Посмотрите пожалуйста логи, "тормозят" интернет браузеры
Printable View
Посмотрите пожалуйста логи, "тормозят" интернет браузеры
Уважаемый(ая) [B]MichaNICK[/B], спасибо за обращение на наш форум!
Помощь в лечении комьютера на VirusInfo.Info оказывается абсолютно бесплатно. Хелперы, в самое ближайшее время, ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в [URL="http://virusinfo.info/pravila.html"]правилах оформления запроса о помощи[/URL].
Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста [URL="http://virusinfo.info/content.php?r=113-virusinfo.info-donate"]поддержите проект[/URL].
Так, будем чистить по частям, чтобы пост не разрастался в простыню
Выполните скрипт в AVZ
[code]begin
BC_DeleteSvc('abzccmhg');
BC_DeleteSvc('adscljeh');
BC_DeleteSvc('afmttmxw');
BC_DeleteSvc('ajlbrkwz');
BC_DeleteSvc('ajusofoy');
BC_DeleteSvc('aklfftzu');
BC_DeleteSvc('amoojkmn');
BC_DeleteSvc('apvvghbl');
BC_DeleteSvc('apwavypu');
BC_DeleteSvc('arcvxdin');
BC_DeleteSvc('aulpzkkf');
BC_DeleteSvc('auycwljp');
BC_DeleteSvc('axmyazli');
BC_DeleteSvc('aysfotae');
BC_DeleteSvc('bbdpzpml');
BC_DeleteSvc('bbprvofp');
BC_DeleteSvc('binudsra');
BC_DeleteSvc('bnckokfp');
BC_DeleteSvc('bpbgdshr');
BC_DeleteSvc('bqrxaxhg');
BC_DeleteSvc('bvhtvuvt');
BC_DeleteSvc('bykojkyn');
BC_DeleteSvc('cbhmtsvz');
BC_DeleteSvc('cccyqtan');
BC_DeleteSvc('cdpcmcrc');
BC_DeleteSvc('cfhjzhui');
BC_DeleteSvc('ckefqblo');
BC_DeleteSvc('cmfpfjrc');
BC_DeleteSvc('cmkbatey');
BC_DeleteSvc('cmkvqsby');
BC_DeleteSvc('cqcmyelb');
BC_DeleteSvc('cqfezivf');
BC_DeleteSvc('csbmzanj');
BC_DeleteSvc('csqwaxfu');
BC_DeleteSvc('ctagdppr');
BC_DeleteSvc('cyejgevc');
BC_DeleteSvc('czhwtiot');
BC_DeleteSvc('daffkird');
BC_DeleteSvc('damdhwlq');
BC_DeleteSvc('dedzyvbj');
BC_DeleteSvc('dkcjjtbu');
BC_DeleteSvc('dklcbtkb');
BC_DeleteSvc('djjqfafn');
BC_DeleteSvc('dmwllncj');
BC_DeleteSvc('drmhmvew');
BC_DeleteSvc('dslveikd');
BC_DeleteSvc('dwpskgzm');
BC_DeleteSvc('dxkejkkw');
BC_DeleteSvc('eaokhorv');
BC_DeleteSvc('efvybexs');
BC_DeleteSvc('emxhphlf');
BC_DeleteSvc('endwvark');
BC_DeleteSvc('eosockhv');
BC_DeleteSvc('eoxzdmyv');
BC_DeleteSvc('eqtvwimy');
BC_DeleteSvc('esjpvrir');
BC_DeleteSvc('etfesdkj');
BC_DeleteSvc('evijtulx');
BC_DeleteSvc('ezgonvgj');
BC_DeleteSvc('fahipqcn');
BC_DeleteSvc('fanhgogc');
BC_DeleteSvc('fgwbwqia');
BC_DeleteSvc('fikyyoyy');
BC_DeleteSvc('fjpfurzm');
BC_DeleteSvc('fnntqnvd');
BC_DeleteSvc('frhdubrf');
BC_DeleteSvc('ftabohjb');
BC_DeleteSvc('ftaehkto');
BC_DeleteSvc('fuglbgir');
BC_DeleteSvc('fvfsctwg');
BC_DeleteSvc('gahmzpym');
BC_DeleteSvc('gamgziwv');
BC_DeleteSvc('gaspsjlo');
BC_DeleteSvc('gatgesbc');
BC_DeleteSvc('gidrtbdo');
BC_DeleteSvc('giycmaet');
