Показано с 1 по 2 из 2.

Serious bad Report Help Me Specialists :-(

  1. #1
    Junior Member Репутация
    Регистрация
    29.03.2009
    Сообщений
    1
    Вес репутации
    33

    Serious bad Report Help Me Specialists :-(

    Hello all
    this is my report please help me .
    my pc is slowing down i can't access to the register or the task manager to try and stop the malware , my USB is infected and i can't remoove anything from it i even can't boot in safe mod the pc shut down...
    Вложения Вложения

  2. #2
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    3001
    First of all heal your system from Sality with CureIt or AVPTool in Safe Mode.

    Switch off:
    - Antivirus and and, if you have - Firewall.
    - System Restore

    - Execute following script
    Код:
    begin
    SearchRootkit(true, true);
    SetAVZGuardStatus(True);
     TerminateProcessByName('c:\windows\mstwain32.exe');
     TerminateProcessByName('c:\docume~1\tahers~1\locals~1\temp\winxyxfda.exe');
     TerminateProcessByName('c:\docume~1\tahers~1\locals~1\temp\winsdyq.exe');
     TerminateProcessByName('c:\docume~1\tahers~1\locals~1\temp\winedgaia.exe');
     StopService('dac970nt');
     QuarantineFile('D:\autorun.inf','');
     QuarantineFile('C:\WINDOWS\system32\windrvNT.sys','');
     QuarantineFile('C:\WINDOWS\system32\drivers\kikpjh.sys','');
     QuarantineFile('c:\windows\mstwain32.exe','');
     QuarantineFile('C:\WINDOWS\cmsetac.dll','');
     QuarantineFile('c:\docume~1\tahers~1\locals~1\temp\winxyxfda.exe','');
     QuarantineFile('C:\DOCUME~1\TAHERS~1\LOCALS~1\Temp\winsdyq.exe','');
     QuarantineFile('C:\DOCUME~1\TAHERS~1\LOCALS~1\Temp\winedgaia.exe','');
     QuarantineFile('C:\DOCUME~1\TAHERS~1\LOCALS~1\Temp\IXP003.TMP\22.exe','');
     DeleteService('dac970nt');
     DeleteFile('D:\autorun.inf');
     DeleteFile('C:\WINDOWS\system32\drivers\kikpjh.sys');
     DeleteFile('c:\windows\mstwain32.exe');
     DeleteFile('C:\WINDOWS\cmsetac.dll');
     DeleteFile('C:\DOCUME~1\TAHERS~1\LOCALS~1\Temp\winxyxfda.exe');
     DeleteFile('C:\DOCUME~1\TAHERS~1\LOCALS~1\Temp\winsdyq.exe');
     DeleteFile('C:\DOCUME~1\TAHERS~1\LOCALS~1\Temp\winedgaia.exe');
     DeleteFile('C:\DOCUME~1\TAHERS~1\LOCALS~1\Temp\IXP003.TMP\22.exe');
     DelCLSID('{9FFE19B3-92D6-8FE0-EB05-4F62B654372B}');
    BC_ImportAll;
    ExecuteSysClean;
    BC_DeleteSvc('dac970nt');
    BC_Activate;
    RebootWindows(true);
    end.
    After reboot:
    - Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
    - Close all the programs and start only Internet Explorer!!!
    - Repeat 3 log files in accordance with the rules.
    - Switch Antivirus and, if you have - Firewall, on.
    - Go On-Line
    - Upload the quarantine over the link Upload quarantined files on the top of this page.
    - Attach 3 logs to your new post..

Свернуть/Развернуть Ваши права в разделе

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •  
Page generated in 0.00609 seconds with 17 queries