Длительная загрука ПК, множество лишних расширений в браузере [not-a-virus:AdWare.Win32.PriceGong.a, not-a-virus:WebToolbar.Win32.CrossRider.amqa ]

добрый день. Помогите, пожалуйста, ноутбук очень долго загружается. при запуске IE появляется множество всплывающих окон и панелей.

Уважаемый(ая) [B]FlyJ[/B], спасибо за обращение на наш форум!

Удаление вирусов - абсолютно бесплатная услуга на VirusInfo.Info. Хелперы в самое ближайшее время ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в [URL="http://virusinfo.info/pravila.html"]правилах оформления запроса о помощи[/URL].

Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста [URL="http://virusinfo.info/content.php?r=113-virusinfo.info-donate"]поддержите проект[/URL].

Здравствуйте !!!

[URL="http://virusinfo.info/showthread.php?t=7239"][B]Выполните скрипт в AVZ[/B]:[/URL]
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\program files (x86)\globalupdate\update\globalupdate.exe');
TerminateProcessByName('c:\program files (x86)\ciplus-4.5vv24.08\dffdb9df-27f4-44d4-a069-a27e28f99c3d-6.exe');
TerminateProcessByName('c:\program files (x86)\ciplus-4.5vv25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-6.exe');
TerminateProcessByName('c:\program files (x86)\ciplus-4.5vv25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-1-6.exe');
TerminateProcessByName('c:\program files (x86)\ciplus-4.5vv23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-6.exe');
TerminateProcessByName('c:\program files (x86)\ciplus-4.5vv26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-6.exe');
TerminateProcessByName('c:\program files (x86)\ciplus-4.5vv30.08\aa08efb1-564a-4927-bf3b-f81bb4a88483-6.exe');
TerminateProcessByName('c:\program files (x86)\ciplus-4.5vv31.08\a7f75f13-1f29-4638-9450-5447035246f0-6.exe');
TerminateProcessByName('c:\program files (x86)\ciplus-4.5vv20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-6.exe');
TerminateProcessByName('c:\program files (x86)\ciplus-4.5vv27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-6.exe');
QuarantineFile('C:\Users\Оксана\appdata\local\smartweb\__u.exe','');
QuarantineFile('C:\Updater\update.bat','');
QuarantineFile('C:\Users\Оксана\AppData\Local\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Users\Оксана\AppData\Local\EBBEAC3A-C826-439C-BF39-9CA9C83C867\EBBEAC3A-C826-439C-BF39-9CA9C83C867.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\eqmcQiza5fGioOz6PVuwN4tVC.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\eQ7wVVAr.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\AXL6tOCHEk.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\AwCtta8Vc1yWRQk0Vx6Qdh.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\AumlymcNQ3E6k5oj9y.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\7AjzX30Vu.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\5fnzFzzbbn2fwqfIgzkDfCAyxi.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\4GTDpBx1axnUGw3Z0.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\3lbhlpv2K1Fux0y6qgoB7r.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\2ofNPfmpnyQxNxFe8oDmY1zp.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\1vfny70V9.exe --c=Qk/J0oeKJb4Ruxyt+QoZ7kqlicU+DS2WCOJ+PoNzMgaQ196Hc9YhP4GcJ/pH9jgmZ3dr3We8swZU6dPSnzFqO0OBrNIfDRS4oTACYig0vKnc6AUGD3d3voIcU5xcIUFAT52BRL7ADrg/de0Ns1UD8gwKBpXBW4J7q4nfRI0Y/r8rtd9UXfxkQxwlg3TyJHgHXF6Ls5QIo9jk5AXLbHs8IAfqAp6N6XYaYQXSrlI8OIdt62rhcUgBw+wlxc8OWsLQaiqUKy0JDXgod74v9Kd3F7p/FvgQLiMT/CdAt6Da8GQ+IEV61z5SwlkND+kNXcmZuyFo5Hsvv2yFz2nT/WWoWg==','');
QuarantineFile('C:\Program Files (x86)\CheMaxRus\chemax.exe','');
QuarantineFile('c:\program files (x86)\ciplus-4.5vv25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-1-6.exe','');
QuarantineFile('c:\program files (x86)\ciplus-4.5vv23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-6.exe','');
QuarantineFile('c:\program files (x86)\ciplus-4.5vv26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-6.exe','');
QuarantineFile('c:\program files (x86)\ciplus-4.5vv30.08\aa08efb1-564a-4927-bf3b-f81bb4a88483-6.exe','');
QuarantineFile('c:\program files (x86)\ciplus-4.5vv31.08\a7f75f13-1f29-4638-9450-5447035246f0-6.exe','');
QuarantineFile('c:\program files (x86)\ciplus-4.5vv20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-6.exe','');
QuarantineFile('c:\program files (x86)\ciplus-4.5vv27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-6.exe','');
DeleteFile('C:\Users\??????\AppData\Roaming\ZIBLYa2YbnfY.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\yDBFkOtL4kH.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\Xy5BYgF5qXJsslOoox4XxMlocjB.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\Xfi74bFZR.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\xf7rbFGcB7.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\U2VP7mpbmbvMAnN4rzuJHnc3.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\QaitIQY4Kkm.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\OPW2ywPWoQ8UullJKT9Ki.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\nzTG5VGEUID.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\NEaIR5MHWu.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\JItqaEK5P4GVLIDKQ84nMOhIEzH.