Постоянно создается куча EXE-файлов в Windows\TEmp.
Запускал DrWeb CureIt, Kaspersky AVPTool, AVZ. Ничего не находят.
Загружался с Флэшки- Alkid Live - DrWeb и Kaspersky и этом случае ничего не нашли.
Комп тормозит. Помогите !
Постоянно создается куча EXE-файлов в Windows\TEmp.
Запускал DrWeb CureIt, Kaspersky AVPTool, AVZ. Ничего не находят.
Загружался с Флэшки- Alkid Live - DrWeb и Kaspersky и этом случае ничего не нашли.
Комп тормозит. Помогите !
Сделайте лог gmer.
I am not young enough to know everything...
Лог GMer - посылаю
Люди Добрые!
А почему мне никто не отвечает ?
- Выполните скрипт в AVZ
После перезагрузки:Код:begin SearchRootkit(true, true); SetAVZGuardStatus(True); QuarantineFile('C:\WINDOWS\Temp\5858060.exe',''); QuarantineFile('C:\WINDOWS\Temp\588ca0f.exe',''); QuarantineFile('C:\WINDOWS\Temp\4a20357.exe',''); QuarantineFile('c:\windows\system32\winlogon.exe',''); QuarantineFile('C:\WINDOWS\Temp\4a7dfd7.exe',''); QuarantineFile('C:\WINDOWS\Temp\13181ae.exe',''); QuarantineFile('C:\WINDOWS\Temp\13cdff8.exe',''); QuarantineFile('C:\WINDOWS\Temp\c482c89.exe',''); QuarantineFile('C:\WINDOWS\Temp\ba2bc14.exe',''); QuarantineFile('C:\WINDOWS\Temp\ba3fc89.exe',''); QuarantineFile('C:\WINDOWS\Temp\634112d.exe',''); QuarantineFile('C:\WINDOWS\Temp\63838f9.exe',''); QuarantineFile('C:\WINDOWS\Temp\8d35576.exe',''); QuarantineFile('C:\WINDOWS\Temp\8d3c574.exe',''); QuarantineFile('C:\WINDOWS\Temp\8d52658.exe',''); QuarantineFile('C:\WINDOWS\Temp\6e0c83f.exe',''); QuarantineFile('C:\WINDOWS\Temp\b5a3a08.exe',''); QuarantineFile('C:\WINDOWS\Temp\d48a990.exe',''); QuarantineFile('C:\WINDOWS\Temp\95e2f96.exe',''); QuarantineFile('C:\WINDOWS\Temp\47bec0d.exe',''); QuarantineFile('C:\WINDOWS\Temp\248c3de.exe',''); QuarantineFile('C:\WINDOWS\Temp\08c49ed.exe',''); QuarantineFile('C:\WINDOWS\Temp\0921206.exe',''); QuarantineFile('C:\WINDOWS\Temp\66bf1e2.exe',''); QuarantineFile('C:\WINDOWS\Temp\781431e.exe',''); QuarantineFile('C:\WINDOWS\Temp\9077655.exe',''); QuarantineFile('C:\WINDOWS\Temp\8bb14ed.exe',''); QuarantineFile('C:\WINDOWS\Temp\eb43d6b.exe',''); QuarantineFile('C:\WINDOWS\Temp\7306230.exe',''); QuarantineFile('C:\WINDOWS\Temp\3e3a695.exe',''); QuarantineFile('C:\WINDOWS\Temp\de41363.exe',''); QuarantineFile('C:\WINDOWS\Temp\c6edfa1.exe',''); QuarantineFile('C:\WINDOWS\Temp\248c3de.exe',''); QuarantineFile('C:\WINDOWS\Temp\e61cb3e.exe',''); QuarantineFile('C:\WINDOWS\Temp\7b281f4.exe',''); QuarantineFile('C:\WINDOWS\Temp\217660b.exe',''); QuarantineFile('C:\WINDOWS\Temp\34d6d95.exe',''); QuarantineFile('C:\WINDOWS\Temp\517bb9a.exe',''); QuarantineFile('C:\WINDOWS\Temp\4a22648.exe',''); QuarantineFile('C:\WINDOWS\Temp\4c3ac6d.exe',''); QuarantineFile('C:\WINDOWS\Temp\25714c4.exe',''); QuarantineFile('C:\WINDOWS\Temp\26b572f.exe',''); QuarantineFile('C:\WINDOWS\Temp\2795f70.exe',''); QuarantineFile('C:\WINDOWS\Temp\29e59b9.exe',''); QuarantineFile('C:\WINDOWS\Temp\2a17c40.exe',''); QuarantineFile('C:\WINDOWS\Temp\9cf44b7.exe',''); QuarantineFile('C:\WINDOWS\Temp\dff2720.exe