помогите, поймала не знаю где при включенном касперским. из автозагрузки не удаляется ну и соответственно не дает эту программу деинсталировать
помогите, поймала не знаю где при включенном касперским. из автозагрузки не удаляется ну и соответственно не дает эту программу деинсталировать
Последний раз редактировалось Анастасия Башмакова; 11.08.2015 в 03:40.
Уважаемый(ая) Анастасия Башмакова, спасибо за обращение на наш форум!
Помощь при заражении комьютера на VirusInfo.Info оказывается абсолютно бесплатно. Хелперы, в самое ближайшее время, ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в правилах оформления запроса о помощи.
Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста поддержите проект.
вложения добавила
- - - - -Добавлено - - - - -
карантин отослан
Антивирус Baidu сами устанавливали?
Программой MyPC Backup пользуетесь? А утилитами от Mail.Ru, браузером Комета?
Скачайте программу Universal Virus Sniffer и сделайте полный образ автозапуска uVS.
WBR,
Vadim
антивирус Baidu появился сам даже не поняла когда...пару месяцев назад где то, MyPC Backup не использую, как и mail.ru с кометой. постоянно выключаю их при запуске ноутбука. UVS скачала, сейчас попробую его запустить
Последний раз редактировалось Анастасия Башмакова; 11.08.2015 в 10:49.
Программы, которые не используете, удалите через Панель управления.
WBR,
Vadim
удалила, файл полного автозапуска во вложении
- - - - -Добавлено - - - - -
минут через 15 после удаления через дспетчер задач амиго и остальные средства mail.ru снова появились на компьютере
Последний раз редактировалось Анастасия Башмакова; 11.08.2015 в 10:39.
Выполните скрипт в uVS:Компьютер перезагрузится.Код:;uVS v3.86.4 [http://dsrt.dyndns.org] ;Target OS: NTv6.1 v385c ;------------------------autoscript--------------------------- sreg delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BD0002.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BD0002.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUHIPS.EXE del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUHIPS.EXE delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMFRAMEWORK.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMFRAMEWORK.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMTINYXML.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMTINYXML.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMSTRINGUTILS.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMSTRINGUTILS.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMBASE.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMBASE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMREPORT.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMREPORT.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERMANAGER.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERMANAGER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUHIPSCORE.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUHIPSCORE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMNET.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMNET.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\AD.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\AD.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUPREVUIN.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUPREVUIN.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMANTIVIRUS\BDKITUTILS.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMANTIVIRUS\BDKITUTILS.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUHIPSBUSINESS.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUHIPSBUSINESS.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMAVENG.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMAVENG.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMAVCACHED.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMAVCACHED.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\TRUSTANDISO.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\TRUSTANDISO.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDCONFIG.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDCONFIG.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDLOGICUTILS.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDLOGICUTILS.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDSVC.EXE del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDSVC.EXE delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMFRAMEWORK.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMFRAMEWORK.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMAVE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMAVE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMREPORT.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMREPORT.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVFRAME.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVFRAME.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVENGINE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVENGINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVSCANH.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVSCANH.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMDBSQLITE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMDBSQLITE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVSCANM.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVSCANM.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVUNPACK.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVUNPACK.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVSCANV.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVSCANV.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVCOMMON.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVCOMMON.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVOLE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVOLE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDMAVCACHED.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDMAVCACHED.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDKITUTILS.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDKITUTILS.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDMAVENG.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDMAVENG.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERMANAGER.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERMANAGER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDUF.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDUF.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVARCHIVE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAV\BAVARCHIVE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDMPERFMON.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDMPERFMON.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PLUGINS\BDKVRTPPLUGINS\PRIVACYPROTECT.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PLUGINS\BDKVRTPPLUGINS\PRIVACYPROTECT.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMNET.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMNET.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PLUGINS\BDKVRTPPLUGINS\HIPSCLIENT.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PLUGINS\BDKVRTPPLUGINS\HIPSCLIENT.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\TRUSTANDISO.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\TRUSTANDISO.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\AD.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\AD.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PLUGINS\BDKVRTPPLUGINS\FILEMON.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PLUGINS\BDKVRTPPLUGINS\FILEMON.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDLOGICUTILS.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDLOGICUTILS.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\UPDATE_SUBSCRIPTION.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\UPDATE_SUBSCRIPTION.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DTREG.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DTREG.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\HASHMD5.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\HASHMD5.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\CRPTHLPR.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\CRPTHLPR.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\QB.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\QB.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\THREATSMANAGER.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\THREATSMANAGER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\AVS.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\AVS.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DMAP.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DMAP.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PROCMON.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PROCMON.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PARAMS.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PARAMS.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\UPDATE_ADAPTOR.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\UPDATE_ADAPTOR.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\UPDATE_SYNC.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\UPDATE_SYNC.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\WINREG.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\WINREG.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\THREATS_DISINFECTION.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\THREATS_DISINFECTION.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\FORMAT_RECOGNIZER.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\FORMAT_RECOGNIZER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\ACASSEMBLER.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\ACASSEMBLER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\REPORTDB.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\REPORTDB.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\REPORT.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\REPORT.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\THPIMPL.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\THPIMPL.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\TIMER.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\TIMER.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\REGMAP.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\REGMAP.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\TM.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\TM.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\EXCLUDEMANAGER.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\EXCLUDEMANAGER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\ICHECKER.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\ICHECKER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\STORAGE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\STORAGE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KSN_META.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KSN_META.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\APP_CORE_META.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\APP_CORE_META.