Thanks for your help. I'm a little bit lost.
Printable View
Thanks for your help. I'm a little bit lost.
Make a log of GMER [url]http://virusinfo.info/showthread.php?t=51878[/url]
Here is the log file and also a log from TDSSKiller.
Thanks
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual disinfection
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
QuarantineFile('C:\WINDOWS\system32\drivers\isapnp.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\nvatabus.sys','');
BC_ImportAll;
BC_Activate;
SetAVZPMStatus(True);
RebootWindows(true);
end.[/CODE]
After reboot [URL="http://virusinfo.info/showthread.php?t=9207"]execute following script[/URL] in Manual disinfection
[code]begin
CreateQurantineArchive('C:\quarantine.zip');
end.
[/code]and upload the C:\quarantine.zip over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
- Repeat a log file of AVPTool.
The files isapnp.sys and nvatabus.sys are still presents in the system folder after the quarantine.
[QUOTE=gelanor;618279]The files isapnp.sys and nvatabus.sys are still presents in the system folder after the quarantine.[/QUOTE]they aren't bad, we won't remove them.
Install Service Pack 3 for Windows XP, all subsequent updates, Internet Explorer 8.
Logfile seems to be clean.
After Service Pack 3 for Windows XP update, the rookit has been delete.
Thanks for all !!!
Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]2[/B][*]Обработано файлов: [B]6[/B][*]В ходе лечения вредоносные программы в карантинах не обнаружены[/LIST]