this is my report.
thank
Printable View
this is my report.
thank
Hi,
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
[COLOR="Red"][B]- System Restore[/B][/COLOR]
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual Cure
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
QuarantineFile('winudpmgr.exe','');
QuarantineFile('C:\WINDOWS\system32\sdra64.exe','');
DeleteFile('C:\WINDOWS\system32\sdra64.exe');
DeleteFile('winudpmgr.exe');
DeleteFile('C:\WINDOWS\winudpmgr.exe');
DeleteFile('C:\WINDOWS\system32\winudpmgr.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run','Windows UDP Control Center');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(13);
SetAVZPMStatus(True);
RebootWindows(true);
end.[/CODE]
After reboot [URL="http://virusinfo.info/showthread.php?t=9207"]execute following script[/URL] in Manual Cure
[code]begin
CreateQurantineArchive('C:\quarantine.zip');
end.
[/code]
- Upload the C:\quarantine.zip over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
- Remove [URL="http://virusinfo.info/showthread.php?t=42263"]Bonjour[/URL]
- Repeat the AVPTool log file.
- Make a Logfile of Hijackthis: [url]http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis.zip[/url] (How-To read chapter Analysis here: [url]http://virusinfo.info/showthread.php?t=9184[/url])
- Attach both logs to your new post..
Thanks
[B][COLOR="Red"]- Upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.
[/COLOR][/B]
Why 've I to repeat all my requests more than once?!
The logs are showing nothing suspicious now.
Remove
- SUPERAntiSpyware
- Ad-Aware
- McAfee SiteAdvisor
Avira is realy good and sufficient protection.
Absolutely insufficient - in contrast - is your Service Pack 2 .
Install SP3 + all updates (visit [url]www.windowsupdate.com[/url])
Install IE8, even if you don't use it for browsing.