I had some problems with my Explorer, it opens some windows with unneeded banners (i dont ask that), and i've done yet a Online Kavscan, and with the removal tool i received this report:
Printable View
I had some problems with my Explorer, it opens some windows with unneeded banners (i dont ask that), and i've done yet a Online Kavscan, and with the removal tool i received this report:
Hi,
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual disinfection
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
QuarantineFile('c:\users\bart\appdata\roaming\systemproc\lsass.exe','');
TerminateProcessByName('c:\users\bart\appdata\roaming\systemproc\lsass.exe');
DeleteFile('c:\users\bart\appdata\roaming\systemproc\lsass.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
SetAVZPMStatus(True);
RebootWindows(true);
end.[/CODE]
After reboot [URL="http://virusinfo.info/showthread.php?t=9207"]execute following script[/URL] in Manual disinfection
[code]begin
CreateQurantineArchive('C:\quarantine.zip');
end.
[/code]and upload the C:\quarantine.zip over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
Make a new AVPTool log file and attach a log to your new post..
The last part of your reply i dont understand i i've dont yet execute this part, its about the following part:
and upload the C:\quarantine.zip over the link [COLOR=red][B]Upload quarantined files[/B][/COLOR] on the top of this page.
Make a new AVPTool log file and attach a log to your new post..
-> I dont find the link "Upload quarantined files" on the top of this page
-> a new AVPtool log file: whats AVP?
Thxs
Dont look at my previous post, i had do some research and i finally found the Upload quarantine link on the top of this page, and this is my new log file in attachement
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual disinfection
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
QuarantineFile('C:\windows\system32\Drivers\SafeBoot.sys','');
DelBHO('{1F59E089-2C28-9F31-D0FE-A3D6C595BD2C}');
QuarantineFile('C:\windows\system32\d3dx9_3232.dll','');
DeleteFile('C:\windows\system32\d3dx9_3232.dll');
ExecuteWizard('TSW', 2, 2, true);
ExecuteWizard('SCU', 2, 2, true);
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.[/code]
After reboot [URL="http://virusinfo.info/showthread.php?t=9207"]execute following script[/URL] in Manual disinfection
[code]begin
CreateQurantineArchive('C:\quarantine2.zip');
end.
[/code]and upload the C:\quarantine2.zip over the link [COLOR="Red"][B]Upload quarantined files[/B][/COLOR] on the top of this page.
Make a new AVPTool log file and attach a log to your new post..
new log in attachement
Pls. make a log of Hijacktis (s. [URL="http://virusinfo.info/showthread.php?t=9184"]here[/URL] for more information). Pls. don't forget to start the program AS ADMINISTRATOR.
here the hijackthis log execute as administrator:
-[URL="http://virusinfo.info/showthread.php?t=9206"]Fix[/URL] with Hijackthis
[CODE]O20 - AppInit_DLLs: APSHook.dll,C:\windows\system32\d3dx9_3232.dll
[/CODE]
reboot you system and make new log of hijackthis.
here is my new log in attachement
OK, do you have any problem more?
Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]2[/B][*]Обработано файлов: [B]10[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\\users\\bart\\appdata\\roaming\\systemproc\\lsass.exe - [B]P2P-Worm.Win32.Agent.afo[/B] ( DrWEB: Win32.HLLW.Lime.566, BitDefender: Trojan.Generic.4708650, AVAST4: Win32:Dracur-E [Cryp] )[*] c:\\windows\\system32\\d3dx9_3232.dll - [B]Packed.Win32.Katusha.n[/B] ( DrWEB: Trojan.Bender.28, BitDefender: Gen:Variant.Kazy.29, AVAST4: Win32:Dracur-E [Cryp] )[/LIST][/LIST]