Показано с 1 по 19 из 19.

Someone Please check my system analysis!

  1. #1
    Junior Member Репутация
    Регистрация
    07.12.2008
    Сообщений
    10
    Вес репутации
    56

    Someone Please check my system analysis!

    Hello analysts..
    Please do send me the required script which can help me fix my pc lil snags...
    and please if possible do give me insights on how u ppl actually do this wud rly luv to know!
    thanks!
    Вложения Вложения

  2. #2
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,100
    Вес репутации
    3023
    Close/unload all the programs excepted AVZ and Internet Explorer

    Switch off:
    - Antivirus and and, if you have - Firewall.
    - System Restore


    - Execute following script
    Код:
    begin
    SearchRootkit(true, true);
    SetAVZGuardStatus(True);
     TerminateProcessByName('c:\program files\viorb\viorb.exe');
     QuarantineFile('c:\program files\viorb\viorb.exe','');
     DeleteFile('c:\program files\viorb\viorb.exe');
     DeleteService('Bonjour Service');
     DeleteFile('c:\program files\bonjour\mdnsresponder.exe');
    BC_ImportAll;
    ExecuteSysClean;
    BC_Activate;
    RebootWindows(true);
    end.
    After reboot:
    - Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
    - Close all the programs and start only Internet Explorer!!!
    - Repeat 3 log files in accordance with the rules.
    - Switch Antivirus and, if you have - Firewall, on.
    - Go On-Line
    - Upload the quarantine in accordance with Appx. 3 of the rules.
    - Attach 3 logs to your new post..

  3. #3
    Junior Member Репутация
    Регистрация
    07.12.2008
    Сообщений
    10
    Вес репутации
    56
    thanksss..il surely try this out and revert bak to u sir!
    thank u!..bt its really necessary for me to dlt viorb..tht came wth my transformation pak for vista (....do tell me....

    Добавлено через 46 секунд

    btw.i sue window washer on a regular basis..to clean out all the trash..alongwith regcure..fr my reg tweaking! ....

    Добавлено через 8 минут

    *use

    I followed the advice given by Mr rene...and executed the following script

    im now attaching another log of my pc...........so tht it may be analyzed..thank u all so much..
    btw can u pplz temme in which language do u execute this script?

    unfortunately ...i cant find where the tool has stored the quarantined files..so am sorry..can't upload....i chkd in the quarantine folders of AVZ>..no zip file found

    Добавлено через 21 минуту

    and WHAT THE HELL IS THIS...........AVZ tools....is-GNVQ 7......startup.exe..is a KEYLOGGER....DAMMIT....is that true...il have to dlt this AVZ thing then..please do help me in this regard too..
    i HAve kaspersky antivirus only,and that only is showing this startup.exe as key logger..now what to do?
    Вложения Вложения
    Последний раз редактировалось Rene-gad; 24.12.2008 в 00:16.

  4. #4
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,100
    Вес репутации
    3023
    Цитата Сообщение от samm316 Посмотреть сообщение
    bt its really necessary for me to dlt viorb..tht came wth my transformation pak for vista (.
    Pls. read here: http://www.prevx.com/filenames/X6286...VIORB.EXE.html and use a basic English, otherwise I'll write for you in German.

    Добавлено через 5 минут

    Close/unload all the programs excepted AVZ and Internet Explorer

    Switch off:
    - Antivirus and and, if you have - Firewall.
    - System Restore


    - Execute following script
    Код:
    begin
    SearchRootkit(true, true);
    SetAVZGuardStatus(True);
     QuarantineFile('C:\WINDOWS\system32\viwc.exe','');
     QuarantineFile('interceptor.dll','');
     DeleteFile('C:\WINDOWS\system32\viwc.exe');
    BC_ImportAll;
    ExecuteSysClean;
    BC_Activate;
    RebootWindows(true);
    end.
    After reboot:
    - Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
    - Close all the programs and start only Internet Explorer!!!
    - Repeat 3 log files in accordance with the rules.
    - Switch Antivirus and, if you have - Firewall, on.
    - Go On-Line
    - Upload the quarantine in accordance with Appx. 3 of the rules.
    - Attach 3 logs to your new post..
    Последний раз редактировалось Rene-gad; 10.12.2008 в 11:36. Причина: Добавлено

  5. #5
    Junior Member Репутация
    Регистрация
    07.12.2008
    Сообщений
    10
    Вес репутации
    56
    here are the remainder of the logs..
    thank u for checking again
    I hope this time am not messing around with your rules, since I am posting in the same POST.
    Thanks..
    and thank you for German, English is cool with me, Cant understand anything in German.
    Thanks

    HELOOOOOOOOOOOOOOOOOOOOO..ANYONE THERE TO REPLY?
    Вложения Вложения
    Последний раз редактировалось Rene-gad; 24.12.2008 в 00:16.

