Hello.
Please, before execute the script you should turn off your internet connection and disable any active antivirus monitors. You'd better uninstall trojan remover as well.
Then execute the script
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\documents and settings\xppresp3\sys32_nov.exe');
TerminateProcessByName('c:\windows\system32\sys32_nov.exe');
QuarantineFile('C:\Documents and Settings\XPPRESP3\Start Menu\Programs\Startup\ikowin32.exe','');
QuarantineFile('C:\WINDOWS\System32\drivers\irb74f7.sys','');
QuarantineFile('C:\WINDOWS\system32\Drivers\Beep.sys','');
QuarantineFile('C:\DOCUME~1\XPPRESP3\LOCALS~1\Temp\trutil.sys','');
QuarantineFile('C:\WINDOWS\system32\LogonDll.dll','');
QuarantineFile('c:\windows\system32\sys32_nov.exe','');
QuarantineFile('c:\documents and settings\xppresp3\sys32_nov.exe','');
QuarantineFile('c:\program files\faronics\deep freeze\install c-0\_$df\frzstate2k.exe','');
QuarantineFile('c:\windows\explorer.exe','');
QuarantineFile('c:\program files\faronics\deep freeze\install c-0\df5serv.exe','');
DeleteFile('c:\documents and settings\xppresp3\sys32_nov.exe');
BC_DeleteFile('c:\documents and settings\xppresp3\sys32_nov.exe');
DeleteFile('c:\windows\system32\sys32_nov.exe');
BC_DeleteFile('c:\windows\system32\sys32_nov.exe');
DeleteFile('C:\WINDOWS\system32\Drivers\Beep.sys');
BC_DeleteFile('C:\WINDOWS\system32\Drivers\Beep.sys');
DeleteFile('C:\Documents and Settings\XPPRESP3\Start Menu\Programs\Startup\ikowin32.exe');
BC_DeleteFile('C:\Documents and Settings\XPPRESP3\Start Menu\Programs\Startup\ikowin32.exe');
BC_ImportquarantineList;
BC_Activate;
ExecuteSysClean;
RebootWindows(true);
end.
After restart, upload quarantine via the link http://virusinfo.info/upload_virus_eng.php?tid=54845 , as it's described in app. 3 of the rules and make new logs. You'd better make all the 3 logs as it's written in the rules.
Ваши права в разделе
Ответить с цитированием