Symantec постоянно выдает окна проверки и захлебывается в них

Антивирусы ничего не находят.Спасибо за помощь.

выполните скрипт ....
[code]
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\System32\expsdsqu.dll','');
QuarantineFile('C:\WINDOWS\system32\samlkbdn.dll','');
QuarantineFile('C:\WINDOWS\system32\expsdsqu.dll','');
QuarantineFile('C:\WINDOWS\system32\mqcat32.dll','');
QuarantineFile('C:\WINDOWS\system32\snsvcs.dll','');
QuarantineFile('C:\WINDOWS\system32\lOngserv.dll','');
QuarantineFile('C:\WINDOWS\system32\nytui2.dll','');
QuarantineFile('C:\WINDOWS\system32\CtdbLangTH.dll','');
QuarantineFile('C:\WINDOWS\system32\hvcoin.dll','');
QuarantineFile('C:\WINDOWS\system32\mdoeacct.dll','');
QuarantineFile('C:\WINDOWS\system32\egsadu.dll','');
QuarantineFile('C:\WINDOWS\system32\sxgina.dll','');
QuarantineFile('C:\WINDOWS\system32\dmprov.dll','');
QuarantineFile('C:\WINDOWS\system32\wnhtcpip.dll','');
QuarantineFile('C:\WINDOWS\system32\dtcprop2.dll','');
QuarantineFile('C:\WINDOWS\system32\ijakeng.dll','');
QuarantineFile('C:\WINDOWS\system32\dfprop.dll','');
QuarantineFile('C:\WINDOWS\wmrg110.exe','');
QuarantineFile('C:\WINDOWS\System32\wha1.116.exe','');
QuarantineFile('C:\WINDOWS\System32\execvsut.exe','');
QuarantineFile('C:\WINDOWS\system32\execvsut.dll','');
QuarantineFile('c:\windows\wmrg110.exe','');
QuarantineFile('c:\windows\system32\wha1.116.exe','');
QuarantineFile('c:\windows\system32\wgatray.exe','');
QuarantineFile('c:\windows\system32\read32.exe','');
QuarantineFile('c:\windows\system32\execvsut.exe','');
DeleteFile('c:\windows\system32\execvsut.exe');
DeleteFile('c:\windows\system32\read32.exe');
DeleteFile('c:\windows\system32\wgatray.exe');
DeleteFile('c:\windows\system32\wha1.116.exe');
DeleteFile('c:\windows\wmrg110.exe');
DeleteFile('C:\WINDOWS\system32\execvsut.dll');
DeleteFile('C:\WINDOWS\System32\execvsut.exe');
DeleteFile('C:\WINDOWS\System32\expsdsqu.dll');
DeleteFile('C:\WINDOWS\System32\wha1.116.exe');
DeleteFile('C:\WINDOWS\wmrg110.exe');
DeleteFile('C:\WINDOWS\system32\dfprop.dll');
DeleteFile('C:\WINDOWS\system32\ijakeng.dll');
DeleteFile('C:\WINDOWS\system32\dtcprop2.dll');
DeleteFile('C:\WINDOWS\system32\wnhtcpip.dll');
DeleteFile('C:\WINDOWS\system32\dmprov.dll');
DeleteFile('C:\WINDOWS\system32\sxgina.dll');
DeleteFile('C:\WINDOWS\system32\egsadu.dll');
DeleteFile('C:\WINDOWS\system32\mdoeacct.dll');
DeleteFile('C:\WINDOWS\system32\CtdbLangTH.dll');
DeleteFile('C:\WINDOWS\system32\nytui2.dll');
DeleteFile('C:\WINDOWS\system32\lOngserv.dll');
DeleteFile('C:\WINDOWS\system32\snsvcs.dll');
DeleteFile('C:\WINDOWS\system32\mqcat32.dll');
DeleteFile('C:\WINDOWS\system32\expsdsqu.dll');
DeleteFile('C:\WINDOWS\system32\samlkbdn.dll');
DeleteFile('C:\WINDOWS\System32\expsdsqu.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
end.