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\AC_META.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\AC_META.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KLIFPP_META.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KLIFPP_META.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\SCHEDULE.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\SCHEDULE.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\AM_META.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\AM_META.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\INSTRUMENTAL_META.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\INSTRUMENTAL_META.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KEY_VALUE_STORAGE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KEY_VALUE_STORAGE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\APP_CORE_LEGACY.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\APP_CORE_LEGACY.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\EKA_META.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\EKA_META.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\SERVICE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\SERVICE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\NFIO.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\NFIO.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PRLOADER.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PRLOADER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\MSOE.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\MSOE.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KAVESS.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KAVESS.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\FSDRVPLG.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\FSDRVPLG.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\QUEUE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\QUEUE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KAVE8.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KAVE8.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\FSSYNC.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\FSSYNC.DLL delref %Sys32%\RLLS64.DLL del %Sys32%\RLLS64.DLL delref %SystemRoot%\SYSWOW64\RLLS.DLL del %SystemRoot%\SYSWOW64\RLLS.DLL delref %SystemDrive%\USERS\7\APPDATA\ROAMING\BAIDU\BDWEBADAPTER\3.0.331.0\NPBDEXNP.DLL del %SystemDrive%\USERS\7\APPDATA\ROAMING\BAIDU\BDWEBADAPTER\3.0.331.0\NPBDEXNP.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\EXPLUGIN\NPBAIDUSDDETECTPLUG.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\EXPLUGIN\NPBAIDUSDDETECTPLUG.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDTRAY.EXE del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDTRAY.EXE delref %SystemDrive%\USERS\7\APPDATA\ROAMING\BAIDU\BDWEBADAPTER\3.0.331.0\BDEXIE.DLL del %SystemDrive%\USERS\7\APPDATA\ROAMING\BAIDU\BDWEBADAPTER\3.0.331.0\BDEXIE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDSHELLEXT64.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDSHELLEXT64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDSHELLEXT.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDSHELLEXT.DLL delref %Sys32%\DRIVERS\BD0001.SYS del %Sys32%\DRIVERS\BD0001.SYS delref %Sys32%\DRIVERS\BD0002.SYS del %Sys32%\DRIVERS\BD0002.SYS delref %Sys32%\DRIVERS\BD0003.SYS del %Sys32%\DRIVERS\BD0003.SYS delref %Sys32%\DRIVERS\BDARKIT.SYS del %Sys32%\DRIVERS\BDARKIT.SYS delref %Sys32%\DRIVERS\BDDEFENSE.SYS del %Sys32%\DRIVERS\BDDEFENSE.SYS delref %Sys32%\DRIVERS\BDMWRENCH_X64.SYS del %Sys32%\DRIVERS\BDMWRENCH_X64.SYS delref %Sys32%\DRIVERS\BDSAFEBROWSER.SYS del %Sys32%\DRIVERS\BDSAFEBROWSER.SYS delref %SystemDrive%\PROGRAM FILES (X86)\RELEVANTKNOWLEDGE\RLSERVICE.EXE del %SystemDrive%\PROGRAM FILES (X86)\RELEVANTKNOWLEDGE\RLSERVICE.EXE delall %SystemDrive%\USERS\7\APPDATA\LOCAL\AMIGO\APPLICATION\32.0.1725.115\DELEGATE_EXECUTE.EXE delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\WEBSAFE\WEBMONBHO.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\WEBSAFE\WEBMONBHO.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\EXPLUGIN\IEBAIDUSDDETECTPLUG.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\EXPLUGIN\IEBAIDUSDDETECTPLUG.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BDDOWNLOAD\109\BDCOMPROXY.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BDDOWNLOAD\109\BDCOMPROXY.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BDDOWNLOAD\109\BDDOWNLOADER.EXE del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BDDOWNLOAD\109\BDDOWNLOADER.EXE delall %SystemDrive%\USERS\7\APPDATA\LOCAL\AMIGO\APPLICATION\VK.EXE delref %SystemDrive%\PROGRAM FILES (X86)\RELEVANTKNOWLEDGE\RLVKNLG.EXE del %SystemDrive%\PROGRAM FILES (X86)\RELEVANTKNOWLEDGE\RLVKNLG.EXE delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERS\BD0001.SYS del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERS\BD0001.SYS delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERS\BD0002.SYS del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERS\BD0002.SYS delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUHIPSUPDATE.EXE del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUHIPSUPDATE.EXE delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERS\BDDEFENSE_X64.SYS del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERS\BDDEFENSE_X64.SYS delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERS\BD0003.SYS del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERS\BD0003.SYS delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERS\BDARKIT.SYS