Close all programs.
Execute the script:
The computer will reboot.Код:begin SetAVZGuardStatus(True); ExecuteRepair(13); QuarantineFile('C:\Program Files\№ы№ы№¤ѕЯМх\macjie.exe',''); DelBHO('{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}'); QuarantineFile('C:\WINDOWS\system32\newone\xiantoubudui.exe',''); BC_DeleteSvc('alms'); QuarantineFile('C:\Program Files\DopLive\schedule.exe',''); DeleteFile('C:\WINDOWS\system32\newone\xiantoubudui.exe'); RegKeyStrParamWrite('HKLM','SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon','Userinit', 'C:\WINDOWS\system32\userinit.exe,'); BC_ImportDeletedList; CreateQurantineArchive('C:\quarantine.zip'); ExecuteSysClean; BC_Activate; RebootWindows(true); end.
Upload file C:\quarantine.zip, by link Upload quarantined files in top of this thread.
Do "Collect system information" and attach new avptool_syscheck.zip to the thread.
--------------------------------------------------------------------------------
I have upload avptool _syscheck.zip nce,and I received script and been excuting.Now,I ploaded quarantine.zip ,please give me advice and tell me how to do next.thank you very much !!!
Attached Files avptool_syscheck.zip (40.8 KB, 0 views)
Добавлено через 57 секунд
I have upload avptool _syscheck.zip nce,and I received script and been excuting.Now,I ploaded quarantine.zip ,please give me advice and tell me how to do next.thank you very much !!!
Attached Filesavptool_syscheck.zip (40.8 KB, 0 views)
Последний раз редактировалось yingege; 16.08.2009 в 13:28. Причина: Добавлено
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script in Manual Cure
After copying in the AVPTool-Window replace [dirname] with the names of directories as written at your system.
After reboot execute following script in Manual CureКод:begin SearchRootkit(true, true); SetAVZGuardStatus(True); QuarantineFile('F:\[dirname]\[dirname1]\360safe\safemon\360tray.exe',''); QuarantineFile('C:\WINDOWS\system32\Drivers\cnprov.sys',''); QuarantineFile('C:\WINDOWS\system32\drivers\360AntiArp.sys',''); QuarantineFile('f:\[dirname]\[dirname1]\360safe\safemon\360tray.exe',''); DeleteFile('C:\WINDOWS\system32\Drivers\cnprov.sys'); BC_ImportAll; ExecuteSysClean; BC_Activate; Executerepair(13); RebootWindows(true); end.
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProgКод:begin CreateQurantineArchive('C:\quarantine.zip'); end.
- Close all the programs and start only Internet Explorer!!!
- Repeat a log file.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.
- Attach a log to your new post..