Warning!!! Spyware detected on your computer. Install an antivirus or spyware remover to clean your computer.

**alex_919** · 29.09.2008, 20:02

Здравствуйте,
Вот такая вот беда...
белый экран с рамкой посередине:
"Warning!!! Spyware detected on your computer. Install an antivirus or spyware remover to clean your computer.
Warning!Win32/Adwae.Virtumonde
Warning!Win32/PrivacyRemover/M64"
и
Заблокирована закладка Рабочий стол в окне свойств экрана
Заблокирована закладка Заставка в окне свойств экрана

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**wise-wistful** · 29.09.2008, 20:50

1.AVZ, меню "Файл - Выполнить скрипт" -- Скопировать ниже написанный скрипт-- Нажать кнопку "Запустить".

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
 QuarantineFile('C:\Program Files\Microsoft Common\wuauclt.exe','');
 QuarantineFile('C:\WINDOWS\system32\iertutil.dll','');
 QuarantineFile('C:\WINDOWS\system32\Drivers\Winkp40.sys','');
 QuarantineFile('C:\WINDOWS\system32\oembios.exe','');
 QuarantineFile('C:\Temp\loader.exe','');
 QuarantineFile('C:\WINDOWS\system32\blphccmgj0en4l.scr','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\Winag04.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\Winaf50.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\Winaf40.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\Winaf16.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\Lrv38.sys','');
 QuarantineFile('C:\WINDOWS\System32\Drivers\Fkp38.sys','');
 QuarantineFile('C:\WINDOWS\system32\WinCtrl32.dll','');
 QuarantineFile('c:\windows\system32\lphccmgj0en4l.exe','');
 TerminateProcessByName('c:\windows\system32\lphccmgj0en4l.exe');
 DeleteFile('c:\windows\system32\lphccmgj0en4l.exe');
 DeleteFile('C:\WINDOWS\system32\WinCtrl32.dll');
 DeleteFile('C:\WINDOWS\System32\Drivers\Fkp38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Lrv38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winaf16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winaf40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winaf50.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winag04.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winag16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winag37.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winag38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winag73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winag84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winbg61.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winbg72.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winbh16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winbh27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winbh38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winbh40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wincg16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winch05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winch83.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winci05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winci37.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winci62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wincj84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Windh62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Windi05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Windi15.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Windi40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Windi61.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Windi62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Windi72.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Windi84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Windj51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winei62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winej05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winej27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winej38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winej40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winek05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winek51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winel05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winfk27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winfk61.