Показано с 1 по 15 из 15.

two viruses found

  1. #1
    Junior Member Репутация
    Регистрация
    19.08.2009
    Сообщений
    8
    Вес репутации
    31

    two viruses found

    Hallo to all (sorry for my bad english)

    Yesterday i noted that autorun process of my portable HD started several times without reasons (about every 10 minutes), so i downloaded Kasp. Vir. Rem. Tool and i found 2 viruses (the first, called keygen.exe, in a Temp folder, fixed; the second in a music file .rar downloaded by emule, fixed too)

    I'm posting AVZ & HijackThis log files because i need to know if i would have other malwares. (followed all of yours advices for producing log files)

    my pc start process are very slow, but not for virus influences i suppose (probably for lots and heavy software installed)

    I use my pc at job

    My favourite browser is Mozilla. IE never used.

    Is it possible (or frequent) download viruses by emule???

    Thanks
    Вложения Вложения

  2. #2
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,165
    Вес репутации
    971
    Hi!
    Please make a log with gmer(how -to: http://virusinfo.info/showthread.php...345#post447345 ) and attach it to next post.
    About emule- yes you can catch viruses and worms through this application.Basically, in order to use emule, you should share some folder on your disk, so worm have an access to this folder too.Also don't forget, the file that you want to download- may be already infected.

  3. #3
    Junior Member Репутация
    Регистрация
    19.08.2009
    Сообщений
    8
    Вес репутации
    31
    Sorry, it's impossible for me attach a full system gmer log, because is too large (10 Mb of a txt file).

    Gmer found a service suspected as rootkit/malware and i have disabled it.

    the service disabled by me is written in red in the screen

    do you think i made a mistake???
    Изображения Изображения
    • Тип файла: jpg 1.JPG (172.6 Кб, 6 просмотров)

  4. #4
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Регистрация
    17.09.2004
    Адрес
    Israel
    Сообщений
    7,165
    Вес репутации
    971
    10 mb it is too much Did you forget unload all running programs in system tray, including your firewall? Try again, avoid checking all disks in Gmer
    In your picture i can't see where is service "oaogcz "... i believe it in some system folder, but it just a guess.
    We would like to get copy of it , before you going to delete , etc

    Let try in another way.
    Please execute this script in avz (remember disable antivirus/firewall before that)

    Код:
    begin
    ExecuteRepair(6);
    ExecuteRepair(8);
    ExecuteRepair(9);
    SetAVZPMStatus(true);
    RebootWindows(true);
    end.
    System will reboot.
    Download in my signature special version avz, unzip all files to new folder. Click on Run.cmd to lunch this version. Disable internet and your antivirus/firewall before doing this)
    Using this version please make virusinfo_syscure.zip Do attach it to next post in this theme.

  5. #5
    Junior Member Репутация
    Регистрация
    19.08.2009
    Сообщений
    8
    Вес репутации
    31
    Yes...probably i used gmer in a wrong way...

    I have done all you asked me...executed your script in avz4 offline and having disabled all antivirus/firewall and similar, after i made a log with special avz in your signature (offline & all disabled)

    i hope i have do it all right
    Вложения Вложения
    Последний раз редактировалось Rene-gad; 21.08.2009 в 19:52.

  6. #6
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    3000
    I see nothing evil in your log.
    Could you make a gmer log?
    But 10 Mb!!! It cannot be soooo large.
    If I'll be not right , pls. pack it in a zip-file and send me a public message.
    I'll give you my e-mail for sending of the log.

