Показано с 1 по 9 из 9.

Hola, Por favor necesito de vuestra ayuda!!

  1. #1
    Junior Member Репутация
    Регистрация
    11.11.2008
    Сообщений
    5
    Вес репутации
    57

    Hola, Por favor necesito de vuestra ayuda!!

    Bueno... yo descarguй Kaskersky Virus Removal Tool porque se me habнa infectado la pc con no se que virus y que entre otras cosas me abrнa ventanas del explorador de internet y me habнa infectado el archivo winlogon.exe. Eso al parecer ya lo pude solucionar, pero al usar la secciуn Manual Cure de Kaspersky Tool me salen algunas cosas en color amarillo en el informe del mismo.En esa secciуn de Kaspersky Tools dice 1-colecte informaciуn y que luego 2-envнe esa informaciуn a los analistas y 3- cuando reciba un script del sitio lo pegue en Kaspersky Tool/ Manual Cure y lo ejecute.
    Bueno les adjunto el archivo generado por Kaspersky Tool para que ustedes lo vean y me digan que debo hacer, si existe un script del sitio de Kaspersky para ejecutarlo y arreglar mi pc.

    Los saludo atentamente.

    Y muchisimas gracias.

    Rubйn.

    Вложения Вложения

  2. #2
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,164
    Вес репутации
    994
    We don't known spanish, can you write in plant english?
    Nevertheless, we would like to see copy of some files from your system. In order to do this, you should execute the following script at avptool:

    Код:
    begin
    SearchRootkit(true, true);
    SetAVZGuardStatus(True);
     QuarantineFile('C:\WINDOWS\System32\Drivers\aswSP.SYS','');
     QuarantineFile('C:\ARCHIV~1\DAP\dapie.dll','');
     QuarantineFile('C:\Archivos de programa\DAP\DAPNS.DLL','');
     QuarantineFile('C:\WINDOWS\system32\we5.dll','');
     QuarantineFile('C:\Archivos de programa\Internet Download Manager\IDMIECC.dll','');
     QuarantineFile('C:\WINDOWS\system32\DRIVERS\sr.sys','');
     QuarantineFile('C:\WINDOWS\System32\drivers\6058ed82.sys','');
    BC_ImportAll;
    BC_Activate;
    RebootWindows(true);
    end.
    Pack ( zip) (with pass 'virus') "Qurantine_AVZ" ( it is subfolder where your avptool exist)
    Please upload it by link http://virusinfo.info/upload_virus_eng.php?tid=33693
    Последний раз редактировалось drongo; 11.11.2008 в 23:46.

  3. #3
    Junior Member Репутация
    Регистрация
    11.11.2008
    Сообщений
    5
    Вес репутации
    57
    Hi, well my English it's not so good ( i am learnig) but i will du my best.

    First: tanks you for answer me.
    My last message say: Hi, i need your help please (title)

    Well i download Kaspersky Virus Removal Tool because my computer has infected...
    ... in the section Manual Cure of the program say 1є collect system information, 2є send the report to analyst and follow the instruction and 3є when you recieve a script from the site, paste it here and press execute button.
    Well... some virus i do have eliminate of my pc, but it's still do rare tings and am very sure the computer it's not 100% clean; the explorer.exe still so rare and use much memory, explorer every time work on 20KB and up, one of the svchost.exe do that too; and now with any thing what i open (archive .txt, folders, programs, etc. ) some little window make appear with this words "The aplication or DLL globalroot\systemroot\system32\TDSSacun.dll it's not a valid image of Windows (XP). Verify that with your instalation disk.

    Some virus that bin in my computer were related with TDSS*.dll, TDSSS*.dll and other more, no remember now.

    Pdata: I have execute the script you give me and upload the generate archive in the link http://virusinfo.info/upload... like you say me.

    Pdata 2: Sorry for my English, i sure continue learning this idiom.

    Tanks for the help.
    Rubйn.
    Последний раз редактировалось Alex_Goodwin; 16.11.2008 в 13:36. Причина: это руткит. AVZPM надо врубать.

  4. #4

  5. #5
    Junior Member Репутация
    Регистрация
    11.11.2008
    Сообщений
    5
    Вес репутации
    57
    Done!!
    When upload ready, on the page say "Upload result
    File saved as 081114_075244_000f_AVZ_Scan_eventlog_491d82ac1788a .zip
    File size 6281
    MD5 a01ba701378fb63e4c695df6dfa18b71

    File uploaded, thank you!"