',''); QuarantineFile('C:\WINDOWS\Temp\94d7802.exe',''); QuarantineFile('C:\WINDOWS\Temp\5b1f7f6.exe',''); QuarantineFile('C:\WINDOWS\Temp\5bad812.exe',''); QuarantineFile('C:\WINDOWS\Temp\9a68c4e.exe',''); QuarantineFile('C:\WINDOWS\Temp\dd4ed9b.exe',''); QuarantineFile('C:\WINDOWS\Temp\0bf0f91.exe',''); QuarantineFile('C:\WINDOWS\Temp\1caa92f.exe',''); QuarantineFile('C:\WINDOWS\Temp\2ad88d6.exe',''); QuarantineFile('C:\WINDOWS\Temp\39baf1b.exe',''); QuarantineFile('C:\WINDOWS\Temp\49a0634.exe',''); QuarantineFile('C:\WINDOWS\Temp\59d378d.exe',''); QuarantineFile('C:\WINDOWS\Temp\67c75b3.exe',''); QuarantineFile('C:\WINDOWS\Temp\797c72b.exe',''); QuarantineFile('C:\WINDOWS\Temp\89ce3d5.exe',''); QuarantineFile('C:\WINDOWS\Temp\a629e96.exe',''); QuarantineFile('C:\WINDOWS\Temp\caacaa5.exe',''); QuarantineFile('C:\WINDOWS\Temp\f65e3fa.exe',''); QuarantineFile('C:\WINDOWS\Temp\f6acd14.exe',''); QuarantineFile('C:\WINDOWS\Temp\f6b3a43.exe',''); QuarantineFile('C:\WINDOWS\Temp\781431e.exe',''); QuarantineFile('C:\WINDOWS\Temp\78a06ef.exe',''); QuarantineFile('C:\WINDOWS\Temp\8259144.exe',''); QuarantineFile('C:\WINDOWS\Temp\8c9955d.exe',''); QuarantineFile('C:\WINDOWS\Temp\8d395ee.exe',''); QuarantineFile('C:\WINDOWS\Temp\c5754f6.exe',''); QuarantineFile('C:\WINDOWS\Temp\cee50ed.exe',''); QuarantineFile('C:\WINDOWS\Temp\9a6c515.exe',''); QuarantineFile('C:\WINDOWS\Temp\9cf44b7.exe',''); QuarantineFile('C:\WINDOWS\Temp\5c5cf6c.exe',''); QuarantineFile('C:\WINDOWS\Temp\5fae173.exe',''); QuarantineFile('C:\WINDOWS\Temp\613195a.exe',''); QuarantineFile('C:\WINDOWS\Temp\739d1a7.exe',''); QuarantineFile('C:\WINDOWS\Temp\7493e43.exe',''); QuarantineFile('C:\WINDOWS\Temp\20dfd48.exe',''); QuarantineFile('C:\WINDOWS\Temp\211f7c2.exe',''); QuarantineFile('C:\WINDOWS\Temp\21f57de.exe',''); QuarantineFile('C:\WINDOWS\Temp\2570297.exe',''); QuarantineFile('C:\WINDOWS\Temp\609e1cd.exe',''); QuarantineFile('C:\WINDOWS\Temp\de41363.exe',''); QuarantineFile('C:\WINDOWS\Temp\16f7e1c.exe',''); QuarantineFile('C:\WINDOWS\Temp\19c9f7c.exe',''); QuarantineFile('C:\WINDOWS\Temp\19ce3c9.exe',''); QuarantineFile('C:\WINDOWS\Temp\1b5d7fc.exe',''); QuarantineFile('C:\WINDOWS\Temp\1c4c7ab.exe',''); QuarantineFile('C:\WINDOWS\Temp\1c5ef92.exe',''); QuarantineFile('C:\WINDOWS\Temp\7da9a74.exe',''); QuarantineFile('C:\WINDOWS\Temp\bab89a7.exe',''); QuarantineFile('C:\WINDOWS\Temp\2cb9215.exe',''); QuarantineFile('C:\WINDOWS\Temp\97b66d4.exe',''); QuarantineFile('C:\WINDOWS\Temp\37d6730.exe',''); QuarantineFile('C:\WINDOWS\Temp\37f3056.exe',''); QuarantineFile('C:\WINDOWS\Temp\388f00e.exe',''); QuarantineFile('C:\WINDOWS\Temp\38dceb2.exe',''); QuarantineFile('C:\WINDOWS\Temp\3931ac5.exe',''); QuarantineFile('C:\WINDOWS\Temp\e4f50ac.exe',''); QuarantineFile('C:\WINDOWS\Temp\bf4f85c.exe',''); QuarantineFile('C:\WINDOWS\Temp\bf65575.exe',''); QuarantineFile('C:\WINDOWS\Temp\0c323d7.exe',''); QuarantineFile('C:\WINDOWS\Temp\0e77174.exe',''); QuarantineFile('C:\WINDOWS\Temp\324a6e4.exe',''); QuarantineFile('C:\WINDOWS\Temp\3b6fd93.exe',''); QuarantineFile('C:\WINDOWS\Temp\3be1be8.exe',''); QuarantineFile('C:\WINDOWS\Temp\3c72d15.exe',''); QuarantineFile('C:\WINDOWS\Temp\84f52bd.exe',''); QuarantineFile('C:\WINDOWS\Temp\852f22f.exe',''); QuarantineFile('C:\WINDOWS\Temp\86c50f8.exe',''); QuarantineFile('C:\WINDOWS\Temp\88af2c7.exe',''); QuarantineFile('C:\WINDOWS\Temp\d88b084.exe',''); QuarantineFile('C:\WINDOWS\Temp\ec95650.exe',''); QuarantineFile('C:\WINDOWS\Temp\f327333.exe',''); QuarantineFile('C:\WINDOWS\Temp\f5fdc0c.exe',''); QuarantineFile('C:\WINDOWS\Temp\62757ec.exe',''); QuarantineFile('C:\WINDOWS\Temp\627736e.exe',''); QuarantineFile('C:\WINDOWS\Temp\62812ea.exe',''); QuarantineFile('C:\WINDOWS\Temp\66bf1e2.exe',''); QuarantineFile('C:\WINDOWS\Temp\676e343.exe',''); QuarantineFile('C:\WINDOWS\Temp\39b6405.exe',''); QuarantineFile('C:\WINDOWS\Temp\fbbf0a2.exe',''); QuarantineFile('C:\WINDOWS\Temp\54bd177.exe',''); QuarantineFile('C:\WINDOWS\Temp\4c53b09.exe',''); QuarantineFile('C:\WINDOWS\Temp\4ec04db.exe',''); QuarantineFile('C:\WINDOWS\Temp\50e7a52.exe',''); QuarantineFile('C:\WINDOWS\Temp\5244443.exe',''); QuarantineFile('C:\WINDOWS\Temp\54fd096.exe',''); QuarantineFile('C:\WINDOWS\Temp\573a73e.exe',''); QuarantineFile('C:\WINDOWS\Temp\be06e5d.exe',''); QuarantineFile('C:\WINDOWS\Temp\cf8a20e.exe',''); QuarantineFile('C:\WINDOWS\Temp\d1587f8.exe',''); QuarantineFile('C:\WINDOWS\Temp\e61cb3e.exe',''); QuarantineFile('C:\WINDOWS\Temp\899886f.exe',''); QuarantineFile('C:\WINDOWS\Temp\9ec3fae.exe',''); QuarantineFile('C:\WINDOWS\Temp\6a8aa0e.exe',''); QuarantineFile('C:\WINDOWS\Temp\6d8f421.exe',''); QuarantineFile('C:\WINDOWS\Temp\7306230.exe',''); QuarantineFile('C:\WINDOWS\Temp\74a8754.exe',''); QuarantineFile('C:\WINDOWS\Temp\7617a81.exe',''); QuarantineFile('C:\WINDOWS\Temp\6a59512.exe',''); QuarantineFile('C:\WINDOWS\Temp\f8b3b9c.exe',''); QuarantineFile('C:\WINDOWS\Temp\f9c1296.exe',''); QuarantineFile('C:\WINDOWS\Temp\0e9a3f4.exe',''); QuarantineFile('C:\WINDOWS\Temp\116bef8.exe',''); QuarantineFile('C:\WINDOWS\Temp\143cd87.exe',''); QuarantineFile('C:\WINDOWS\Temp\16bf665.exe',''); QuarantineFile('C:\WINDOWS\Temp\58a8a11.exe',''); QuarantineFile('C:\WINDOWS\Temp\59472f1.exe',''); QuarantineFile('C:\WINDOWS\Temp\d5f8696.exe',''); QuarantineFile('C:\WINDOWS\Temp\d656ce5.exe',''); QuarantineFile('C:\WINDOWS\Temp\a8b722a.exe',''); QuarantineFile('C:\WINDOWS\Temp\a9e6973.exe',''); QuarantineFile('C:\WINDOWS\Temp\aec7f5a.exe',''); QuarantineFile('C:\WINDOWS\Temp\8bb14ed.exe',''); QuarantineFile('C:\WINDOWS\Temp\8e31ce7.exe',''); QuarantineFile('C:\WINDOWS\Temp\908b5d0.exe',''); QuarantineFile('C:\WINDOWS\Temp\94323bf.exe',''); QuarantineFile('C:\WINDOWS\Temp\b28bf38.exe',''); QuarantineFile('C:\WINDOWS\Temp\b33b690.exe',''); QuarantineFile('C:\WINDOWS\Temp\b390c9b.exe',''); QuarantineFile('C:\WINDOWS\Temp\b43b2ca.exe',''); QuarantineFile('C:\WINDOWS\Temp\b47f4ff.exe',''); QuarantineFile('C:\WINDOWS\Temp\b50a4c1.exe',''); QuarantineFile('C:\WINDOWS\Temp\2c452a4.exe',''); QuarantineFile('