BC_DeleteSvc('gjapxhgz');
BC_DeleteSvc('gjeajkmk');
BC_DeleteSvc('gjorxjwt');
BC_DeleteSvc('gkzdggrz');
BC_DeleteSvc('gnlgoeur');
BC_DeleteSvc('gouadspr');
BC_DeleteSvc('gqbyrrcz');
BC_DeleteSvc('gqlzkgjo');
BC_DeleteSvc('gwduqmpm');
BC_DeleteSvc('gwwilfkj');
BC_DeleteSvc('hgqfklcv');
BC_DeleteSvc('hgykchgx');
BC_DeleteSvc('hpxamkmr');
BC_DeleteSvc('hqqfluri');
BC_DeleteSvc('hywmpgky');
BC_DeleteSvc('ibowllbc');
BC_DeleteSvc('iduewzoy');
BC_DeleteSvc('ifqufiwg');
BC_DeleteSvc('ifuzewlh');
BC_DeleteSvc('iheiybzc');
BC_DeleteSvc('ijlfpjzc');
BC_DeleteSvc('ikbuqzkn');
BC_DeleteSvc('imatcekc');
BC_DeleteSvc('inqoxpmo');
BC_DeleteSvc('inwyvqxp');
BC_DeleteSvc('inxrgsls');
BC_DeleteSvc('iqdayljd');
BC_DeleteSvc('iqxkwzco');
BC_DeleteSvc('iqyztofw');
BC_DeleteSvc('irguzxlx');
BC_DeleteSvc('itmbjwnj');
BC_DeleteSvc('iythbxbn');
BC_DeleteSvc('izbjiymj');
BC_DeleteSvc('jbrrjair');
BC_DeleteSvc('jdhkqvwp');
BC_DeleteSvc('jfkoqtmf');
BC_DeleteSvc('jkqtlpya');
BC_DeleteSvc('jnvpusxy');
BC_DeleteSvc('jnyjojmc');
BC_DeleteSvc('johulpkn');
BC_DeleteSvc('jomgmlde');
BC_DeleteSvc('jovaqogd');
BC_DeleteSvc('jqmwuope');
BC_DeleteSvc('kbjyjcqj');
BC_DeleteSvc('kedgqpbt');
BC_DeleteSvc('klvtacha');
BC_DeleteSvc('knpjgpjr');
BC_DeleteSvc('konekayr');
BC_DeleteSvc('kpcqinke');
BC_DeleteSvc('kpipyxls');
BC_DeleteSvc('krfkesyy');
BC_DeleteSvc('krqzzewc');
BC_DeleteSvc('lbmmurjj');
BC_DeleteSvc('ldvaudir');
BC_DeleteSvc('lfboavsu');
BC_DeleteSvc('lhusbtbp');
BC_DeleteSvc('llfxqddh');
BC_DeleteSvc('lnakvltv');
BC_DeleteSvc('locbdthr');
BC_DeleteSvc('loodfcze');
BC_DeleteSvc('lralsrgb');
BC_DeleteSvc('lxgdlrod');
BC_DeleteSvc('mfzvvspf');
BC_DeleteSvc('mkvrclxj');
BC_DeleteSvc('mkwmnqcb');
BC_DeleteSvc('mlspbcmz');
BC_DeleteSvc('mmadskce');
BC_DeleteSvc('mmytvqsf');
BC_DeleteSvc('mmztrbmy');
BC_DeleteSvc('mnskohol');
BC_DeleteSvc('mokurhld');
BC_DeleteSvc('moxhtesc');
BC_DeleteSvc('mppdnhcp');
BC_DeleteSvc('mraiqcwj');
BC_DeleteSvc('mtocavon');
BC_DeleteSvc('mvjbcbzc');
BC_DeleteSvc('mwacyvgs');
BC_DeleteSvc('mwlpwvid');
BC_DeleteSvc('mwwovvrb');
BC_DeleteSvc('myhnljqq');
BC_DeleteSvc('mzrdpvpw');
BC_DeleteSvc('nalbsnwc');
BC_DeleteSvc('natptplv');
BC_DeleteSvc('nazfgwfd');
BC_DeleteSvc('netfhvye');
BC_DeleteSvc('nfragwip');
BC_DeleteSvc('niftdllj');
BC_DeleteSvc('nitzvjup');
BC_DeleteSvc('nkfoiotc');
BC_DeleteSvc('nkkiehny');
BC_DeleteSvc('nlunbgcs');
BC_DeleteSvc('nodgtfxa');
BC_DeleteSvc('nqdcqfwe');
BC_DeleteSvc('nqnwlnfq');
BC_DeleteSvc('nrzdiqmm');
BC_DeleteSvc('nsmbcyat');
BC_DeleteSvc('nuvjzruh');
BC_DeleteSvc('nvnvekvc');
BC_DeleteSvc('nwlcohqa');
BC_DeleteSvc('nxqwnvbp');
BC_DeleteSvc('nzqiiagz');
BC_Activate;
RebootWindows(false);
end.[/code]Компьютер перезагрузится.
