ABD42510-9B22-41cd-9DCD-8182A2D07C63}'); QuarantineFile('C:\WINDOWS\system32\iehelper.dll',''); QuarantineFile('C:\WINDOWS\system32\ntos.exe',''); QuarantineFile('C:\WINDOWS\system32\sdra64.exe',''); QuarantineFile('C:\Documents and Settings\Default User\Application Data\ntos.exe',''); QuarantineFile('C:\Documents and Settings\Administrator\Application Data\sdra64.exe',''); DeleteFile('C:\Documents and Settings\Administrator\Application Data\sdra64.exe'); DeleteFile('C:\Documents and Settings\Default User\Application Data\ntos.exe'); DeleteFile('C:\WINDOWS\system32\sdra64.exe'); DeleteFile('C:\WINDOWS\system32\ntos.exe'); DeleteFile('C:\WINDOWS\system32\iehelper.dll'); DeleteFile('C:\WINDOWS\system32\218538\218538.dll'); DeleteFile('C:\WINDOWS\system32\199638\199638.dll'); DeleteFile('C:\WINDOWS\system32\796525\796525.dll'); BC_ImportAll; ExecuteSysClean; BC_Activate; SetAVZPMStatus(True); RebootWindows(true); end.
and upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.Код:begin CreateQurantineArchive('C:\quarantine.zip'); end.
- Remove Bonjour if you don't use it.
- Repeat a log file of AVPTool.
- Make a log file with Hijackthis ( Analysis, p.3 for further informations).
- Attach both logs to your new post..
After all steps were finished, computer still too slow, imposssible to work with, what else can we do to try to solve this problem...? PLEASE!
thank you very much...
???Сообщение от Rene-gad
Thanks...
Are there your's servers in the hosts-file?91.212.65.122 browser-security.microsoft.com
91.212.65.122 antiwareprotect.com
91.212.65.122 www.antiwаrеprоtect.cоm
-Fix with Hijackthis
Install SP2 for Windows 2003, install Internet Explorer 8Код:O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.4 85.255.112.218 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.4 85.255.112.218 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.4 85.255.112.218 O20 - Winlogon Notify: winxtx32 - winxtx32.dll (file missing)
Update Java RE and Adobe Reader.
Статистика проведенного лечения:
- Получено карантинов: 1
- Обработано файлов: 2
- В ходе лечения вредоносные программы в карантинах не обнаружены
Ваши права в разделе