del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERS\BDARKIT.SYS delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERS\BDMWRENCH_X64.SYS del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERS\BDMWRENCH_X64.SYS delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSD.EXE del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSD.EXE delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDKVWSC.EXE del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDKVWSC.EXE delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDUPDATE.EXE del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDUPDATE.EXE delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDUPROXY64.EXE del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDUPROXY64.EXE delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUHIPSBUGRPT.EXE del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BAIDUHIPSBUGRPT.EXE delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMUPDATE.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMUPDATE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDBUGRPT.EXE del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDBUGRPT.EXE delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\WEBSAFE\DLLINJECT.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\WEBSAFE\DLLINJECT.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDPATCHER.EXE del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BAIDUSDPATCHER.EXE delref %SystemDrive%\USERS\7\APPDATA\ROAMING\BAIDU\BDWEBADAPTER\3.0.331.0\BDWEBADAPTERSVC.EXE del %SystemDrive%\USERS\7\APPDATA\ROAMING\BAIDU\BDWEBADAPTER\3.0.331.0\BDWEBADAPTERSVC.EXE delref %SystemDrive%\USERS\7\APPDATA\ROAMING\BAIDU\BDWEBADAPTER\3.0.331.0\PROTOCOL.DLL del %SystemDrive%\USERS\7\APPDATA\ROAMING\BAIDU\BDWEBADAPTER\3.0.331.0\PROTOCOL.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMCOMMON.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMCOMMON.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\SKIN_ENGINE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\SKIN_ENGINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMUPDATE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMUPDATE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BDDOWNLOAD\109\DL.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BDDOWNLOAD\109\DL.DLL delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BD0001.DLL del %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BD0001.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\LHA.PPL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\LHA.PPL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\MSNPRTC.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\MSNPRTC.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDKVDESKBAND64.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDKVDESKBAND64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\URL_PROCESSING.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\URL_PROCESSING.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\VULNERABILITY_STATUS_PROVIDER.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\VULNERABILITY_STATUS_PROVIDER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\UDS4URLS.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\UDS4URLS.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\MMPPRTC.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\MMPPRTC.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PACKED_IO.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PACKED_IO.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\YHOPRTC.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\YHOPRTC.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\MAILER.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\MAILER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\NETWORK_SERVICES.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\NETWORK_SERVICES.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PERSISTENT_QUEUE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\PERSISTENT_QUEUE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\TRANSPORT.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\TRANSPORT.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KSN_CLIENT.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KSN_CLIENT.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\CKAHUM.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\CKAHUM.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\CLLDR.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\CLLDR.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\CRYPTOSTATICPROVIDER.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\CRYPTOSTATICPROVIDER.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DETERMINISTIC_ANTI_PHISHING_SERVICE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DETERMINISTIC_ANTI_PHISHING_SERVICE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DNS_CLIENT.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DNS_CLIENT.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\FILESYSTEM_SERVICES.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\FILESYSTEM_SERVICES.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KAS_CPCONVERT.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KAS_CPCONVERT.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KAS_GSG.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KAS_GSG.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\ICUIN40.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\ICUIN40.