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winfk73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winfl40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingl04.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingl16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingl27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingl48.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingl83.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingm15.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingm16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingm27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingm40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingm62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wingm73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winhm40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winhm51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winhm62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winhm73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winhm84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winhn27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winhn51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winhn62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winho62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winin16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winin38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winin40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winin73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winin84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winio84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winjn05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winjn73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winjo40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winjo51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winjo84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winjp48.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winjp51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winkp16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winkp27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winkp38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winkp50.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winkp84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlq16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlq26.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlq51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlq62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlq72.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlq73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlq84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlr27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlr40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlr62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winlr84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winmq16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winmr27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winmr62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winmr72.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winmr84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winms40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winns27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winns38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winns62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winns84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winnt51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winot16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winot27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winot51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winot62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winou40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winou50.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winou62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winpu16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winpu48.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winpv38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winpv40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winpv83.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqu05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqv05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqv16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqv27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqv37.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqv38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqv61.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqv62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqv73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqw38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winqw40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winrw51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winsx16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winsx37.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winsx38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winsx48.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winsx51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winsx62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winsx84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winsy27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winsy38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winta16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winta40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wintb38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Wintx40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winty84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winua04.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winua38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winua48.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winua51.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winua73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winua84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winub05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winub15.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winub38.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winvb15.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winvb16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winvb83.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winvc37.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winvc40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winwb40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winwc04.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winwc73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winwd05.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winwd72.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winxd16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winxd27.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winxd40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winxd62.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winxd83.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winxe40.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winxe72.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winye15.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winye72.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winye73.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winye84.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winyf16.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winyf48.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winyf61.sys');
 DeleteFile('C:\WINDOWS\System32\Drivers\Winyg04.sys');
 DeleteFile('C:\WINDOWS\system32\blphccmgj0en4l.scr');
 DeleteFile('C:\Temp\loader.exe');
 DeleteFile('C:\WINDOWS\system32\oembios.exe');
 DeleteFile('C:\WINDOWS\system32\Drivers\Winkp40.sys');
 DeleteFile('C:\Program Files\Microsoft Common\wuauclt.exe');
BC_ImportAll;
BC_DeleteSvc('Winyg04');
BC_DeleteSvc('Winyf61');
BC_DeleteSvc('Winyf48');
BC_DeleteSvc('Winyf16');
BC_DeleteSvc('Winye84');
BC_DeleteSvc('Winye73');
BC_DeleteSvc('Winye72');
BC_DeleteSvc('Winye15');
BC_DeleteSvc('Winxe72');
BC_DeleteSvc('Winxe40');
BC_DeleteSvc('Winxd83');
BC_DeleteSvc('Winxd62');
