Hello. Please check my log. I scan with newest Kaspersky Virus Removal Tool 2010 and not detect few files.
Printable View
Hello. Please check my log. I scan with newest Kaspersky Virus Removal Tool 2010 and not detect few files.
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual disinfection
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
StopService('MEMSWEEP2');
DeleteService('MEMSWEEP2');
QuarantineFile('C:\WINDOWS\system32\2E.tmp','');
DeleteFileMask('C:\WINDOWS\system32\','*.tmp',false);
DeleteFileMask('c:\d2ad3edf52b43ccddf6aa8\','*.*',true);
DeleteDirectory('c:\d2ad3edf52b43ccddf6aa8\');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\Eventlog\Application\WgaSetup','EventMessageFile');
ExecuteWizard('TSW', 2, 2, true);
ExecuteWizard('SCU', 2, 2, true);
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
BC_DeleteSvc('MEMSWEEP2');
SetAVZPMStatus(True);
RebootWindows(true);
end.[/CODE]
After reboot [URL="http://virusinfo.info/showthread.php?t=9207"]execute following script[/URL] in Manual disinfection
[code]begin
CreateQurantineArchive('C:\quarantine.zip');
end.
[/code]and upload the C:\quarantine.zip over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
- Repeat a log file of AVPTool.
- Make a log file with Hijackthis ([URL="http://virusinfo.info/showthread.php?t=9184"] Analysis, p.3 [/URL] for further informations).
- Attach both logs to your new post..
2 new logs attached and send quarantine
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual disinfection
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
StopService('MEMSWEEP2');
DeleteService('MEMSWEEP2');
QuarantineFile('c:\windows\system32\taskmsg.exe','');
QuarantineFile('c:\windows\system32\taskapp.exe','');
QuarantineFile('C:\WINDOWS\system32\2E.tmp','');
DeleteFileMask('C:\WINDOWS\system32\','*.tmp',false);
RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\Eventlog\Application\WgaSetup','EventMessageFile');
ExecuteWizard('TSW', 2, 2, true);
ExecuteWizard('SCU', 2, 2, true);
BC_ImportAll;
ExecuteSysClean;
BC_DeleteSvc('MEMSWEEP2');
BC_Activate;
SetAVZPMStatus(True);
RebootWindows(true);
end.[/CODE]
After reboot [URL="http://virusinfo.info/showthread.php?t=9207"]execute following script[/URL] in Manual disinfection
[code]begin
CreateQurantineArchive('C:\quarantine.zip');
end.
[/code]and upload the C:\quarantine.zip over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
- Repeat a log file of AVPTool.
- Make a log file with Hijackthis ([URL="http://virusinfo.info/showthread.php?t=9184"] Analysis, p.3 [/URL] for further informations).
- Attach both logs to your new post..
2 new logs attached and send quarantine :)
Nothing suspicious. Any problem more?
No. OK, thanks for support. I do scan MBAM yet.
Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]2[/B][*]Обработано файлов: [B]10[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\windows\system32\taskapp.exe - [B]Trojan.Win32.Agent2.ljf[/B][/LIST][/LIST]