Help MEeeEEeee

[shemsu_hor]

This is my file...

[Rene-gad]

Hello,
Switch off/Disable:
- Antivirus and and, if you have - Firewall.
- System Restore

- Execute following script in Manual disinfection

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
 TerminateProcessByName('c:\documents and settings\user\impostazioni locali\dati applicazioni\av.exe');
 StopService('SrvLue');
 StopService('CRLBKWAEHQO');
 SetServiceStart('Schedule', 4);
 RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\Eventlog\Application\WgaSetup','EventMessageFile');
 QuarantineFile('C:\WINDOWS\system32\wunauclt.exe','');
 QuarantineFile('c:\windows\system32\dslagent.exe','');
 QuarantineFile('C:\Programmi\File comuni\System\jxLYxX.exe','');
 QuarantineFile('c:\documents and settings\user\impostazioni locali\dati applicazioni\av.exe','');
 QuarantineFile('C:\DOCUME~1\user\IMPOST~1\Temp\CRLBKWAEHQO.exe','');
 DeleteService('SrvLue');
 DeleteService('CRLBKWAEHQO');
 DeleteFile('C:\WINDOWS\system32\wunauclt.exe');
 DeleteFile('C:\Programmi\File comuni\System\jxLYxX.exe');
 DeleteFile('C:\Documents and Settings\user\Impostazioni locali\Dati applicazioni\av.exe');
 DeleteFile('C:\DOCUME~1\user\IMPOST~1\Temp\CRLBKWAEHQO.exe');
 DeleteFileMask('c:\770dad448f128ca4a29a7f4cb7352dab\','*.*',true);
 DeleteFileMask('C:\DOCUME~1\user\IMPOST~1\Temp\','*.*',true);
 DeleteDirectory('c:\770dad448f128ca4a29a7f4cb7352dab\');
 DelCLSID('{D062D841-C0B9-484A-84D3-71FDF9860308}');
 DelBHO('{7E853D72-626A-48EC-A868-BA8D5E23E045}');
 DelBHO('{77701e16-9bfe-4b63-a5b4-7bd156758a37}');
 DelBHO('{710EB7A1-45ED-11D0-924A-0020AFC7AC4D}');
 DelBHO('{32683183-48a0-441b-a342-7c2a440a9478}');
 DelBHO('{1E796980-9CC5-11D1-A83F-00C04FC99D61}');
 DelBHO('{1DBAB667-A486-421e-AFE4-CF07DD0088E5}');
 ExecuteWizard('TSW', 2, 2, true);
 ExecuteWizard('SCU', 2, 2, true);
BC_ImportAll;
ExecuteSysClean;
BC_DeleteSvc('SrvLue');
BC_DeleteSvc('CRLBKWAEHQO');
BC_Activate;
SetAVZPMStatus(True);
RebootWindows(true);
end.

After reboot execute following script in Manual disinfection

Код:

begin
CreateQurantineArchive('C:\quarantine.zip');
end.

and upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.

- Remove Bonjour
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat a log file of AVPTool.
- Make a log file with Hijackthis ( Analysis, p.3 for further informations).
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Attach both a log to your new post..