[/code]
пришлите карантин согласно приложения 3 правил ....
повторите логи ....

Вот логи:

MyWebSearch - деинсталировать ...
пофиксите ..
[code]
O20 - AppInit_DLLs: mslbscha.dll rnr2msft.dll olearasr.dll e1.dll ipxrir32.dll jitmtxo.dll samlkbdn.dll
O20 - Winlogon Notify: admewinr - C:\WINDOWS\system32\admewinr.dll (file missing)
O20 - Winlogon Notify: ctl3pack - C:\WINDOWS\system32\ctl3pack.dll (file missing)
O20 - Winlogon Notify: execvsut - C:\WINDOWS\
O20 - Winlogon Notify: icm3wmps - C:\WINDOWS\system32\icm3wmps.dll (file missing)
O20 - Winlogon Notify: rasppowr - C:\WINDOWS\system32\rasppowr.dll (file missing)
O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\system32\jtjs0717e.dll (file missing)
[/code]
выполните скрипт ...
[code]
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
QuarantineFile('C:\WINDOWS\wmrg109.exe','');
QuarantineFile('C:\WINDOWS\wha1.113.exe','');
QuarantineFile('C:\WINDOWS\system32\rasppowr.dll','');
QuarantineFile('C:\WINDOWS\system32\jtjs0717e.dll','');
QuarantineFile('C:\WINDOWS\system32\icm3wmps.dll','');
QuarantineFile('C:\WINDOWS\system32\ctl3pack.dll','');
QuarantineFile('C:\WINDOWS\system32\admewinr.dll','');
QuarantineFile('C:\WINDOWS\System32\sscrtf.exe','');
QuarantineFile('C:\WINDOWS\gonz.exe','');
QuarantineFile('C:\Documents and Settings\administrator\Application Data\Mozilla\Firefox\Profiles\lnf561a6.default\extensions\firebit@firebit\components\firebit.dll.dat','');
QuarantineFile('C:\Documents and Settings\administrator\Application Data\Mozilla\Firefox\Profiles\lnf561a6.default\extensions\firebit@firebit\components\firebit.dll','');
DeleteFile('C:\Documents and Settings\administrator\Application Data\Mozilla\Firefox\Profiles\lnf561a6.default\extensions\firebit@firebit\components\firebit.dll');
DeleteFile('C:\WINDOWS\gonz.exe');
DeleteFile('C:\WINDOWS\System32\sscrtf.exe');
DeleteFile('C:\WINDOWS\system32\admewinr.dll');
DeleteFile('C:\WINDOWS\system32\ctl3pack.dll');
DeleteFile('C:\WINDOWS\system32\icm3wmps.dll');
DeleteFile('C:\WINDOWS\system32\jtjs0717e.dll');
DeleteFile('C:\WINDOWS\system32\rasppowr.dll');
DeleteFile('C:\WINDOWS\wha1.113.exe');
DeleteFile('C:\WINDOWS\wmrg109.exe');
DeleteFile('C:\WINDOWS\system32\mevcrt.dll');
DeleteFile('C:\WINDOWS\system32\lDngwrbk.dll');
DeleteFile('C:\WINDOWS\system32\ilclass.dll');
DeleteFile('C:\WINDOWS\system32\slnike.dll');
DeleteFile('C:\WINDOWS\system32\guard.tmp');
DeleteFile('C:\WINDOWS\system32\gzkcsp.dll');
DeleteFile('C:\WINDOWS\system32\dpghelp.dll');
DeleteFile('C:\WINDOWS\system32\imsecsvc.dll');
