You PC virtual (SUN Vbox) - we test AVPTool ?
Script for remove symbooter.exe -
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\system32\Drivers\cercsr6.sys','');
QuarantineFile('c:\windows\system32\symbooter.exe','');
DeleteFile('c:\windows\system32\symbooter.exe');
BC_ImportAll;
ExecuteSysClean;
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
BC_Activate;
RebootWindows(true);
end.
Script for clear system, after remove symbooter -
Код:
begin
ExecuteRepair(6);
ExecuteRepair(10);
ExecuteRepair(11);
ExecuteRepair(13);
ExecuteRepair(17);
RebootWindows(false);
end.
Please upload qurantine.zip here for virus analysts.
Repeat log for check if you want.