This is the first time I've used this tool.
I ran the virus removal utility, and there are about 10 red events.
Help!
This is the first time I've used this tool.
I ran the virus removal utility, and there are about 10 red events.
Help!
- Execute following script in Manual Healing
- Execute following script in Manual HealingКод:begin QuarantineFile('C:\Program Files\SGPSA\BHO.dll',''); QuarantineFile('C:\Program Files\SGPSA\SearchAssistant.dll',''); QuarantineFile('C:\WINDOWS\system32\config\systemprofile\Application Data\Buicu\azfe.exe',''); end.
- Upload the C:\quarantine.zip here: http://virusinfo.info/upload_virus_eng.php?tid=83910Код:begin CreateQurantineArchive('C:\quarantine.zip'); end.
Ok, did that. What's next, or is that all I have to do?
I was looking at Internet Security 2010. Does that replace the AntiVirus software? Should I uninstall AntiVirus first, or install over it?
- Execute following script in Manual Healing
After reboot make a new log file of AVPTool.Код:begin SearchRootkit(true, true); SetAVZPMStatus(True); SetAVZGuardStatus(True); DeleteFile('C:\WINDOWS\system32\config\systemprofile\Application Data\Buicu\azfe.exe'); BC_ImportDeletedList; ExecuteSysClean; BC_Activate; RebootWindows(true); end.
Добавлено через 45 секунд
Yes
Yes
Последний раз редактировалось Rene-gad; 27.07.2010 в 23:25. Причина: Добавлено
I have already installed KIS 2010, set slider to medium, checked rootkit, and checked deep scan. I think that already deleted your file, but I ran your "execute script" anyway, but restart hung up.
I also got hit with another virus today, using Facebook, and the encyclopedia. I've noticed alot of virus files are in the "system restore" folder, but I never use restore. Maybe I should disable that feature once everthing is clean?
I wasn't sure if you wanted the file, but I attached the results for KIS virus.
Thanks for your help!
Sorry, if that's not the file you want - you'll have to be more specific with regard to how to "create a new log file".
Статистика проведенного лечения:
- Получено карантинов: 1
- Обработано файлов: 3
- В ходе лечения обнаружены вредоносные программы:
- c:\windows\system32\config\systemprofile\applicati on data\buicu\azfe.exe - Trojan-Spy.Win32.Zbot.aluf ( DrWEB: Trojan.PWS.Panda.387, BitDefender: Gen:Variant.Koobface.1, AVAST4: Win32:Trojan-gen )
Рекомендации:
- Обнаружены троянские программы класса Trojan-PSW/Trojan-Spy - настоятельно рекомендуется поменять все пароли !