  6. #6
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,100
    Вес репутации
    3023
    Цитата Сообщение от samm316 Посмотреть сообщение
    HELOOOOOOOOOOOOOOOOOOOOO..ANYONE THERE TO REPLY?
    If you will behave you in such way I'll close the topic: you became a script and dissapeared for 2 weeks!!!Now you are coming and bringing the logs you made for two weeks!
    Switch off:
    - Antivirus and and, if you have - Firewall.
    - System Restore
    -Fix
    Код:
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
    - Execute following script
    Код:
    begin
    SearchRootkit(true, true);
    SetAVZGuardStatus(True);
     QuarantineFile('interceptor.dll','');
    DelCLSID('{B600E6E9-553B-4A19-8696-335E5C896153}');
     DelCLSID('{BBCA9F81-8F4F-11D2-90FF-0080C83D3571}');
     QuarantineFile('C:\WINDOWS\wc98pp.dll','');
     DeleteFile('C:\WINDOWS\wc98pp.dll');
     DeleteFile('C:\Program Files\Bonjour\mdnsNSP.dll');
     DeleteFile('c:\windows\system32\interceptor.dll');
    BC_ImportAll;
    ExecuteSysClean;
    ExecuteRepair(13);
    BC_Activate;
    RebootWindows(true);
    end.
    After reboot:
    - Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
    - Close all the programs and start only Internet Explorer!!!
    - Repeat 3 log files in accordance with the rules.
    - Switch Antivirus and, if you have - Firewall, on.
    - Go On-Line
    - Upload the quarantine over the link Upload quarantined files on the top of this page.
    - Attach 3 logs to your new post..

  7. #7
    Junior Member Репутация
    Регистрация
    07.12.2008
    Сообщений
    10
    Вес репутации
    56
    Am sorry Mr RENE....But please do understand...Am also not a very regular visitor of this site..and I dont come online much...I try to come here as soon as possible. I also have got my exams and everything else coming up.....and am leading quite a busy life.
    Am sorry, as soon as things are over..when I am regular....I will surely post then...
    But thanks anyways for your help

    I have attached the required logs after executing required scripts.Would be very grateful if you could actually explain what you are deleting ...and for what purpose are those files being deleted,and what potential harm they can cause.would love to know more about this!
    thanks a lot
    Вложения Вложения
    Последний раз редактировалось Rene-gad; 29.12.2008 в 10:20.

  8. #8
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,100
    Вес репутации
    3023
    Цитата Сообщение от samm316 Посмотреть сообщение
    Would be very grateful if you could actually explain what you are deleting ...
    Use www.google.[yourcountryabbreviation]
    I cannot find any malicious in your last logs, but I don't understand, why didn't you update a database of AVZ?
    Is it your provider?
    Emirates Telecommunication Corporation

  9. #9
    Junior Member Репутация
    Регистрация
    07.12.2008
    Сообщений
    10
    Вес репутации
    56
    il update it as soon as possible i dint know a new release was out...did not check, sorry..
    ..yes emirates only is my telecom provider...
    I did not get you clearly....but il update my avz for sure...thank you

  10. #10
    Junior Member Репутация
    Регистрация
    07.12.2008
    Сообщений
    10
    Вес репутации
    56
    here are the UPDATED FILES....UPDATED LOGS..ALL LATEST SOFTWARES...
    thank u...once again...
    plz explain what you meant by my telecom provider reference....And i still did not understand what is being deleted.
    Thanks
    Вложения Вложения

  11. #11
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,164
    Вес репутации
    994
    And where the quarantine? You didn't send us yet by http://virusinfo.info/upload_virus_eng.php?tid=35298 . Only after viewing it, we will be able to answer your question.

  12. #12
    Junior Member Репутация
    Регистрация
    07.12.2008
    Сообщений
    10
    Вес репутации
    56
    I am sorry, but what qurantine, I don't think anything was stored in qurantine.
    Mr Rene has been kind enough to clear all my queries by just making use of these logs, i have never uploaded the quarantine till now.Please do tell me, il upload some file, dont know for sure whether its qurantined or not.
    Thanks

    Добавлено через 1 минуту

    is it syscure log u talking about, I have no clue. I uploaded all the required logs right, till now my queries were answered on the basis of my logs!!!
    Последний раз редактировалось samm316; 09.01.2009 в 20:02. Причина: Добавлено

  13. #13
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,164
    Вес репутации
    994
    In this case, you should read more carefully, what Rene-gad did told you in post#6, read it now
    - Upload the quarantine over the link Upload quarantined files on the top of this page.
    If you did delete the quarantine- we are unable to answer on your question: " .And i still did not understand what is being deleted. "

    We are also don't understand what" was being deleted", because we didn't get yours quarantine.