Сделайте новый лог virusinfo_syscheck.zip
Скрипт сделал. Прикладываю новый лог
Не увидел, что у Вас Win 7, потому BC не сработал
Дубль 2
Выполните скрипт в AVZ
[code]begin
DeleteService('jqmwuope');
DeleteService('jovaqogd');
DeleteService('jomgmlde');
DeleteService('johulpkn');
DeleteService('jnyjojmc');
DeleteService('jnvpusxy');
DeleteService('jkqtlpya');
DeleteService('jfkoqtmf');
DeleteService('jdhkqvwp');
DeleteService('izbjiymj');
DeleteService('iythbxbn');
DeleteService('itmbjwnj');
DeleteService('irguzxlx');
DeleteService('iqyztofw');
DeleteService('iqxkwzco');
DeleteService('iqdayljd');
DeleteService('ipnnqylr');
DeleteService('inxrgsls');
DeleteService('inwyvqxp');
DeleteService('inqoxpmo');
DeleteService('imatcekc');
DeleteService('ikbuqzkn');
DeleteService('ijlfpjzc');
DeleteService('iheiybzc');
DeleteService('ifuzewlh');
DeleteService('ifqufiwg');
DeleteService('iduewzoy');
DeleteService('ibowllbc');
DeleteService('hydxhfvt');
DeleteService('hywmpgky');
DeleteService('hqqfluri');
DeleteService('hpxamkmr');
DeleteService('hgykchgx');
DeleteService('hgqfklcv');
DeleteService('gwwilfkj');
DeleteService('gwduqmpm');
DeleteService('gqlzkgjo');
DeleteService('gqbyrrcz');
DeleteService('gouadspr');
DeleteService('gnlgoeur');
DeleteService('gkzdggrz');
DeleteService('gjorxjwt');
DeleteService('gjeajkmk');
DeleteService('gjapxhgz');
DeleteService('giycmaet');
DeleteService('gidrtbdo');
DeleteService('gatgesbc');
DeleteService('gaspsjlo');
DeleteService('gamgziwv');
DeleteService('gahmzpym');
DeleteService('fvfsctwg');
DeleteService('fuglbgir');
DeleteService('ftaehkto');
DeleteService('ftabohjb');
DeleteService('frhdubrf');
DeleteService('fnntqnvd');
DeleteService('fjpfurzm');
DeleteService('fikyyoyy');
DeleteService('fgwbwqia');
DeleteService('fanhgogc');
DeleteService('fahipqcn');
DeleteService('ezgonvgj');
DeleteService('evijtulx');
DeleteService('etfesdkj');
DeleteService('esjpvrir');
DeleteService('eqtvwimy');
DeleteService('eoxzdmyv');
DeleteService('eosockhv');
DeleteService('endwvark');
DeleteService('emxhphlf');
DeleteService('efvybexs');
DeleteService('eaokhorv');
DeleteService('dxkejkkw');
DeleteService('dwpskgzm');
DeleteService('dslveikd');
DeleteService('drmhmvew');
DeleteService('dmwllncj');
DeleteService('dklcbtkb');
DeleteService('dkcjjtbu');
DeleteService('djjqfafn');
DeleteService('dedzyvbj');
DeleteService('damdhwlq');
DeleteService('daffkird');
DeleteService('czhwtiot');
DeleteService('cyejgevc');
DeleteService('ctagdppr');
DeleteService('cszlvknn');
DeleteService('csqwaxfu');
DeleteService('csbmzanj');
DeleteService('cqfezivf');
DeleteService('cqcmyelb');
DeleteService('cmkvqsby');
DeleteService('cmkbatey');
DeleteService('cmfpfjrc');
DeleteService('ckefqblo');
DeleteService('cfhjzhui');
DeleteService('cdpcmcrc');
DeleteService('cccyqtan');
DeleteService('cbhmtsvz');
DeleteService('bykojkyn');
DeleteService('bvhtvuvt');
DeleteService('bqrxaxhg');
DeleteService('bpbgdshr');
DeleteService('bnckokfp');
DeleteService('binudsra');
DeleteService('bdypoiqu');
DeleteService('bbprvofp');
DeleteService('bbdpzpml');
DeleteService('aysfotae');
DeleteService('axmyazli');
DeleteService('auycwljp');
DeleteService('aulpzkkf');
DeleteService('arcvxdin');
DeleteService('apwavypu');
DeleteService('apvvghbl');
DeleteService('amoojkmn');
DeleteService('aklfftzu');
DeleteService('ajusofoy');
DeleteService('ajlbrkwz');
DeleteService('afmttmxw');
DeleteService('adscljeh');
DeleteService('abzccmhg');
DeleteFile('C:\windows\system32\drivers\abzccmhg.sys','32');
DeleteFile('C:\windows\system32\drivers\adscljeh.sys','32');
DeleteFile('C:\windows\system32\drivers\afmttmxw.sys','32');
DeleteFile('C:\windows\system32\drivers\ajlbrkwz.sys','32');
DeleteFile('C:\windows\system32\drivers\ajusofoy.sys','32');
DeleteFile('C:\windows\system32\drivers\amoojkmn.sys','32');
DeleteFile('C:\windows\system32\drivers\apvvghbl.sys','32');
DeleteFile('C:\windows\system32\drivers\apwavypu.sys','32');
DeleteFile('C:\windows\system32\drivers\arcvxdin.sys','32');
DeleteFile('C:\windows\system32\drivers\aulpzkkf.sys','32');
DeleteFile('C:\windows\system32\drivers\auycwljp.sys','32');
