Установилась какая-то китайская программа и не удаляется

Работать невозможно. Только после удаление из оперативной памяти всё что начинается на Q, удалось собрать диагностику.
Очень тормозит

Уважаемый(ая) [B]rzl30[/B], спасибо за обращение на наш форум!

Удаление вирусов - абсолютно бесплатная услуга на VirusInfo.Info. Хелперы в самое ближайшее время ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в [URL="http://virusinfo.info/pravila.html"]правилах оформления запроса о помощи[/URL].

Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста [URL="http://virusinfo.info/content.php?r=113-virusinfo.info-donate"]поддержите проект[/URL].

Выполните скрипт в AVZ
[code]begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe','');
QuarantineFile('C:\Users\Секретарь-1\AppData\Local\PriceMeter\pricemeterd.exe','');
QuarantineFile('C:\Users\Секретарь-1\AppData\Roaming\newSI_611\s_inst.exe','');
QuarantineFile('C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe','');
QuarantineFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-7.exe','');
QuarantineFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-6.exe','');
QuarantineFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-5.exe','');
QuarantineFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-4.exe','');
QuarantineFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-3.exe','');
QuarantineFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-11.exe','');
QuarantineFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-1-7.exe','');
QuarantineFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-1-6.exe','');
QuarantineFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-7.exe','');
QuarantineFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-6.exe','');
QuarantineFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-5.exe','');
QuarantineFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-4.exe','');
QuarantineFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-3.exe','');
QuarantineFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-11.exe','');
QuarantineFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-1-7.exe','');
QuarantineFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-1-6.exe','');
DelBHO('{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}');
DelBHO('{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}');
DelBHO('{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}');
DelBHO('{6E727987-C8EA-44DA-8749-310C0FBE3C3E}');
QuarantineFile('C:\Program Files\Torrent Search\IEEF\aOyTc6f2cW.dll','');
QuarantineFile('C:\IQIYI Video\Common\Accelerator\IEHelper.dll','');
QuarantineFile('C:\Users\Секретарь-1\AppData\Local\gmsd_ru_005010076\upgmsd_ru_005010076.exe','');
QuarantineFile('C:\Users\Секретарь-1\AppData\Local\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Users\Секретарь-1\AppData\Local\PriceMeter\pricemeterw.exe','');
QuarantineFile('C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe','');
QuarantineFile('C:\IQIYI Video\Common\QyKernel.exe','');
SetServiceStart('wsafd_1_10_0_19', 4);
DeleteService('wsafd_1_10_0_19');
SetServiceStart('TSSysKit', 4);
DeleteService('TSSysKit');
SetServiceStart('TSSK', 4);
DeleteService('TSSK');
SetServiceStart('TSKSP', 4);
DeleteService('TSKSP');
SetServiceStart('TsFltMgr', 4);
DeleteService('TsFltMgr');
SetServiceStart('TSDefenseBt', 4);
DeleteService('TSDefenseBt');
SetServiceStart('TS888', 4);
DeleteService('TS888');
SetServiceStart('TAOKernelDriver', 4);
DeleteService('TAOKernelDriver');
SetServiceStart('sysmon', 4);
DeleteService('sysmon');
SetServiceStart('rsutils', 4);
DeleteService('rsutils');
SetServiceStart('rsdsys', 4);
DeleteService('rsdsys');
SetServiceStart('QQSysMon', 4);
DeleteService('QQSysMon');
SetServiceStart('kguard', 4);
SetServiceStart('QMUdisk', 4);
DeleteService('QMUdisk');
DeleteService('kguard');
SetServiceStart('contentdefenderdrv', 4);
QuarantineFile('C:\Windows\system32\drivers\contentdefenderdrv.sys','');
DeleteService('contentdefenderdrv');
DeleteService('wsasvc_1.10.0.19');
DeleteService('WdsManPro');
DeleteService('totyseku');
DeleteService('SSFK');
QuarantineFile('C:\Program Files\03000200-1440996538-0500-0006-000700080009\knse3053.tmp','');
DeleteService('mikypuku');
DeleteService('jimocoso');
DeleteService('gopibeko');
QuarantineFile('C:\Program Files\globalUpdate\Update\globalupdate.exe','');
