Dangerous Objects Detected Can NOT Process

[Grattan]

Four dangerous objects remain, but can not be processed by Kasperky for Windows Workstations 5.0.712. Running on XP Professional.

Thank you for your help.

[Rene-gad]

Your version of Antivirus is obsolete, this program cannot protect your system.

Close/unload all the programs excepted AVZ and Internet Explorer

Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore


Fix with Hijackthis

Код:

O4 - HKLM\..\Run: [12177814] C:\Documents and Settings\All Users\Application Data\12177814\12177814.exe

- Execute following script

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
 StopService('netsik');
 QuarantineFile('C:\WINDOWS\system32\drivers\netsik.sys','');
 QuarantineFile('C:\Documents and Settings\All Users\Application Data\12177814\12177814','');
 QuarantineFile('C:\WINDOWS\system32\regedit.exe','');
 DeleteFile('C:\WINDOWS\system32\regedit.exe');
 DeleteFile('C:\Documents and Settings\All Users\Application Data\12177814\12177814');
 DeleteFile('C:\WINDOWS\system32\drivers\netsik.sys');
 DeleteService('netsik');
BC_ImportAll;
ExecuteSysClean;
 BC_DeleteSvc('netsik');
BC_Activate;
RebootWindows(true);
end.

After reboot:
- Execute following script

Код:

begin
CreateQurantineArchive('C:\quarantine.zip');    
end.

- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat 3 log files.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the C:\quarantine.zip here: http://virusinfo.info/upload_virus_eng.php?tid=50306
- Attach 3 new logs to your new post..

[Grattan]

I can not upload the log files as it says I have already done so.

[Rene-gad]

I can not upload the log files as it says I have already done so.

Sure. You have to generate new logs AFTER executing of script and cleaning of the system.
Read my post carefully.

[Grattan]

I had followed all the steps and thought I had generated new logs, which is what I thought I sent you.

My sincere apologies, I seem to have in error sent you a prohibited file. I am sorry.

I will try again.

We are also downloading new version of Kasperky, will that clean the PC, without having to go through the steps you outlined earlier?

Finally the instruction <- Repeat 3 log files> was not clear to me and it was only after some thought that I understood what it meant. Maybe it would be clearer if it said <Repeat Analysis steps from Before you Post and attach log files avz_sysinfo.htm, avz_sysinfo.htm and hijackthis.log>

Thank you and you have been very helpful

[Rene-gad]

Finally the instruction <- Repeat 3 log files> was not clear to me and it was only after some thought that I understood what it meant.

It shouldn't have any sense e.g. for me, to upload the same logs once more ... We'd like to see a dynamic AFTER our healing attempts, tiw we need the new generated logs AFTER... Any other understanding is IMHO out of logic...