my computer got infected by viruses and malware .please help me
thanks
regards
saurav
Printable View
my computer got infected by viruses and malware .please help me
thanks
regards
saurav
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual disinfection
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
StopService('mbdgyncyyohghwj');
StopService('lwzmljwwnra');
StopService('jwucrvrv');
StopService('cplrlwxahx');
QuarantineFile('C:\Users\Toshiba\AppData\Roaming\ahrg.exe,C:\RECYCLER\S-1-5-21-2869303747-4258747907-006969225-8074\nissan.exe,C:\Users\Toshiba\AppData\Roaming\nisgw.exe,explorer.exe','');
QuarantineFile('C:\Users\Toshiba\AppData\Roaming\ahrg.exe','');
QuarantineFile('C:\Users\Toshiba\AppData\Local\Temp\vmeykknnitez.sys','');
QuarantineFile('C:\Users\Toshiba\AppData\Local\Temp\truxgdzcctbvz.sys','');
QuarantineFile('C:\Users\Toshiba\AppData\Local\Temp\nruoirgtbgi.sys','');
DeleteService('mbdgyncyyohghwj');
DeleteService('lwzmljwwnra');
DeleteService('jwucrvrv');
DeleteService('cplrlwxahx');
BC_DeleteSvc('mbdgyncyyohghwj');
BC_DeleteSvc('lwzmljwwnra');
BC_DeleteSvc('jwucrvrv');
BC_DeleteSvc('cplrlwxahx');
DeleteFile('C:\Users\Toshiba\AppData\Roaming\nisgw.exe');
DeleteFile('C:\Users\Toshiba\AppData\Roaming\ahrg.exe,C:\RECYCLER\S-1-5-21-2869303747-4258747907-006969225-8074\nissan.exe,C:\Users\Toshiba\AppData\Roaming\nisgw.exe,explorer.exe');
DeleteFile('C:\Users\Toshiba\AppData\Roaming\ahrg.exe');
DeleteFile('C:\Users\Toshiba\AppData\Local\Temp\vmeykknnitez.sys');
DeleteFile('C:\Users\Toshiba\AppData\Local\Temp\truxgdzcctbvz.sys');
DeleteFile('C:\Users\Toshiba\AppData\Local\Temp\nruoirgtbgi.sys');
DeleteFile('C:\RECYCLER\S-1-5-21-2869303747-4258747907-006969225-8074\nissan.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
SetAVZPMStatus(True);
RebootWindows(true);
end.[/CODE]
After reboot [URL="http://virusinfo.info/showthread.php?t=9207"]execute following script[/URL] in Manual disinfection
[code]begin
CreateQurantineArchive('C:\quarantine.zip');
end.
[/code]and upload the C:\quarantine.zip over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
- Remove [URL="http://virusinfo.info/showthread.php?t=42263"]Bonjour[/URL] if you don't use it.
- Install Service Pack 2 for Vista
- Install all subsequent updates
- Install Internet Explorer 8
- Repeat a log file of AVPTool.
- Attach a log to your new post..
hello
thanks for you help.
File saved as 100409_155617_quarantine_4bbf15e16082b.zip
File size 142819
MD5 497e4db6fba78932e212ec59c4e3fe5d
i had scanned my pc with virus removal tool in safe mode and no virus found later .
thanks
regards
saurav
[QUOTE=Rene-gad;618460]
- Repeat a log file of AVPTool.
- Attach a log to your new post..[/QUOTE]???
Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]12[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\users\toshiba\appdata\local\temp\vmeykknnitez.sys - [B]Backdoor.Win32.Agent.arme[/B] ( DrWEB: Trojan.NtRootKit.2965, BitDefender: Rootkit.34429, AVAST4: Win32:Rootkit-gen [Rtk] )[*] c:\users\toshiba\appdata\roaming\ahrg.exe - [B]P2P-Worm.Win32.Palevo.aash[/B] ( DrWEB: Trojan.MulDrop1.12950, BitDefender: Backdoor.Tofsee.BU, AVAST4: Win32:Flot-E [Trj] )[/LIST][/LIST]