Обновите базы AVZ ("Файл" -> "Обновление баз").
Загрузите систему в безопасном режиме и выполните скрипт в AVZ:
Код:
begin
QuarantineFile('C:\Windows\system32\DRIVERS\BDMWrench_x64.sys', '');
QuarantineFile('C:\Windows\system32\DRIVERS\BDSafeBrowser.sys', '');
QuarantineFile('C:\Windows\system32\DRIVERS\BDMWrench.sys', '');
QuarantineFile('C:\Windows\system32\DRIVERS\BDArKit.sys', '');
QuarantineFile('C:\Windows\system32\DRIVERS\bd0004.sys', '');
QuarantineFile('C:\Windows\system32\DRIVERS\bd0003.sys', '');
QuarantineFile('C:\Windows\system32\DRIVERS\bd0001.sys', '');
QuarantineFile('c:\program files (x86)\common files\baidu\bddownload\108\bddownloader.exe', '');
QuarantineFile('c:\program files (x86)\common files\baidu\baiduprotect1.3\1.3.0.602\baiduprotect.exe', '');
DeleteFile('c:\program files (x86)\common files\baidu\baiduprotect1.3\1.3.0.602\baiduprotect.exe', '32');
DeleteFile('c:\program files (x86)\common files\baidu\bddownload\108\bddownloader.exe', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\ad.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\BDKitUtils.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\BDLogicUtils.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\BDMDownload.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\BDMNet.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\BDMReport.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\DriverManager.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\dynplugins\ArKit.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\dynplugins\AssistReportPlugin.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\dynplugins\FileUpdatePlugin.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\dynplugins\FixSePlugin.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\dynplugins\HostPlugin.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\plugins\BaiduRepair.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\plugins\HIPS.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.602\SafeBrowserDll.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bdcomproxy.dll', '32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\dl.dll', '32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0001.sys', '32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0003.sys', '32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0004.sys', '32');
DeleteFile('C:\Windows\system32\DRIVERS\BDArKit.sys', '32');
DeleteFile('C:\Windows\system32\DRIVERS\BDMWrench.sys', '32');
DeleteFile('C:\Windows\system32\DRIVERS\BDSafeBrowser.sys', '32');
DeleteFile('C:\Windows\system32\DRIVERS\BDMWrench_x64.sys', '32');
DeleteService('BdSandBox');
DeleteService('BDMWrench_x64');
DeleteService('BDFileDefend');
DeleteService('BDEnhanceBoost');
DeleteService('BDSafeBrowser');
DeleteService('BDMWrench');
DeleteService('BDArKit');
DeleteService('bd0004');
DeleteService('bd0003');
DeleteService('bd0001');
DeleteFileMask('c:\program files (x86)\common files\baidu', '*', true);
DeleteDirectory('c:\program files (x86)\common files\baidu');
ExecuteSysClean;
ExecuteWizard('SCU', 2, 2, true);
RebootWindows(true);
end.
Компьютер перезагрузится.
Выполните в AVZ скрипт:
Код:
begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.
В папке с AVZ появится архив карантина quarantine.zip, отправьте этот файл по ссылке "Прислать запрошенный карантин" над над первым сообщением в теме.
Выполните 2-й стандартный скрипт в AVZ и прикрепите к своему следующему сообщению файл virusinfo_syscheck.zip.
Сделайте лог AdwCleaner (by Xplode).