DeleteFile('C:\windows\system32\drivers\axmyazli.sys','32');
DeleteFile('C:\windows\system32\drivers\aysfotae.sys','32');
DeleteFile('C:\windows\system32\drivers\bbdpzpml.sys','32');
DeleteFile('C:\windows\system32\drivers\bbprvofp.sys','32');
DeleteFile('C:\windows\system32\drivers\bdypoiqu.sys','32');
DeleteFile('C:\windows\system32\drivers\binudsra.sys','32');
DeleteFile('C:\windows\system32\drivers\bnckokfp.sys','32');
DeleteFile('C:\windows\system32\drivers\bpbgdshr.sys','32');
DeleteFile('C:\windows\system32\drivers\bqrxaxhg.sys','32');
DeleteFile('C:\windows\system32\drivers\bvhtvuvt.sys','32');
DeleteFile('C:\windows\system32\drivers\bykojkyn.sys','32');
DeleteFile('C:\windows\system32\drivers\cbhmtsvz.sys','32');
DeleteFile('C:\windows\system32\drivers\cccyqtan.sys','32');
DeleteFile('C:\windows\system32\drivers\cdpcmcrc.sys','32');
DeleteFile('C:\windows\system32\drivers\cfhjzhui.sys','32');
DeleteFile('C:\windows\system32\drivers\ckefqblo.sys','32');
DeleteFile('C:\windows\system32\drivers\cmfpfjrc.sys','32');
DeleteFile('C:\windows\system32\drivers\cmkbatey.sys','32');
DeleteFile('C:\windows\system32\drivers\cmkvqsby.sys','32');
DeleteFile('C:\windows\system32\drivers\cqcmyelb.sys','32');
DeleteFile('C:\windows\system32\drivers\cqfezivf.sys','32');
DeleteFile('C:\windows\system32\drivers\csbmzanj.sys','32');
DeleteFile('C:\windows\system32\drivers\csqwaxfu.sys','32');
DeleteFile('C:\windows\system32\drivers\cszlvknn.sys','32');
DeleteFile('C:\windows\system32\drivers\ctagdppr.sys','32');
DeleteFile('C:\windows\system32\drivers\cyejgevc.sys','32');
DeleteFile('C:\windows\system32\drivers\daffkird.sys','32');
DeleteFile('C:\windows\system32\drivers\damdhwlq.sys','32');
DeleteFile('C:\windows\system32\drivers\dedzyvbj.sys','32');
DeleteFile('C:\windows\system32\drivers\djjqfafn.sys','32');
DeleteFile('C:\windows\system32\drivers\dkcjjtbu.sys','32');
DeleteFile('C:\windows\system32\drivers\dklcbtkb.sys','32');
DeleteFile('C:\windows\system32\drivers\dmwllncj.sys','32');
DeleteFile('C:\windows\system32\drivers\drmhmvew.sys','32');
DeleteFile('C:\windows\system32\drivers\dslveikd.sys','32');
DeleteFile('C:\windows\system32\drivers\dwpskgzm.sys','32');
DeleteFile('C:\windows\system32\drivers\dxkejkkw.sys','32');
DeleteFile('C:\windows\system32\drivers\eaokhorv.sys','32');
DeleteFile('C:\windows\system32\drivers\efvybexs.sys','32');
DeleteFile('C:\windows\system32\drivers\emxhphlf.sys','32');
DeleteFile('C:\windows\system32\drivers\endwvark.sys','32');
DeleteFile('C:\windows\system32\drivers\eoxzdmyv.sys','32');
DeleteFile('C:\windows\system32\drivers\esjpvrir.sys','32');
DeleteFile('C:\windows\system32\drivers\etfesdkj.sys','32');
DeleteFile('C:\windows\system32\drivers\evijtulx.sys','32');
DeleteFile('C:\windows\system32\drivers\ezgonvgj.sys','32');
DeleteFile('C:\windows\system32\drivers\fahipqcn.sys','32');
DeleteFile('C:\windows\system32\drivers\fgwbwqia.sys','32');
DeleteFile('C:\windows\system32\drivers\fikyyoyy.sys','32');
DeleteFile('C:\windows\system32\drivers\fjpfurzm.sys','32');
DeleteFile('C:\windows\system32\drivers\fnntqnvd.sys','32');
DeleteFile('C:\windows\system32\drivers\frhdubrf.sys','32');
DeleteFile('C:\windows\system32\drivers\ftabohjb.sys','32');
DeleteFile('C:\windows\system32\drivers\ftaehkto.sys','32');
DeleteFile('C:\windows\system32\drivers\fuglbgir.sys','32');
DeleteFile('C:\windows\system32\drivers\fvfsctwg.sys','32');
DeleteFile('C:\windows\system32\drivers\gahmzpym.sys','32');
DeleteFile('C:\windows\system32\drivers\gamgziwv.sys','32');
DeleteFile('C:\windows\system32\drivers\gaspsjlo.sys','32');
DeleteFile('C:\windows\system32\drivers\gatgesbc.sys','32');
DeleteFile('C:\windows\system32\drivers\gidrtbdo.sys','32');
DeleteFile('C:\windows\system32\drivers\giycmaet.sys','32');
DeleteFile('C:\windows\system32\drivers\gjeajkmk.sys','32');
DeleteFile('C:\windows\system32\drivers\gjorxjwt.sys','32');
DeleteFile('C:\windows\system32\drivers\gkzdggrz.sys','32');
DeleteFile('C:\windows\system32\drivers\gnlgoeur.sys','32');
DeleteFile('C:\windows\system32\drivers\gouadspr.sys','32');
DeleteFile('C:\windows\system32\drivers\gqbyrrcz.sys','32');