BC_DeleteSvc('Winxd40');
BC_DeleteSvc('Winxd27');
BC_DeleteSvc('Winxd16');
BC_DeleteSvc('Winwd72');
BC_DeleteSvc('Winwd05');
BC_DeleteSvc('Winwc73');
BC_DeleteSvc('Winwc04');
BC_DeleteSvc('Winwb40');
BC_DeleteSvc('Winvc40');
BC_DeleteSvc('Winvc37');
BC_DeleteSvc('Winvb83');
BC_DeleteSvc('Winvb16');
BC_DeleteSvc('Winvb15');
BC_DeleteSvc('Winub38');
BC_DeleteSvc('Winub15');
BC_DeleteSvc('Winub05');
BC_DeleteSvc('Winua84');
BC_DeleteSvc('Winua73');
BC_DeleteSvc('Winua51');
BC_DeleteSvc('Winua48');
BC_DeleteSvc('Winua38');
BC_DeleteSvc('Winua04');
BC_DeleteSvc('Winty84');
BC_DeleteSvc('Wintx40');
BC_DeleteSvc('Wintb38');
BC_DeleteSvc('Winta40');
BC_DeleteSvc('Winta16');
BC_DeleteSvc('Winsy38');
BC_DeleteSvc('Winsy27');
BC_DeleteSvc('Winsx84');
BC_DeleteSvc('Winsx62');
BC_DeleteSvc('Winsx51');
BC_DeleteSvc('Winsx48');
BC_DeleteSvc('Winsx38');
BC_DeleteSvc('Winsx37');
BC_DeleteSvc('Winsx16');
BC_DeleteSvc('Winrw51');
BC_DeleteSvc('Winqw40');
BC_DeleteSvc('Winqw38');
BC_DeleteSvc('Winqv73');
BC_DeleteSvc('Winqv62');
BC_DeleteSvc('Winqv61');
BC_DeleteSvc('Winqv38');
BC_DeleteSvc('Winqv37');
BC_DeleteSvc('Winqv27');
BC_DeleteSvc('Winqv16');
BC_DeleteSvc('Winqv05');
BC_DeleteSvc('Winqu05');
BC_DeleteSvc('Winpv83');
BC_DeleteSvc('Winpv40');
BC_DeleteSvc('Winpv38');
BC_DeleteSvc('Winpu48');
BC_DeleteSvc('Winpu16');
BC_DeleteSvc('Winou62');
BC_DeleteSvc('Winou50');
BC_DeleteSvc('Winou40');
BC_DeleteSvc('Winot62');
BC_DeleteSvc('Winot51');
BC_DeleteSvc('Winot27');
BC_DeleteSvc('Winot16');
BC_DeleteSvc('Winnt51');
BC_DeleteSvc('Winns84');
BC_DeleteSvc('Winns62');
BC_DeleteSvc('Winns38');
BC_DeleteSvc('Winns27');
BC_DeleteSvc('Winms40');
BC_DeleteSvc('Winmr84');
BC_DeleteSvc('Winmr72');
BC_DeleteSvc('Winmr62');
BC_DeleteSvc('Winmr27');
BC_DeleteSvc('Winmq16');
BC_DeleteSvc('Winlr84');
BC_DeleteSvc('Winlr62');
BC_DeleteSvc('Winlr40');
BC_DeleteSvc('Winlr27');
BC_DeleteSvc('Winlq84');
BC_DeleteSvc('Winlq73');
BC_DeleteSvc('Winlq72');
BC_DeleteSvc('Winlq62');
BC_DeleteSvc('Winlq51');
BC_DeleteSvc('Winlq26');
BC_DeleteSvc('Winkp84');
BC_DeleteSvc('Winlq16');
BC_DeleteSvc('Winkp50');
BC_DeleteSvc('Winkp38');
BC_DeleteSvc('Winkp27');
BC_DeleteSvc('Winkp16');
BC_DeleteSvc('Winjp51');
BC_DeleteSvc('Winjp48');
BC_DeleteSvc('Winjo84');
BC_DeleteSvc('Winjo51');
BC_DeleteSvc('Winjo40');
BC_DeleteSvc('Winjn73');
BC_DeleteSvc('Winjn05');
BC_DeleteSvc('Winio84');
BC_DeleteSvc('Winin84');
BC_DeleteSvc('Winin73');
BC_DeleteSvc('Winin40');
BC_DeleteSvc('Winin38');
BC_DeleteSvc('Winin16');
BC_DeleteSvc('Winho62');
BC_DeleteSvc('Winhn62');
BC_DeleteSvc('Winhn51');
BC_DeleteSvc('Winhn27');
BC_DeleteSvc('Winhm84');
BC_DeleteSvc('Winhm73');
BC_DeleteSvc('Winhm62');
BC_DeleteSvc('Winhm51');
BC_DeleteSvc('Winhm40');
BC_DeleteSvc('Wingm73');
BC_DeleteSvc('Wingm62');
BC_DeleteSvc('Wingm40');
BC_DeleteSvc('Wingm27');
BC_DeleteSvc('Wingm16');
BC_DeleteSvc('Wingm15');
BC_DeleteSvc('Wingl83');
BC_DeleteSvc('Wingl48');
BC_DeleteSvc('Wingl27');
BC_DeleteSvc('Wingl16');
BC_DeleteSvc('Wingl04');
BC_DeleteSvc('Winfl40');
BC_DeleteSvc('Winfk73');
BC_DeleteSvc('Winfk61');
BC_DeleteSvc('Winfk27');
BC_DeleteSvc('Winel05');
BC_DeleteSvc('Winek51');
BC_DeleteSvc('Winek05');
BC_DeleteSvc('Winej40');
BC_DeleteSvc('Winej38');
BC_DeleteSvc('Winej27');
BC_DeleteSvc('Winej05');
BC_DeleteSvc('Winei62');
BC_DeleteSvc('Windj51');
BC_DeleteSvc('Windi84');
BC_DeleteSvc('Windi72');
BC_DeleteSvc('Windi62');
BC_DeleteSvc('Windi61');
BC_DeleteSvc('Windi40');
BC_DeleteSvc('Windi15');
BC_DeleteSvc('Windi05');
BC_DeleteSvc('Windh62');
BC_DeleteSvc('Wincj84');
BC_DeleteSvc('Winci62');
BC_DeleteSvc('Winci37');
BC_DeleteSvc('Winci05');
BC_DeleteSvc('Winch83');
BC_DeleteSvc('Winch05');
BC_DeleteSvc('Wincg16');
BC_DeleteSvc('Winbh40');
BC_DeleteSvc('Winbh38');
BC_DeleteSvc('Winbh27');
BC_DeleteSvc('Winbh16');
BC_DeleteSvc('Winbg72');
BC_DeleteSvc('Winbg61');
BC_DeleteSvc('Winag84');
BC_DeleteSvc('Winag73');
BC_DeleteSvc('Winag38');
BC_DeleteSvc('Winag37');
BC_DeleteSvc('Winag16');
BC_DeleteSvc('Winag04');
BC_DeleteSvc('Winaf50');
BC_DeleteSvc('Winaf40');
BC_DeleteSvc('Winaf16');
BC_DeleteSvc('Fkp38');
BC_DeleteSvc('Lrv38');
BC_DeleteSvc('xmlprovTrkWksdmserver');
BC_DeleteSvc('xmlprovDnscache');
BC_DeleteSvc('WZCSVCSENSClipSrv');
BC_DeleteSvc('wuauservThemesRDSessMgrCryptSvc');
