Help me please!!

**Joana** · 30.05.2009, 16:01

I am going crazy... =(

**Rene-gad** · 30.05.2009, 16:24

Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore

- Execute following script in Manual Cure

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
 StopService('restore');
 StopService('AutoLock'); 
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati8yexx.sys','');	
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati8fkxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati7rvxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati7quxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati7imxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati7hlxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati6wbxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati6vaxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati6sxxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati6rwxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati6joxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati6ejxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati5wbxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati5tyxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati5ptxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati5ejxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati4wbxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati4vbxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati4puxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati4otxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati4lqxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati4dhxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati3txxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati3puxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati3koxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati3imxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati3hlxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati3glxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati3bfxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati3afxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati2vbxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati2tyxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati2joxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati2jnxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati2fjxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati2cgxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati1mqxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati1lpxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati1hmxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati0ydxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati0vaxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati0puxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati0nsxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati0mrxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati0imxx.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\ati0aexx.sys','');
 QuarantineFile('c:\windows\temp\vrt9.tmp','');
 QuarantineFile('c:\windows\system32\reader_s.exe','');
 QuarantineFile('C:\WINDOWS\system32\userinit.exe','');
 QuarantineFile('c:\program Files\ThunMail\testabd.exe','');
 QuarantineFile('c:\progra~1\ThunMail\testabd.dll','');
 QuarantineFile('digeste.dll','');
 QuarantineFile('WPService.exe','');
 DeleteFile('c:\windows\WPService.exe'); 
 DeleteFile('C:\WINDOWS\System32\Drivers\ati8yexx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati8fkxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati7rvxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati7quxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati7imxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati7hlxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati6wbxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati6vaxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati6sxxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati6rwxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati6joxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati6ejxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati5wbxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati5tyxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati5ptxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati5ejxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati4wbxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati4vbxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati4puxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati4otxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati4lqxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati4dhxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati3txxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati3puxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati3koxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati3imxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati3hlxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati3glxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati3bfxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati3afxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati2vbxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati2tyxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati2joxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati2jnxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati2fjxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati2cgxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati1mqxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati1lpxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati1hmxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati0ydxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati0vaxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati0puxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati0nsxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati0mrxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati0imxx.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\ati0aexx.sys');
 DeleteFile('c:\windows\system32\WPService.exe');
 DeleteFile('digeste.dll');
 DeleteFile('c:\progra~1\ThunMail\testabd.dll');
 DeleteFile('c:\program Files\ThunMail\testabd.exe');
 DeleteFile('c:\windows\system32\reader_s.exe');
 DeleteFile('c:\windows\temp\vrt9.tmp');
 DeleteService('restore');
 DeleteService('AutoLock');DeleteService('ati8yexx');
DeleteService('ati8fkxx');
DeleteService('ati7rvxx');
DeleteService('ati7quxx');
DeleteService('ati7imxx');
DeleteService('ati7hlxx');
DeleteService('ati6wbxx');
DeleteService('ati6vaxx');
DeleteService('ati6sxxx');
DeleteService('ati6rwxx');
DeleteService('ati6joxx');
DeleteService('ati6ejxx');
DeleteService('ati5wbxx');
DeleteService('ati5tyxx');
DeleteService('ati5ptxx');
DeleteService('ati5ejxx');
DeleteService('ati4wbxx');
DeleteService('ati4vbxx');
DeleteService('ati4puxx');
DeleteService('ati4otxx');
DeleteService('ati4lqxx');
DeleteService('ati4dhxx');
DeleteService('ati3txxx');
DeleteService('ati3puxx');
DeleteService('ati3koxx');
DeleteService('ati3imxx');
DeleteService('ati3hlxx');
DeleteService('ati3glxx');
DeleteService('ati3bfxx');
DeleteService('ati3afxx');
DeleteService('ati2vbxx');
DeleteService('ati2tyxx');
DeleteService('ati2joxx');
DeleteService('ati2jnxx');
DeleteService('ati2fjxx');
DeleteService('ati2cgxx');
DeleteService('ati1mqxx');
DeleteService('ati1lpxx');
DeleteService('ati1hmxx');
DeleteService('ati0ydxx');
DeleteService('ati0vaxx');
DeleteService('ati0puxx');
DeleteService('ati0nsxx');
DeleteService('ati0mrxx');
DeleteService('ati0imxx');
DeleteService('ati0aexx');
BC_ImportAll;
ExecuteSysClean;
BC_DeleteSvc('restore');
BC_DeleteSvc('AutoLock');
BC_DeleteSvc('ati8yexx');
BC_DeleteSvc('ati8fkxx');
BC_DeleteSvc('ati7rvxx');
BC_DeleteSvc('ati7quxx');
BC_DeleteSvc('ati7imxx');
BC_DeleteSvc('ati7hlxx');
BC_DeleteSvc('ati6wbxx');
BC_DeleteSvc('ati6vaxx');
BC_DeleteSvc('ati6sxxx');
BC_DeleteSvc('ati6rwxx');
BC_DeleteSvc('ati6joxx');
BC_DeleteSvc('ati6ejxx');
BC_DeleteSvc('ati5wbxx');
BC_DeleteSvc('ati5tyxx');
BC_DeleteSvc('ati5ptxx');
BC_DeleteSvc('ati5ejxx');
BC_DeleteSvc('ati4wbxx');
BC_DeleteSvc('ati4vbxx');
BC_DeleteSvc('ati4puxx');
BC_DeleteSvc('ati4otxx');
BC_DeleteSvc('ati4lqxx');
BC_DeleteSvc('ati4dhxx');
BC_DeleteSvc('ati3txxx');
BC_DeleteSvc('ati3puxx');
BC_DeleteSvc('ati3koxx');
BC_DeleteSvc('ati3imxx');
BC_DeleteSvc('ati3hlxx');
BC_DeleteSvc('ati3glxx');
BC_DeleteSvc('ati3bfxx');
BC_DeleteSvc('ati3afxx');
BC_DeleteSvc('ati2vbxx');
BC_DeleteSvc('ati2tyxx');
BC_DeleteSvc('ati2joxx');
BC_DeleteSvc('ati2jnxx');
BC_DeleteSvc('ati2fjxx');
BC_DeleteSvc('ati2cgxx');
BC_DeleteSvc('ati1mqxx');
BC_DeleteSvc('ati1lpxx');
BC_DeleteSvc('ati1hmxx');
BC_DeleteSvc('ati0ydxx');
BC_DeleteSvc('ati0vaxx');
BC_DeleteSvc('ati0puxx');
BC_DeleteSvc('ati0nsxx');
BC_DeleteSvc('ati0mrxx');
BC_DeleteSvc('ati0imxx');
BC_DeleteSvc('ati0aexx');
executerepair(6);
executerepair(8);
executerepair(9);
executerepair(11);
executerepair(16);
executerepair(17);
BC_Activate;
RebootWindows(true);
end.

After reboot execute following script in Manual Cure

Код:

begin
CreateQurantineArchive('C:\quarantine.zip');
end.

- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat a log file.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the quarantine.zip over the link Upload quarantined files on the top of this page.
- Attach a log to your new post..

Help me please!!

Опции темы

Help me please!!

Ваши права в разделе