Hi, I've got a problem with an annoing Trojan
Kaspersky and Kaspersky Removal tool can't remove it.
I attached log to this post
Pleas help me, I'm totally new to this stuff an i need some script
Printable View
Hi, I've got a problem with an annoing Trojan
Kaspersky and Kaspersky Removal tool can't remove it.
I attached log to this post
Pleas help me, I'm totally new to this stuff an i need some script
Close/unload all the programs excepted AVZ and Internet Explorer
Switch off:
- Antivirus and and, if you have - Firewall.
[COLOR="Red"][B]- System Restore[/B][/COLOR]
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL]
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('geBrqnMC.dll','');
QuarantineFile('Internet.exe','');
DelBHO('{C16CDB5C-2468-4116-AD60-868CA1368FA1}');
QuarantineFile('C:\WINDOWS\system32\geBrqnMC.dll','');
DelBHO('{37641C55-10E8-415A-A525-C57F4ECAA65B}');
QuarantineFile('C:\WINDOWS\system32\mlJYqNGa.dll','');
QuarantineFile('H:\autorun.inf','');
DeleteFile('H:\autorun.inf');
DeleteFile('C:\WINDOWS\system32\mlJYqNGa.dll');
DeleteFile('C:\WINDOWS\system32\geBrqnMC.dll');
DeleteFile('Internet.exe');
DeleteFile('geBrqnMC.dll');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
[/CODE]
After reboot:
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool [URL="http://support.microsoft.com/?scid=kb%3Ben-us%3B315246&x=17&y=6"]cleanmgr[/URL] or [URL="http://www.ccleaner.com/"]CCleaner[/URL] or [URL="http://www.clearprog.de/"]ClearProg[/URL]
- Close all the programs and start only Internet Explorer!!!
- Repeat 3 log files in accordance with the [URL="http://virusinfo.info/showthread.php?t=9184"]rules[/URL].
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the quarantine in accordance with Appx. 3 of the rules.
- Attach 3 logs to your new post..
Thank u very much, u're true magician
Everything seems to be fine now...
I can't send you those files though,
I haven't used AVZ to create the log and execute this script. I used Kaspersky Virus Removal Tool. It worked anyway.
To be sure, I've installed AVZ NOW and scanned my system briefly. It didn't find anything, so "Quarantine folder viewer" is empty and I have nothing to pack into archive.
Is that alright or do i have to do something more?
I followed all of your instructions.
[QUOTE=Redhead;311110]Is that alright or do i have to do something more?
[/QUOTE]
Pls. make 3 logfiles as described in zhe rules (with AVPTool is only one log possible, TIW - AVZ :) )
I didn't know "Which mark files in the list should be sent."
So i sent every single file to archive.
I don't know what do you mean with all these 3 logs, though - sorry, but the rules are not clear enough for a noob like me.
Edit: It cant be uploaded. Something is not alright
"Upload only the quarantined files that we have requested"
Which have YOU requested? o.O
Ps. sorry for all the mess and my stupidity
[QUOTE=Redhead;311209]
the rules are not clear enough for a noob like me.[/QUOTE]Sorry, but we have only, what we have: the rules in Russian and English. If it's difficult for you, pls. call somebody to help you.
[QUOTE]"Upload only the quarantined files that we have requested"Which have YOU requested? o.O[/QUOTE]
Where did you see this sentence?
After clicking the link above, "[COLOR=black][B][B]Upload quarantined files[/B]"
[/B]About the rules - the problem is, that im from Poland and I'm actually the only one around that understands what are we talking about.
Don't matter though, I've already get some help on other forum.
Thanks for everything
[/COLOR]
[QUOTE=Redhead;311256]After clicking the link above, "Upload quarantined files"[/QUOTE]It means, it's not allowed to upload logfiles, pictures, music files etc. :)