BC_DeleteSvc('wscsvcEventlogSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServ');
BC_DeleteSvc('WmiWmiApSrvNOD32krnSamSsNtmsSvc');
BC_DeleteSvc('WmiRasAuto');
BC_DeleteSvc('WmiApSrvRDSessMgrRasManProtectedStorageRasManDhcpHidServBITSSENSClipSrv');
BC_DeleteSvc('WmiApSrvRDSessMgrRasMan');
BC_DeleteSvc('WmiApSrvNOD32krnSamSsNtmsSvc');
BC_DeleteSvc('winmgmtNetDDEdsdmLmHostsThemesSCardSvrSpoolerAppMgmtRasAutoose');
BC_DeleteSvc('WebClientWmdmPmSN');
BC_DeleteSvc('W32TimeNetDDEdsdm');
BC_DeleteSvc('W32Timehelpsvc');
BC_DeleteSvc('UPSNtLmSspWmiApSrvRasAutoNetman');
BC_DeleteSvc('TrkWksdmserverWebClientTrkWks');
BC_DeleteSvc('TrkWksdmserverWebClientSCardSvrSpooler');
BC_DeleteSvc('TrkWksdmserverWebClient');
BC_DeleteSvc('TrkWksdmserver');
BC_DeleteSvc('TlntSvrRDSessMgrWmiApSrvNOD32krnSamSsNtmsSvcHTTPFilter');
BC_DeleteSvc('TlntSvrRDSessMgrWmiApSrvNOD32krnSamSsNtmsSvc');
BC_DeleteSvc('ThemesSCardSvrSpoolerAppMgmtRasAuto');
BC_DeleteSvc('ThemesRDSessMgrCryptSvc');
BC_DeleteSvc('ThemesCOMSysAppose');
BC_DeleteSvc('Themes Smart');
BC_DeleteSvc('TermServiceSharedAccess');
BC_DeleteSvc('TermServiceHidServ');
BC_DeleteSvc('TapiSrvSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServW32Time');
BC_DeleteSvc('TapiSrvSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServ');
BC_DeleteSvc('stisvcProtectedStorageRasManTermService');
BC_DeleteSvc('SSDPSRVlanmanworkstationSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServseclogon');
BC_DeleteSvc('SSDPSRVlanmanworkstationSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServNOD32krnSamSsNtmsSvc');
BC_DeleteSvc('SSDPSRVlanmanworkstationSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServ');
BC_DeleteSvc('SSDPSRVHidServAudioSrvLmHostssrserviceNtLmSspCryptSvcstisvc');
BC_DeleteSvc('srserviceDnscache');
BC_DeleteSvc('SpoolerAlerter');
BC_DeleteSvc('SharedAccessWmdmPmSNSamSsMSDTCThemesCOMSysAppose');
BC_DeleteSvc('SharedAccessWmdmPmSN');
BC_DeleteSvc('SharedAccessCryptSvcstisvc');
BC_DeleteSvc('SENSose');
BC_DeleteSvc('SENSClipSrvSCardSvrRSVP');
BC_DeleteSvc('SENSClipSrvSCardSvr');
BC_DeleteSvc('SENSClipSrvRDSessMgrCryptSvc');
BC_DeleteSvc('SENSClipSrvCOMSysApposeTapiSrvSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServ');
BC_DeleteSvc('SENSClipSrvCOMSysAppose');
BC_DeleteSvc('SENSClipSrv HotKey Poller');
BC_DeleteSvc('SENSClipSrv');
BC_DeleteSvc('seclogonstisvcProtectedStorageRasManTermService');
BC_DeleteSvc('ScheduleSENSClipSrvERSvcLmHostssrserviceNtLmSspCryptSvcstisvc');
BC_DeleteSvc('ScheduleSENSClipSrv');
BC_DeleteSvc('SCardSvrsrserviceDnscacheNetDDEdsdm');
BC_DeleteSvc('SCardSvrsrserviceDnscache');
BC_DeleteSvc('SCardSvrSpoolerAppMgmtRasAutoTapiSrvHTTPFilterEventlogTrkWksdmservermnmsrvc');
BC_DeleteSvc('SCardSvrSpoolerAppMgmtRasAutoTapiSrv');
BC_DeleteSvc('SCardSvrSpoolerAppMgmtRasAuto');
BC_DeleteSvc('SCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServSysmonLog');
BC_DeleteSvc('SCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServ');
BC_DeleteSvc('SCardSvrSpoolerAppMgmt');
BC_DeleteSvc('SCardSvrSpooler');
BC_DeleteSvc('SamSsMSDTCThemesCOMSysAppose');
BC_DeleteSvc('SamSsMSDTCDcomLaunch');
BC_DeleteSvc('SamSsMSDTC');
BC_DeleteSvc('RSVPRpcLocator');
BC_DeleteSvc('RpcSsNetDDEdsdmLmHostsThemesSCardSvrSpoolerAppMgmtRasAutoSharedAccess');
BC_DeleteSvc('RpcSsERSvcLmHostssrserviceNtLmSspCryptSvcstisvcThemes');
BC_DeleteSvc('RpcSsERSvcLmHostssrserviceNtLmSspCryptSvcstisvc');
BC_DeleteSvc('RpcLocatorstisvc');
BC_DeleteSvc('RDSessMgrWmiApSrvNOD32krnSamSsNtmsSvcLmHostssrserviceSamSsMSDTCDcomLaunchNtmsSvc');
BC_DeleteSvc('RDSessMgrWmiApSrvNOD32krnSamSsNtmsSvc');
BC_DeleteSvc('RDSessMgrWmiApSrv');
BC_DeleteSvc('RDSessMgrRasMan');
BC_DeleteSvc('RDSessMgrCryptSvc');
BC_DeleteSvc('RasManRemoteRegistry');
BC_DeleteSvc('RasAutoNetman');
BC_DeleteSvc('RasAutoBITSNtLmSspWmiApSrv Smart');
BC_DeleteSvc('RasAutoBITSNtLmSspWmiApSrv');
BC_DeleteSvc('RasAutoBITS');
BC_DeleteSvc('ProtectedStorageRasManTermServiceNetDDE');
BC_DeleteSvc('ProtectedStorageRasManTermService');
BC_DeleteSvc('ProtectedStorageRasManDhcpHidServBITSSENSClipSrv');
BC_DeleteSvc('ProtectedStorageRasMan');
BC_DeleteSvc('PnkBstrATrkWks');
BC_DeleteSvc('osewuauservNOD32krn');
BC_DeleteSvc('osewuauserv');
BC_DeleteSvc('NtmsSvcWmdmPmSN');
BC_DeleteSvc('NtmsSvcRDSessMgrWZCSVC');
BC_DeleteSvc('NtmsSvcRDSessMgrhelpsvc');
