i can't remove this threats
Printable View
i can't remove this threats
Close/unload all the programs
Switch off:
- Antivirus and, if you have - Firewall.
- [URL="http://virusinfo.info/showthread.php?t=9207"]Execute following script[/URL] in Manual Healing
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
QuarantineFile('C:\DOCUME~1\user\LOCALS~1\Temp\winlogon.exe','');
QuarantineFile('C:\DOCUME~1\user\LOCALS~1\Temp\9DE.tmp','');
QuarantineFile('C:\Program Files\eSoftware\studio.dll','');
QuarantineFile('C:\DOCUME~1\user\LOCALS~1\Temp\accute.dll','');
QuarantineFile('C:\WINDOWS\system32\hpz3l054.dll','');
DeleteFile('C:\DOCUME~1\user\LOCALS~1\Temp\accute.dll');
DeleteFile('C:\DOCUME~1\user\LOCALS~1\Temp\9DE.tmp');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','RTHDBPL');
DeleteFile('C:\DOCUME~1\user\LOCALS~1\Temp\winlogon.exe');
RegKeyParamDel('HKEY_USERS','S-1-5-21-1878699173-1210233825-3862442127-1006\Software\Microsoft\Windows\CurrentVersion\Run','Firewall auto setup');
DelBHO('D5EFDB0E-4F51-414F-B740-54A5C87A8957');
BC_ImportAll;
ExecuteSysClean;
ExecuteWizard('TSW',2,2,true);
BC_Activate;
RebootWindows(true);
end.[/CODE]
After reboot:
- Execute following script in Manual Healing
[CODE]begin
CreateQurantineArchive('C:\quarantine.zip');
end.[/CODE]
- Upload the C:\quarantine.zip here: [URL="http://virusinfo.info/upload_virus_eng.php?tid=83713"]upload_virus_eng.[/URL]
- Make a new log file and Attach a new log to your new post..