Hello. Please check my log. I scan with newest Kaspersky Virus Removal Tool 2010 and not detect few files.
Hello. Please check my log. I scan with newest Kaspersky Virus Removal Tool 2010 and not detect few files.
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script in Manual disinfection
After reboot execute following script in Manual disinfectionКод:begin SearchRootkit(true, true); SetAVZGuardStatus(True); ClearQuarantine; StopService('MEMSWEEP2'); DeleteService('MEMSWEEP2'); QuarantineFile('C:\WINDOWS\system32\2E.tmp',''); DeleteFileMask('C:\WINDOWS\system32\','*.tmp',false); DeleteFileMask('c:\d2ad3edf52b43ccddf6aa8\','*.*',true); DeleteDirectory('c:\d2ad3edf52b43ccddf6aa8\'); RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\Eventlog\Application\WgaSetup','EventMessageFile'); ExecuteWizard('TSW', 2, 2, true); ExecuteWizard('SCU', 2, 2, true); BC_ImportAll; ExecuteSysClean; BC_Activate; BC_DeleteSvc('MEMSWEEP2'); SetAVZPMStatus(True); RebootWindows(true); end.
and upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.Код:begin CreateQurantineArchive('C:\quarantine.zip'); end.
- Repeat a log file of AVPTool.
- Make a log file with Hijackthis ( Analysis, p.3 for further informations).
- Attach both logs to your new post..
2 new logs attached and send quarantine
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script in Manual disinfection
After reboot execute following script in Manual disinfectionКод:begin SearchRootkit(true, true); SetAVZGuardStatus(True); ClearQuarantine; StopService('MEMSWEEP2'); DeleteService('MEMSWEEP2'); QuarantineFile('c:\windows\system32\taskmsg.exe',''); QuarantineFile('c:\windows\system32\taskapp.exe',''); QuarantineFile('C:\WINDOWS\system32\2E.tmp',''); DeleteFileMask('C:\WINDOWS\system32\','*.tmp',false); RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\Eventlog\Application\WgaSetup','EventMessageFile'); ExecuteWizard('TSW', 2, 2, true); ExecuteWizard('SCU', 2, 2, true); BC_ImportAll; ExecuteSysClean; BC_DeleteSvc('MEMSWEEP2'); BC_Activate; SetAVZPMStatus(True); RebootWindows(true); end.
and upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.Код:begin CreateQurantineArchive('C:\quarantine.zip'); end.
- Repeat a log file of AVPTool.
- Make a log file with Hijackthis ( Analysis, p.3 for further informations).
- Attach both logs to your new post..
2 new logs attached and send quarantine
Nothing suspicious. Any problem more?
No. OK, thanks for support. I do scan MBAM yet.
Статистика проведенного лечения:
- Получено карантинов: 2
- Обработано файлов: 10
- В ходе лечения обнаружены вредоносные программы:
- c:\windows\system32\taskapp.exe - Trojan.Win32.Agent2.ljf