[ATTACH]235912[/ATTACH]
[ATTACH]235913[/ATTACH]
Computer is so slow it is impossible to work with, DON'T KNOW much about virus, please help. Thank you
Printable View
[ATTACH]235912[/ATTACH]
[ATTACH]235913[/ATTACH]
Computer is so slow it is impossible to work with, DON'T KNOW much about virus, please help. Thank you
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual disinfection
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
DelBHO('{E7F15AC4-E0A9-43F0-921B-70DFEA621220}');
QuarantineFile('C:\WINDOWS\system32\796525\796525.dll','');
DelBHO('{65768B48-B004-4B26-9BAC-A3BAC39643D1}');
DelBHO('{5E5EFA8F-9F53-418E-B78E-44866667A404}');
QuarantineFile('C:\WINDOWS\system32\199638\199638.dll','');
QuarantineFile('C:\WINDOWS\system32\218538\218538.dll','');
DelBHO('{ABD45510-9B22-41cd-9ACD-8182A2DA7C63}');
DelBHO('{ABD42510-9B22-41cd-9DCD-8182A2D07C63}');
QuarantineFile('C:\WINDOWS\system32\iehelper.dll','');
QuarantineFile('C:\WINDOWS\system32\ntos.exe','');
QuarantineFile('C:\WINDOWS\system32\sdra64.exe','');
QuarantineFile('C:\Documents and Settings\Default User\Application Data\ntos.exe','');
QuarantineFile('C:\Documents and Settings\Administrator\Application Data\sdra64.exe','');
DeleteFile('C:\Documents and Settings\Administrator\Application Data\sdra64.exe');
DeleteFile('C:\Documents and Settings\Default User\Application Data\ntos.exe');
DeleteFile('C:\WINDOWS\system32\sdra64.exe');
DeleteFile('C:\WINDOWS\system32\ntos.exe');
DeleteFile('C:\WINDOWS\system32\iehelper.dll');
DeleteFile('C:\WINDOWS\system32\218538\218538.dll');
DeleteFile('C:\WINDOWS\system32\199638\199638.dll');
DeleteFile('C:\WINDOWS\system32\796525\796525.dll');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
SetAVZPMStatus(True);
RebootWindows(true);
end.[/CODE]
After reboot [URL="http://virusinfo.info/showthread.php?t=9207"]execute following script[/URL] in Manual disinfection
[code]begin
CreateQurantineArchive('C:\quarantine.zip');
end.
[/code]and upload the C:\quarantine.zip over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
- Remove [URL="http://virusinfo.info/showthread.php?t=42263"]Bonjour[/URL] if you don't use it.
- Repeat a log file of AVPTool.
- Make a log file with Hijackthis ([URL="http://virusinfo.info/showthread.php?t=9184"] Analysis, p.3 [/URL] for further informations).
- Attach both logs to your new post..
After all steps were finished, computer still too slow, imposssible to work with, what else can we do to try to solve this problem...? PLEASE!
thank you very much...:(
[QUOTE=Rene-gad;632937]
- Make a log file with Hijackthis ([URL="http://virusinfo.info/showthread.php?t=9184"] Analysis, p.3 [/URL] for further informations).
[/QUOTE]???
Thanks...
[QUOTE]91.212.65.122 browser-security.microsoft.com
91.212.65.122 antiwareprotect.com
91.212.65.122 [url]www.antiwаrеprоtect.cоm[/url][/QUOTE]Are there your's servers in the hosts-file?
-[URL="http://virusinfo.info/showthread.php?t=9206"]Fix[/URL] with Hijackthis
[CODE]O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.4 85.255.112.218
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.4 85.255.112.218
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.4 85.255.112.218
O20 - Winlogon Notify: winxtx32 - winxtx32.dll (file missing)
[/CODE]
Install SP2 for Windows 2003, install Internet Explorer 8
Update Java RE and Adobe Reader.
Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]2[/B][*]В ходе лечения вредоносные программы в карантинах не обнаружены[/LIST]