Widows 7 repair Virus Pc Analysis report
Posted 27 June 2011 - 10:52 AM
Posted 27 June 2011 - 11:02 AM
Posted 27 June 2011 - 02:21 PM
Posted 27 June 2011 - 03:05 PM
You should have something like this select the drive and click start
Posted 27 June 2011 - 03:30 PM
Posted 27 June 2011 - 03:52 PM
But meanwhile is there a Dr Web icon on the desktop to start the AV scanner ?
Posted 27 June 2011 - 03:54 PM
Posted 27 June 2011 - 04:27 PM
Posted 27 June 2011 - 04:42 PM
Posted 28 June 2011 - 10:32 AM
This is intriguing as on my system it worked as per specs
Lets try something different but this time from normal windows
Download AVPTool from Here to your desktop
Run the programme you have just downloaded to your desktop (it will be randomly named )
First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Once it has finished select report and post that.
Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop
Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_18.104.22.1682_05.01.2011_20-34\LOG\avptool_sysinfo.zip
Posted 28 June 2011 - 07:57 PM
Autoscan: completed 2 minutes ago (events: 2, objects: 895484, time: 03:33:37)
I also attached the zip file from the analysis scan.
So strange that I wasn't able to do the Dr. Web scan, I was really hoping that would work.
Have a great night and thank you once again for all of your help.
Posted 29 June 2011 - 10:53 AM
- Re-run AVPTool
- Select the Manual Disinfection tab
- Where it states Step 3 paste in the following disinfection script and press execute
begin SetAVZPMStatus(True); SetAVZGuardStatus(True); SearchRootkit(true, true); BC_DeleteFile('C:\ProgramData\COyGyyOCixJCfhR.exe'); DeleteFile('C:\ProgramData\COyGyyOCixJCfhR.exe'); RegKeyParamDel('HKEY_USERS','S-1-5-21-4285699095-1866031089-4141344599-1001\Software\Microsoft\Windows\CurrentVersion\Run','COyGyyOCixJCfhR'); BC_ImportDeletedList; ExecuteSysClean; BC_Activate; RebootWindows(true); end.
- Your system will reboot on completion, if it does not please do so yourself
- On completion please run another analysis scan and attach the zip file
Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it
Place a tick in the AV engine box
In the dropdown next to it select
Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
Posted 29 June 2011 - 04:16 PM
When I went to run the aswMBR scan I ran into a problem. As soon as I pressed the scan bottom my computer shut down saying that it is has encountered a problem that could cause potential damage to the computer - system service protection. Here is what was listed as the cause when it reloaded:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 1033
Additional information about the problem:
OS Version: 6_1_7600
Service Pack: 0_0
Files that help describe the problem:
Read our privacy statement online:
If the online privacy statement is not available, please read our privacy statement offline:
Thank you again for all of your help. This is one nasty virus......
Posted 30 June 2011 - 10:17 AM
First we will get windows to check your files
From the Start menu, select all programmes, accessories
then right click the command prompt and run as administrator
In the Open field, type sfc /scannow (Note: There is a space between sfc and /scannow)
Select the OK button.
Follow the prompts throughout the System File Checker process.
Reboot the computer when System File Checker completes.
Download the GMER Rootkit Scanner. Unzip it to your Desktop. If necessary this can be run from safe mode
Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
Double-click gmer.exe. The program will begin to run.
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!
If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
- Click NO
- In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
- Now click the Scan button.
Once the scan is complete, you may receive another notice about rootkit activity.
- Click OK.
- GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
- Save it where you can easily find it, such as your desktop.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users