1. Please, disable System Restore and antivirus (if you have).
2. Execute this script in AVPTool:
Код:
begin
SetAVZGuardStatus(True);
QuarantineFile('C:\Windows\msa.exe','');
DelBHO('{92780B25-18CC-41C8-B9BE-3C9C571A8263}');
DelBHO('{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}');
DelBHO('{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}');
QuarantineFile('C:\Windows\system32\sshnas.dll','');
QuarantineFile('C:\Users\Reef\AppData\Local\Temp\c.exe','');
DeleteFile('C:\Users\Reef\AppData\Local\Temp\c.exe');
RegKeyParamDel('HKEY_USERS','S-1-5-21-767053721-1976565765-1015824139-1001\Software\Microsoft\Windows\CurrentVersion\Run','J8RPLTROBQ');
RegKeyParamDel('HKEY_USERS','S-1-5-21-767053721-1976565765-1015824139-1001\Software\Microsoft\Windows\CurrentVersion\Run','LREC75DND7');
DeleteFile('C:\Windows\system32\sshnas.dll');
RegKeyParamDel('HKEY_USERS','S-1-5-21-767053721-1976565765-1015824139-1001\Software\Microsoft\Windows\CurrentVersion\Run','LosAlamos');
DeleteFile('C:\Windows\msa.exe');
DeleteFile('C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job');
DeleteFile('C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
3. After reboot execute this script in AVPTool:
Код:
begin
CreateQurantineArchive('C:\quarantine.zip');
end.
Upload file C:\quarantine.zip, by link http://virusinfo.info/upload_virus.php?tid=66301
4. Make a new log of AVPTool.