Hello,
I'm receiving conctant info from KAV that riskware "mass-mailer software" found and located in C:\Windows\system32\services.exe
KAV is constantly scanning and keeping my CPU at 100% work.
Kaspersky can't automatically disinfect this thing.
Printable View
Hello,
I'm receiving conctant info from KAV that riskware "mass-mailer software" found and located in C:\Windows\system32\services.exe
KAV is constantly scanning and keeping my CPU at 100% work.
Kaspersky can't automatically disinfect this thing.
Hello. First of all, please, download [url=http://z-oleg.com/avz4.zip]AVZ tool[/url] and [url=http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis.zip]Hijackthis[/url] and unpack them to separate folders. Run AVZ tool, upper menu "File" - "Database update" - perform an update. When update has been finished, upper menu "File" - "custom scripts" - execute the script: [code]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('c:\windows\system32\services.exe','');
QuarantineFile('C:\WINDOWS\system32\Drivers\cognnx.sys','');
BC_ImportquarantineList;
BC_Activate;
setavzpmstatus(true);
RebootWindows(true);
end.[/code] After reboot, upload AVZ's quarantine via the link [url]http://virusinfo.info/upload_virus_eng.php?tid=64478[/url] as it's described in the app. 3 of [url=http://virusinfo.info/showthread.php?t=9184]the rules[/url], and make new logs (2 logs of AVZ and 1 of Hijackthis) as it's described in the rules
Hi,
I've send quarantine files as requested. And here is hijackthis log file.
1. Use Dr.Web LiveCD [url]http://www.freedrweb.com[/url]
2. Make 3 logs (syscure, syscheck, hijackthis).