OS:Windows 2003
A Lot of Exe files reported corrupted by Avg/ Kaspersky virus removal tool
Report Attached!
Please Help
Thanks in Advance
Printable View
OS:Windows 2003
A Lot of Exe files reported corrupted by Avg/ Kaspersky virus removal tool
Report Attached!
Please Help
Thanks in Advance
1. All the logs should be done only from local session.
2. Dowlnoad CureIt from Dr.Web Homepage and scan your system starting from any write-protected drive (CD od SDCard)
After that:
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual Cure
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\program files\outlook express\svchost.exe');
TerminateProcessByName('c:\docume~1\admini~1\locals~1\temp\w40df9a.exe');
TerminateProcessByName('c:\docume~1\admini~1\locals~1\temp\winqpmvr.exe');
TerminateProcessByName('c:\docume~1\admini~1\locals~1\temp\qfffrd.exe');
StopService('abp470n5');
QuarantineFile('C:\WINDOWS\system32\drivers\skkpj.sys','');
QuarantineFile('C:\Tally.ERP9\TDLSERVER.dll','');
QuarantineFile('c:\docume~1\admini~1\locals~1\temp\winqpmvr.exe','');
QuarantineFile('c:\docume~1\admini~1\locals~1\temp\w40df9a.exe','');
QuarantineFile('c:\tally.erp9\tallylicserver.exe','');
QuarantineFile('c:\tally.erp9\tally.exe','');
QuarantineFile('c:\program files\outlook express\svchost.exe','');
QuarantineFile('c:\docume~1\admini~1\locals~1\temp\qfffrd.exe','');
DeleteFile('c:\docume~1\admini~1\locals~1\temp\qfffrd.exe');
DeleteFile('c:\program files\outlook express\svchost.exe');
DeleteFile('c:\docume~1\admini~1\locals~1\temp\w40df9a.exe');
DeleteFile('c:\docume~1\admini~1\locals~1\temp\winqpmvr.exe');
DeleteFile('C:\WINDOWS\system32\drivers\skkpj.sys');
DeleteService('abp470n5');
BC_ImportAll;
ExecuteSysClean;
BC_DeleteSvc('abp470n5');
BC_Activate;
RebootWindows(true);
end.
[/CODE]
After reboot [URL="http://virusinfo.info/showthread.php?t=9207"]execute following script[/URL] in Manual Cure
[code]begin
CreateQurantineArchive('C:\quarantine.zip');
end.
[/code]
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool [URL="http://support.microsoft.com/?scid=kb%3Ben-us%3B315246&x=17&y=6"]cleanmgr[/URL] or [URL="http://www.ccleaner.com/"]CCleaner[/URL] or [URL="http://www.clearprog.de/"]ClearProg[/URL]
- Close all the programs and start only Internet Explorer!!!
- Repeat a log file.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the quarantine.zip over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
- Attach a log to your new post..