please execute this script in avptool:
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('F:\RECYCLER\S-1-6-21-1257894210-1075856346-012573477-3420\shellsrv.exe','');
QuarantineFile('F:\autorun.inf','');
QuarantineFile('D:\autorun.inf','');
QuarantineFile('C:\autorun.inf','');
QuarantineFile('C:\WINDOWS\system32\fltlib.dll','');
QuarantineFile('C:\Program Files\Utilities\VisualTooltip\VisualTooltip.dll','');
QuarantineFile('C:\WINDOWS\inf\unregmp2.exe','');
QuarantineFile('C:\WINDOWS\system32\HIDEC.exe','');
QuarantineFile('C:\WINDOWS\system32\Drivers\HTTP.sys','');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\update.sys','');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\srv.sys','');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\tcpip.sys','');
QuarantineFile('C:\WINDOWS\system32\sxs.dll','');
QuarantineFile('C:\WINDOWS\system32\RPCRT4.dll','');
QuarantineFile('C:\WINDOWS\system32\LINKINFO.dll','');
QuarantineFile('C:\WINDOWS\system32\kernel32.dll','');
QuarantineFile('C:\WINDOWS\system32\kerberos.dll','');
QuarantineFile('C:\WINDOWS\system32\es.dll','');
QuarantineFile('c:\windows\vistadrive\vistadrive.exe','');
QuarantineFile('C:\WINDOWS\system32\fltlib.dll','');
TerminateProcessByName('c:\windows\system32\symlcsrv.exe');
QuarantineFile('c:\windows\system32\symlcsrv.exe','');
QuarantineFile('c:\program files\windows sidebar\sidebar.exe','');
QuarantineFile('c:\windows\system32\spoolsv.exe','');
DeleteFile('c:\windows\system32\symlcsrv.exe');
DeleteFile('C:\WINDOWS\system32\HIDEC.exe');
DeleteFile('C:\autorun.inf');
DeleteFile('D:\autorun.inf');
DeleteFile('F:\autorun.inf');
DeleteFile('F:\RECYCLER\S-1-6-21-1257894210-1075856346-012573477-3420\shellsrv.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(6);
ExecuteRepair(8);
ExecuteRepair(9);
ExecuteRepair(11);
ExecuteRepair(13);
ExecuteRepair(17);
RebootWindows(true);
end.
Your computer will reboot.
Pack ( zip) (with pass 'virus') "Qurantine_AVZ" ( it is subfolder where your avptool exist)
Please upload it by link http://virusinfo.info/upload_virus_eng.php?tid=32410
Please close all programs, that you can,lunch Internet explorer and make a new log like you did in your first post.Please attach it to your next post.