DeleteFile('C:\windows\system32\drivers\gqlzkgjo.sys','32');
DeleteFile('C:\windows\system32\drivers\gwduqmpm.sys','32');
DeleteFile('C:\windows\system32\drivers\gwwilfkj.sys','32');
DeleteFile('C:\windows\system32\drivers\hgqfklcv.sys','32');
DeleteFile('C:\windows\system32\drivers\hgykchgx.sys','32');
DeleteFile('C:\windows\system32\drivers\hpxamkmr.sys','32');
DeleteFile('C:\windows\system32\drivers\hqqfluri.sys','32');
DeleteFile('C:\windows\system32\drivers\hydxhfvt.sys','32');
DeleteFile('C:\windows\system32\drivers\hywmpgky.sys','32');
DeleteFile('C:\windows\system32\drivers\ibowllbc.sys','32');
DeleteFile('C:\windows\system32\drivers\iduewzoy.sys','32');
DeleteFile('C:\windows\system32\drivers\ifqufiwg.sys','32');
DeleteFile('C:\windows\system32\drivers\ifuzewlh.sys','32');
DeleteFile('C:\windows\system32\drivers\ijlfpjzc.sys','32');
DeleteFile('C:\windows\system32\drivers\ikbuqzkn.sys','32');
DeleteFile('C:\windows\system32\drivers\imatcekc.sys','32');
DeleteFile('C:\windows\system32\drivers\inqoxpmo.sys','32');
DeleteFile('C:\windows\system32\drivers\inxrgsls.sys','32');
DeleteFile('C:\windows\system32\drivers\ipnnqylr.sys','32');
DeleteFile('C:\windows\system32\drivers\iqdayljd.sys','32');
DeleteFile('C:\windows\system32\drivers\iqxkwzco.sys','32');
DeleteFile('C:\windows\system32\drivers\iqyztofw.sys','32');
DeleteFile('C:\windows\system32\drivers\irguzxlx.sys','32');
DeleteFile('C:\windows\system32\drivers\itmbjwnj.sys','32');
DeleteFile('C:\windows\system32\drivers\iythbxbn.sys','32');
DeleteFile('C:\windows\system32\drivers\izbjiymj.sys','32');
DeleteFile('C:\windows\system32\drivers\jbrrjair.sys','32');
DeleteFile('C:\windows\system32\drivers\jdhkqvwp.sys','32');
DeleteFile('C:\windows\system32\drivers\jfkoqtmf.sys','32');
DeleteFile('C:\windows\system32\drivers\jkqtlpya.sys','32');
DeleteFile('C:\windows\system32\drivers\jnvpusxy.sys','32');
DeleteFile('C:\windows\system32\drivers\jnyjojmc.sys','32');
DeleteFile('C:\windows\system32\drivers\jomgmlde.sys','32');
DeleteFile('C:\windows\system32\drivers\jovaqogd.sys','32');
DeleteFile('C:\windows\system32\drivers\jqmwuope.sys','32');
ExecuteSysClean;
RebootWindows(false);
end.[/code]Компьютер перезагрузится.
Сделайте новый лог
Скрипт выполнен. Лог новый прилагаю
Вторая часть, после еще раз придется
Выполните скрипт в AVZ
[code]begin
DeleteService('raqsxpux');
DeleteService('qyoyusfa');
DeleteService('qxosopnf');
DeleteService('qslqkcih');
DeleteService('qqcxmgbq');
DeleteService('qmcbbeez');
DeleteService('qlslcyhq');
DeleteService('qlfftbil');
DeleteService('qiljauuo');
DeleteService('qfvvzero');
DeleteService('qfacanup');
DeleteService('pzncatle');
DeleteService('pyxiaaim');
DeleteService('pxquwqng');
DeleteService('prnekewi');
DeleteService('pqjaqofv');
DeleteService('pmvsgrqn');
DeleteService('pmkijlji');
DeleteService('pmdoqapj');
DeleteService('pknlnimc');
DeleteService('phozzybz');
DeleteService('pgpaeqzj');
DeleteService('peupxcim');
DeleteService('patsmntd');
DeleteService('oujrorpf');
DeleteService('oqpjthcx');
DeleteService('olnuhhiu');
DeleteService('ojcdggpm');
DeleteService('oeazuqne');
DeleteService('ocmlrdrx');
DeleteService('oadkebnj');
DeleteService('nzqiiagz');
DeleteService('nxqwnvbp');
DeleteService('nwlcohqa');
DeleteService('nvnvekvc');
DeleteService('nuvjzruh');
DeleteService('nsmbcyat');
DeleteService('nrzdiqmm');
DeleteService('nqnwlnfq');
DeleteService('nqdcqfwe');
DeleteService('nodgtfxa');
DeleteService('nlunbgcs');
DeleteService('nkfoiotc');
DeleteService('nitzvjup');
DeleteService('niftdllj');
DeleteService('nfragwip');
DeleteService('netfhvye');
DeleteService('nazfgwfd');
DeleteService('natptplv');
DeleteService('nalbsnwc');
DeleteService('mzrdpvpw');
DeleteService('myhnljqq');
DeleteService('mwwovvrb');
DeleteService('mwlpwvid');
DeleteService('mwacyvgs');
DeleteService('mvjbcbzc');
DeleteService('mtocavon');
DeleteService('mraiqcwj');
DeleteService('mppdnhcp');
DeleteService('mokurhld');
DeleteService('mnskohol');
DeleteService('mmztrbmy');
DeleteService('mmytvqsf');
DeleteService('mmadskce');
DeleteService('mlspbcmz');
DeleteService('mkwmnqcb');
DeleteService('mkvrclxj');