C:\WINDOWS\Temp\2cfab9d.exe',''); QuarantineFile('C:\WINDOWS\Temp\2f9296d.exe',''); QuarantineFile('C:\WINDOWS\Temp\328276e.exe',''); QuarantineFile('C:\WINDOWS\Temp\359fcc5.exe',''); QuarantineFile('C:\WINDOWS\Temp\3784b90.exe',''); QuarantineFile('C:\WINDOWS\Temp\3939c9d.exe',''); QuarantineFile('C:\WINDOWS\Temp\e7b7c11.exe',''); QuarantineFile('C:\WINDOWS\Temp\35eb169.exe',''); QuarantineFile('C:\WINDOWS\Temp\374ccd9.exe',''); QuarantineFile('C:\WINDOWS\Temp\b0b4b7f.exe',''); QuarantineFile('C:\WINDOWS\Temp\b110cb5.exe',''); QuarantineFile('C:\WINDOWS\Temp\7550501.exe',''); QuarantineFile('C:\WINDOWS\Temp\7616d1e.exe',''); QuarantineFile('C:\WINDOWS\Temp\9cf44b7.exe',''); QuarantineFile('C:\WINDOWS\Temp\9daa004.exe',''); QuarantineFile('C:\WINDOWS\Temp\e9564b0.exe',''); QuarantineFile('C:\WINDOWS\Temp\b87dccc.exe',''); QuarantineFile('C:\WINDOWS\Temp\b87ffaf.exe',''); QuarantineFile('C:\WINDOWS\Temp\cee50ed.exe',''); QuarantineFile('C:\WINDOWS\Temp\12691de.exe',''); QuarantineFile('C:\WINDOWS\Temp\13237f0.exe',''); QuarantineFile('C:\WINDOWS\Temp\145cf0b.exe',''); QuarantineFile('C:\WINDOWS\Temp\163d5ef.exe',''); QuarantineFile('C:\WINDOWS\Temp\c981c72.exe',''); QuarantineFile('C:\WINDOWS\Temp\a283df9.exe',''); QuarantineFile('C:\WINDOWS\Temp\a2f0198.exe',''); QuarantineFile('C:\WINDOWS\Temp\20ec52a.exe',''); QuarantineFile('C:\WINDOWS\Temp\b038a8a.exe',''); QuarantineFile('C:\WINDOWS\Temp\4ccba83.exe',''); QuarantineFile('C:\WINDOWS\Temp\4cfb6b2.exe',''); QuarantineFile('C:\WINDOWS\Temp\4ddd344.exe',''); QuarantineFile('C:\WINDOWS\Temp\f7d8107.exe',''); QuarantineFile('C:\WINDOWS\Temp\f80c2c2.exe',''); QuarantineFile('C:\WINDOWS\Temp\111cb8f.exe',''); QuarantineFile('C:\WINDOWS\Temp\b12ae49.exe',''); QuarantineFile('C:\WINDOWS\Temp\b50a4c1.exe',''); QuarantineFile('C:\WINDOWS\Temp\a9e6973.exe',''); QuarantineFile('C:\WINDOWS\Temp\94323bf.exe',''); QuarantineFile('C:\WINDOWS\Temp\94d7802.exe',''); QuarantineFile('C:\WINDOWS\Temp\fb930bc.exe',''); QuarantineFile('C:\WINDOWS\Temp\e68f5a7.exe',''); QuarantineFile('C:\WINDOWS\Temp\e8a6e79.exe',''); QuarantineFile('C:\WINDOWS\Temp\eae116e.exe',''); QuarantineFile('C:\WINDOWS\Temp\eb43d6b.exe',''); QuarantineFile('C:\WINDOWS\Temp\ebb4b31.exe',''); QuarantineFile('C:\WINDOWS\Temp\dd39986.exe',''); QuarantineFile('C:\WINDOWS\Temp\f872e5b.exe',''); QuarantineFile('C:\WINDOWS\Temp\f9c3f83.exe',''); QuarantineFile('C:\WINDOWS\Temp\fb3064c.exe',''); QuarantineFile('C:\WINDOWS\Temp\b192f96.exe',''); QuarantineFile('C:\WINDOWS\Temp\b193104.exe',''); QuarantineFile('C:\WINDOWS\Temp\acecce4.exe',''); QuarantineFile('C:\WINDOWS\Temp\aec4e24.exe',''); QuarantineFile('C:\WINDOWS\Temp\a7b5313.exe',''); QuarantineFile('C:\WINDOWS\Temp\9f46111.exe',''); QuarantineFile('C:\WINDOWS\Temp\a0824e1.exe',''); QuarantineFile('C:\WINDOWS\Temp\a55a516.exe',''); QuarantineFile('C:\WINDOWS\Temp\00abde2.exe',''); QuarantineFile('C:\WINDOWS\Temp\00f6170.exe',''); QuarantineFile('C:\WINDOWS\Temp\014202c.exe',''); QuarantineFile('C:\WINDOWS\Temp\d50e761.exe',''); QuarantineFile('C:\WINDOWS\Temp\d656ce5.exe',''); QuarantineFile('C:\WINDOWS\Temp\c8c8f5f.exe',''); QuarantineFile('C:\WINDOWS\Temp\02b8942.exe',''); QuarantineFile('C:\WINDOWS\Temp\06ad0aa.exe',''); QuarantineFile('C:\WINDOWS\Temp\d47b5c1.exe',''); QuarantineFile('C:\WINDOWS\Temp\dc2c088.exe',''); QuarantineFile('C:\WINDOWS\Temp\c50a67a.exe',''); QuarantineFile('C:\WINDOWS\Temp\c5754f6.exe',''); QuarantineFile('C:\WINDOWS\Temp\c6edfa1.exe',''); QuarantineFile('C:\WINDOWS\Temp\c869a34.exe',''); DeleteFile('C:\WINDOWS\Temp\5858060.exe'); DeleteFile('C:\WINDOWS\Temp\588ca0f.exe'); DeleteFile('C:\WINDOWS\Temp\4a20357.exe'); DeleteFile('C:\WINDOWS\Temp\4a7dfd7.exe'); DeleteFile('C:\WINDOWS\Temp\13181ae.exe'); DeleteFile('C:\WINDOWS\Temp\13cdff8.exe'); DeleteFile('C:\WINDOWS\Temp\c482c89.exe'); DeleteFile('C:\WINDOWS\Temp\ba2bc14.exe'); DeleteFile('C:\WINDOWS\Temp\ba3fc89.exe'); DeleteFile('C:\WINDOWS\Temp\634112d.exe'); DeleteFile('C:\WINDOWS\Temp\63838f9.exe'); DeleteFile('C:\WINDOWS\Temp\8d35576.exe'); DeleteFile('C:\WINDOWS\Temp\8d3c574.exe'); DeleteFile('C:\WINDOWS\Temp\8d52658.exe'); DeleteFile('C:\WINDOWS\Temp\6e0c83f.exe'); DeleteFile('C:\WINDOWS\Temp\b5a3a08.exe'); DeleteFile('C:\WINDOWS\Temp\d48a990.exe'); DeleteFile('C:\WINDOWS\Temp\95e2f96.exe'); DeleteFile('C:\WINDOWS\Temp\47bec0d.exe'); DeleteFile('C:\WINDOWS\Temp\248c3de.exe'); DeleteFile('C:\WINDOWS\Temp\08c49ed.exe'); DeleteFile('C:\WINDOWS\Temp\0921206.exe'); DeleteFile('C:\WINDOWS\Temp\66bf1e2.exe'); DeleteFile('C:\WINDOWS\Temp\781431e.exe'); DeleteFile('C:\WINDOWS\Temp\9077655.exe'); DeleteFile('C:\WINDOWS\Temp\8bb14ed.exe'); DeleteFile('C:\WINDOWS\Temp\eb43d6b.exe'); DeleteFile('C:\WINDOWS\Temp\7306230.exe'); DeleteFile('C:\WINDOWS\Temp\3e3a695.exe'); DeleteFile('C:\WINDOWS\Temp\de41363.exe'); DeleteFile('C:\WINDOWS\Temp\c6edfa1.exe'); DeleteFile('C:\WINDOWS\Temp\248c3de.exe'); DeleteFile('C:\WINDOWS\Temp\e61cb3e.exe'); DeleteFile('C:\WINDOWS\Temp\7b281f4.exe'); DeleteFile('C:\WINDOWS\Temp\217660b.exe'); DeleteFile('C:\WINDOWS\Temp\34d6d95.exe'); DeleteFile('C:\WINDOWS\Temp\517bb9a.exe'); DeleteFile('C:\WINDOWS\Temp\4a22648.exe'); DeleteFile('C:\WINDOWS\Temp\4c3ac6d.exe'); DeleteFile('C:\WINDOWS\Temp\25714c4.exe'); DeleteFile('C:\WINDOWS\Temp\26b572f.exe'); DeleteFile('C:\WINDOWS\Temp\2795f70.exe'); DeleteFile('C:\WINDOWS\Temp\29e59b9.exe'); DeleteFile('C:\WINDOWS\Temp\2a17c40.exe'); DeleteFile('C:\WINDOWS\Temp\9cf44b7.exe'); DeleteFile('C:\WINDOWS\Temp\dff2720.exe'); DeleteFile('C:\WINDOWS\Temp\94d7802.exe'); DeleteFile('C:\WINDOWS\Temp\5b1f7f6.exe'); DeleteFile('C:\WINDOWS\Temp\5bad812.exe'); DeleteFile('C:\WINDOWS\Temp\9a68c4e.exe'); DeleteFile('C:\WINDOWS\Temp\dd4ed9b.exe'); DeleteFile('C:\WINDOWS\Temp\0bf0f91.exe'); DeleteFile('C:\WINDOWS\Temp\1caa92f.exe'); DeleteFile('C:\WINDOWS\Temp\2ad88d6.exe'); DeleteFile('C:\WINDOWS\Temp\39baf1b.exe'); DeleteFile('C:\WINDOWS\Temp\49a0634.exe'); DeleteFile('C:\WINDOWS\Temp\59d378d.exe'); DeleteFile('C:\WINDOWS\Temp\67c75b3.exe'); DeleteFile('C:\WINDOWS\Temp\797c72b.exe'); DeleteFile('C:\WINDOWS\Temp\89ce3d5.exe'); DeleteFile('C:\WINDOWS\Temp\a629e96.exe'); DeleteFile('C:\WINDOWS\Temp\caacaa5.exe'); DeleteFile('C:\WINDOWS\Temp\f65e3fa.exe'); DeleteFile('C:\WINDOWS\Temp\f6acd14.exe'); DeleteFile('C:\WINDOWS\Temp\f6b3a43.exe'); DeleteFile('C:\WINDOWS\Temp\781431e.exe'); DeleteFile('C:\WINDOWS\Temp\78a06ef.exe'); DeleteFile('C:\WINDOWS\Temp\8259144.exe'); DeleteFile('C:\WINDOWS\Temp\8c9955d.exe'); DeleteFile('C:\WINDOWS\Temp\8d395ee.exe'); DeleteFile('C:\WINDOWS\Temp\c5754f6.exe'); DeleteFile('C:\WINDOWS\Temp\cee50ed.exe'); DeleteFile('C:\WINDOWS\Temp\9a6c515.exe'); DeleteFile('C:\WINDOWS\Temp\9cf44b7.exe'); DeleteFile('C:\WINDOWS\Temp\5c5cf6c.exe'); DeleteFile('C:\WINDOWS\Temp\5fae173.exe'); DeleteFile('C:\WINDOWS\Temp\613195a.exe'); DeleteFile('C:\WINDOWS\Temp\739d1a7.exe'); DeleteFile('C:\WINDOWS\Temp\7493e43.exe'); DeleteFile('C:\WINDOWS\Temp\20dfd48.exe'); DeleteFile('C:\WINDOWS\Temp\211f7c2.exe'); DeleteFile('C:\WINDOWS\Temp\21f57de.exe'); DeleteFile('C:\WINDOWS\Temp\2570297.exe'); DeleteFile('C:\WINDOWS\Temp\609e1cd.exe'); DeleteFile('C:\WINDOWS\Temp\de41363.exe'); DeleteFile('C:\WINDOWS\Temp\16f7e1c.exe'); DeleteFile('C:\WINDOWS\Temp\19c9f7c.exe'); DeleteFile('C:\WINDOWS\Temp\19ce3c9.exe'); DeleteFile('C:\WINDOWS\Temp\1b5d7fc.exe'); DeleteFile('C:\WINDOWS\Temp\1c4c7ab.exe'); DeleteFile('C:\WINDOWS\Temp\1c5ef92.exe'); DeleteFile('C:\WINDOWS\Temp\7da9a74.exe'); DeleteFile('C:\WINDOWS\Temp\bab89a7.exe'); DeleteFile('C:\WINDOWS\Temp\2cb9215.exe'); DeleteFile('C:\WINDOWS\Temp\97b66d4.exe'); DeleteFile('C:\WINDOWS\Temp\37d6730.exe'); DeleteFile('C:\WINDOWS\Temp\37f3056.exe'); DeleteFile('C:\WINDOWS\Temp\388f00e.exe'); DeleteFile('C:\WINDOWS\Temp\38dceb2.exe'); DeleteFile('C:\WINDOWS\Temp\3931ac5.exe'); DeleteFile('C:\WINDOWS\Temp\e4f50ac.exe'); DeleteFile('C:\WINDOWS\Temp\bf4f85c.exe'); DeleteFile('C:\WINDOWS\Temp\bf65575.exe'); DeleteFile('C:\WINDOWS\Temp\0c323d7.exe'); DeleteFile('C:\WINDOWS\Temp\0e77174.exe'); DeleteFile('C:\WINDOWS\Temp\324a6e4.exe'); DeleteFile('C:\WINDOWS\Temp\3b6fd93.exe'); DeleteFile('C:\WINDOWS\Temp\3be1be8.exe'); DeleteFile('C:\WINDOWS\Temp\3c72d15.exe'); DeleteFile('C:\WINDOWS\Temp\84f52bd.exe'); DeleteFile('C:\WINDOWS\Temp\852f22f.exe'); DeleteFile('C:\WINDOWS\Temp\86c50f8.exe'); DeleteFile('C:\WINDOWS\Temp\88af2c7.exe'); DeleteFile('C:\WINDOWS\Temp\d88b084.exe'); DeleteFile('C:\WINDOWS\Temp\ec95650.exe'); DeleteFile('C:\WINDOWS\Temp\f327333.exe'); DeleteFile('C:\WINDOWS\Temp\f5fdc0c.exe'); DeleteFile('C:\WINDOWS\Temp\62757ec.exe'); DeleteFile('C:\WINDOWS\Temp\627736e.exe'); DeleteFile('C:\WINDOWS\Temp\62812ea.exe'); DeleteFile('C:\WINDOWS\Temp\66bf1e2.exe'); DeleteFile('C:\WINDOWS\Temp\676e343.exe'); DeleteFile('C:\WINDOWS\Temp\39b6405.exe'); DeleteFile('C:\WINDOWS\Temp\fbbf0a2.exe'); DeleteFile('C:\WINDOWS\Temp\54bd177.exe'); DeleteFile('C:\WINDOWS\Temp\4c53b09.exe'); DeleteFile('C:\WINDOWS\Temp\4ec04db.exe'); DeleteFile('C:\WINDOWS\Temp\50e7a52.exe'); DeleteFile('C:\WINDOWS\Temp\5244443.exe'); DeleteFile('C:\WINDOWS\Temp\54fd096.exe'); DeleteFile('C:\WINDOWS\Temp\573a73e.exe'); DeleteFile('C:\WINDOWS\Temp\be06e5d.exe'); DeleteFile('C:\WINDOWS\Temp\cf8a20e.exe'); DeleteFile('C:\WINDOWS\Temp\d1587f8.exe'); DeleteFile('C:\WINDOWS\Temp\e61cb3e.exe'); DeleteFile('C:\WINDOWS\Temp\899886f.exe'); DeleteFile('C:\WINDOWS\Temp\9ec3fae.exe'); DeleteFile('C:\WINDOWS\Temp\6a8aa0e.exe'); DeleteFile('C:\WINDOWS\Temp\6d8f421.exe'); DeleteFile('C:\WINDOWS\Temp\7306230.exe'); DeleteFile('C:\WINDOWS\Temp\74a8754.exe'); DeleteFile('C:\WINDOWS\Temp\7617a81.exe'); DeleteFile('C:\WINDOWS\Temp\6a59512.exe'); DeleteFile('C:\WINDOWS\Temp\f8b3b9c.exe'); DeleteFile('C:\WINDOWS\Temp\f9c1296.exe'); DeleteFile('C:\WINDOWS\Temp\0e9a3f4.exe'); DeleteFile('C:\WINDOWS\Temp\116bef8.exe'); DeleteFile('C:\WINDOWS\Temp\143cd87.exe'); DeleteFile('C:\WINDOWS\Temp\16bf665.exe'); DeleteFile('C:\WINDOWS\Temp\58a8a11.exe'); DeleteFile('C:\WINDOWS\Temp\59472f1.exe'); DeleteFile('C:\WINDOWS\Temp\d5f8696.exe'); DeleteFile('C:\WINDOWS\Temp\d656ce5.exe'); DeleteFile('C:\WINDOWS\Temp\a8b722a.exe'); DeleteFile('C:\WINDOWS\Temp\a9e6973.exe'); DeleteFile('C:\WINDOWS\Temp\aec7f5a.exe'); DeleteFile('C:\WINDOWS\Temp\8bb14ed.exe'); DeleteFile('C:\WINDOWS\Temp\8e31ce7.exe'); DeleteFile('C:\WINDOWS\Temp\908b5d0.exe'); DeleteFile('C:\WINDOWS\Temp\94323bf.exe'); DeleteFile('C:\WINDOWS\Temp\b28bf38.exe'); DeleteFile('C:\WINDOWS\Temp\b33b690.exe'); DeleteFile('C:\WINDOWS\Temp\b390c9b.exe'); DeleteFile('C:\WINDOWS\Temp\b43b2ca.exe'); DeleteFile('C:\WINDOWS\Temp\b47f4ff.exe'); DeleteFile('C:\WINDOWS\Temp\b50a4c1.exe'); DeleteFile('C:\WINDOWS\Temp\2c452a4.exe'); DeleteFile('C:\WINDOWS\Temp\2cfab9d.exe'); DeleteFile('C:\WINDOWS\Temp\2f9296d.exe'); DeleteFile('C:\WINDOWS\Temp\328276e.exe'); DeleteFile('C:\WINDOWS\Temp\359fcc5.exe'); DeleteFile('C:\WINDOWS\Temp\3784b90.exe'); DeleteFile('C:\WINDOWS\Temp\3939c9d.exe'); DeleteFile('C:\WINDOWS\Temp\e7b7c11.exe'); DeleteFile('C:\WINDOWS\Temp\35eb169.exe'); DeleteFile('C:\WINDOWS\Temp\374ccd9.exe'); DeleteFile('C:\WINDOWS\Temp\b0b4b7f.exe'); DeleteFile('C:\WINDOWS\Temp\b110cb5.exe'); DeleteFile('C:\WINDOWS\Temp\7550501.exe'); DeleteFile('C:\WINDOWS\Temp\7616d1e.exe'); DeleteFile('C:\WINDOWS\Temp\9cf44b7.exe'); DeleteFile('C:\WINDOWS\Temp\9daa004.exe'); DeleteFile('C:\WINDOWS\Temp\e9564b0.exe'); DeleteFile('C:\WINDOWS\Temp\b87dccc.exe'); DeleteFile('C:\WINDOWS\Temp\b87ffaf.exe'); DeleteFile('C:\WINDOWS\Temp\cee50ed.exe'); DeleteFile('C:\WINDOWS\Temp\12691de.exe'); DeleteFile('C:\WINDOWS\Temp\13237f0.exe'); DeleteFile('C:\WINDOWS\Temp\145cf0b.exe'); DeleteFile('C:\WINDOWS\Temp\163d5ef.exe'); DeleteFile('C:\WINDOWS\Temp\c981c72.exe'); DeleteFile('C:\WINDOWS\Temp\a283df9.exe'); DeleteFile('C:\WINDOWS\Temp\a2f0198.exe'); DeleteFile('C:\WINDOWS\Temp\20ec52a.exe'); DeleteFile('C:\WINDOWS\Temp\b038a8a.exe'); DeleteFile('C:\WINDOWS\Temp\4ccba83.exe'); DeleteFile('C:\WINDOWS\Temp\4cfb6b2.exe'); DeleteFile('C:\WINDOWS\Temp\4ddd344.exe'); DeleteFile('C:\WINDOWS\Temp\f7d8107.exe'); DeleteFile('C:\WINDOWS\Temp\f80c2c2.exe'); DeleteFile