Help me please. Computer is too slow for sometime after startup and if my computer is opened then it shows ssearching the drives, after some time it works fine until next restart. Again, kindly help me please.
Printable View
Help me please. Computer is too slow for sometime after startup and if my computer is opened then it shows ssearching the drives, after some time it works fine until next restart. Again, kindly help me please.
Hello,
it's a wrong log. Pls read: [url]http://virusinfo.info/showthread.php?t=9184[/url]
I HAVE LOTS OF PROBLEM IN MY LAPTOP. CANNOT START IN SAFE MODE. TASK MANAGER DISABLED. AND LOTS OF PROBLEM....
You've got Sality, first of all you have to heal your system with Live CD from Dr. Web: [url]http://www.freedrweb.com/livecd/?lng=en[/url]
After healing:
Close/unload all the programs excepted AVZ and Internet Explorer
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual Healing
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\windows\system32\chgservice.exe');
QuarantineFile('C:\RECYCLER\S-1-5-21-6010588012-1972695393-938844294-8176\wnzip32.exe,C:\RECYCLER\S-1-5-21-7911114985-5736847207-370379298-0617\sysdate.exe,explorer.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-6010588012-1972695393-938844294-8176\wnzip32.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-7911114985-5736847207-370379298-0617\sysdate.exe','');
StopService('aic32p');
DeleteService('aic32p');
BC_DeleteSvc('aic32p');
QuarantineFile('C:\WINDOWS\system32\drivers\lkkpsn.sys','');
QuarantineFile('xfhcmona.sys','');
QuarantineFile('c:\windows\system32\chgservice.exe','');
DeleteFile('c:\windows\system32\chgservice.exe');
DeleteFile('C:\WINDOWS\system32\drivers\lkkpsn.sys');
DeleteFile('C:\RECYCLER\S-1-5-21-6010588012-1972695393-938844294-8176\wnzip32.exe,C:\RECYCLER\S-1-5-21-7911114985-5736847207-370379298-0617\sysdate.exe,explorer.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-6010588012-1972695393-938844294-8176\wnzip32.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-6010588012-1972695393-938844294-8176\sysdate.exe');
executerepair(6);
executerepair(8);
executerepair(9);
executerepair(11);
executerepair(16);
executerepair(17);
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
[/CODE]
After reboot:
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual Healing
[CODE]begin
CreateQurantineArchive('C:\quarantine.zip');
end.
[/CODE]
- Upload the C:\quarantine.zip here: [url]http://virusinfo.info/upload_virus_eng.php?tid=73863[/url]
- Repeat a log file of AVPTool
- Make a log file with Hijackthis:[url]http://www.bleepingcomputer.com/tutorials/tutorial94.html[/url]
still i cannot start in safe mode after executing the above code . is there any way to completely recover my system?
Did you make a scan with Dr.Web Live CD before executing of script?
No, whenever i tried to download that firefox closes itself every time after opening "Dr.Web CureIt" website. So, i executed the code
[QUOTE=arun_kumar1997;606951]No, whenever i tried to download that firefox closes itself every time after opening "Dr.Web CureIt" website. So, i executed the code[/QUOTE]
It was without any sense: scripts cannot remove any file infector.
Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]13[/B][*]В ходе лечения вредоносные программы в карантинах не обнаружены[/LIST]