    Do we understand each other ?
    Последний раз редактировалось drongo; 09.01.2009 в 21:44.

  14. #14
    Junior Member Репутация
    Регистрация
    07.12.2008
    Сообщений
    10
    Вес репутации
    56
    hehehehehehhehehee ...I get what you say, no i never had any quarantines . I guess we perfectly understand each other.
    Mr Rene used to give me few scripts and in those scripts we had commands like "delete service "..or "delete file"... I was asking about these deletions, not any quarantines.!
    Now, I posted the latest logs, Is my computer error free and peerfect now?I do run kaspersky, but i found this community interesting and joined!.Its fun here!
    Please do tell me, What to do next!
    Thanks!!..btw, are you from Israel Sir?

  15. #15
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,164
    Вес репутации
    994
    In Rene-gad's script, you can find : QuarantineFile - it is for copy creation, that you should upolad. Next time, please do it. It well help others to eliminate same malware.

    Your logs looks clean. So, if you don't see any problems, i don't see either
    In order to not get similar infection in future, you should work under limited user.
    P.s.Yes, i am from Israel. If you can support Israel in any peaceful way, it will be your thanks to me.

  16. #16
    Junior Member Репутация
    Регистрация
    07.12.2008
    Сообщений
    10
    Вес репутации
    56
    I support humanity sir!.....Very unfortunate all the killings that are taking place around the world, my country(India), your country, gaza..sheesh....Will it ever end?..
    Any way I am deviating from the topic!...I support Israel Sir, I support Peace......For that i can support anyone!
    As far as understanding scripts is concerned, Lol, i can't understand a thing! .
    Which language is it in which you people give me scripts, let my exams get over, Il try to learn too, and perhaps help people out here,Fixing pc's is a passion of mine!
    And yes, my logs are clean?..thank goodness, I guessed that, but wasn't sure.
    One more doubt, my explorer has started crashing a lot nowadays, anyidea as to why, I have VISTA TRANSFORMATION PACK,9.0.1 installed, after that these frequent on and off crashing started taking place!.
    And what exactly is meant by In order to not get similar infection in future, you should work under limited user...i quote you there.
    Thanks once again for whatever help you are providing.Hope peace is restored to your region soon!

    Добавлено через 1 минуту

    PS : Il read Mr Rene's scripts again, did not notice the quarantine part! .
    And yes, am i supposed to do anything else now, take more logs and all for instance, or I am not required to do anything else?.
    Thank YOu!
    Последний раз редактировалось samm316; 11.01.2009 в 00:07. Причина: Добавлено

  17. #17
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,164
    Вес репутации
    994
    1. limited user:
    http://www.microsoft.com/protect/com...eraccount.mspx
    2. It is an avz-script language, not hard to learn and use.There is one little problem- help mainly in Russian Translation still in progress...


    3.VISTA TRANSFORMATION PACK or such, can cause you problems, so my advice- uninstall it, and check all system files with original ones, don't forget update the windows itself.
    4. Your logs are clean.No need to do more, at least now

  18. #18
    Junior Member Репутация
    Регистрация
    07.12.2008
    Сообщений
    10
    Вес репутации
    56
    thank you so much Mr Drongo!!! ..
    I have been using the pack for a long time now, i so dont want to remove it, can u tell me an alternative instead?plz plz plz, and thank you so much for giving me valuable insight on the language used, no one was telling me here, you are the first person to do so, thank you so much!Il wait for the translation!..
    sir,any idea why a start menu would refuse to open, even after pressing windows key, is this also something to do with windows vista transformation pack, all this started afte installation only, not that it harms me , but still!....I probably will wait for their next update, or can u suggest a better alternative to transfrom XP, forgive me ,am into this useless fancy stuff...thank you!

  19. #19
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,164
    Вес репутации
    994
    Sorry, i don't using staff like this About 3 years ago, i did used something like this, but not for long There is always chance to catch a bug, but using modified system files this chance is increasing exponentially
    You can try to send request to creator of this VISTA TRANSFORMATION PACK, perhaps it will assist you.

Похожие темы

  1. Results of system analysis
    От jabba в разделе Computer security
    Ответов: 2
    Последнее сообщение: 30.07.2010, 15:18
  2. System Analysis
    От Steven W в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 16.06.2010, 09:59
  3. System Analysis
    От djeet8002 в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 15.06.2010, 00:32
  4. file of system analysis
    От itsupport в разделе Malware Removal Service
    Ответов: 2
    Последнее сообщение: 16.01.2009, 10:34
  5. Step 2 in analysis of system!!
    От samm316 в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 10.12.2008, 08:41

Свернуть/Развернуть Ваши права в разделе

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •  
Page generated in 0.00960 seconds with 18 queries