Hi hello im a newbie from jakarta indonesia
I hope you can help me with this syscheck and hijackthislog
I have problem with creating new folder from my computer and i have limited contex menu in my desktop
regards
lamware
Hi hello im a newbie from jakarta indonesia
I hope you can help me with this syscheck and hijackthislog
I have problem with creating new folder from my computer and i have limited contex menu in my desktop
regards
lamware
You have to clean your PC with CureIt - you have a Sality-Modification, tiw you cannot remove it only using AVZ or KAV-Installed - see p. 2 in the rules Scan your PC
After that:
Close/unload all the programs excepted AVZ and Internet Explorer
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script
After reboot:Код:begin SearchRootkit(true, true); SetAVZGuardStatus(True); TerminateProcessByName('c:\windows\system32\rtpsvc.exe'); StopService('dac970nt'); QuarantineFile('c:\windows\system32\rtpsvc.exe',''); QuarantineFile('C:\WINDOWS\system32\drivers\ehghji.sys',''); DeleteService('dac970nt'); DeleteFile('c:\windows\system32\rtpsvc.exe'); DeleteFile('C:\WINDOWS\system32\drivers\ehghji.sys'); BC_ImportAll; ExecuteSysClean; BC_DeleteSvc('dac970nt'); BC_Activate; RebootWindows(true); end.
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat 3 log files in accordance with the rules.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the quarantine in accordance with Appx. 3 of the rules.
- Attach 3 logs to your new post..
Thank's for the reply
im still trying to download cureit now
Im using Internet download manager but the server refuse conection do you have any alternate miror server address to download cure it
im also stil updating avz for now
regards
lamware
BRB
Последний раз редактировалось lamware; 29.12.2008 в 11:33. Причина: Добавлено
sorry my mistake
1. FYI
a. now im downloading cure it from another pc...
b. sality arrghh i tought it was the problem coz im trying to use sality removal tool from avg but the process always killed every time i want to scan my pc
c. This is Newest log file hope this will help
d. Cure it did found some problems "some trojan and psexe"
e. still i cant create a new folder from "FILE" explorer and "contex menu" right click
f. i kill few process before running log with AVZ
2. Question for you = Is combofix.exe a safe program ?? coz cure it detect dangerous file in it i use this program as a repairing tool
regards
lamware
Последний раз редактировалось lamware; 30.12.2008 в 06:57.
Pls. use coma, points etc. grammar signs to make you posts understandable for all.
I cannot find any malicious in your last logs.
Pls. decide what AV will you use: 2 of them are exactly 1 too much
Update your system until Service Pack 3 + successional 50 patches , install IE7, Adobe Reader 9 - these all are the vulnerable points on any Windows installation.
Edited.....
What happened to the quarantine file that i upload....theres 2 file virus1 and virus2