Execute script in AVPTools
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\system32\4.tmp','');
QuarantineFile('C:\WINDOWS\system32\ff64.sys','');
QuarantineFile('C:\WINDOWS\system32\b7b8.sys','');
QuarantineFile('C:\WINDOWS\system32\a123.sys','');
QuarantineFile('C:\WINDOWS\system32\247A.sys','');
QuarantineFile('C:\WINDOWS\system32\2626.sys','');
QuarantineFile('C:\WINDOWS\system32\315B.sys','');
QuarantineFile('C:\WINDOWS\system32\5de7.sys','');
QuarantineFile('C:\WINDOWS\system32\8ad2.sys','');
QuarantineFile('C:\WINDOWS\system32\8b3C.sys','');
QuarantineFile('C:\DOCUME~1\Steve&HJ\LOCALS~1\Temp\VAPXHK.exe','');
QuarantineFile('C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JPUOAYCLD.exe','');
QuarantineFile('C:\Program Files\GerbMagic\gbxsvc.exe','');
DeleteService('a123');
DeleteService('b7b8');
DeleteService('ff64');
DeleteService('8b3C');
DeleteService('8ad2');
DeleteService('5de7');
DeleteService('315B');
DeleteService('2626');
DeleteService('247A');
DeleteFile('C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JPUOAYCLD.exe');
DeleteFile('C:\DOCUME~1\Steve&HJ\LOCALS~1\Temp\VAPXHK.exe');
BC_ImportAll;
ExecuteSysClean;
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
BC_Activate;
RebootWindows(true);
end.
After reboot:
1. download CureIt - www.freedrweb.com, select and do "express scan", after scan finished, go to "Setings"=> "Change settings"=> "Log file" and look where CureIt wrote a log.
2. Unload MS Outlook.
3. Repeat AVPTools log.
4. Upload quarantine.zip for virus analysts here
5. Post new Avptools and CureIt logs to next message.
Ваши права в разделе
Ответить с цитированием