Full Version: Anti Virus 2009 Virus Problem
Hi my computer is now inflected by Anti virus 2009 malware program and i use kaspersky 8.0.0.506 version and didi not block it so my computer is now dancing.so please tel my way to remove it.thank you
hello
zip this file and send it to me over PM: C:\WINDOWS\system32\msxml71.dll
run this script afterwards
zip this file and send it to me over PM: C:\WINDOWS\system32\msxml71.dll
run this script afterwards
CODE
begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
DelBHO('{500BCA15-57A7-4eaf-8143-8C619470B13D}');
QuarantineFile('C:\WINDOWS\system32\msxml71.dll','');
DeleteFile('C:\WINDOWS\system32\msxml71.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
SetAVZGuardStatus(True);
SearchRootkit(true, true);
DelBHO('{500BCA15-57A7-4eaf-8143-8C619470B13D}');
QuarantineFile('C:\WINDOWS\system32\msxml71.dll','');
DeleteFile('C:\WINDOWS\system32\msxml71.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
hi here that you requested file .please cheek it soon.
I Run you gaved script by using bat file extention but tht file still same.And i serach the site that mention "combofix"and uese the malwarebytes anti malware tool to remove it and works up to some extened.But still pop up masegege apperars.thank you
I Run you gaved script by using bat file extention but tht file still same.And i serach the site that mention "combofix"and uese the malwarebytes anti malware tool to remove it and works up to some extened.But still pop up masegege apperars.thank you
it's not a bat, you run it using the execute avz script option http://forum.kaspersky.com/index.php?showt...st&p=678328
yes i did that and machine now work fine but when i open internet explore, then appear a error message called run time error and also anti virus 2009 message appears again and again. And i uploaded that screen shots & AVZ report to You to you please tel me how can i remove it.
AVZ Link:-http://rapidshare.com/files/166497348/AVZ.rar
Can I use the kaspersky recuse cd latest version To Remove it. please tel me now.Because that time when i open Google site that massgese appearer and one time kaspersky block it but now it reappeared
AVZ Link:-http://rapidshare.com/files/166497348/AVZ.rar
Can I use the kaspersky recuse cd latest version To Remove it. please tel me now.Because that time when i open Google site that massgese appearer and one time kaspersky block it but now it reappeared
i hpoe you will need AVZ report so here it is.
please help me
And i also perform a AVZ scanning by using AVZ tool.And ti detected some tool so i uploaded those for you and the log report
Edit: Attachment: suspected_tools.rar removed. Please do not post suspected anything on the forum. Thank you.
please help me
And i also perform a AVZ scanning by using AVZ tool.And ti detected some tool so i uploaded those for you and the log report
Edit: Attachment: suspected_tools.rar removed. Please do not post suspected anything on the forum. Thank you.
very sory about that i hope that will help you.As it says about some key logger files.thsnk you.
i will send those to you lab assistance
i will send those to you lab assistance
I did not get any reply from you why is it ,thank you tel me some way to recover it thanks
Post a Combofix log
Download it here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Now, please make sure no other programs are running, close all other windows and pause Kaspersky (Choose the option "resume manually" if still active) until after the scanning and removal process has taken place.
Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall. It may take a while to complete scanning and this is normal.
You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after scanning has completed.
Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt , please attach it to your next post. Also, please don't forget to resume the Kaspersky that you paused.
Download it here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Now, please make sure no other programs are running, close all other windows and pause Kaspersky (Choose the option "resume manually" if still active) until after the scanning and removal process has taken place.
Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall. It may take a while to complete scanning and this is normal.
You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after scanning has completed.
Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt , please attach it to your next post. Also, please don't forget to resume the Kaspersky that you paused.
Here That Log repot which was made by Combofix Tool.
Thanks
Please help me soon as you possible
Thanks
Please help me soon as you possible
Hi Sir please help me soon Because my internet explore is not inflected very badly.So i can't do single search as it appear error messages and redirected to another sites.thank you.
CODE
begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
DelBHO('{92780B25-18CC-41C8-B9BE-3C9C571A8263}');
DelBHO('{88CFA58B-A63F-4A94-9C54-0C7A58E3333E}');
DelBHO('{C6C04637-E680-4971-B656-9FF46E7785F7}');
DelBHO('{7E853D72-626A-48EC-A868-BA8D5E23E045}');
DelBHO('{9323C176-6AA5-4902-B0B9-4D37AA8DFB9A}');
ClearHostsFile;
QuarantineFile('C:\WINDOWS\system32\CSNETimeChannelLibrary.dll','');
QuarantineFile('C:\WINDOWS\system32\CSNETI~2.DLL','');
QuarantineFile('c:\windows\u39v22.exe','');
DeleteFile('c:\windows\u39v22.exe');
DeleteFile('C:\WINDOWS\system32\CSNETI~2.DLL');
DeleteFile('C:\WINDOWS\system32\CSNETimeChannelLibrary.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
SetAVZGuardStatus(True);
SearchRootkit(true, true);
DelBHO('{92780B25-18CC-41C8-B9BE-3C9C571A8263}');
DelBHO('{88CFA58B-A63F-4A94-9C54-0C7A58E3333E}');
DelBHO('{C6C04637-E680-4971-B656-9FF46E7785F7}');
DelBHO('{7E853D72-626A-48EC-A868-BA8D5E23E045}');
DelBHO('{9323C176-6AA5-4902-B0B9-4D37AA8DFB9A}');
ClearHostsFile;
QuarantineFile('C:\WINDOWS\system32\CSNETimeChannelLibrary.dll','');
QuarantineFile('C:\WINDOWS\system32\CSNETI~2.DLL','');
QuarantineFile('c:\windows\u39v22.exe','');
DeleteFile('c:\windows\u39v22.exe');
DeleteFile('C:\WINDOWS\system32\CSNETI~2.DLL');
DeleteFile('C:\WINDOWS\system32\CSNETimeChannelLibrary.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
this one, and also since you are using malwarebytes, post its scan log
Thanks ................................Thanks.......................Thanks.............
.....Thanks................For You
Thanks you safe my pc with a big trouble.Now that problem is over But here that file you requested from me
Log report of malwarebyte"s
Thanks once aging.
.....Thanks................For You
Thanks you safe my pc with a big trouble.Now that problem is over But here that file you requested from me
Log report of malwarebyte"s
Thanks once aging.
Here i uploaded the AVZ Quarantine folder for you i hope that also will help you for analysis. Thank you 
Download Link:- http://rapidshare.com/files/167220119/AVZ_Quarantine.rar.html
Download Link:- http://rapidshare.com/files/167220119/AVZ_Quarantine.rar.html
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.