Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script in Manual disinfection
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
DelCLSID('{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}');
DelCLSID('{B3C78E40-6B64-47C3-AE34-60B770881EB8}');
DelCLSID('{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}');
DelCLSID('{D25B32FE-CB96-491A-98FF-AD59DA382D69}');
DelCLSID('{E032716F-2E0A-4CCB-9FEB-BF2090B035DF}');
QuarantineFile('C:\DOCUME~1\M5F1A~1.DAL\LOCALS~1\Temp\005481~1.EXE','');
DeleteFile('C:\DOCUME~1\M5F1A~1.DAL\LOCALS~1\Temp\005481~1.EXE');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','0054811266618956mcinstcleanup');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
SetAVZPMStatus(True);
RebootWindows(true);
end.
After reboot execute following script in Manual disinfection
Код:
begin
CreateQurantineArchive('C:\quarantine.zip');
end.
and upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.
- Repeat a log file of AVPTool.
- Make a log file with Hijackthis ( Analysis, p.3 for further informations).
- Attach both logs to your new post..