Important: Disconnect from internet, disable your antivirus!!!
AVZ - File - Custom scripts
Execute the following script (copy it, paste it in the script window of AVZ and execute):
Код:
begin
Clearquarantine;
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DelBHO('{3041d03e-fd4b-44e0-b742-2d9b88305f98}');
QuarantineFile('C:\Program Files\AskBarDis\bar\bin\askBar.dll','');
DelBHO('{EE030346-B9DB-4CCC-93F8-C267E9AE1BDE}');
QuarantineFile('C:\WINDOWS\system32\tazzri.dll','');
DelBHO('{ad171f53-d265-4838-b183-cf39fe1758d9}');
DelBHO('{96715F4E-52F6-4CD1-BB1E-6FFCE71F9645}');
QuarantineFile('C:\WINDOWS\system32\urqRHwXr.dll','');
DelBHO('{96430BB6-70D6-4D9F-B9CD-9E8CB4C67249}');
QuarantineFile('C:\WINDOWS\system32\ssqroljg.dll','');
DelBHO('{96134ABB-AD7C-4135-A927-329B735D524F}');
DelBHO('{82852436-F845-4519-A0CC-B2A8D54C3704}');
QuarantineFile('C:\WINDOWS\boqnrwdmslm.dll','');
DelBHO('{5600363C-B1A7-464C-9D48-B57A901A74FA}');
DelBHO('{1EBC3B47-EBDB-4B24-A4C7-17B6630B0542}');
QuarantineFile('C:\WINDOWS\system32\nnnmnMDW.dll','');
QuarantineFile('C:\WINDOWS\system32\ctfmona.exe','');
QuarantineFile('C:\WINDOWS\system32\fccCVpNF.dll','');
QuarantineFile('C:\Program Files\GamingSquared\Gaming2\G2.exe','');
QuarantineFile('C:\WINDOWS\System32\tazzri.dll','');
QuarantineFile('C:\WINDOWS\system32\mlJYqNgD.dll','');
QuarantineFile('C:\WINDOWS\system32\ivupkemk.dll','');
QuarantineFile('C:\WINDOWS\system32\hgGxUlii.dll','');
QuarantineFile('C:\WINDOWS\system32\lxdncoms.exe','');
DeleteFile('C:\WINDOWS\system32\hgGxUlii.dll');
DeleteFile('C:\WINDOWS\system32\ivupkemk.dll');
DeleteFile('C:\WINDOWS\system32\mlJYqNgD.dll');
DeleteFile('C:\WINDOWS\System32\tazzri.dll');
DeleteFile('C:\WINDOWS\system32\fccCVpNF.dll');
DeleteFile('C:\WINDOWS\system32\ctfmona.exe');
DeleteFile('C:\WINDOWS\system32\nnnmnMDW.dll');
DeleteFile('C:\WINDOWS\boqnrwdmslm.dll');
DeleteFile('C:\WINDOWS\system32\ssqroljg.dll');
DeleteFile('C:\WINDOWS\system32\urqRHwXr.dll');
DeleteFile('C:\WINDOWS\system32\tazzri.dll');
DeleteFile('C:\Program Files\AskBarDis\bar\bin\askBar.dll');
BC_ImportALL;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(6);
ExecuteRepair(8);
ExecuteRepair(9);
ExecuteRepair(11);
RebootWindows(true);
end.
Your computer will reboot.
Upload the quarantined files according to the Appendix 3 of the rules. (upload here http://virusinfo.info/upload_virus_eng.php?tid=34839 )
use portable ccleaner for cleaning temporary files ( http://www.ccleaner.com/download/bui...ading-portable; how-to use: just unzip to some new folder on your disk and click on ccleaner.exe , click in the interface of ccleaner on "Run Cleaner" button )
Make a new logs.(attach them to next post, you shouldn't create a new theme)