Shortcuts Attacking

My PC is attacked by a Virus that create shortcuts in many folders.
They have folder's icon, each have 4 kb size. The names were "Microsoft",
"Aplikasi" and "Music". The Task Manager is blocked. My friend suggested to
disable System Restore and rename "/System32/wscript.exe"
It didn't work. I used search command to delete the shortcuts. They lost,
but later they comed back with duplicated any existing folders and the size become 1 kb now. KVRT 2010 was detected and deleted 2 worms but not fixed the problem yet. I attached here the analyse log.
The shortcuts have typical Target like:
[U]C:\WINDOWS\system32\wscript.exe //e:VBScript dekstop.ini [/U]"FotoLama"
Foto Lama is duplicatted name of a subfolder. Thank You for Your Help.

1. Please, disable System Restore and antivirus (if you have).
2. Execute this script in AVPTool:

[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('E:\autorun.inf','');
QuarantineFile('D:\autorun.exe','');
DeleteService('MRxNet');
QuarantineFile('C:\WINDOWS\system32\Drivers\mrxnet.sys','');
DeleteService('MRxCls');
QuarantineFile('C:\WINDOWS\system32\Drivers\mrxcls.sys','');
DeleteFile('C:\WINDOWS\system32\Drivers\mrxcls.sys');
DeleteFile('C:\WINDOWS\system32\Drivers\mrxnet.sys');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteRepair(1);
ExecuteRepair(11);
ExecuteRepair(17);
BC_Activate;
RebootWindows(true);
end.[/CODE]
3. After reboot execute this script in AVPTool:

[CODE]begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.[/CODE]

Upload file quarantine.zip, by link [url]http://virusinfo.info/upload_virus.php?tid=84415[/url]

4. Make a new log of AVPTool.

Lady Alexandra Thank's for your Help. I have done with step 1, 2, and 3
But I attached file quarantine.zip again, since I found second file with same name and it was a shortcut, and I'm not sure wich one I've uploaded to VirusInfo. I prepare new log and will send you later. It seem's the shortcuts
still remain, so I hope further instruction, Thank You.

Check your system with Dr.Web CureIt: [url]http://www.freedrweb.com/cureit/?lng=en[/url]

[QUOTE=Aleksandra;680837]
4. Make a new log of AVPTool.[/QUOTE]??? :rtfm:

Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]1[/B][*]В ходе лечения вредоносные программы в карантинах не обнаружены[/LIST]