BC_DeleteSvc('NtmsSvcRDSessMgrdmserverwscsvcNlaPnkBstrA');
BC_DeleteSvc('NtmsSvcRDSessMgrdmserverwscsvcNla');
BC_DeleteSvc('NtmsSvcRDSessMgr');
BC_DeleteSvc('NtLmSspWmiApSrvRasAutoNetman');
BC_DeleteSvc('NtLmSspWmiApSrvdmadmin');
BC_DeleteSvc('NtLmSspWmiApSrv');
BC_DeleteSvc('NtLmSspThemesRDSessMgrCryptSvc');
BC_DeleteSvc('NtLmSspCryptSvcstisvcupnphostNetDDERSVP');
BC_DeleteSvc('NtLmSspCryptSvcstisvcupnphost');
BC_DeleteSvc('NtLmSspCryptSvcstisvcHidServAudioSrv');
BC_DeleteSvc('NtLmSspCryptSvcstisvc');
BC_DeleteSvc('NOD32krnSamSsNtmsSvcRpcSsSENSClipSrvSCardSvr');
BC_DeleteSvc('NOD32krnSamSsNtmsSvcRpcSs');
BC_DeleteSvc('NOD32krnSamSsNtmsSvc');
BC_DeleteSvc('NOD32krnSamSsAtilanmanworkstation');
BC_DeleteSvc('NOD32krnSamSs');
BC_DeleteSvc('NlaNtmsSvcWmdmPmSNSpooler');
BC_DeleteSvc('NlaNtmsSvcWmdmPmSNNtLmSspCryptSvcstisvcHidServAudioSrv');
BC_DeleteSvc('NlaNtmsSvcWmdmPmSN');
BC_DeleteSvc('NetDDERSVP');
BC_DeleteSvc('NetDDERemoteAccess');
BC_DeleteSvc('NetDDERDSessMgrWmiApSrvNOD32krnSamSsNtmsSvc');
BC_DeleteSvc('NetDDEdsdmLmHostsThemesSCardSvrSpoolerAppMgmtRasAutoSharedAccess');
BC_DeleteSvc('NetDDEdsdmLmHostsThemesSCardSvrSpoolerAppMgmtRasAutoose');
BC_DeleteSvc('NetDDEdsdmLmHostsThemesSCardSvrSpoolerAppMgmtRasAuto');
BC_DeleteSvc('MSDTCCryptSvc');
BC_DeleteSvc('mnmsrvcNtmsSvcWmdmPmSNDnscache');
BC_DeleteSvc('mnmsrvcNtmsSvcWmdmPmSN');
BC_DeleteSvc('MessengerNtLmSspCryptSvcstisvc');
BC_DeleteSvc('LmHostsThemesSCardSvrSpoolerAppMgmtRasAuto');
BC_DeleteSvc('LmHostssrserviceSamSsMSDTCDcomLaunchNtmsSvc');
BC_DeleteSvc('LmHostssrserviceSamSsMSDTCDcomLaunch');
BC_DeleteSvc('LmHostssrserviceNtLmSspCryptSvcstisvc');
BC_DeleteSvc('LmHostssrserviceNlaNtmsSvcWmdmPmSNSSDPSRVNetDDEdsdmLmHostsThemesSCardSvrSpoolerAppMgmtRasAuto');
BC_DeleteSvc('LmHostssrserviceNlaNtmsSvcWmdmPmSNSSDPSRV');
BC_DeleteSvc('LmHostssrserviceNlaNtmsSvcWmdmPmSNNetDDERDSessMgrWmiApSrvNOD32krnSamSsNtmsSvc');
BC_DeleteSvc('LmHostssrserviceNlaNtmsSvcWmdmPmSN');
BC_DeleteSvc('LmHostssrserviceHTTPFilter');
BC_DeleteSvc('LmHostssrservice');
BC_DeleteSvc('LmHostsMSDTC');
BC_DeleteSvc('lanmanworkstationSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServ');
BC_DeleteSvc('lanmanserverWmiApSrvNOD32krnSamSsNtmsSvc');
BC_DeleteSvc('ImapiServiceMSIServer');
BC_DeleteSvc('HTTPFilterProtectedStorage');
BC_DeleteSvc('HTTPFilterEventlogTrkWksdmservermnmsrvc');
BC_DeleteSvc('HTTPFilterEventlogTrkWksdmserver');
BC_DeleteSvc('HTTPFilterEventlogNetDDEdsdm');
BC_DeleteSvc('HTTPFilterEventlog');
BC_DeleteSvc('HTTPFilterdmserverwscsvcNetDDERDSessMgrWmiApSrvNOD32krnSamSsNtmsSvc');
BC_DeleteSvc('HTTPFilterdmserverwscsvc');
BC_DeleteSvc('HidServVSS');
BC_DeleteSvc('HidServBITSSENSClipSrv');
BC_DeleteSvc('HidServBITS');
BC_DeleteSvc('HidServAudioSrvLmHostssrserviceNtLmSspCryptSvcstisvc');
BC_DeleteSvc('HidServAudioSrvLmHostssrservice');
BC_DeleteSvc('HidServAudioSrv');
BC_DeleteSvc('helpsvcwscsvcEventlogSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServ');
BC_DeleteSvc('helpsvcRpcSsERSvcLmHostssrserviceNtLmSspCryptSvcstisvcThemes');
BC_DeleteSvc('FastUserSwitchingCompatibilityAtilanmanworkstationShellHWDetection');
BC_DeleteSvc('EventlogSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServNOD32krnSamSs');
BC_DeleteSvc('EventlogSCardSvrSpoolerAppMgmtAudioSrvTermServiceHidServ');
BC_DeleteSvc('EventlogERSvcLmHostssrserviceNtLmSspCryptSvcstisvc');
BC_DeleteSvc('EventlogDcomLaunch');
BC_DeleteSvc('ERSvcLmHostssrserviceNtLmSspCryptSvcstisvcAlerter');
BC_DeleteSvc('ERSvcLmHostssrserviceNtLmSspCryptSvcstisvc');
BC_DeleteSvc('dmserverwscsvcNla');
BC_DeleteSvc('dmserverwscsvc');
BC_DeleteSvc('dmserverNOD32krn');
BC_DeleteSvc('DhcpHidServBITSSENSClipSrv');
BC_DeleteSvc('CryptSvcstisvc');
BC_DeleteSvc('COMSysAppWebClient');
BC_DeleteSvc('COMSysApposeSENS');
BC_DeleteSvc('COMSysAppose');
BC_DeleteSvc('AudioSrvTermServiceHidServ');
BC_DeleteSvc('AudioSrvseclogon');
BC_DeleteSvc('AtiWebClientWmdmPmSN');
BC_DeleteSvc('AtiMessengerNtLmSspCryptSvcstisvc');
BC_DeleteSvc('AtilanmanworkstationShellHWDetection');
BC_DeleteSvc('Atilanmanworkstation Smart');
BC_DeleteSvc('Atilanmanworkstation');
BC_DeleteSvc('AppMgmtNtLmSspCryptSvcstisvcHidServAudioSrv');
BC_DeleteSvc('AlerterProtectedStorage');
ExecuteSysClean;
BC_Activate;
ExecuteRepair(5);
ExecuteRepair(6);
ExecuteRepair(9);
RebootWindows(true);
end.

