I have detected Torjan.Win32.Monderc.gen on my PCwith Kaspersky Internet Security and I can't remove it. Here is the file I generated with V|rus removal tool.
I have detected Torjan.Win32.Monderc.gen on my PCwith Kaspersky Internet Security and I can't remove it. Here is the file I generated with V|rus removal tool.
Go Offline
Switch off:
- Antivirus and and, if you have - Firewall, Tea Timer of Spybot Search & Destroy - if active.
- System Restore
- Execute following script
After reboot:Код:begin SearchRootkit(true, true); SetAVZGuardStatus(True); DeleteService('Ytj28'); QuarantineFile('C:\WINDOWS\TEMP\UA33AF.EXE',''); QuarantineFile('C:\WINDOWS\System32\drivers\tcpsr.sys',''); QuarantineFile('C:\WINDOWS\System32\Drivers\Ytj28.sys',''); QuarantineFile('C:\WINDOWS\System32\crypts.dll',''); QuarantineFile('cru629.dat',''); QuarantineFile('C:\WINDOWS\system32\vbsys2.dll',''); QuarantineFile('C:\WINDOWS\System32\Drivers\Beep.SYS',''); DeleteFile('C:\WINDOWS\System32\Drivers\Beep.SYS'); DeleteFile('C:\WINDOWS\system32\vbsys2.dll'); DeleteFile('cru629.dat'); DeleteFile('C:\WINDOWS\System32\crypts.dll'); DeleteFile('C:\WINDOWS\System32\Drivers\Ytj28.sys'); DeleteFile('C:\WINDOWS\System32\drivers\tcpsr.sys'); DeleteFile('c:\windows\temp\ua33af.exe'); BC_ImportDeletedList; ExecuteSysClean; BC_DeleteService('Ytj28'); BC_Activate; executerepair(1); RebootWindows(true); end.
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- If you cannot start Hijackthis rename the file hijackthis.exe in 135.pif. Repeat 3 log files in accordance with the rules.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the quarantine over the red link on th etop of this page.
- Attach 3 logs to your new post..
Последний раз редактировалось Rene-gad; 31.07.2008 в 15:14.
Here are the 3 log files.
The logfiles looks to be clean. But: I wrote
You have done neither... norSwitch off:
- Antivirus and and, if you have - Firewall.
BTW: You have KIS2009. There is a built-in-untility making AVZ-Log in this program. Why you didn't use it?
Ваши права в разделе
Ответить с цитированием