  7. #7
    Junior Member Репутация
    Регистрация
    19.08.2009
    Сообщений
    8
    Вес репутации
    31
    Цитата Сообщение от drongo Посмотреть сообщение
    10 mb it is too much Did you forget unload all running programs in system tray, including your firewall? Try again, avoid checking all disks in Gmer
    I've done it

    my gmer log is very light now...
    Вложения Вложения

  8. #8
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    3000
    Open a new file in any text processor, e.g. Notepad
    Copy this code
    Код:
    t5yqk3ow.exe -del service oaogcz
    t5yqk3ow.exe -del file "C:\WINDOWS\system32\lgtvop.dll"
    t5yqk3ow.exe -del reg "HKLM\SYSTEM\ControlSet002\Services\oaogcz"
    t5yqk3ow.exe -del reg "HKLM\SYSTEM\CurrentControlSet\Services\oaogcz"
    t5yqk3ow.exe -reboot
    in this file, save it as 239.bat in the same directory, where the file t5yqk3ow.exe=gmer.exe saved, and start it with double click.
    PC will be rebooted.
    After reboot repeat a gmer-log.

  9. #9
    Junior Member Репутация
    Регистрация
    19.08.2009
    Сообщений
    8
    Вес репутации
    31
    I executed the script by 239.bat file, but during the "operations", i received two messages (first in screen 2, the second in screen 3, attached below).

    the messages says that gmer "can't find the specified module"

    I'm going to repeat gmer-log
    Изображения Изображения
    Последний раз редактировалось Botta; 22.08.2009 в 22:19.

  10. #10
    Junior Member Репутация
    Регистрация
    19.08.2009
    Сообщений
    8
    Вес репутации
    31
    Вложения Вложения

  11. #11
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    3000
    Your log doesn't contain any suspicious subjects.
    Any problem more?

    MSIE: Internet Explorer v7.00 (7.00.6000.20772)
    Pls. install IE8, just because you prefer Mozilla - IE is a part of the OS Windows and if it's not uptodate, is the whole system vulnerable.
    C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
    Pls. install the last version of Adobe Reader (9.1.3 now). All the older versions are vulnerable.

  12. #12
    Junior Member Репутация
    Регистрация
    19.08.2009
    Сообщений
    8
    Вес репутации
    31
    ok man...thank you...

    but acrobat 7 is a professional version, only reader version is unneeded to me

    for other reasons i can't upgrade IE7 to 8 version

    my pc is not a last generation pc (6 years old), so it's impossible to me keep all the software update, because all the last version are more and more havy.

    my system will remain vulnerable

  13. #13
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    3000
    Цитата Сообщение от Botta Посмотреть сообщение
    but acrobat 7 is a professional version
    Oh, than forget my recommendation
    for other reasons i can't upgrade IE7 to 8 version
    Why?
    my pc is not a last generation pc (6 years old), so it's impossible to me keep all the software update
    I bought my PC in 2002, I've only changed a CD/DVD-Burner - nothing more.
    It's not necessary to update ALL applications, but only security-relevant one
    IE belongs to such applications

  14. #14
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    3000
    Цитата Сообщение от Botta Посмотреть сообщение
    what do you think about it???
    I think - it's not OK. Buy a license or change OS.
    Цитата Сообщение от Botta Посмотреть сообщение
    Is it possible upgrade OS without having XP original licence???
    Such questions and answers are prohibited here.

  15. #15
    Junior Member Репутация
    Регистрация
    19.08.2009
    Сообщений
    8
    Вес репутации
    31
    Цитата Сообщение от Rene-gad Посмотреть сообщение
    I think - it's not OK. Buy a license or change OS.
    Such questions and answers are prohibited here.
    ok...delete post plz...

    thank you so mutch for your helps...

Похожие темы

  1. security is at risk but no viruses are found
    От mrcuccu в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 23.09.2010, 20:56
  2. problem with printer and some viruses found with kaspoersky removal tool
    От chocochester в разделе Malware Removal Service
    Ответов: 0
    Последнее сообщение: 29.06.2010, 17:02
  3. New Problems found after deleting viruses
    От lclee86 в разделе Malware Removal Service
    Ответов: 0
    Последнее сообщение: 26.06.2010, 07:09
  4. A number of malware, viruses, and trojans found - need help!
    От arbour0713 в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 15.06.2010, 19:08
  5. many viruses found
    От SERROUKH в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 08.09.2009, 15:59

Метки для этой темы

Свернуть/Развернуть Ваши права в разделе

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •  
Page generated in 0.00898 seconds with 17 queries