DeleteFile('C:\WINDOWS\system32\cbgbkend.dll');
DeleteFile('C:\WINDOWS\system32\tFpiperf.dll');
DeleteFile('C:\WINDOWS\system32\gdmf32.dll');
DeleteFile('C:\WINDOWS\system32\mols31.dll');
DeleteFile('C:\WINDOWS\system32\pKutoenr.dll');
DeleteFile('C:\WINDOWS\system32\lytif13n.dll');
DeleteFile('C:\WINDOWS\system32\mjvcp71.dll');
DeleteFile('C:\WINDOWS\system32\scell.dll');
DeleteFile('C:\WINDOWS\system32\rcchost.dll');
DeleteFile('C:\WINDOWS\system32\kpdlv1.dll');
DeleteFile('C:\WINDOWS\system32\aovapi32.dll');
DeleteFile('C:\WINDOWS\system32\kjdhela3.dll');
DeleteFile('C:\WINDOWS\system32\ualmon.dll');
DeleteFile('C:\WINDOWS\system32\hutplug.dll');
DeleteFile('C:\WINDOWS\system32\kvdusr.dll');
DeleteFile('C:\WINDOWS\system32\meutil.dll');
DeleteFile('C:\WINDOWS\system32\siclogon.dll');
DeleteFile('C:\WINDOWS\system32\skrialui.dll');
DeleteFile('C:\WINDOWS\system32\hS23msp.dll');
DeleteFile('C:\WINDOWS\system32\iov6mon.dll');
DeleteFile('C:\WINDOWS\system32\rOcpldlg.dll');
DeleteFile('C:\WINDOWS\system32\pPpgraph.dll');
DeleteFile('C:\WINDOWS\system32\wxbhits.dll');
DeleteFile('C:\WINDOWS\system32\cDmocx.dll');
DeleteFile('C:\WINDOWS\system32\ikssuba.dll');
DeleteFile('C:\WINDOWS\system32\dcsetup.dll');
DeleteFile('C:\WINDOWS\system32\mg43dmod.dll');
DeleteFile('C:\WINDOWS\system32\wasdmod.dll');
DeleteFile('C:\WINDOWS\system32\ccseqchk.dll');
DeleteFile('C:\WINDOWS\system32\oztext32.dll');
DeleteFile('C:\WINDOWS\system32\xclprovi.dll');
DeleteFile('C:\WINDOWS\system32\tdntsvrp.dll');
DeleteFile('C:\WINDOWS\system32\dadlgs.dll');
DeleteFile('C:\WINDOWS\system32\MTC71KOR.DLL');
DeleteFile('C:\WINDOWS\system32\mpprivs.dll');
DeleteFile('C:\WINDOWS\system32\ofecli.dll');
DeleteFile('C:\WINDOWS\system32\rB6u0ij9e8o.dll');
DeleteFile('C:\WINDOWS\system32\kjdaze.dll');
DeleteFile('C:\WINDOWS\system32\izakeng.dll');
DeleteFile('C:\WINDOWS\system32\oxjsel.dll');
DeleteFile('C:\WINDOWS\system32\mwaudite.dll');
DeleteFile('C:\WINDOWS\system32\calbact.dll');
DeleteFile('C:\WINDOWS\system32\mivbvm50.dll');
DeleteFile('C:\WINDOWS\system32\pNpgraph.dll');
DeleteFile('C:\WINDOWS\system32\sbarddlg.dll');
DeleteFile('C:\WINDOWS\system32\purfnw.dll');
DeleteFile('C:\WINDOWS\system32\iheshare.dll');
DeleteFile('C:\WINDOWS\system32\vhscript.dll');
DeleteFile('C:\WINDOWS\system32\momefilt.dll');
DeleteFile('C:\WINDOWS\system32\wsbcheck.dll');
DeleteFile('C:\WINDOWS\system32\rlgsvc.dll');
DeleteFile('C:\WINDOWS\system32\mbdemui.dll');
DeleteFile('C:\WINDOWS\system32\rwmotepg.dll');