SetServiceStart('globalUpdate', 4);
DeleteService('globalUpdate');
SetServiceStart('RsRavMon', 4);
DeleteService('RsRavMon');
SetServiceStart('RsMgrSvc', 4);
DeleteService('RsMgrSvc');
SetServiceStart('IHProtect Service', 4);
DeleteService('IHProtect Service');
SetServiceStart('ContentDefender', 4);
DeleteService('ContentDefender');
QuarantineFile('C:\Program Files\Content Defender\ContentDefender.exe','');
QuarantineFile('C:\Windows\system32\drivers\wsafd_1_10_0_19.sys','');
QuarantineFile('C:\IQIYI Video\GeePlayer\GeePlayer\GpShlExt.dll','');
QuarantineFile('C:\IQIYI Video\Common\Mobile\AdbWinUsbApi.dll','');
QuarantineFile('C:\IQIYI Video\Common\Mobile\AdbWinApi.DLL','');
TerminateProcessByName('c:\program files\rising\rav\virlibupdater.exe');
TerminateProcessByName('c:\users\Секретарь-1\appdata\local\gmsd_ru_005010076\upgmsd_ru_005010076.exe');
QuarantineFile('c:\users\Секретарь-1\appdata\local\gmsd_ru_005010076\upgmsd_ru_005010076.exe','');
TerminateProcessByName('c:\program files\rising\rav\rsupdater\rsupdatertool.exe');
TerminateProcessByName('c:\program files\rising\rav\rstray.exe');
TerminateProcessByName('c:\program files\rising\rsd\rsmgrsvc.exe');
TerminateProcessByName('c:\program files\rising\rav\ravmond.exe');
TerminateProcessByName('c:\program files\minilite\protectservice.exe');
QuarantineFile('c:\program files\minilite\protectservice.exe','');
TerminateProcessByName('c:\program files\baidu\pps.exe');
DeleteFile('c:\program files\baidu\pps.exe','32');
DeleteFile('c:\program files\minilite\protectservice.exe','32');
DeleteFile('c:\program files\rising\rav\ravmond.exe','32');
DeleteFile('c:\program files\rising\rsd\rsmgrsvc.exe','32');
DeleteFile('c:\program files\rising\rav\rstray.exe','32');
DeleteFile('c:\program files\rising\rav\rsupdater\rsupdatertool.exe','32');
DeleteFile('c:\users\Секретарь-1\appdata\local\gmsd_ru_005010076\upgmsd_ru_005010076.exe','32');
DeleteFile('c:\program files\rising\rav\virlibupdater.exe','32');
DeleteFile('C:\IQIYI Video\Common\Mobile\AdbWinApi.DLL','32');
DeleteFile('C:\IQIYI Video\Common\Mobile\AdbWinUsbApi.dll','32');
DeleteFile('C:\IQIYI Video\GeePlayer\GeePlayer\GpShlExt.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\antipromotionmon.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\BACore.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\boottm.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\brscan.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\cloudcom.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\cloudmp.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\cloudmpw.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\cloudnotifier.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\cloudqry.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\cloudstore.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\cloudtfc.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\cloudwork.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\CMPA.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\CMPB.DLL','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\CMPCUsb.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\cnt09.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\commfunc.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\commrout.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\ComServ.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\defmon.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\filecent.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\filemon.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\kguard_if.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\localopt.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\logquery.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\mailmon.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\moncomm.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\mondrv.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\MonRule.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\rego\rxsig64.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\rego\rxvision.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\rego\rxwinpe.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\rego\rxxdu0.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\rego\scanex.dll','32');