DeleteService('mfzvvspf');
DeleteService('lxgdlrod');
DeleteService('lrhobuak');
DeleteService('lralsrgb');
DeleteService('loodfcze');
DeleteService('locbdthr');
DeleteService('lnakvltv');
DeleteService('llfxqddh');
DeleteService('lhusbtbp');
DeleteService('lfboavsu');
DeleteService('ldvaudir');
DeleteService('lbmmurjj');
DeleteService('krqzzewc');
DeleteService('krfkesyy');
DeleteService('kpipyxls');
DeleteService('kpcqinke');
DeleteService('konekayr');
DeleteService('knpjgpjr');
DeleteService('klvtacha');
DeleteService('kedgqpbt');
DeleteService('kbjyjcqj');
DeleteFile('C:\windows\system32\drivers\raqsxpux.sys','32');
DeleteFile('C:\windows\system32\drivers\qyoyusfa.sys','32');
DeleteFile('C:\windows\system32\drivers\qxosopnf.sys','32');
DeleteFile('C:\windows\system32\drivers\qslqkcih.sys','32');
DeleteFile('C:\windows\system32\drivers\qqcxmgbq.sys','32');
DeleteFile('C:\windows\system32\drivers\qmcbbeez.sys','32');
DeleteFile('C:\windows\system32\drivers\qlslcyhq.sys','32');
DeleteFile('C:\windows\system32\drivers\qlfftbil.sys','32');
DeleteFile('C:\windows\system32\drivers\qiljauuo.sys','32');
DeleteFile('C:\windows\system32\drivers\qfvvzero.sys','32');
DeleteFile('C:\windows\system32\drivers\qfacanup.sys','32');
DeleteFile('C:\windows\system32\drivers\pzncatle.sys','32');
DeleteFile('C:\windows\system32\drivers\pyxiaaim.sys','32');
DeleteFile('C:\windows\system32\drivers\pxquwqng.sys','32');
DeleteFile('C:\windows\system32\drivers\prnekewi.sys','32');
DeleteFile('C:\windows\system32\drivers\pqjaqofv.sys','32');
DeleteFile('C:\windows\system32\drivers\pmvsgrqn.sys','32');
DeleteFile('C:\windows\system32\drivers\pmkijlji.sys','32');
DeleteFile('C:\windows\system32\drivers\pmdoqapj.sys','32');
DeleteFile('C:\windows\system32\drivers\pknlnimc.sys','32');
DeleteFile('C:\windows\system32\drivers\phozzybz.sys','32');
DeleteFile('C:\windows\system32\drivers\pgpaeqzj.sys','32');
DeleteFile('C:\windows\system32\drivers\peupxcim.sys','32');
DeleteFile('C:\windows\system32\drivers\patsmntd.sys','32');
DeleteFile('C:\windows\system32\drivers\oujrorpf.sys','32');
DeleteFile('C:\windows\system32\drivers\oqpjthcx.sys','32');
DeleteFile('C:\windows\system32\drivers\onuksjpk.sys','32');
DeleteFile('C:\windows\system32\drivers\olnuhhiu.sys','32');
DeleteFile('C:\windows\system32\drivers\ojcdggpm.sys','32');
DeleteFile('C:\windows\system32\drivers\oeazuqne.sys','32');
DeleteFile('C:\windows\system32\drivers\ocmlrdrx.sys','32');
DeleteFile('C:\windows\system32\drivers\oadkebnj.sys','32');
DeleteFile('C:\windows\system32\drivers\nzqiiagz.sys','32');
DeleteFile('C:\windows\system32\drivers\nxqwnvbp.sys','32');
DeleteFile('C:\windows\system32\drivers\nwlcohqa.sys','32');
DeleteFile('C:\windows\system32\drivers\nvnvekvc.sys','32');
DeleteFile('C:\windows\system32\drivers\nuvjzruh.sys','32');
DeleteFile('C:\windows\system32\drivers\nsmbcyat.sys','32');
DeleteFile('C:\windows\system32\drivers\nrzdiqmm.sys','32');
DeleteFile('C:\windows\system32\drivers\nqnwlnfq.sys','32');
DeleteFile('C:\windows\system32\drivers\nqdcqfwe.sys','32');
DeleteFile('C:\windows\system32\drivers\nodgtfxa.sys','32');
DeleteFile('C:\windows\system32\drivers\nlunbgcs.sys','32');
DeleteFile('C:\windows\system32\drivers\nkkiehny.sys','32');
DeleteFile('C:\windows\system32\drivers\nkfoiotc.sys','32');
DeleteFile('C:\windows\system32\drivers\nitzvjup.sys','32');
DeleteFile('C:\windows\system32\drivers\niftdllj.sys','32');
DeleteFile('C:\windows\system32\drivers\nfragwip.sys','32');
DeleteFile('C:\windows\system32\drivers\netfhvye.sys','32');
DeleteFile('C:\windows\system32\drivers\nazfgwfd.sys','32');
DeleteFile('C:\windows\system32\drivers\natptplv.sys','32');
DeleteFile('C:\windows\system32\drivers\nalbsnwc.sys','32');
DeleteFile('C:\windows\system32\drivers\mzrdpvpw.sys','32');
DeleteFile('C:\windows\system32\drivers\myhnljqq.sys','32');
DeleteFile('C:\windows\system32\drivers\mwwovvrb.sys','32');
DeleteFile('C:\windows\system32\drivers\mwlpwvid.sys','32');
DeleteFile('C:\windows\system32\drivers\mwacyvgs.sys','32');
DeleteFile('C:\windows\system32\drivers\mvjbcbzc.sys','32');