DeleteFile('C:\WINDOWS\system32\ddnput8.dll');
DeleteFile('C:\WINDOWS\system32\erent97.dll');
DeleteFile('C:\WINDOWS\system32\pHutoenr.dll');
DeleteFile('C:\WINDOWS\system32\jabexec.dll');
DeleteFile('C:\WINDOWS\system32\lmfil13n.DLL');
DeleteFile('C:\WINDOWS\system32\zepfldr.dll');
DeleteFile('C:\WINDOWS\system32\abtapi.dll');
DeleteFile('C:\WINDOWS\system32\smlwoa.dll');
DeleteFile('C:\WINDOWS\system32\cyl3d32.dll');
DeleteFile('C:\WINDOWS\system32\myprivs.dll');
DeleteFile('C:\WINDOWS\system32\krdfi1.dll');
DeleteFile('C:\WINDOWS\system32\fndrclnr.dll');
DeleteFile('C:\WINDOWS\system32\avvpack.dll');
DeleteFile('C:\WINDOWS\system32\nulanman.dll');
DeleteFile('C:\WINDOWS\system32\pHpsvc.dll');
DeleteFile('C:\WINDOWS\system32\ejtmgr.dll');
DeleteFile('C:\WINDOWS\system32\drusic.dll');
DeleteFile('C:\WINDOWS\system32\mapatcha.dll');
DeleteFile('C:\WINDOWS\system32\mxports.dll');
DeleteFile('C:\WINDOWS\system32\MYC71DEU.DLL');
DeleteFile('C:\WINDOWS\system32\dzmasf.dll');
DeleteFile('C:\WINDOWS\system32\cjmsnap.dll');
DeleteFile('C:\WINDOWS\system32\kqdukx.dll');
DeleteFile('C:\WINDOWS\system32\dd32gt.dll');
DeleteFile('C:\WINDOWS\system32\sdndcmsg.dll');
DeleteFile('C:\WINDOWS\system32\wQsdmod.dll');
DeleteFile('C:\WINDOWS\system32\ivclass.dll');
DeleteFile('C:\WINDOWS\system32\shcpack.dll');
DeleteFile('C:\WINDOWS\system32\kfdsmsfi.dll');
DeleteFile('C:\WINDOWS\system32\wjv8dmod.dll');
DeleteFile('C:\WINDOWS\system32\cTmocx.dll');
DeleteFile('C:\WINDOWS\system32\chgbkend.dll');
DeleteFile('C:\WINDOWS\system32\jqsd400.dll');
DeleteFile('C:\WINDOWS\system32\IH50_QC.DLL');
DeleteFile('C:\WINDOWS\system32\uwrsdpia.dll');
DeleteFile('C:\WINDOWS\system32\nitui2.dll');
DeleteFile('C:\WINDOWS\system32\insutil.dll');
DeleteFile('C:\WINDOWS\system32\mujint40.dll');
DeleteFile('C:\WINDOWS\system32\dWtime.dll');
DeleteFile('C:\WINDOWS\system32\tebyuv.dll');
DeleteFile('C:\WINDOWS\system32\mscoree.dll');
DeleteFile('C:\WINDOWS\system32\jipl400.dll');
DeleteFile('C:\WINDOWS\system32\rNsrad.dll');
DeleteFile('C:\WINDOWS\system32\movidctl.dll');
DeleteFile('C:\WINDOWS\system32\buowseui.dll');
DeleteFile('C:\WINDOWS\system32\wtigest.dll');
DeleteFile('C:\WINDOWS\system32\dzvenum.dll');
DeleteFile('C:\WINDOWS\system32\sfcsccp.dll');
DeleteFile('C:\WINDOWS\system32\dprgui.dll');
DeleteFile('C:\WINDOWS\system32\wxadmod.dll');
DeleteFile('C:\WINDOWS\system32\ma4sdmod.dll');
DeleteFile('C:\WINDOWS\system32\gaedit.dll');
DeleteFile('C:\WINDOWS\system32\ptdgen.dll');
DeleteFile('C:\WINDOWS\system32\kqdsmsfi.dll');