('C:\WINDOWS\Temp\111cb8f.exe'); DeleteFile('C:\WINDOWS\Temp\b12ae49.exe'); DeleteFile('C:\WINDOWS\Temp\b50a4c1.exe'); DeleteFile('C:\WINDOWS\Temp\a9e6973.exe'); DeleteFile('C:\WINDOWS\Temp\94323bf.exe'); DeleteFile('C:\WINDOWS\Temp\94d7802.exe'); DeleteFile('C:\WINDOWS\Temp\fb930bc.exe'); DeleteFile('C:\WINDOWS\Temp\e68f5a7.exe'); DeleteFile('C:\WINDOWS\Temp\e8a6e79.exe'); DeleteFile('C:\WINDOWS\Temp\eae116e.exe'); DeleteFile('C:\WINDOWS\Temp\eb43d6b.exe'); DeleteFile('C:\WINDOWS\Temp\ebb4b31.exe'); DeleteFile('C:\WINDOWS\Temp\dd39986.exe'); DeleteFile('C:\WINDOWS\Temp\f872e5b.exe'); DeleteFile('C:\WINDOWS\Temp\f9c3f83.exe'); DeleteFile('C:\WINDOWS\Temp\fb3064c.exe'); DeleteFile('C:\WINDOWS\Temp\b192f96.exe'); DeleteFile('C:\WINDOWS\Temp\b193104.exe'); DeleteFile('C:\WINDOWS\Temp\acecce4.exe'); DeleteFile('C:\WINDOWS\Temp\aec4e24.exe'); DeleteFile('C:\WINDOWS\Temp\a7b5313.exe'); DeleteFile('C:\WINDOWS\Temp\9f46111.exe'); DeleteFile('C:\WINDOWS\Temp\a0824e1.exe'); DeleteFile('C:\WINDOWS\Temp\a55a516.exe'); DeleteFile('C:\WINDOWS\Temp\00abde2.exe'); DeleteFile('C:\WINDOWS\Temp\00f6170.exe'); DeleteFile('C:\WINDOWS\Temp\014202c.exe'); DeleteFile('C:\WINDOWS\Temp\d50e761.exe'); DeleteFile('C:\WINDOWS\Temp\d656ce5.exe'); DeleteFile('C:\WINDOWS\Temp\c8c8f5f.exe'); DeleteFile('C:\WINDOWS\Temp\02b8942.exe'); DeleteFile('C:\WINDOWS\Temp\06ad0aa.exe'); DeleteFile('C:\WINDOWS\Temp\d47b5c1.exe'); DeleteFile('C:\WINDOWS\Temp\dc2c088.exe'); DeleteFile('C:\WINDOWS\Temp\c50a67a.exe'); DeleteFile('C:\WINDOWS\Temp\c5754f6.exe'); DeleteFile('C:\WINDOWS\Temp\c6edfa1.exe'); DeleteFile('C:\WINDOWS\Temp\c869a34.exe'); BC_ImportAll; ExecuteSysClean; ExecuteWizard('TSW', 2, 2, true); ExecuteWizard('SCU', 2, 2, true); RegKeyIntParamWrite('HKLM','SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer','NoDriveTypeAutoRun',221); BC_Activate; RebootWindows(true); end.
- выполните такой скрипт
- Файл quarantine.zip из папки AVZ загрузите по ссылке Прислать запрошенный карантин вверху темыКод:begin CreateQurantineArchive(GetAVZDirectory+'quarantine.zip'); end.
Пролечитесь так
- лог работы утилиты прикрепите к сообщению
- Сделайте повторные логи по правилам п.2 и 3 раздела Диагностика.(virusinfo_syscheck.zip;hijackthis.log)По умолчанию утилита выводит отчет работы в корень системного диска (диска, на котором установлена операционная система, как правило, это диск С:\).
Имя отчета имеет следующий вид: ИмяУтилиты.Версия_Дата_Время_log.txt
Например, C:\TDSSKiller.2.4.0_23.07.2010_15.31.43_log.txt
- Сделайте лог Gmer
Уважаемый(ая) bushev_iv, наши специалисты оказали Вам всю возможную помощь по вашему обращению.
В целях поддержания безопасности вашего компьютера настоятельно рекомендуем:
Чтобы всегда быть в курсе актуальных угроз в области информационной безопасности и сохранять свой компьютер защищенным, рекомендуем следить за последними новостями ИТ-сферы портала Anti-Malware.ru:
Надеемся больше никогда не увидеть ваш компьютер зараженным!
Если Вас не затруднит, пополните пожалуйста нашу базу безопасных файлов.