Please disable System Restore (see Appendix 1 of rules).
Attach Usb disk.
Close all programs.
Run AVZ and update its database ("File" => "Database Update").
Disable BitDefender antivirus.
Choose from the menu "File" => "Custom scripts", copy/paste code below and run it:
Код:
begin
SetAVZGuardStatus(True);
QuarantineFile('g:\NADFOLDER\autorun.exe','');
DeleteFile('g:\NADFOLDER\autorun.exe');
QuarantineFile('G:\autorun.inf','');
DelCLSID('28ABC5C0-4FCB-11CF-AAX5-81CX1C635612');
QuarantineFile('c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sndrv.exe','');
QuarantineFile('C:\WINDOWS\system32\F901CA\C385D3.EXE','');
QuarantineFile('C:\RECYCLER\S-1-5-21-8140268722-5590585253-653405259-0982\wingn.exe','');
DeleteFile('C:\RECYCLER\S-1-5-21-8140268722-5590585253-653405259-0982\wingn.exe');
DeleteFile('C:\WINDOWS\system32\F901CA\C385D3.EXE');
DeleteFile('c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sndrv.exe');
DeleteFile('G:\autorun.inf');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
The computer will reboot.
Upload quarantine (see Appendix 3), by link Upload quarantined files in this thread.
Create new logs in attach to the thread.