rootkit and trojans

[unseen666]

here are the information collected using the kaspersky virus removal tool..i hope you can help me..thanks in advance and more power..

[drongo]

Please download in my signature special avz, put it in new folder on desktop.
Please execute this script in avz (http://virusinfo.info/showthread.php?t=9207)
(Do remember before execution scripts to exit antivirus and disconnect from internet, disable System Restore )

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
 QuarantineFile('H:\cv22.cmd','');
 QuarantineFile('H:\autorun.inf','');
 QuarantineFile('C:\cv22.cmd','');
 QuarantineFile('C:\autorun.inf','');
 DelBHO('{BFD8877E-201D-4144-96B8-D2336F6A9E24}');
 QuarantineFile('C:\WINDOWS\system32\mlljh.dll','');
 DelBHO('{204EDED3-8E20-4AB5-8583-4CE6425A28BA}');
 QuarantineFile('C:\WINDOWS\system32\cbXPgebc.dll','');
 DelBHO('{0D030606-7262-43D2-BA46-0C9DF57340C7}');
 QuarantineFile('C:\WINDOWS\system32\fccdayxV.dll','');
 DelBHO('AutorunsDisabled');
 QuarantineFile('wvUoLccb.dll','');
 QuarantineFile('C:\WINDOWS\system32\olhrwef.exe','');
 DeleteService('XDva201');
 QuarantineFile('C:\WINDOWS\system32\XDva201.sys','');
 DeleteService('qnfngv');
 QuarantineFile('C:\WINDOWS\system32\drivers\vbhhto.sys','');
 QuarantineFile('C:\DOCUME~1\Pajadan\LOCALS~1\Temp\ZWH6.tmp','');
 QuarantineFile('C:\WINDOWS\system32\SetupNT.sys','');
 QuarantineFile('C:\WINDOWS\system32\nmdfgds0.dll','');
 QuarantineFile('C:\Program Files\Garena\GarenaSkin1.dll','');
 QuarantineFile('C:\Program Files\Garena\Garena.exe','');
 QuarantineFile('C:\Program Files\Garena\GarenaTV_UI.dll','');
 QuarantineFile('C:\Program Files\Garena\GarenaTVHook.dll','');
 QuarantineFile('C:\Program Files\Garena\lib\exchndl.dll','');
 QuarantineFile('C:\Program Files\Garena\Inject.dll','');
 QuarantineFile('C:\Program Files\Garena\lib\GarenaWebService.dll','');
 DeleteFile('C:\WINDOWS\system32\nmdfgds0.dll');
 DeleteFile('C:\WINDOWS\system32\SetupNT.sys');
 DeleteFile('C:\DOCUME~1\Pajadan\LOCALS~1\Temp\ZWH6.tmp');
 DeleteFile('C:\WINDOWS\system32\drivers\vbhhto.sys');
 DeleteFile('C:\WINDOWS\system32\XDva201.sys');
 DeleteFile('C:\WINDOWS\system32\olhrwef.exe');
 DeleteFile('wvUoLccb.dll');
 DeleteFile('C:\WINDOWS\system32\fccdayxV.dll');
 DeleteFile('C:\WINDOWS\system32\cbXPgebc.dll');
 DeleteFile('C:\WINDOWS\system32\mlljh.dll');
 DeleteFile('C:\autorun.inf');
 DeleteFile('C:\cv22.cmd');
 DeleteFile('H:\autorun.inf');
 DeleteFile('H:\cv22.cmd');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(6);
ExecuteRepair(8);
ExecuteRepair(9);
RebootWindows(true);
end.

Please upload the quarantine according to appendix 3 of rules(http://virusinfo.info/showthread.php?t=9184) , by link http://virusinfo.info/upload_virus_eng.php?tid=40112
After that make a set of logs according to rules: http://virusinfo.info/showthread.php?t=9184