Hi! please help me analyzing this report!

[redst]

Hi!
recently my computer was working good now in the last 2 days its acting weird,slow processing and administrator priviliges was disabled like task manager,regedit can be opened but will close by itself,i'm quite sure that there is a virus,whenever i insert a usb drive theres an autorun.ini being executed and a new folder.exe is created opn every folder,but my avast anti-v can't detect them,i've tried using the kapersky virus removal tool but it's clean,i tried using "RemoveIT pro V4".it detected virus like "sys32.vnchook,sys32.logmessages or something like that" but i'm not really sure if it was cured already.sp please help analyze the repot that i will send using AVZ and HJT log files.thank you in advance.

[Rene-gad]

Switch off:
- Antivirus and and, if you have - Firewall.
- System Restore
-Fix

Код:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present

- Execute following script

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
 TerminateProcessByName('c:\docume~1\admini~1.ils\locals~1\temp\{f9f38e63-7ef2-49c8-80d6-205bb003aaba}\ clearness time.exe');
 StopService('EuGdiDrv');
 StopService('epmntdrv');
 QuarantineFile('YMTray.exe','');
 QuarantineFile('J:\RRT\RRT.exe','');
 QuarantineFile('E:\Downloads\ Clearness time.exe','');
 QuarantineFile('C:\WINDOWS\VM303_STI.EXE','');
 QuarantineFile('C:\WINDOWS\VM302Snap.exe','');
 QuarantineFile('C:\WINDOWS\system32\EuGdiDrv.sys','');
 QuarantineFile('C:\WINDOWS\system32\epmntdrv.sys','');
 QuarantineFile('C:\WINDOWS\system32\drivers\vvftav302.sys','');
 QuarantineFile('c:\docume~1\admini~1.ils\locals~1\temp\{f9f38e63-7ef2-49c8-80d6-205bb003aaba}\ clearness time.exe','');
 DeleteService('EuGdiDrv');
 DeleteService('epmntdrv');
 DeleteFile('C:\WINDOWS\system32\EuGdiDrv.sys');
 DeleteFile('C:\WINDOWS\system32\epmntdrv.sys');
 DeleteFile('C:\WINDOWS\system32\drivers\vvftav302.sys');
 DeleteFile('c:\docume~1\admini~1.ils\locals~1\temp\{f9f38e63-7ef2-49c8-80d6-205bb003aaba}\ clearness time.exe');
BC_ImportAll;
ExecuteSysClean; 
 BC_DeleteSvc('EuGdiDrv');
 BC_DeleteSvc('epmntdrv');
BC_Activate;
RebootWindows(true);
end.

After reboot:
- Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
- Close all the programs and start only Internet Explorer!!!
- Repeat 3 log files in accordance with the rules.
- Switch Antivirus and, if you have - Firewall, on.
- Go On-Line
- Upload the quarantine (see Appendix 2 and 3 of the Rules) virus.zip over the link Upload quarantined files on the top of this page.
- Attach 3 logs to your new post..

[redst]

ok thanks for analyzing it for me and giving me solutions,i will try to upload the quarantined files but if im not mistaken theres no files that was quaratined when avz reported it and save the log file.but anyway i will try and search for it..thanks again...