DeleteFile('C:\WINDOWS\system32\srrrun.dll');
DeleteFile('C:\WINDOWS\system32\mevci70.dll');
DeleteFile('C:\WINDOWS\system32\smoolss.dll');
DeleteFile('C:\WINDOWS\system32\nvtui2.dll');
DeleteFile('C:\WINDOWS\system32\citdll.dll');
DeleteFile('C:\WINDOWS\system32\sybrccsp.dll');
DeleteFile('C:\WINDOWS\system32\myc71u.dll');
DeleteFile('C:\WINDOWS\system32\cwrsrv.dll');
DeleteFile('C:\WINDOWS\system32\kddsmsfi.dll');
DeleteFile('C:\WINDOWS\system32\tKpiui.dll');
DeleteFile('C:\WINDOWS\system32\dwutil.dll');
DeleteFile('C:\WINDOWS\system32\mgsign32.dll');
DeleteFile('C:\WINDOWS\system32\arsldpc.dll');
DeleteFile('C:\WINDOWS\system32\dolayx.dll');
DeleteFile('C:\WINDOWS\system32\wbpsrcwp.dll');
DeleteFile('C:\WINDOWS\system32\snsvcs.dll');
DeleteFile('C:\WINDOWS\system32\lOngserv.dll');
DeleteFile('C:\WINDOWS\system32\nytui2.dll');
DeleteFile('C:\WINDOWS\system32\CtdbLangTH.dll');
DeleteFile('C:\WINDOWS\system32\hvcoin.dll');
DeleteFile('C:\WINDOWS\system32\egsadu.dll');
DeleteFile('C:\WINDOWS\system32\mdoeacct.dll');
DeleteFile('C:\WINDOWS\system32\sxgina.dll');
DeleteFile('C:\WINDOWS\system32\dmprov.dll');
DeleteFile('C:\WINDOWS\system32\wnhtcpip.dll');
DeleteFile('C:\WINDOWS\system32\dtcprop2.dll');
DeleteFile('C:\WINDOWS\system32\dfprop.dll');
DeleteFile('C:\WINDOWS\system32\kjrberos.dll');
DeleteFile('C:\WINDOWS\system32\mmxml4.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
[/code]
пришлите карантин согласно приложения 3 правил....
повторите логи ...

Карантин отправил. Вот логи:

[url=http://virusinfo.info/showthread.php?t=7239]AVZ, меню "Файл - Выполнить скрипт" -- Скопировать ниже написанный скрипт-- Нажать кнопку "Запустить".[/url]
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
SetServiceStart('cmdService', 4);
StopService('cmdService');
QuarantineFile('C:\WINDOWS\RWxlbmE\command.exe','');
SetServiceStart('Network Monitor', 4);
StopService('Network Monitor');
QuarantineFile('C:\Program Files\Network Monitor\netmon.exe','');
DeleteFile('C:\WINDOWS\RWxlbmE\command.exe');
DeleteFile('C:\Program Files\Network Monitor\netmon.exe');
DeleteFile('C:\WINDOWS\system32\mevcrt.dll');
DeleteFile('C:\WINDOWS\system32\lDngwrbk.dll');
DeleteFile('C:\WINDOWS\system32\ilclass.dll');
DeleteFile('C:\WINDOWS\system32\slnike.dll');
DeleteFile('C:\WINDOWS\system32\guard.tmp');
DeleteFile('C:\WINDOWS\system32\gzkcsp.dll');
DeleteFile('C:\WINDOWS\system32\dpghelp.dll');
DeleteFile('C:\WINDOWS\system32\imsecsvc.dll');
DeleteFile('C:\WINDOWS\system32\cbgbkend.dll');
DeleteFile('C:\WINDOWS\system32\tFpiperf.dll');
