my virus detection detect that virus in all my harddrive, but cannot delete. they jusy quarantine it. i mannualy delete it but it re appears after less than minute. can find the source attached is my system information. thanks
my virus detection detect that virus in all my harddrive, but cannot delete. they jusy quarantine it. i mannualy delete it but it re appears after less than minute. can find the source attached is my system information. thanks
Hi!
Please download tools avz and hijackthis , the links :http://virusinfo.info/showthread.php?t=9184
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script
After reboot:Код:begin SearchRootkit(true, true); SetAVZGuardStatus(True); QuarantineFile('C:\WINDOWS\system32\ckvo.exe',''); QuarantineFile('C:\Program Files\OneStepSearch\onestep.exe',''); QuarantineFile('C:\WINDOWS\system32\DRIVERS\lirsgt.sys',''); QuarantineFile('C:\WINDOWS\system32\ckvo0.dll',''); DeleteFile('C:\WINDOWS\system32\ckvo0.dll'); DeleteFile('C:\WINDOWS\system32\ckvo.exe'); BC_ImportAll; Executerepair(6); Executerepair(8); Executerepair(9); ExecuteSysClean; BC_Activate; RebootWindows(true); end.
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat 3 log files in accordance with the rules.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Zip the quarantin (don't forget password protect it with password: virus )It should be somewhere in subfolder of your avptool.-> c:\documents and settings\all users\desktop\kaspersky lab tool\is-2p4b5\
Upload the quarantine over the link Upload quarantined files on the top of this page.
- Attach 3 logs to your new post..
Последний раз редактировалось drongo; 28.08.2008 в 22:22.
*Нажми и выполни, если хочешь чтобы помощь улучшилась и ускорилась
*MyFirefox Portable
special avz @ rapidshare.com
md5: 2091925798B7909E010E3F7E328C5F0D
i did what you told me here are the logs. thanks and hope for your continuous help
Bring the signatures of AVZ uptodate!!!
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
- Close all the opended programs excepting AVZ and Internet Explorer
- Execute following script
After reboot:Код:begin SetAVZGuardStatus(True); DeleteService('Bonjour Service'); DeleteFile('C:\Program Files\Bonjour\mDNSResponder.exe'); RebootWindows(true); end.
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat 3 log files in accordance with the rules.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Attach 3 logs to your new post..