Hello,
Close/unload all the programs excepted AVZ and Internet Explorer
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
- Execute following script in Manual Healing
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('H:\autorun.inf','');
QuarantineFile('ZASRAKOMONDOHUI31338.EXE','');
QuarantineFile('RapportMgmtService.exe','');
QuarantineFile('RapportService.exe','');
QuarantineFile('C:\WINDOWS\system32\sdra64.exe','');
DeleteFile('C:\WINDOWS\system32\sdra64.exe');
RegKeyDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RapportMgmtService.exe');
RegKeyDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RapportService.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
After reboot:
- Execute following script in Manual Healing
Код:
begin
CreateQurantineArchive('C:\quarantine.zip');
end.
and upload the C:\quarantine.zip here: http://virusinfo.info/upload_virus_eng.php?tid=74256
- Remove Bonjour: http://virusinfo.info/showthread.php?t=42263
- Repeat a log file of AVPTool.
- Make a log file of Hijackthis
- Make a log file of Malwarebytes Antimalware (don't remove anything!).
- Attach all logs to your new post.