DeleteFile('C:\WINDOWS\system32\gdmf32.dll');
DeleteFile('C:\WINDOWS\system32\mols31.dll');
DeleteFile('C:\WINDOWS\system32\pKutoenr.dll');
DeleteFile('C:\WINDOWS\system32\lytif13n.dll');
DeleteFile('C:\WINDOWS\system32\mjvcp71.dll');
DeleteFile('C:\WINDOWS\system32\scell.dll');
DeleteFile('C:\WINDOWS\system32\rcchost.dll');
DeleteFile('C:\WINDOWS\system32\kpdlv1.dll');
DeleteFile('C:\WINDOWS\system32\aovapi32.dll');
DeleteFile('C:\WINDOWS\system32\kjdhela3.dll');
DeleteFile('C:\WINDOWS\system32\ualmon.dll');
DeleteFile('C:\WINDOWS\system32\hutplug.dll');
DeleteFile('C:\WINDOWS\system32\kvdusr.dll');
DeleteFile('C:\WINDOWS\system32\ieircl.dll');
DeleteFile('C:\WINDOWS\system32\meutil.dll');
DeleteFile('C:\WINDOWS\system32\siclogon.dll');
DeleteFile('C:\WINDOWS\system32\skrialui.dll');
DeleteFile('C:\WINDOWS\system32\hS23msp.dll');
DeleteFile('C:\WINDOWS\system32\llc32vc0.dll');
DeleteFile('C:\WINDOWS\system32\iov6mon.dll');
DeleteFile('C:\WINDOWS\system32\rOcpldlg.dll');
DeleteFile('C:\WINDOWS\system32\pPpgraph.dll');
DeleteFile('C:\WINDOWS\system32\wxbhits.dll');
DeleteFile('C:\WINDOWS\system32\cDmocx.dll');
DeleteFile('C:\WINDOWS\system32\ikssuba.dll');
DeleteFile('C:\WINDOWS\system32\dcsetup.dll');
DeleteFile('C:\WINDOWS\system32\mg43dmod.dll');
DeleteFile('C:\WINDOWS\system32\ccseqchk.dll');
DeleteFile('C:\WINDOWS\system32\wasdmod.dll');
DeleteFile('C:\WINDOWS\system32\oztext32.dll');
DeleteFile('C:\WINDOWS\system32\xclprovi.dll');
DeleteFile('C:\WINDOWS\system32\tdntsvrp.dll');
DeleteFile('C:\WINDOWS\system32\dadlgs.dll');
DeleteFile('C:\WINDOWS\system32\MTC71KOR.DLL');
DeleteFile('C:\WINDOWS\system32\mpprivs.dll');
DeleteFile('C:\WINDOWS\system32\ofecli.dll');
DeleteFile('C:\WINDOWS\system32\rB6u0ij9e8o.dll');
DeleteFile('C:\WINDOWS\system32\kjdaze.dll');
DeleteFile('C:\WINDOWS\system32\izakeng.dll');
DeleteFile('C:\WINDOWS\system32\oxjsel.dll');
DeleteFile('C:\WINDOWS\system32\mwaudite.dll');
DeleteFile('C:\WINDOWS\system32\calbact.dll');
DeleteFile('C:\WINDOWS\system32\mivbvm50.dll');
DeleteFile('C:\WINDOWS\system32\pNpgraph.dll');
DeleteFile('C:\WINDOWS\system32\sbarddlg.dll');
DeleteFile('C:\WINDOWS\system32\purfnw.dll');
DeleteFile('C:\WINDOWS\system32\iheshare.dll');
DeleteFile('C:\WINDOWS\system32\vhscript.dll');
DeleteFile('C:\WINDOWS\system32\momefilt.dll');
DeleteFile('C:\WINDOWS\system32\wsbcheck.dll');
DeleteFile('C:\WINDOWS\system32\rlgsvc.dll');
DeleteFile('C:\WINDOWS\system32\mbdemui.dll');
DeleteFile('C:\WINDOWS\system32\rwmotepg.dll');
DeleteFile('C:\WINDOWS\system32\ddnput8.dll');
