Hello

Kaspersky detect the virus packed.win32.tdss.z erase it but it appears again. How can i do about it?. I cant´tattache the AVZ Sysinfo log because it is 314 kb and is larger that the available space for upload.

Thanks

Welcome. Please use the downloaded standalone avz utility and attach the zipped virusinfo_syscure.zip; instructions, see: http://forum.kaspersky.com/index.php?s=&am...st&p=678334

If still to big, upload it to www.rapidshare.com and then post the Download link.

Hello

Thanks for your help. I am sending to you the link in yousendit to dowload the sysinfo.zip file

Santiago

sorry i forget to copy the link:

https://download.yousendit.com/YkxMTmZZWlRsMHlGa1E9PQ

You uploaded the sysinfo.zip. That is the wrong file. Please use the downloaded standalone avz utility and attach the zipped virusinfo_syscure.zip; instructions, see my other post, post #2 and click the link.

i attach the rigth file

1) Uninstall SpywareCease > reboot.

2) Run this script, instructions: http://forum.kaspersky.com/index.php?s=&am...st&p=678368 PC will reboot:

After run script, attach a Combofix log, please review and follow these instructions carefully.

Before Saving combofix to Desktop, please rename combofix to something like 123.exe to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows and pause Kaspersky (right click the K icon and click pause protection > Choose the
option "resume manually" if still active) until after the scanning and removal process has taken place.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post. Also, please don't
forget to resume the Kaspersky that you paused.

Download Combofix here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

This is the combofix.txt file

Run this script, PC will reboot:

Then, Run this one:

A file called quarantine.zip should be created in C:\. Then please zip up C:\qoobox\quarantine and upload both it and C:\quarantine.zip to a filehost such as http://rapidshare.com/
Then, Private Message me the Download link to the uploaded file. Click my user name and select Send message. Lastly, uninstall Combofix by: pause Kaspersky > Start > run >
type combofix /u > ok. Or Start > run > type 231 /u > ok. Restart Kaspersky.

Also, if you use Windows System restore, turn it off > reboot and do a full scan with Kaspersky. This to remove malware from system volume information files. Then turn system restore back on, if you wish. How to turn it off/on: http://support.kaspersky.com/faq/?qid=208279208

Before doing the scan, Clear the Detected list: Detected > Active threats > right click > Disinfect all > right click > Clear list > then scan again > then post screenshot of Detected >
Active threats. With columns widened to show full name and object details.

Also, scan with Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php Update it first, scan and attach its log, but Please Don't fix anything yet, until the log is reviewed.