Greetings.
I'm sorry for so late answer. If your problem still exists, then you should try to execute this script:
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('c:\windows\system32\snmp.exe','');
QuarantineFile('C:\WINDOWS\system32\Drivers\sddriver.sys','');
QuarantineFile('C:\DOCUME~1\Lionel\LOCALS~1\Temp\pfsvgae.sys','');
QuarantineFile('C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll','');
QuarantineFile('C:\Documents and Settings\Lionel\Desktop\Virus Removal Tool1\AntiNimd.exe','');
QuarantineFile('\\?\globalroot\systemroot\system32\gxvxcgrdltplsvjkmoyphsehqvrjjkvamygol.dll','');
QuarantineFile('c:\program files\ageia technologies\trayicon.exe','');
TerminateProcessByName('c:\windows\system32\flcss.exe');
QuarantineFile('c:\windows\system32\flcss.exe','');
QuarantineFile('c:\program files\common files\portrait displays\shared\dtsrvc.exe','');
DeleteFile('c:\windows\system32\flcss.exe');
BC_DeleteFile('c:\windows\system32\flcss.exe');
DeleteFile('\\?\globalroot\systemroot\system32\gxvxcgrdltplsvjkmoyphsehqvrjjkvamygol.dll');
BC_DeleteFile('\\?\globalroot\systemroot\system32\gxvxcgrdltplsvjkmoyphsehqvrjjkvamygol.dll');
DeleteFile('C:\DOCUME~1\Lionel\LOCALS~1\Temp\pfsvgae.sys');
BC_DeleteFile('C:\DOCUME~1\Lionel\LOCALS~1\Temp\pfsvgae.sys');
DeleteFile('winmok32.dll');
BC_DeleteFile('winmok32.dll');
DeleteFile('C:\Windows\System32\winmok32.dll');
BC_DeleteFile('C:\Windows\System32\winmok32.dll');
DeleteService('pfsvgae');
BC_DeleteSvc('pfsvgae');
BC_ImportquarantineList;
BC_Activate;
ExecuteSysClean;
RebootWindows(true);
end.
After restart, upload quarantine using the link http://virusinfo.info/upload_virus_eng.php?tid=49200 and make logs again (you'd better make 3 logs as it's described in the rules of "Help me!" section)