  6. #6
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,164
    Вес репутации
    994
    Well, you did send us some report and not files, that i did requested from you. Perhaps it because misunderstanding or bug of the avptool. I don't know.
    In order to solve this litle problem, please download avz, unzip it to some new folder, run avz.exe and execute my script there.Then send us quarantine, like it described in the rules

  7. #7
    Junior Member Репутация
    Регистрация
    11.11.2008
    Сообщений
    5
    Вес репутации
    57
    Цитата Сообщение от drongo Посмотреть сообщение
    Well, you did send us some report and not files, that i did requested from you. Perhaps it because misunderstanding or bug of the avptool. I don't know.
    In order to solve this litle problem, please download avz, unzip it to some new folder, run avz.exe and execute my script there.Then send us quarantine, like it described in the rules
    ---------------------------------------------------------------------------

    Am sorry, may be i have no understand.
    Here i go again, but whit sometingh more. And it's that:

    Whit an antirootkit i have detected possible some rootkit, on the folder system32\drivers i can't see the file but whit the program Regscanner yes, i can se the file on the system registry (regedit). I have upload too a file where copied the entries on the system registry.
    The thing is... whit the antirootkit i delete te file and reebot my pc (the program ask me that) and delete too the entries on the system registry, but when i back of the reebot i pass again the antirootkit and he finde other one whit a diferent name, and never end that.
    Can you tell me what it's all that and what i have to do, Please

    Padata: sr Moderator you requested some file from the quarantine folder, well thear have 2 folder whit similar name, but one it's empty; so i upload 3 zip file whit all haven in the folder quarantine: File saved as 081115_140729_AVP Quarantine 13-11-2008_491f2c016bb81.zip
    File size 2256358
    MD5 dbfb0cf97817c2cb5098ff8a09ad9bc2, File saved as 081115_141458_AVP Quarantine 14-11-2008_491f2dc2ae4b4.zip
    File size 2256358
    MD5 0b931e321284430af9e44b1536b453b2
    and File saved as 081115_142303_AVP Quarantine 15-11-2008_491f2fa762335.zip
    File size 2256358
    MD5 720e4c024aa10157e61bbcd8fcc04012
    , and the other one file File saved as 081115_141647_one rootkit_491f2e2fc273d.zip
    File size 496
    MD5 c437ed9d03dd4e5342f744c062e72d59; whit the last may be you can see and tell me what happening.

    Hope you can help me.
    Thankz very much.
    Последний раз редактировалось pulgarcito; 15.11.2008 в 23:30. Причина: fix errors

  8. #8
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,164
    Вес репутации
    994
    Well, first of all it's hard to understand what are you doing. Did you have some disk emulation programs?
    Please don't do anything without our instructions.
    Lets start from beginning:
    Please read and follow carefully: http://virusinfo.info/showthread.php?t=9184
    use a dictionary, if you unable to understand something.
    We will wait from you for all 3 new logs, in this topic.
    P.s.We did received your files, thanks. I think they are clean. Nevertheless, we will get an answer from the antivirus lab soon.

  9. #9
    Junior Member Репутация
    Регистрация
    11.11.2008
    Сообщений
    5
    Вес репутации
    57
    Цитата Сообщение от drongo Посмотреть сообщение
    Well, first of all it's hard to understand what are you doing. Did you have some disk emulation programs?
    Please don't do anything without our instructions.
    Lets start from beginning:
    Please read and follow carefully: http://virusinfo.info/showthread.php?t=9184
    use a dictionary, if you unable to understand something.
    We will wait from you for all 3 new logs, in this topic.
    P.s.We did received your files, thanks. I think they are clean. Nevertheless, we will get an answer from the antivirus lab soon.
    ----------------------------------------------------------------------

    Sorry, but you not give me a minimal solution at last. You say my computer it's clean but i am sure it's not because after i upload the 4 file for you i have pass AVG Internet Security 8 and he finde 4 hiden virus on system 32, and an antirootkit finde a hiden driver on system 32\drivers but after delete this hiden file and reboot the pc agains it's thear; i can't see the file on the folder but yes on the system registry (regedit), thats meants my computer have some virus whats reproduce again the hiden driver i have delete. The rare of the case it's 4 antivirus (including Kaspersky and Kaspersky Removal Tool) and a antispyware can't finde them.

    Anyway... thanks you very much for all. Can you close this threat if you will.

    Some day i finde the solution or do format to my pc.

    Bye.

    Pdata: no offense to you.

Похожие темы

  1. ayuda virus
    От cristy_mccm в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 24.09.2010, 17:37
  2. hola I ned clean my PC
    От praxisteles в разделе Malware Removal Service
    Ответов: 0
    Последнее сообщение: 26.08.2010, 20:41
  3. Ayuda por favor
    От yoannel в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 14.04.2009, 12:36
  4. Por favor helpme
    От Luisunefa в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 10.12.2008, 11:26

Свернуть/Развернуть Ваши права в разделе

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •  
Page generated in 0.01172 seconds with 18 queries