Sorry for waiting.
Switch off:
- Antivirus and and, if you have - Firewall.
- Execute following script in Manual Healing
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('I:\g8k.exe','');
QuarantineFile('I:\autorun.inf','');
QuarantineFile('H:\g8k.exe','');
QuarantineFile('H:\autorun.inf','');
QuarantineFile('G:\g8k.exe','');
QuarantineFile('G:\autorun.inf','');
QuarantineFile('D:\g8k.exe','');
QuarantineFile('D:\autorun.inf','');
QuarantineFile('C:\g8k.exe','');
QuarantineFile('C:\autorun.inf','');
QuarantineFile('C:\WINXP\system32\btmmhook.dll','');
QuarantineFile('C:\DOCUME~1\Eng-AMR\LOCALS~1\Temp\herss.exe','');
QuarantineFile('C:\WINXP\system32\e8main1.dll','');
QuarantineFile('C:\DOCUME~1\Eng-AMR\LOCALS~1\Temp\cvasds0.dll','');
DeleteFile('C:\DOCUME~1\Eng-AMR\LOCALS~1\Temp\cvasds0.dll');
DeleteFile('C:\WINXP\system32\e8main1.dll');
DeleteFile('C:\DOCUME~1\Eng-AMR\LOCALS~1\Temp\herss.exe');
DeleteFile('C:\autorun.inf');
DeleteFile('C:\g8k.exe');
DeleteFile('D:\autorun.inf');
DeleteFile('D:\g8k.exe');
DeleteFile('G:\autorun.inf');
DeleteFile('G:\g8k.exe');
DeleteFile('H:\autorun.inf');
DeleteFile('H:\g8k.exe');
DeleteFile('I:\autorun.inf');
DeleteFile('I:\g8k.exe');
ExecuteRepair(6);
ExecuteRepair(8);
ExecuteRepair(9);
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
SetAVZPMStatus(True);
RebootWindows(true);
end.
After reboot:
- Execute following script in Manual Healing
Код:
begin
CreateQurantineArchive('C:\quarantine.zip');
end.
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Make a log file with GMER (www.gmer.net) : download gmer.exe, start a program, press the SCAN - button, wait till GMER will be ready with logging, save the log and attach it to the new message.
- Repeat a log file ( a new one, using kaspersky virus removal tool).
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the C:\quarantine.zip by red link on top of this theme.
- Attach a new log(using kaspersky virus removal tool)to your new post.
Try to update kaspersky antivirus, let us know if it working.