Close/unload all the programs
Switch off:
- Antivirus and, if you have - Firewall.
- Execute following script in Manual Healing
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
QuarantineFile('C:\DOCUME~1\user\LOCALS~1\Temp\winlogon.exe','');
QuarantineFile('C:\DOCUME~1\user\LOCALS~1\Temp\9DE.tmp','');
QuarantineFile('C:\Program Files\eSoftware\studio.dll','');
QuarantineFile('C:\DOCUME~1\user\LOCALS~1\Temp\accute.dll','');
QuarantineFile('C:\WINDOWS\system32\hpz3l054.dll','');
DeleteFile('C:\DOCUME~1\user\LOCALS~1\Temp\accute.dll');
DeleteFile('C:\DOCUME~1\user\LOCALS~1\Temp\9DE.tmp');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','RTHDBPL');
DeleteFile('C:\DOCUME~1\user\LOCALS~1\Temp\winlogon.exe');
RegKeyParamDel('HKEY_USERS','S-1-5-21-1878699173-1210233825-3862442127-1006\Software\Microsoft\Windows\CurrentVersion\Run','Firewall auto setup');
DelBHO('D5EFDB0E-4F51-414F-B740-54A5C87A8957');
BC_ImportAll;
ExecuteSysClean;
ExecuteWizard('TSW',2,2,true);
BC_Activate;
RebootWindows(true);
end.
After reboot:
- Execute following script in Manual Healing
Код:
begin
CreateQurantineArchive('C:\quarantine.zip');
end.
- Upload the C:\quarantine.zip here: upload_virus_eng.
- Make a new log file and Attach a new log to your new post..