Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Could you check those logs? #59

Closed
zenekklocek opened this issue Dec 26, 2018 · 5 comments
Closed

Could you check those logs? #59

zenekklocek opened this issue Dec 26, 2018 · 5 comments
Labels
Cure PC

Comments

@zenekklocek
Copy link

CollectionLog-2018.12.26-14.26.zip

Please could anyone analyze those logs, I'm afraid that my computer could be infected.

I noticed sometimes coursor is moving by itself and I have other weird stuff going on.
I started to have a problem with overheating some time ago, fans was cleaned and thermal paste was changed.

I would be thankful if someone could verify my paranoic mode xD
@dragokas
Copy link
Owner

Hi,
thank you for the log.
We'll return to you as soon as possible.

Please, note that only members of VIRUSNET-Association are allowed to respond in PC cure topics.
Ignore any recommendations given by other users, including PM !!!

Assistance is provided free of charge at our free time. If you found our help useful, you can thank us with any amount using this form or you can leave a feedback in Guestbook.

@Sandor-Helper
Copy link

Hello,

Close all running programs, temporarily unload antivirus and other protecting software.

Run a script in AVZ (File - Run script):

begin
 ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
 ClearQuarantineEx(true);
 StopService('HWiNFO32');
 QuarantineFile('C:\Users\dariu\AppData\Local\Temp\HWiNFO64A.SYS', '');
 DeleteFile('C:\Users\dariu\AppData\Local\Temp\HWiNFO64A.SYS', '64');
 DeleteService('HWiNFO32');
 RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
 RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
 RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
 RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
 RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
 CreateQurantineArchive(GetAVZDirectory + 'quarantine.zip');
ExecuteSysClean;
 ExecuteWizard('SCU', 2, 3, true);
RebootWindows(true);
end.

Computer will reboot.

File quarantine.zip from extracted AVZ folder please send using this form or (if archive size exceeds the 8 MB) to this mailbox: quarantine at safezone.cc (change at to @) and specify your forum link in e-mail subject and password: virus in message body.

For secondary diagnostics please run AutoLogger again.
Attach new CollectionLog to your post.

@zenekklocek
Copy link
Author

I disabled antivirus, run script in AVZ, PC rebooted, but file quarantine.zip is empty.
quarantine.zip

@Sandor-Helper
Copy link

OK, then please do a secondary diagnostics.

run AutoLogger again.
Attach new CollectionLog to your post.

@dragokas
Copy link
Owner

Closed.
Reason: no answer for 10 days.
If you still need our help, please, execute tha last steps, requested by helper.

@zenekklocek zenekklocek mentioned this issue Feb 20, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Cure PC
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dragokas @Sandor-Helper @zenekklocek