Hello
i am getting a big trouble with a virus called DOWNLOADER, it change the date of my PC to 2002 and disable my kaspersky antivirus and create some files in my hard disk ,here is the description of the virus http://www.threatexpert.com/report.aspx?uid=3b7e4f3f-2c66-46cc-af95-ecb0b5baff08
i tried many tools to remove this virus but with no success,i even tried the Kaspersky Lab remover tools, and with no success too .
i attached the 03 files of the analyzes of my system and hope to get an answer very soon.
thank you

Fix the following line in HijackThis:

F2 - REG:system.ini: Shell=Explorer.exe taskmger.com
Execute the following script in AVZ:

begin
ClearQuarantine;
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\explorer.exe','');
QuarantineFile('C:\autorun.inf','');
QuarantineFile('C:\WINDOWS\system32\wuauc1t.exe',' ');
QuarantineFile('C:\WINDOWS\system32\wbsys.dll','') ;
QuarantineFile('C:\WINDOWS\system32\H@tKeysH@@k.DL L','');
QuarantineFile('taskmger.com','');
QuarantineFile('C:\WINDOWS\system32\drivers\svchas t.exe','');
QuarantineFile('C:\WINDOWS\system32\iexplorer.exe' ,'');
DeleteFile('C:\WINDOWS\system32\iexplorer.exe');
DeleteFile('C:\WINDOWS\system32\drivers\svchast.ex e');
DeleteFile('C:\WINDOWS\system32\H@tKeysH@@k.DLL');
DeleteFile('C:\autorun.inf');
DeleteFile('C:\explorer.exe');
DeleteFile('D:\autorun.inf');
DeleteFile('D:\explorer.exe');
BC_ImportALL;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
Upload all quarantined files according to Appendix #3 of Rules using the red link above.

Pls. fix.

O4 - HKLM\..\Run: [IEXPLORER] C:\WINDOWS\system32\iexplorer.exe
O4 - HKCU\..\Run: [svcshare] C:\WINDOWS\system32\drivers\svchast.exe
Run a script

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('D:\explorer.exe','');
QuarantineFile('D:\autorun.inf','');
QuarantineFile('C:\explorer.exe','');
QuarantineFile('C:\WINDOWS\system32\wuauc1t.exe',' ');
QuarantineFile('C:\autorun.inf','');
QuarantineFile('C:\Documents and Settings\sgc\Bureau\AGLIALFATRON\TRAVAIL\annulatio n 2007\DBASE.COM','');
QuarantineFile('Explorer.exe taskmger.com','');
QuarantineFile('C:\WINDOWS\system32\drivers\svchas t.exe','');
QuarantineFile('C:\WINDOWS\system32\iexplorer.exe' ,'');
TerminateProcessByName('c:\windows\system32\iexplo rer.exe');
QuarantineFile('c:\windows\system32\iexplorer.exe' ,'');
DeleteFile('c:\windows\system32\iexplorer.exe');
DeleteFile('C:\WINDOWS\system32\iexplorer.exe');
DeleteFile('C:\WINDOWS\system32\drivers\svchast.ex e');
DeleteFile('Explorer.exe taskmger.com');
DeleteFile('C:\autorun.inf');
DeleteFile('C:\WINDOWS\system32\wuauc1t.exe');
DeleteFile('C:\explorer.exe');
DeleteFile('D:\autorun.inf');
DeleteFile('D:\explorer.exe');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
Upload the quarantine and make the new logs.
EDIT: My script ist larger ;)

please can you tell me how to fix those lines ?
thank you

please can you tell me how to fix those lines ?
http://virusinfo.info/showthread.php?t=9206

O4 - HKLM\..\Run: [IEXPLORER] C:\WINDOWS\system32\iexplorer.exe
O4 - HKCU\..\Run: [svcshare] C:\WINDOWS\system32\drivers\svchast.exe

04 is for which service ?

04 is for which service ?Do it, pls. You have a full box of malware. Here is each second important. All the questions we could reply later.

hope that will help.
thank you

when i executed your script all application stopped working,is that normal ?

Try to run AVZ by right-click and selecting "Run As...".
If it works, execute the following script:

begin
ExecuteRepair(1);
ExecuteRepair(6);
ExecuteRepair(9);
RebootWindows(true);
end.

probleme solved ...
thank you very much

The job is not completed.
Please, upload your quarantine and make new set of logfiles.