Hi!
Sorry for waiting.
Switch off/Disable:
- All (!) Antivirus , antispyware and and, if you have - Firewall.
- System Restore!!!
Execute the script: ( how-to: http://avptool.virusinfo.info/en/AVP...curescript.htm )
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('D:\aphqg.exe','');
QuarantineFile('D:\autorun.inf','');
QuarantineFile('C:\aphqg.exe','');
QuarantineFile('C:\autorun.inf','');
QuarantineFile('C:\Poker\Titan Poker\casino.exe','');
DelBHO('{5C255C8A-E604-49b4-9D64-90988571CECB}');
QuarantineFile('C:\DOCUME~1\Nanda\CONFIG~1\Temp\107.exe','');
QuarantineFile('C:\DOCUME~1\Nanda\CONFIG~1\Temp\olhrwef.exe','');
DeleteService('S3chipid');
QuarantineFile('C:\DOCUME~1\Nanda\CONFIG~1\Temp\{2B43252C-A1E3-4C47-927C-9F2C276D3515}\S3chipid.sys','');
QuarantineFile('C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe','');
QuarantineFile('C:\WINDOWS\system32\e8main0.dll','');
QuarantineFile('c:\windows\system32\wdfmgr.exe','');
DeleteFile('C:\WINDOWS\system32\e8main0.dll');
DeleteFile('C:\DOCUME~1\Nanda\CONFIG~1\Temp\{2B43252C-A1E3-4C47-927C-9F2C276D3515}\S3chipid.sys');
DeleteFile('C:\DOCUME~1\Nanda\CONFIG~1\Temp\olhrwef.exe');
DeleteFile('C:\DOCUME~1\Nanda\CONFIG~1\Temp\107.exe');
DeleteFile('C:\autorun.inf');
DeleteFile('C:\aphqg.exe');
DeleteFile('D:\autorun.inf');
DeleteFile('D:\aphqg.exe');
CreateQurantineArchive('C:\quarantine.zip');
ExecuteRepair(6);
ExecuteRepair(8);
ExecuteRepair(9);
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
The computer will reboot.
Upload file C:\quarantine.zip, by link Upload quarantined files in the top of this thread.
Do "Collect system information" and attach a new avptool_syscheck.zip to the thread.
P.S. SP3 on your Windows must be installed. And it's not all: just after issuing of SP3 a couple of patches were published. They must be installed too.
__________________
Ваши права в разделе
Ответить с цитированием