DeleteFile('C:\windows\system32\drivers\mtocavon.sys','32');
DeleteFile('C:\windows\system32\drivers\mraiqcwj.sys','32');
DeleteFile('C:\windows\system32\drivers\mppdnhcp.sys','32');
DeleteFile('C:\windows\system32\drivers\moxhtesc.sys','32');
DeleteFile('C:\windows\system32\drivers\mokurhld.sys','32');
DeleteFile('C:\windows\system32\drivers\mnskohol.sys','32');
DeleteFile('C:\windows\system32\drivers\mmztrbmy.sys','32');
DeleteFile('C:\windows\system32\drivers\mmytvqsf.sys','32');
DeleteFile('C:\windows\system32\drivers\mmadskce.sys','32');
DeleteFile('C:\windows\system32\drivers\mlspbcmz.sys','32');
DeleteFile('C:\windows\system32\drivers\mkwmnqcb.sys','32');
DeleteFile('C:\windows\system32\drivers\mkvrclxj.sys','32');
DeleteFile('C:\windows\system32\drivers\mfzvvspf.sys','32');
DeleteFile('C:\windows\system32\drivers\lrhobuak.sys','32');
DeleteFile('C:\windows\system32\drivers\lralsrgb.sys','32');
DeleteFile('C:\windows\system32\drivers\loodfcze.sys','32');
DeleteFile('C:\windows\system32\drivers\locbdthr.sys','32');
DeleteFile('C:\windows\system32\drivers\lnakvltv.sys','32');
DeleteFile('C:\windows\system32\drivers\llfxqddh.sys','32');
DeleteFile('C:\windows\system32\drivers\lhusbtbp.sys','32');
DeleteFile('C:\windows\system32\drivers\lfboavsu.sys','32');
DeleteFile('C:\windows\system32\drivers\ldvaudir.sys','32');
DeleteFile('C:\windows\system32\drivers\lbmmurjj.sys','32');
DeleteFile('C:\windows\system32\drivers\krqzzewc.sys','32');
DeleteFile('C:\windows\system32\drivers\krfkesyy.sys','32');
DeleteFile('C:\windows\system32\drivers\kpipyxls.sys','32');
DeleteFile('C:\windows\system32\drivers\kpcqinke.sys','32');
DeleteFile('C:\windows\system32\drivers\konekayr.sys','32');
DeleteFile('C:\windows\system32\drivers\knpjgpjr.sys','32');
DeleteFile('C:\windows\system32\drivers\klvtacha.sys','32');
DeleteFile('C:\windows\system32\drivers\kedgqpbt.sys','32');
DeleteFile('C:\windows\system32\drivers\kbjyjcqj.sys','32');
DeleteFile('C:\Users\user\appdata\roaming\digita~1\update~1\update~1.exe','32');
ExecuteSysClean;
RebootWindows(false);
end.[/code]Компьютер перезагрузится.
Сделайте новый лог
Выполнил. Лог прилагаю
Выполните скрипт в AVZ
[code]begin
DeleteService('wptgmtid');
DeleteService('wnvpatkt');
DeleteService('wmlyqext');
DeleteService('wlxpvkep');
DeleteService('wiruqswj');
DeleteService('wetmjwae');
DeleteService('wdgsixch');
DeleteService('wdgnhmqd');
DeleteService('wcwzzryw');
DeleteService('vsioampo');
DeleteService('vrkstamo');
DeleteService('vptjaomu');
DeleteService('vonvaovb');
DeleteService('vnnbdkkn');
DeleteService('vndmcwlz');
DeleteService('vlbvwouc');
DeleteService('vinlczsd');
DeleteService('vdslrhkh');
DeleteService('vahgnpop');
DeleteService('uylrsrrg');
DeleteService('uygbqfdq');
DeleteService('uwwpfiwo');
DeleteService('utiiymjk');
DeleteService('uqkljnut');
DeleteService('ukcetvgk');
DeleteService('uhvkifrm');
DeleteService('ugkmeeks');
DeleteService('ufffnpyd');
DeleteService('ufapwtin');
DeleteService('tzzqutrh');
DeleteService('tutepvlb');
DeleteService('tunrbubq');
DeleteService('ttuhmsng');
DeleteService('tsoonzfu');
DeleteService('triyreui');
DeleteService('tqgoprdb');
DeleteService('tkvfqajx');
DeleteService('taryjekb');
DeleteService('svtgbmtv');
DeleteService('spjqalkk');
DeleteService('soegtmri');
DeleteService('snsjbjur');
DeleteService('skusbfug');
DeleteService('sipgjklb');
DeleteService('shfwdvrj');
DeleteService('sdotmjjb');
DeleteService('rwprpalm');
DeleteService('rsubufxj');
DeleteService('rqvsozxt');
DeleteService('rqnghqcs');
DeleteService('rlmldnjy');
DeleteService('rkkolqmi');
DeleteService('rjltfieo');
DeleteService('riprmwjc');
DeleteService('rgyvcdeu');
DeleteService('rcggcegm');
DeleteFile('C:\windows\system32\drivers\rcggcegm.sys','32');
DeleteFile('C:\windows\system32\drivers\rgyvcdeu.sys','32');
DeleteFile('C:\windows\system32\drivers\riprmwjc.sys','32');
DeleteFile('C:\windows\system32\drivers\rjltfieo.sys','32');
DeleteFile('C:\windows\system32\drivers\rkkolqmi.sys','32');
DeleteFile('C:\windows\system32\drivers\rlmldnjy.sys','32');
DeleteFile('C:\windows\system32\drivers\rqnghqcs.sys','32');
DeleteFile('C:\windows\system32\drivers\rqvsozxt.sys','32');