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\J3Ek4yQUMiKSIq7IW2wmhmpOecL.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\hfMLdtZ80OyYKrshQATi.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\eqmcQiza5fGioOz6PVuwN4tVC.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\eQ7wVVAr.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\AXL6tOCHEk.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\AwCtta8Vc1yWRQk0Vx6Qdh.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\AumlymcNQ3E6k5oj9y.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\7AjzX30Vu.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\5fnzFzzbbn2fwqfIgzkDfCAyxi.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\4GTDpBx1axnUGw3Z0.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\3lbhlpv2K1Fux0y6qgoB7r.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\2ofNPfmpnyQxNxFe8oDmY1zp.exe');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll','32');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe','32');
DeleteFile('C:\Users\??????\AppData\Roaming\1vfny70V9.exe --c=Qk/J0oeKJb4Ruxyt+QoZ7kqlicU+DS2WCOJ+PoNzMgaQ196Hc9YhP4GcJ/pH9jgmZ3dr3We8swZU6dPSnzFqO0OBrNIfDRS4oTACYig0vKnc6AUGD3d3voIcU5xcIUFAT52BRL7ADrg/de0Ns1UD8gwKBpXBW4J7q4nfRI0Y/r8rtd9UXfxkQxwlg3TyJHgHXF6Ls5QIo9jk5AXLbHs8IAfqAp6N6XYaYQXSrlI8OIdt62rhcUgBw+wlxc8OWsLQaiqUKy0JDXgod74v9Kd3F7p/FvgQLiMT/CdAt6Da8GQ+IEV61z5SwlkND+kNXcmZuyFo5Hsvv2yFz2nT/WWoWg==','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV19.08\2e6a3598-867b-4568-b2e1-a156f2b9aa74-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV19.08\2e6a3598-867b-4568-b2e1-a156f2b9aa74-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV19.08\2e6a3598-867b-4568-b2e1-a156f2b9aa74-4.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV19.08\2e6a3598-867b-4568-b2e1-a156f2b9aa74-5.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-3.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-4.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-5.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-3.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-4.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-5.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-3.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-4.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-5.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV30.08\aa08efb1-564a-4927-bf3b-f81bb4a88483-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV30.08\aa08efb1-564a-4927-bf3b-f81bb4a88483-3.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV30.08\aa08efb1-564a-4927-bf3b-f81bb4a88483-4.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV30.08\aa08efb1-564a-4927-bf3b-f81bb4a88483-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV30.08\aa08efb1-564a-4927-bf3b-f81bb4a88483-7.exe','32');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-3.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-4.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-5.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-3.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-4.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-5.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-3.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-4.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-5.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\d84bf7de-2da2-4126-8657-1bb8a80f6f5b-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\d84bf7de-2da2-4126-8657-1bb8a80f6f5b-3.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\d84bf7de-2da2-4126-8657-1bb8a80f6f5b-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV20.08\d84bf7de-2da2-4126-8657-1bb8a80f6f5b-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV24.08\dffdb9df-27f4-44d4-a069-a27e28f99c3d-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV24.08\dffdb9df-27f4-44d4-a069-a27e28f99c3d-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV24.08\dffdb9df-27f4-44d4-a069-a27e28f99c3d-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV24.08\dffdb9df-27f4-44d4-a069-a27e28f99c3d-3.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV24.08\dffdb9df-27f4-44d4-a069-a27e28f99c3d-4.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV24.08\dffdb9df-27f4-44d4-a069-a27e28f99c3d-5.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV24.08\dffdb9df-27f4-44d4-a069-a27e28f99c3d-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV24.08\dffdb9df-27f4-44d4-a069-a27e28f99c3d-7.exe','32');
DeleteFile('C:\Users\Оксана\AppData\Local\EBBEAC3A-C826-439C-BF39-9CA9C83C867\EBBEAC3A-C826-439C-BF39-9CA9C83C867.exe','32');
DeleteFile('C:\Users\Оксана\AppData\Local\SmartWeb\SmartWebHelper.exe','32');
DeleteFile('C:\Users\Оксана\appdata\local\smartweb\__u.exe','32');
DelBHO('{dd4c66b8-f943-4b10-8053-7e9ee39bba4a}');
DelBHO('{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}');
DeleteService('globalUpdatem');
DeleteService('globalUpdate');
DeleteFileMask('c:\program files (x86)\ciplus-4.5vv31.08', '*', true);
DeleteDirectory('c:\program files (x86)\ciplus-4.5vv31.08');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteWizard('SCU',2,2,true);
RebootWindows(true);
end.[/CODE]