После выполнения скрипта компьютер перезагрузится.
Прислать карантин согласно приложения 3 правил .
Загружать по ссылке: http://virusinfo.info/upload_virus.php?tid=31122

Повторите логи.

**alex_919** · 29.09.2008, 21:07

спасибо! все прошло успешно, рамка исчезла.

**wise-wistful** · 29.09.2008, 21:11

Логи ждём.

**alex_919** · 30.09.2008, 19:22

загружаю логи.

**CyberHelper** · 22.02.2009, 08:19

Статистика проведенного лечения:

Получено карантинов: 1
Обработано файлов: 35
В ходе лечения обнаружены вредоносные программы:
1. c:\\program files\\microsoft common\\wuauclt.exe - Worm.Win32.AutoRun.mlr (DrWEB: Trojan.DownLoad.428
2. c:\\temp\\loader.exe - Trojan.Win32.Pakes.khg (DrWEB: BackDoor.Bulknet.206)
3. c:\\windows\\system32\\lphccmgj0en4l.exe - Backdoor.Win32.Frauder.fk (DrWEB: Trojan.Fakealert.1321)
4. c:\\windows\\system32\\oembios.exe - Trojan-Spy.Win32.Zbot.eme (DrWEB: Trojan.Proxy.3854)
5. c:\\windows\\system32\\winctrl32.dll - Trojan-Downloader.Win32.Mutant.bnw (DrWEB: BackDoor.Bulknet.225)

Warning!!! Spyware detected on your computer. Install an antivirus or spyware remover to clean your computer. (заявка № 31122)

Опции темы

Warning!!! Spyware detected on your computer. Install an antivirus or spyware remover to clean your computer.

Итог лечения

Похожие темы

Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer

Все то же: Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer

Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer

На рабочем столе надпись Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer

Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer

Ваши права в разделе