Please download in my signature special avz, put it in new folder on desktop. Please execute this script in avz http://virusinfo.info/showthread.php?t=9207) (Do remember before execution scripts to exit antivirus and disconnect from internet, disable System Restore )
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\system32\drivers\oreans32.sys','');
DeleteService('abp470n5');
QuarantineFile('C:\WINDOWS\system32\drivers\jmmpn.sys','');
DeleteFile('C:\WINDOWS\system32\drivers\jmmpn.sys');
BC_DeleteSvc('srosa');
BC_ImportAll;
ExecuteSysClean;
ExecuteRepair(6);
ExecuteRepair(8);
ExecuteRepair(9);
ExecuteRepair(10);
ExecuteRepair(11);
ExecuteRepair(16);
ExecuteRepair(17);
BC_Activate;
SetAVZPMStatus(true);
RebootWindows(true);
end.
Please upload the quarantine according to appendix 3 of rules (http://virusinfo.info/showthread.php?t=9184) , by link http://virusinfo.info/upload_virus_eng.php?tid=40321 After that make a set of logs according to rules: http://virusinfo.info/showthread.php?t=9184Don't update special avz