После перезагрузки выполните скрипт:
[CODE]begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.[/CODE]

Загрузите quarantine.zip из папки AVZ по красной ссылке [B]вверху[/B] темы [COLOR="Red"]Прислать запрошенный карантин[/COLOR]
- Сделайте повторные логи по правилам п.2 и 3 раздела Диагностика.(virusinfo_syscheck.zip;hijackthis.log )

+
[LIST][*]Скачайте [B][URL="http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner"]AdwCleaner (by Xplode)[/URL][/B] и сохраните его на [B]Рабочем столе[/B].[*]Запустите его (в ОС [B]Windows Vista/Seven[/B] необходимо запускать через правую кн. мыши [B]от имени администратора[/B]), нажмите кнопку [B]"Scan"[/B] и дождитесь окончания сканирования.[*]Когда сканирование будет завершено, отчет будет сохранен в следующем расположении: [B][COLOR="Blue"]C:\AdwCleaner\AdwCleaner[R0].txt[/COLOR][/B].[*]Прикрепите отчет к своему следующему сообщению.[/LIST]

Подробнее читайте в [URL="http://virusinfo.info/showthread.php?t=146192"]этом руководстве[/URL].

Спасибо, ноутбук стал загружаться значительно быстрее

[URL="http://virusinfo.info/showthread.php?t=7239"][B]Выполните скрипт в AVZ[/B]:[/URL]
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\Users\Оксана\AppData\Local\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Users\Оксана\AppData\Local\EBBEAC3A-C826-439C-BF39-9CA9C83C867\EBBEAC3A-C826-439C-BF39-9CA9C83C867.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\ZIBLYa2YbnfY.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\yDBFkOtL4kH.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\Xy5BYgF5qXJsslOoox4XxMlocjB.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\xVbFuajT.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\xHxGjOWu7AoYEI17cNkRgCNvEN.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\Xfi74bFZR.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\xf7rbFGcB7.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\XBDeAKRZTkjhYZq53W3z8B.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\U2VP7mpbmbvMAnN4rzuJHnc3.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\QaitIQY4Kkm.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\OPW2ywPWoQ8UullJKT9Ki.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\nzTG5VGEUID.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\NEaIR5MHWu.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\JItqaEK5P4GVLIDKQ84nMOhIEzH.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\J3Ek4yQUMiKSIq7IW2wmhmpOecL.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\hfMLdtZ80OyYKrshQATi.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\eqmcQiza5fGioOz6PVuwN4tVC.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\eQ7wVVAr.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\AXL6tOCHEk.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\AwCtta8Vc1yWRQk0Vx6Qdh.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\AumlymcNQ3E6k5oj9y.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\7AjzX30Vu.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\5fnzFzzbbn2fwqfIgzkDfCAyxi.exe ','');
QuarantineFile('C:\Users\??????\AppData\Roaming\4TbCRq9zgBCIw.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\4GTDpBx1axnUGw3Z0.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\3lbhlpv2K1Fux0y6qgoB7r.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\2ofNPfmpnyQxNxFe8oDmY1zp.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV19.08\2e6a3598-867b-4568-b2e1-a156f2b9aa74-1-6.exe','');
QuarantineFile('C:\Users\??????\AppData\Roaming\1vfny70V9.exe ','');
QuarantineFile('C:\Windows\system32\drivers\wsafd_1_10_0_19.sys','');
