Please, trying to resolve...
Pocetnikkk
Printable View
Please, trying to resolve...
Pocetnikkk
[B]Disable System restore![/B]
Execute the following script:
[code]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('acpiz.dll','');
QuarantineFile('C:\WINDOWS\System32\rs32net.exe','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati5lpxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4xcxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati3txxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati2bfxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1ubxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1quxx.sys','');
QuarantineFile('ati2quxx.sys','');
QuarantineFile('C:\WINDOWS\system32\nehcxu.dll','');
DeleteFile('C:\WINDOWS\system32\nehcxu.dll');
DeleteFile('ati2quxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1quxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1ubxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati2bfxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati3txxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4xcxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati5lpxx.sys');
DeleteFile('C:\WINDOWS\System32\rs32net.exe');
DeleteFile('acpiz.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.[/code]
After your system reboots, upload the quarantine according to App.3 of Rules (use red link above).
Make a new logfile.