Only Norton Security Scan has found 2 malicious objects which are still infecting my PC:
c:\commonfiles\xhostl.cpl
c:\commonfies\xhostn.dll
Only Norton Security Scan has found 2 malicious objects which are still infecting my PC:
c:\commonfiles\xhostl.cpl
c:\commonfies\xhostn.dll
Последний раз редактировалось jeal61; 02.07.2010 в 22:44. Причина: I could not send the attached file previously.
Close/unload all the programs excepted AVZ and Internet Explorer
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script in Manual Healing
After reboot:Код:begin SearchRootkit(true, true); SetAVZGuardStatus(True); QuarantineFile('c:\Commonfiles\xhostn.dll',''); DelBHO('{F89CEB6F-335E-43EC-BD6B-7F72D7801158}'); DeleteFile('c:\Commonfiles\xhostn.dll'); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(true); end.
- Execute following script in Manual Healing
- Upload the C:\quarantine.zip here: http://virusinfo.info/upload_virus_eng.php?tid=82346Код:begin CreateQurantineArchive('C:\quarantine.zip'); end.
- Repeat a log file.
- Attach a new log to your new post..
Although I could not upload the quarantined Zip file, once it has not been created due to some mistake, I'm sure my PC is already disinfected. Thanks for helping me, Rene-gad.
Последний раз редактировалось jeal61; 05.07.2010 в 18:17.
Your log seems to be clean.
I've just performed a full scan of Norton Security and it indicates my PC still has a trojan/infostealer (c:\commonfiles\xhostl.cpl) which appears twice (Target type: Infection and Browser Cache), ie, one of the two malwares I've reported previously.
I've discovered a removal tool that is almost a miracle: ComboFix. The malwares were found and the PC was automatically disinfected (see the attached post-disinfection report).
Последний раз редактировалось jeal61; 06.07.2010 в 18:18.
It's good possible, that Norton and other tools found malicious files. According to AVZ they were not activated and not really harmful.
ComboFix has quarantined 10 files in my PC (see the attached report).
Thanks again for helping me, Rene-gad.
Последний раз редактировалось jeal61; 06.07.2010 в 18:19.
I'm not sure, that anybody advised you to make any log, e.g. Combofix
Nobody asked me to do that. Sorry if I did something wrong. I was just trying to give you as much information as possible once I'd like to be 100% sure that my PC isn't infected anymore.
Последний раз редактировалось jeal61; 06.07.2010 в 21:18.