DeleteFile('C:\ProgramData\Tencent\TSVulFw\TSVulFW.DAT','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.11.16588.235\QMIpc.dll','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.11.16588.235\QMIEsafeDll.dll','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.11.16588.235\QMGCShellExt.dll','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.11.16588.235\QMBrowserSafe.dll','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.11.16588.235\exnscan.dll','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\wbprotect.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\vpivot.dll','32');
DeleteFile('C:\Program Files\Rising\RAV\vpatchmon.dll','32');
DeleteFile('C:\Windows\system32\DRIVERS\kguard.sys','32');
DeleteFile('C:\Windows\system32\drivers\protreg.sys','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.11.16588.235\QMUdisk.sys','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.11.16588.235\QQSysMon.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\rsutils.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\sysmon.sys','32');
DeleteFile('C:\Windows\system32\Drivers\TAOKernel.sys','32');
DeleteFile('C:\Windows\system32\Drivers\TFsFlt.sys','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.11.16588.235\TS888.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\TSDefenseBt.sys','32');
DeleteFile('C:\Windows\system32\drivers\TsFltMgr.sys','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.11.16588.235\TSKsp.sys','32');
DeleteFile('C:\Windows\System32\tssk.sys','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.11.16588.235\TSSysKit.sys','32');
DeleteFile('C:\Windows\system32\drivers\wsafd_1_10_0_19.sys','32');
DeleteFile('C:\Program Files\Content Defender\ContentDefender.exe','32');
DeleteFile('C:\Program Files\globalUpdate\Update\globalupdate.exe','32');
DeleteFile('gopibeko.sys','32');
DeleteFile('jimocoso.sys','32');
DeleteFile('C:\Program Files\03000200-1440996538-0500-0006-000700080009\knse3053.tmp','32');
DeleteFile('SSFK.sys','32');
DeleteFile('totyseku.sys','32');
DeleteFile('WdsManPro.sys','32');
DeleteFile('wsasvc_1.10.0.19','32');
DeleteFile('C:\Windows\system32\drivers\contentdefenderdrv.sys','32');
DeleteFile('C:\IQIYI Video\Common\QyKernel.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','HCDNClient');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HCDNClient','command');
DeleteFile('C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','GoogleChromeAutoLaunch_EB8F812503DE9E4578FBEB10E0AEDA31');
DeleteFile('C:\Program Files\Rising\RAV\RSTRAY.EXE','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','apphide');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','RavTRAY');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_ru_005010076','command');
DeleteFile('C:\Program Files\gmsd_ru_005010076\gmsd_ru_005010076.exe','32');
DeleteFile('C:\Users\Секретарь-1\AppData\Local\PriceMeter\pricemeterw.exe','32');
DeleteFile('C:\Users\Секретарь-1\AppData\Local\SmartWeb\SmartWebHelper.exe','32');
DeleteFile('C:\Users\Секретарь-1\AppData\Local\gmsd_ru_005010076\upgmsd_ru_005010076.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','upgmsd_ru_005010076.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','SmartWeb');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','PriceMeterW');
DeleteFile('C:\IQIYI Video\Common\Accelerator\IEHelper.dll','32');
DeleteFile('C:\Program Files\Torrent Search\IEEF\aOyTc6f2cW.dll','32');
DeleteFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-1-6.exe','32');
DeleteFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-1-7.exe','32');
DeleteFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-11.exe','32');
DeleteFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-3.exe','32');
DeleteFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-4.exe','32');
DeleteFile('C:\Windows\Tasks\86873519-04da-4050-9052-e7bd53b35524-4.job','32');
DeleteFile('C:\Windows\Tasks\86873519-04da-4050-9052-e7bd53b35524-3.job','32');
DeleteFile('C:\Windows\Tasks\86873519-04da-4050-9052-e7bd53b35524-11.job','32');
DeleteFile('C:\Windows\Tasks\86873519-04da-4050-9052-e7bd53b35524-1-7.job','32');
DeleteFile('C:\Windows\Tasks\86873519-04da-4050-9052-e7bd53b35524-1-6.job','32');
DeleteFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-5.exe','32');
DeleteFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-6.exe','32');
DeleteFile('C:\Program Files\Shop and Save Up\86873519-04da-4050-9052-e7bd53b35524-7.exe','32');
DeleteFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-1-6.exe','32');
DeleteFile('C:\Windows\Tasks\a7f75f13-1f29-4638-9450-5447035246f0-1-6.job','32');
DeleteFile('C:\Windows\Tasks\86873519-04da-4050-9052-e7bd53b35524-7.job','32');
DeleteFile('C:\Windows\Tasks\86873519-04da-4050-9052-e7bd53b35524-6.job','32');
DeleteFile('C:\Windows\Tasks\86873519-04da-4050-9052-e7bd53b35524-5_user.job','32');
DeleteFile('C:\Windows\Tasks\86873519-04da-4050-9052-e7bd53b35524-5.job','32');
DeleteFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-1-7.exe','32');
DeleteFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-11.exe','32');
DeleteFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-3.exe','32');
DeleteFile('C:\Windows\Tasks\a7f75f13-1f29-4638-9450-5447035246f0-3.job','32');
DeleteFile('C:\Windows\Tasks\a7f75f13-1f29-4638-9450-5447035246f0-11.job','32');
DeleteFile('C:\Windows\Tasks\a7f75f13-1f29-4638-9450-5447035246f0-1-7.job','32');
DeleteFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-4.exe','32');
DeleteFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-5.exe','32');
DeleteFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-6.exe','32');
DeleteFile('C:\Program Files\CiPlus-4.5vV31.08\a7f75f13-1f29-4638-9450-5447035246f0-7.exe','32');
DeleteFile('C:\Windows\Tasks\a7f75f13-1f29-4638-9450-5447035246f0-7.job','32');
DeleteFile('C:\Windows\Tasks\a7f75f13-1f29-4638-9450-5447035246f0-6.job','32');
DeleteFile('C:\Windows\Tasks\a7f75f13-1f29-4638-9450-5447035246f0-5_user.job','32');
DeleteFile('C:\Windows\Tasks\a7f75f13-1f29-4638-9450-5447035246f0-5.job','32');
DeleteFile('C:\Windows\Tasks\a7f75f13-1f29-4638-9450-5447035246f0-4.job','32');
DeleteFile('C:\Program Files\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job','32');
DeleteFile('C:\Windows\Tasks\Crossbrowse.job','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job','32');
DeleteFile('C:\Windows\Tasks\gVHz6VDaqN7Wa38ZS0yYh4.job','32');
DeleteFile('C:\Windows\Tasks\JrYlPMUGpsl05.job','32');
DeleteFile('C:\Windows\Tasks\JrYlPMUGpsl05C.job','32');
DeleteFile('C:\Windows\Tasks\newSI_611.job','32');
DeleteFile('C:\Windows\Tasks\tfQtDWEH.job','32');
DeleteFile('C:\Windows\Tasks\Update Service for Torrent Search.job','32');
DeleteFile('C:\Program Files\Torrent Search\zwW7llU.exe','32');
DeleteFile('C:\Users\Секретарь-1\AppData\Roaming\newSI_611\s_inst.exe','32');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP2','32');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP3','32');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineCore','32');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineUA','32');
DeleteFile('C:\Users\Секретарь-1\AppData\Local\PriceMeter\pricemeterd.exe','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\rsdelaylauncher.exe','32');
DeleteFile('C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe','32');
DeleteFile('C:\Windows\system32\Tasks\pricemeterdownloader','32');
DeleteFile('C:\Windows\system32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}','32');
DeleteFile('C:\Windows\system32\Tasks\Update Service for Torrent Search','32');
DeleteFile('C:\Windows\system32\Tasks\Update Service for Torrent Search2','32');
DeleteFile('C:\Windows\system32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core','32');
DeleteFile('C:\Windows\system32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update','32');
DeleteFile('C:\Program Files\Rising\RSD\RsMgrSvc.exe.bak','32');
DeleteFile('C:\Users\Секретарь-1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRC3971.tmp','32');
DeleteFile('C:\Users\Секретарь-1\appdata\roaming\mystartsearch\uninstallmanager.exe','32');
DeleteFile('C:\Users\Секретарь-1\appdata\local\smartweb\__u.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.[/code]Будет выполнена перезагрузка компьютера.

Выполните скрипт в AVZ
[code]begin
CreateQurantineArchive('c:\quarantine.zip');
end.[/code][b]c:\quarantine.zip[/b] пришлите по красной ссылке [color="Red"][u][b]Прислать запрошенный карантин[/b][/u][/color] [b]над первым сообщением[/b] в Вашей теме.

[B][COLOR="Red"]Выполните правила ЕЩЕ РАЗ и предоставьте НОВЫЕ логи[/COLOR][/B]