please help me with this. my pc is crazy for 2 days...
i don't have any ideas...
Printable View
please help me with this. my pc is crazy for 2 days...
i don't have any ideas...
Cure script for AVPTools -
[code]
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DelBHO('94ECEDCC-5772-41C7-95EE-6F0776204AC5');
DelBHO('EBF1652D-FC54-4654-8738-55A21A0B520B');
DelBHO('C8D5269D-E2D0-482C-901E-5EE3E4F2F40E');
DelBHO('D74135CA-766A-4A44-A22D-F4FBE04BF514');
QuarantineFile('C:\WINNT\qmafxprs.dll','');
QuarantineFile('C:\WINNT\lfstbwvd.dll','');
QuarantineFile('C:\WINNT\99629.exe','');
DeleteService('rpcapd');
QuarantineFile('C:\WINNT\System32\Drivers\UserPort.sys','');
QuarantineFile('C:\WINNT\vortsgbqasx.dll','');
QuarantineFile('C:\WINNT\system32\rqRJbcaw.dll','');
QuarantineFile('C:\WINNT\system32\khffgGWP.dll','');
QuarantineFile('C:\WINNT\olnmraew.dll','');
QuarantineFile('c:\winnt\system32\acs.exe','');
QuarantineFile('C:\WINNT\system32\MicroAV.cpl','');
DeleteFile('C:\WINNT\system32\MicroAV.cpl');
DeleteFile('C:\WINNT\olnmraew.dll');
DeleteFile('C:\WINNT\system32\khffgGWP.dll');
DeleteFile('C:\WINNT\system32\rqRJbcaw.dll');
DeleteFile('C:\WINNT\vortsgbqasx.dll');
DeleteFile('C:\WINNT\99629.exe');
DeleteFile('C:\WINNT\lfstbwvd.dll');
DeleteFile('C:\WINNT\qmafxprs.dll');
DelWinlogonNotifyByKeyName('rqRJbcaw');
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteRepair(1);
ExecuteRepair(2);
ExecuteRepair(3);
ExecuteRepair(4);
ExecuteRepair(5);
ExecuteRepair(6);
ExecuteRepair(8);
ExecuteRepair(9);
ExecuteRepair(11);
ExecuteRepair(16);
ExecuteRepair(17);
BC_Activate;
RebootWindows(true);
end.
[/code]
After Script execute -
1. Upload quarantine.zip from AVPTools folder [url=http://virusinfo.info/upload_virus_eng.php?tid=31648]here[/url] for virus analists.
2. Uninstall AVPTools.
3. Read rules - [url]http://virusinfo.info/showthread.php?t=9184[/url] make 3 logs and check system with CureIt!
4. Attach 3 logs to next message.
5. Continue after virus analists check you quarantine.
PS: [b]Change ALL critical passwords (Email, ICQ ....) [/b] after step 3 instruction be done.
THANK YOU :) it's works. i upload the quarantine and gonna to do my job on clean pc :)
big beer for you :)
[QUOTE=sebby64;294306]THANK YOU :) it's works. i upload the quarantine and gonna to do my job on clean pc :)[/QUOTE]
Where 3 new logs ?