Close/unload all the programs excepted avptool and Internet Explorer
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
Execute following script ( how-to: http://avptool.virusinfo.info/en/AVP...curescript.htm )
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('D:\xih9.cmd','');
QuarantineFile('D:\autorun.inf','');
QuarantineFile('C:\xih9.cmd','');
QuarantineFile('C:\autorun.inf','');
QuarantineFile('D:\PROGRA~1\DOWNLO~1\DAPIE.DLL','');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\tcpip.sys','');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\srv.sys','');
QuarantineFile('C:\WINDOWS\system32\Drivers\Mup.sys','');
QuarantineFile('C:\WINDOWS\system32\Drivers\HTTP.sys','');
QuarantineFile('C:\WINDOWS\system32\spoolsv.exe','');
QuarantineFile('C:\WINDOWS\system32\ntoskrnl.exe','');
QuarantineFile('c:\windows\system32\es.dll','');
QuarantineFile('C:\WINDOWS\system32\ckvo0.dll','');
QuarantineFile('C:\WINDOWS\system32\Bitkv0.dll','');
QuarantineFile('c:\windows\system32\wdfmgr.exe','');
QuarantineFile('c:\windows\explorer.exe','');
QuarantineFile('c:\windows\system32\spoolsv.exe','');
DeleteFile('C:\WINDOWS\system32\Bitkv0.dll');
DeleteFile('C:\WINDOWS\system32\ckvo0.dll');
DeleteFile('C:\autorun.inf');
DeleteFile('C:\xih9.cmd');
DeleteFile('D:\autorun.inf');
DeleteFile('D:\xih9.cmd');
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteRepair(6);
ExecuteRepair(8);
ExecuteRepair(9);
BC_Activate;
RebootWindows(true);
end.
Your computer will reboot.
Please upload the created file quarantine.zip ( you will find it in avptoll sub-folder) by the link http://virusinfo.info/upload_virus_eng.php?tid=33065
Close/unload all the programs excepted avptool and Internet Explorer
Make a new log in the avptool and attach it to your next post.