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\INTEGRITY_CONTROL.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\INTEGRITY_CONTROL.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KSN_STATISTICS.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\KSN_STATISTICS.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\CF_ANTI_MALWARE_FACADE.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\CF_ANTI_MALWARE_FACADE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\EKASYSWATCH.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\EKASYSWATCH.DLL delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\ICQPRTC.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\ICQPRTC.DLL delall %SystemDrive%\USERS\7\APPDATA\LOCAL\AMIGO\APPLICATION\32.0.1725.115\INSTALLER\SETUP.EXE delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\UNINST.EXE del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\UNINST.EXE delref %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\WEBSAFE\WEBMONHOOK.DLL del %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\WEBSAFE\WEBMONHOOK.DLL delall %SystemDrive%\USERS\7\APPDATA\LOCAL\AMIGO\APPLICATION\AMIGO.EXE delall %SystemDrive%\USERS\7\APPDATA\LOCAL\AMIGO\APPLICATION\OK.EXE deldir %SystemDrive%\USERS\7\APPDATA\LOCAL\AMIGO regt 27 uidel C:\Program Files (x86)\Аудио и видео скачивание\unins000.exe deldir C:\Program Files (x86)\Аудио и видео скачивание delall %SystemDrive%\PROGRAM FILES (X86)\MYPC BACKUP\BACKUPSTACK.EXE delall %SystemDrive%\USERS\7\APPDATA\LOCAL\KOMETA\APPLICATION\42.0.2311.135\DELEGATE_EXECUTE.EXE delall %SystemDrive%\PROGRAM FILES (X86)\MYPC BACKUP\MYPC BACKUP.EXE delall %SystemDrive%\PROGRAM FILES (X86)\MYPC BACKUP\UPDATER.EXE delref %SystemDrive%\USERS\7\APPDATA\LOCAL\SYSTEMDIR\NETHOST.EXE delall %SystemDrive%\PROGRAM FILES (X86)\MYPC BACKUP\SIGNUP WIZARD.EXE delref %Sys32%\DRIVERS\BD0004.SYS delref %Sys32%\DRIVERS\BDFILEDEFEND.SYS delref %Sys32%\DRIVERS\BDSANDBOX.SYS delref HTTP://ISEARCH.OMIGA-PLUS.COM/?TYPE=HP&TS=1420895836&FROM=COR&UID=WDCXWD3200BPVT-80JJ5T0_WD-WX11E61R7710R7710 delref HTTP://ISEARCH.OMIGA-PLUS.COM/WEB/?TYPE=DS&TS=1420895836&FROM=COR&UID=WDCXWD3200BPVT-80JJ5T0_WD-WX11E61R7710R7710&Q={SEARCHTERMS} delref HTTP://RHERESO.RU/?UTM_SOURCE=UOUA03&UTM_CONTENT=17EDD49F11242B062233F26A013B7073 delall %SystemDrive%\PROGRAM FILES (X86)\MAIL.RU\SPUTNIK\MAILRUSPUTNIK.DLL delref {40AEF60B-A6F8-4389-9003-A683DD75B850}\[CLSID] delref HTTP://GO.MAIL.RU/?FFVERFIX=1&FR=FFVERFIX_SG delref HTTP://GO.MAIL.RU/SEARCH?FR=NTG&Q= delref HTTP://MAIL.RU/CNT/10445?GP=CUSTOM2 delall %SystemDrive%\USERS\7\DOCUMENTS\.EXE delall %SystemDrive%\PROGRAM FILES (X86)\MYPC BACKUP\UNINST.EXE deldirex %SystemDrive%\PROGRAM FILES (X86)\MYPC BACKUP delref HTTP://R.MAIL.RU/N137257727 delref HTTP://R.MAIL.RU/N137257923 delref HTTP://WWW.MAIL.RU/MRA?LANG=RU delref %SystemDrive%\USERS\7\LOCAL SETTINGS\APPLICATION DATA\EXTENSIONINSTALLER_17\EXTINST.EXE deldir %SystemDrive%\USERS\7\LOCAL SETTINGS\APPLICATION DATA\EXTENSIONINSTALLER_17 deldir %SystemDrive%\USERS\7\APPDATA\LOCAL\SYSTEMDIR delall %SystemDrive%\USERS\7\APPDATA\LOCAL\MAIL.RU\MAILRUUPDATER.EXE deldir %SystemDrive%\USERS\7\APPDATA\LOCAL\MAIL.RU uidel C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe -bootremove -uninst:RelevantKnowledge deldir C:\Program Files (x86)\RelevantKnowledge uidel "C:\Users\7\AppData\Local\Amigo\Application\32.0.1725.115\Installer\setup.exe" --uninstall uidel "C:\Users\7\AppData\Local\Kometa\Application\42.0.2311.135\Installer\setup.exe" --uninstall deldir C:\Users\7\AppData\Local\Kometa uidel C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\uninst.exe uidel C:\Users\7\AppData\Local\Mail.Ru\MailRuUpdater.exe uninstall uidel C:\Users\7\AppData\Roaming\omiga-plus\UninstallManager.exe -ptid=cor deldir C:\Users\7\AppData\Roaming\omiga-plus uidel "C:\Program Files (x86)\Аудио и видео скачивание\unins000.exe" deldir C:\Program Files (x86)\Аудио и видео скачивание uidel "C:\Program Files (x86)\emoprog\unins000.exe" deldir C:\Program Files (x86)\emoprog uidel C:\Program Files (x86)\MyPC Backup\uninst.exe delref HTTP://WWW.RELEVANTKNOWLEDGE.COM/DEFAULT.ASPX?FUNC=REDIRECT&PAGE_ID=1001 delref HTTP://WWW.RELEVANTKNOWLEDGE.COM/DEFAULT.ASPX?FUNC=REDIRECT&PAGE_ID=1035 delref HTTP://WWW.RELEVANTKNOWLEDGE.COM/DEFAULT.ASPX?FUNC=REDIRECT&PAGE_ID=1041 deltmp areg ;-------------------------------------------------------------
В папке с UVS будет лог выполнения скрипта, текстовый файл с именем из даты и времени выполнения, прикрепите его с своему сообщению.
Сделайте лог AdwCleaner (by Xplode).
WBR,
Vadim
после перезагрузки компьютера что то запускалось на китайском, потом исчезло. в антивирусе ничего больше не нажимала, жду ваших указаний. в диспетчере задач показывает 3 каких то процесса на китайском QQPCTray и еще начинающеся с QQPC с ними что делать? пробовать закрыть через диспетчер?
Последний раз редактировалось Анастасия Башмакова; 11.08.2015 в 12:58.
Удалите всё найденное в AdwCleaner, дождитесь окончания удаления и перезагрузите систему по требованию программы.
После входа в систему откроется отчёт AdwCleaner - файл AdwCleaner[S0].txt, прикрепите к своему следующему сообщению.
WBR,
Vadim
сделала, как вы написали
Для контроля сделайте ещё раз полный образ автозапуска uVS, загрузите на rghost.ru и дайте ссылку в теме.
WBR,
Vadim
как я понимаю ссылка эта? http://rghost.ru/6MSCL7QmL
- - - - -Добавлено - - - - -
после перезагрузки все следы программы исчезли! спасибо огромное за помощь!!!!!!!!
Нет, не все ещё.
