Did you make scan with cureit or avptool ? They should both know your trojans already.
I think your case is cureable, you have a rootkit&trojan that block a lot of "anti" programs, because of this you are unable install programs, that you had mentioned in your post
Ok, from theory to practice:
First of all, please disable Norman and uninstall it completely trough add/remove programs and restart computer. ( Norman will not allow to us curing your system.)
Then, be sure that you are disconnected from internet and execute this script:
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('D:\71b89ba60f582ce4f9af\update\update.exe','');
QuarantineFile('C:\WINDOWS\system32\UACbmnudovn.dll','');
QuarantineFile('C:\WINDOWS\system32\UACbnwxympp.dll','');
QuarantineFile('C:\WINDOWS\system32\UACejwmtklo.dll','');
QuarantineFile('C:\WINDOWS\system32\UACybwrrvkp.dll','');
QuarantineFile('\\?\globalroot\systemroot\system32\UACejwmtklo.dll','');
QuarantineFile('C:\WINDOWS\system32\drivers\UACiwqvdlqm.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\cis1284.sys','');
DeleteFile('\\?\globalroot\systemroot\system32\UACejwmtklo.dll');
DeleteFile('C:\WINDOWS\system32\drivers\UACiwqvdlqm.sys');
DeleteFile('C:\WINDOWS\system32\UACbmnudovn.dll');
DeleteFile('C:\WINDOWS\system32\UACbnwxympp.dll');
DeleteFile('C:\WINDOWS\system32\UACejwmtklo.dll');
DeleteFile('C:\WINDOWS\system32\UACybwrrvkp.dll');
BC_ImportAll;
ExecuteSysClean;
BC_DeleteSvc('UACiwqvdlqm');
BC_Activate;
ExecuteRepair(6);
ExecuteRepair(8);
ExecuteRepair(9);
SetAVZPMStatus(true);
RebootWindows(true);
end.
System will reboot.
Please upload to us a quarantine(read Appendix#3 of the rules) by link http://virusinfo.info/upload_virus_eng.php?tid=40454
Then download avptool( http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/ ) , cureit( ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe ) and scan all your system (not with both at same time
After all, please make a fresh set of the logs in next post of this topic (like in your second post), we shall continue.