DeleteFile('C:\windows\system32\drivers\rsubufxj.sys','32');
DeleteFile('C:\windows\system32\drivers\rwprpalm.sys','32');
DeleteFile('C:\windows\system32\drivers\sdotmjjb.sys','32');
DeleteFile('C:\windows\system32\drivers\shfwdvrj.sys','32');
DeleteFile('C:\windows\system32\drivers\sipgjklb.sys','32');
DeleteFile('C:\windows\system32\drivers\skusbfug.sys','32');
DeleteFile('C:\windows\system32\drivers\snsjbjur.sys','32');
DeleteFile('C:\windows\system32\drivers\soegtmri.sys','32');
DeleteFile('C:\windows\system32\drivers\spjqalkk.sys','32');
DeleteFile('C:\windows\system32\drivers\svtgbmtv.sys','32');
DeleteFile('C:\windows\system32\drivers\taryjekb.sys','32');
DeleteFile('C:\windows\system32\drivers\tkvfqajx.sys','32');
DeleteFile('C:\windows\system32\drivers\tqgoprdb.sys','32');
DeleteFile('C:\windows\system32\drivers\triyreui.sys','32');
DeleteFile('C:\windows\system32\drivers\tsoonzfu.sys','32');
DeleteFile('C:\windows\system32\drivers\ttuhmsng.sys','32');
DeleteFile('C:\windows\system32\drivers\tunrbubq.sys','32');
DeleteFile('C:\windows\system32\drivers\tutepvlb.sys','32');
DeleteFile('C:\windows\system32\drivers\tzzqutrh.sys','32');
DeleteFile('C:\windows\system32\drivers\ufapwtin.sys','32');
DeleteFile('C:\windows\system32\drivers\ufffnpyd.sys','32');
DeleteFile('C:\windows\system32\drivers\ugkmeeks.sys','32');
DeleteFile('C:\windows\system32\drivers\uhvkifrm.sys','32');
DeleteFile('C:\windows\system32\drivers\ukcetvgk.sys','32');
DeleteFile('C:\windows\system32\drivers\uqkljnut.sys','32');
DeleteFile('C:\windows\system32\drivers\utiiymjk.sys','32');
DeleteFile('C:\windows\system32\drivers\uwwpfiwo.sys','32');
DeleteFile('C:\windows\system32\drivers\uygbqfdq.sys','32');
DeleteFile('C:\windows\system32\drivers\uylrsrrg.sys','32');
DeleteFile('C:\windows\system32\drivers\vahgnpop.sys','32');
DeleteFile('C:\windows\system32\drivers\vdslrhkh.sys','32');
DeleteFile('C:\windows\system32\drivers\vinlczsd.sys','32');
DeleteFile('C:\windows\system32\drivers\vlbvwouc.sys','32');
DeleteFile('C:\windows\system32\drivers\vndmcwlz.sys','32');
DeleteFile('C:\windows\system32\drivers\vnnbdkkn.sys','32');
DeleteFile('C:\windows\system32\drivers\vonvaovb.sys','32');
DeleteFile('C:\windows\system32\drivers\vptjaomu.sys','32');
DeleteFile('C:\windows\system32\drivers\vsioampo.sys','32');
DeleteFile('C:\windows\system32\drivers\vvusqkvg.sys','32');
DeleteFile('C:\windows\system32\drivers\wcwzzryw.sys','32');
DeleteFile('C:\windows\system32\drivers\wdgnhmqd.sys','32');
DeleteFile('C:\windows\system32\drivers\wdgsixch.sys','32');
DeleteFile('C:\windows\system32\drivers\wetmjwae.sys','32');
DeleteFile('C:\windows\system32\drivers\wiruqswj.sys','32');
DeleteFile('C:\windows\system32\drivers\wlbpdqxz.sys','32');
DeleteFile('C:\windows\system32\drivers\wlxpvkep.sys','32');
DeleteFile('C:\windows\system32\drivers\wmlyqext.sys','32');
DeleteFile('C:\windows\system32\drivers\wnvpatkt.sys','32');
DeleteFile('C:\windows\system32\drivers\wptgmtid.sys','32');
DeleteFile('C:\windows\Tasks\Digital Sites.job','64');
DeleteFile('C:\Users\user\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','32');
ExecuteSysClean;
RebootWindows(false);
end.[/code]Компьютер перезагрузится.
Сделайте новый лог
Все сделал.
Выполните скрипт в AVZ
[code]begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\windows\temp\SvcDelay.exe','');
BC_ImportAll;
BC_Activate;
RebootWindows(false);
end.[/code]Компьютер перезагрузится.
Пришлите карантин согласно [B]Приложения 2[/B] правил по красной ссылке [COLOR="Red"][U][B]Прислать запрошенный карантин[/B][/U][/COLOR] вверху темы
Выполнил скрипт. Папка карантина пуста.
C:\windows\system32\Tasks\SvcDelay удалите
Пофиксите в HiJack
[CODE]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://webalta.ru/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://webalta.ru/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://webalta.ru/search
O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: (no name) - {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} - (no file)[/CODE]В остальном порядок
Выполнил. На всякий случай сделал новые логи.
Порядок