Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script in Manual Cure
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
StopService('AshEvtSvc');
TerminateProcessByName('c:\windows\system32\ashevtsvc.exe');
TerminateProcessByName('c:\documents and settings\localservice\application data\916653139.exe');
QuarantineFile('RoxLiveShare9.sys','');
QuarantineFile('C:\WINDOWS\System32\AshEvtSvc.exe','');
QuarantineFile('C:\Documents and Settings\LocalService\Application Data\916653139.exe','');
QuarantineFile('C:\WINDOWS\TEMP\msb.dll','');
QuarantineFile('C:\WINDOWS\system32\autochk.dll','');
QuarantineFile('c:\windows\system32\ashevtsvc.exe','');
QuarantineFile('c:\documents and settings\localservice\application data\916653139.exe','');
DeleteFile('c:\documents and settings\localservice\application data\916653139.exe');
DeleteFile('c:\windows\system32\ashevtsvc.exe');
DeleteFile('C:\WINDOWS\system32\autochk.dll');
DeleteFile('C:\WINDOWS\TEMP\msb.dll');
DeleteFile('C:\Documents and Settings\LocalService\Application Data\916653139.exe');
DeleteFile('C:\WINDOWS\System32\AshEvtSvc.exe');
DeleteService('AshEvtSvc');
BC_ImportAll;
ExecuteSysClean;
BC_DeleteSvc('AshEvtSvc');
executerepair(6);
executerepair(8);
executerepair(9);
executerepair(11);
executerepair(16);
executerepair(17);
BC_Activate;
RebootWindows(true);
end.
After reboot execute following script in Manual Cure
Код:
begin
CreateQurantineArchive('C:\quarantine.zip');
end.
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat a log file.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the quarantine.zip over the link Upload quarantined files on the top of this page.
- Attach a log to your new post..
Ваши права в разделе
Ответить с цитированием