a service on my computer called service.exe is hogging all the memory on the computer. sure it is a virus but i downloaded your 2010 virus tool and it found nothing please help.
Printable View
a service on my computer called service.exe is hogging all the memory on the computer. sure it is a virus but i downloaded your 2010 virus tool and it found nothing please help.
Hello,
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual disinfection
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
QuarantineFile('2','');
QuarantineFile('C:\WINDOWS\system32\Event Agent\bin\spoolsv .exe','');
StopService('System Event Agent');
DeleteService('System Event Agent');
BC_DeleteSvc('System Event Agent');
QuarantineFile('c:\windows\system32\event agent\bin\services .exe','');
TerminateProcessByName('c:\windows\system32\event agent\bin\services .exe');
QuarantineFile('c:\windows\system32\event agent\lsass .exe','');
TerminateProcessByName('c:\windows\system32\event agent\lsass .exe');
QuarantineFile('c:\windows\system32\event agent\bin\spoolsv .exe','');
TerminateProcessByName('c:\windows\system32\event agent\bin\spoolsv .exe');
QuarantineFile('c:\windows\system32\event agent\bin\smss .exe','');
TerminateProcessByName('c:\windows\system32\event agent\bin\smss .exe');
DeleteFile('c:\windows\system32\event agent\bin\smss .exe');
DeleteFile('c:\windows\system32\event agent\bin\spoolsv .exe');
DeleteFile('c:\windows\system32\event agent\lsass .exe');
DeleteFile('c:\windows\system32\event agent\bin\services .exe');
DeleteFile('C:\WINDOWS\system32\Event Agent\bin\spoolsv .exe');
DeleteFileMask('C:\WINDOWS\system32\Event Agent\','*.*',true);
DeleteDirectory('C:\WINDOWS\system32\Event Agent\');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\acs\NetworkProvider','ProviderPath');
DeleteFile('2');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
SetAVZPMStatus(True);
RebootWindows(true);
end.[/CODE]
After reboot [URL="http://virusinfo.info/showthread.php?t=9207"]execute following script[/URL] in Manual disinfection
[code]begin
CreateQurantineArchive('C:\quarantine.zip');
end.
[/code]and upload the C:\quarantine.zip over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
- Make a new log file of AVPTool and Attach them to your new post..