Download AVZ Tool & Hijackthis over the links in the rules thread: http://virusinfo.info/showthread.php?t=9184
Update the database of AVZ.
Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
-Fix
- Execute following script
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\DOCUME~1\anemoz\LOCALS~1\Temp\MGGOOG.exe','');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\vcam.sys','');
QuarantineFile('C:\DOCUME~1\anemoz\APPLIC~1\ERROR0~1\user deaf.exe','');
QuarantineFile('C:\Program Files\Free Download Manager\softinfo.exe','');
QuarantineFile('C:\WINDOWS\BitDefender_P2P_Startup.exe','');
QuarantineFile('C:\WINDOWS\system32\ctl3d3.dll','');
QuarantineFile('c:\docume~1\anemoz\applic~1\error0~1\Bat Clock Pure.exe','');
DelBHO('{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}');
DelBHO('{3041d03e-fd4b-44e0-b742-2d9b88305f98}');
DelBHO('{201f27d4-3704-41d6-89c1-aa35e39143ed}');
DelBHO('{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}');
DelBHO('{7E853D72-626A-48EC-A868-BA8D5E23E045}');
DelBHO('{e43c805c-76f5-339a-ff6d-4361a490fcfe}');
DelBHO('{DED8C2B7-374E-48B4-97F0-00F2A786DC4B}');
DeleteService('MGGOOG');
DeleteFile('c:\docume~1\anemoz\applic~1\error0~1\Bat Clock Pure.exe');
DeleteFile('C:\WINDOWS\system32\ctl3d3.dll');
DeleteFile('C:\Program Files\AskBarDis\bar\bin\askBar.dll');
DeleteFile('C:\Program Files\Free Download Manager\softinfo.exe');
DeleteFile('C:\DOCUME~1\anemoz\APPLIC~1\ERROR0~1\user deaf.exe');
DeleteFile('C:\DOCUME~1\anemoz\LOCALS~1\Temp\MGGOOG.exe');
BC_ImportAll;
ExecuteSysClean;
BC_DeleteSvc('MGGOOG');
BC_Activate;
RebootWindows(true);
end.
After reboot:
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat 3 log files in accordance with the rules.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the quarantine over the link Upload quarantined files on the top of this page.
- Attach 3 logs to your new post..