DeleteFile('C:\Users\Оксана\AppData\Local\EBBEAC3A-C826-439C-BF39-9CA9C83C867\EBBEAC3A-C826-439C-BF39-9CA9C83C867.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\ZIBLYa2YbnfY.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\yDBFkOtL4kH.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\Xy5BYgF5qXJsslOoox4XxMlocjB.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\xVbFuajT.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\xHxGjOWu7AoYEI17cNkRgCNvEN.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\Xfi74bFZR.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\xf7rbFGcB7.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\XBDeAKRZTkjhYZq53W3z8B.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\U2VP7mpbmbvMAnN4rzuJHnc3.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\QaitIQY4Kkm.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\OPW2ywPWoQ8UullJKT9Ki.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\nzTG5VGEUID.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\NEaIR5MHWu.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\JItqaEK5P4GVLIDKQ84nMOhIEzH.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\J3Ek4yQUMiKSIq7IW2wmhmpOecL.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\hfMLdtZ80OyYKrshQATi.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\eqmcQiza5fGioOz6PVuwN4tVC.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\eQ7wVVAr.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\AXL6tOCHEk.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\AwCtta8Vc1yWRQk0Vx6Qdh.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\AumlymcNQ3E6k5oj9y.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\7AjzX30Vu.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\5fnzFzzbbn2fwqfIgzkDfCAyxi.exe ');
DeleteFile('C:\Users\??????\AppData\Roaming\4TbCRq9zgBCIw.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\4GTDpBx1axnUGw3Z0.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\3lbhlpv2K1Fux0y6qgoB7r.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\2ofNPfmpnyQxNxFe8oDmY1zp.exe');
DeleteFile('C:\Users\??????\AppData\Roaming\1vfny70V9.exe ');
DeleteFile('C:\Windows\system32\drivers\wsafd_1_10_0_19.sys','32');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe','32');
DeleteFile('C:\Users\Оксана\AppData\Local\SmartWeb\SmartWebHelper.exe','32');
DeleteService('wsafd_1_10_0_19');
DeleteFileMask('C:\Program Files (x86)\CiPlus-4.5vV19.08','*',true);
DeleteDirectory('C:\Program Files (x86)\CiPlus-4.5vV19.08');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.[/CODE]

После перезагрузки выполните скрипт:
[CODE]begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.[/CODE]

Загрузите quarantine.zip из папки AVZ по красной ссылке [B]вверху[/B] темы [COLOR="Red"]Прислать запрошенный карантин[/COLOR]

[url=http://virusinfo.info/showthread.php?t=146192&p=1041864&viewfull=1#post1041864]Удалите в AdwCleaner[/url] всё, кроме папок с названиями программ которыми вы пользуетесь (если ничем из перечисленного в логе не пользуетесь, то удалите всё). Отчет после удаления прикрепите.

- Сделайте повторные логи по правилам п.2 и 3 раздела Диагностика.(virusinfo_syscheck.zip;hijackthis.log )

Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]11[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\program files (x86)\ciplus-4.5vv20.08\a31d4899-ff5c-4676-9b94-d162b2d37cb0-6.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.nz1@kiHZWzei )[*] c:\program files (x86)\ciplus-4.5vv23.08\d43324e1-721a-4b0a-a538-14c83ee019d4-6.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.zz1@kW93eDmi )[*] c:\program files (x86)\ciplus-4.5vv25.08\d5e206fa-d30c-40e2-bc2e-e570b114e2cb-1-6.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.xz1@kqxsSaki )[*] c:\program files (x86)\ciplus-4.5vv26.08\cc08a0d3-7eca-4b52-870b-d2f2ff6f8a14-6.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B][*] c:\program files (x86)\ciplus-4.5vv27.08\5526d4d8-1b4c-47a1-b4f6-135f7c7d8544-6.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.qz1@kywrUWki )[*] c:\program files (x86)\ciplus-4.5vv30.08\aa08efb1-564a-4927-bf3b-f81bb4a88483-6.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.wz1@kuVQKVoi )[*] c:\program files (x86)\ciplus-4.5vv31.08\a7f75f13-1f29-4638-9450-5447035246f0-6.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B][*] c:\users\оксана\appdata\local\smartweb\__u.exe - [B]not-a-virus:AdWare.Win32.PriceGong.a[/B] ( DrWEB: archive:, AVAST4: Win32:Malware-gen )[/LIST][/LIST]