Выполните скрипт в UVS:После перезагрузки выложите новый лог выполнения скрипта, можно на rghost.ru.Код:;uVS v3.86.4 [http://dsrt.dyndns.org] ;Target OS: NTv6.1 v385c delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\QQPCRTP.EXE delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\TSDEFENSEBT64.SYS delref HTTP://WWW.HAO123.COM/?TN=99963976_HAO_PG delref %SystemDrive%\PROGRAM FILES (X86)\APPLICATION ASSISTANCE\AP1.EXE delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\QQPCTRAY.EXE delref HTTP://GUANJIA.QQ.COM/COMM-HTDOCS/QUICKACCESS/ delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\NPQMEXTENSIONSIE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\TSWEBMON64.DAT delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\NPQMEXTENSIONSMOZILLA.DLL delall %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDKVDESKBAND64.DLL delall %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMCOMMON.DLL delall %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERS\BD0001.SYS delall %Sys32%\DRIVERS\BD0001.SYS delall %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERS\BD0002.SYS delall %Sys32%\DRIVERS\BD0002.SYS delall %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERS\BD0003.SYS delall %Sys32%\DRIVERS\BD0003.SYS delall %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BDDOWNLOAD\109\BDCOMPROXY.DLL delall %Sys32%\DRIVERS\BDDEFENSE.SYS delall %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\DRIVERS\BDDEFENSE_X64.SYS delall %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BDDOWNLOAD\109\BDDOWNLOADER.EXE delall %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERS\BDMWRENCH_X64.SYS delall %Sys32%\DRIVERS\BDMWRENCH_X64.SYS delall %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BDDOWNLOAD\109\DL.DLL delall %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\DRIVERS\BDARKIT.SYS delall %Sys32%\DRIVERS\BDARKIT.SYS delall %SystemDrive%\PROGRAM FILES (X86)\BAIDU\BAIDUSD\3.0.0.4605\BDMANTIVIRUS\BDKITUTILS.DLL delall %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU\BAIDUHIPS\1.2.0.751\BDMANTIVIRUS\BDKITUTILS.DLL deldirex %SystemDrive%\PROGRAM FILES (X86)\BAIDU deldirex %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\BAIDU delref %SystemDrive%\USERS\7\APPDATA\LOCAL\OPERA\OPERA X64\TEMPORARY_DOWNLOADS\JOVESMODPACK_0.9.5_V16.2_EXTENDED.EXE delref %SystemDrive%\USERS\7\APPDATA\LOCAL\TEMP\7ZSD8E5.TMP\MICROINSTALLERNATIVE.EXE delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\QMCONTEXTSCAN.DLL delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\QMGCSHELLEXT64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\QMCONTEXTUNINSTALL64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\TAOFRAME.EXE delref %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\TENCENT\QQDOWNLOAD\130\TENCENTDL.EXE delref %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.11.16600.237\TSDEFENSEBT64.SYS delref {8984B388-A5BB-4DF7-B274-77B879E179DB}\[CLSID] regt 27 restart
WBR,
Vadim
сделала
Теперь порядок. Последите за ситуацией некоторое время.
Выполните скрипт в AVZ при наличии доступа в интернет:После его работы, если будут найдены уязвимости, в блокноте откроется файл avz_log.txt со ссылками на обновления системы и критичных к безопасности программ, которые нужно загрузить и установить. В первую очередь это относится к броузерам, Java, Adobe Acrobat/Reader и Adobe Flash Player.Код:var LogPath : string; ScriptPath : string; begin LogPath := GetAVZDirectory + 'log\avz_log.txt'; if FileExists(LogPath) Then DeleteFile(LogPath); ScriptPath := GetAVZDirectory +'ScanVuln.txt'; if DownloadFile('http://dataforce.ru/~kad/ScanVuln.txt', ScriptPath, 1) then ExecuteScript(ScriptPath) else begin if DownloadFile('http://dataforce.ru/~kad/ScanVuln.txt', ScriptPath, 0) then ExecuteScript(ScriptPath) else begin ShowMessage('Невозможно загрузить скрипт AVZ для обнаружения наиболее часто используемых уязвимостей!'); exit; end; end; if FileExists(LogPath) Then ExecuteFile('notepad.exe', LogPath, 1, 0, false) end.
WBR,
Vadim
скрипт выполнила, обновляю по ссылкам
Выполните рекомендации после лечения.
WBR,
Vadim
Статистика проведенного лечения:
- Получено карантинов: 1
- Обработано файлов: 3
- В ходе лечения обнаружены вредоносные программы:
- c:\users\7\documents\.exe - not-a-virus:AdWare.Win32.MediaMagnet.ch
Уважаемый(ая) Анастасия Башмакова, наши специалисты оказали Вам всю возможную помощь по вашему обращению.
В целях поддержания безопасности вашего компьютера настоятельно рекомендуем:
Чтобы всегда быть в курсе актуальных угроз в области информационной безопасности и сохранять свой компьютер защищенным, рекомендуем следить за последними новостями ИТ-сферы портала Anti-Malware.ru:
Надеемся больше никогда не увидеть ваш компьютер зараженным!
Если Вас не затруднит, пополните пожалуйста нашу базу безопасных файлов.