DeleteFile('C:\WINDOWS\system32\erent97.dll');
DeleteFile('C:\WINDOWS\system32\pHutoenr.dll');
DeleteFile('C:\WINDOWS\system32\gyedit.dll');
DeleteFile('C:\WINDOWS\system32\jabexec.dll');
DeleteFile('C:\WINDOWS\system32\lmfil13n.DLL');
DeleteFile('C:\WINDOWS\system32\zepfldr.dll');
DeleteFile('C:\WINDOWS\system32\abtapi.dll');
DeleteFile('C:\WINDOWS\system32\smlwoa.dll');
DeleteFile('C:\WINDOWS\system32\cyl3d32.dll');
DeleteFile('C:\WINDOWS\system32\myprivs.dll');
DeleteFile('C:\WINDOWS\system32\krdfi1.dll');
DeleteFile('C:\WINDOWS\system32\fndrclnr.dll');
DeleteFile('C:\WINDOWS\system32\avvpack.dll');
DeleteFile('C:\WINDOWS\system32\nulanman.dll');
DeleteFile('C:\WINDOWS\system32\pHpsvc.dll');
DeleteFile('C:\WINDOWS\system32\ejtmgr.dll');
DeleteFile('C:\WINDOWS\system32\drusic.dll');
DeleteFile('C:\WINDOWS\system32\mapatcha.dll');
DeleteFile('C:\WINDOWS\system32\mxports.dll');
DeleteFile('C:\WINDOWS\system32\MYC71DEU.DLL');
DeleteFile('C:\WINDOWS\system32\dzmasf.dll');
DeleteFile('C:\WINDOWS\system32\cjmsnap.dll');
DeleteFile('C:\WINDOWS\system32\kqdukx.dll');
DeleteFile('C:\WINDOWS\system32\dd32gt.dll');
DeleteFile('C:\WINDOWS\system32\sdndcmsg.dll');
DeleteFile('C:\WINDOWS\system32\wQsdmod.dll');
DeleteFile('C:\WINDOWS\system32\ivclass.dll');
DeleteFile('C:\WINDOWS\system32\shcpack.dll');
DeleteFile('C:\WINDOWS\system32\kfdsmsfi.dll');
DeleteFile('C:\WINDOWS\system32\wjv8dmod.dll');
DeleteFile('C:\WINDOWS\system32\cTmocx.dll');
DeleteFile('C:\WINDOWS\system32\chgbkend.dll');
DeleteFile('C:\WINDOWS\system32\jqsd400.dll');
DeleteFile('C:\WINDOWS\system32\IH50_QC.DLL');
DeleteFile('C:\WINDOWS\system32\uwrsdpia.dll');
DeleteFile('C:\WINDOWS\system32\nitui2.dll');
DeleteFile('C:\WINDOWS\system32\insutil.dll');
DeleteFile('C:\WINDOWS\system32\mujint40.dll');
DeleteFile('C:\WINDOWS\system32\dWtime.dll');
DeleteFile('C:\WINDOWS\system32\tebyuv.dll');
DeleteFile('C:\WINDOWS\system32\jipl400.dll');
DeleteFile('C:\WINDOWS\system32\rNsrad.dll');
DeleteFile('C:\WINDOWS\system32\movidctl.dll');
DeleteFile('C:\WINDOWS\system32\buowseui.dll');
DeleteFile('C:\WINDOWS\system32\wtigest.dll');
DeleteFile('C:\WINDOWS\system32\dzvenum.dll');
DeleteFile('C:\WINDOWS\system32\sfcsccp.dll');
DeleteFile('C:\WINDOWS\system32\dprgui.dll');
DeleteFile('C:\WINDOWS\system32\wxadmod.dll');
DeleteFile('C:\WINDOWS\system32\ma4sdmod.dll');
DeleteFile('C:\WINDOWS\system32\gaedit.dll');
DeleteFile('C:\WINDOWS\system32\ptdgen.dll');
DeleteFile('C:\WINDOWS\system32\kqdsmsfi.dll');
DeleteFile('C:\WINDOWS\system32\mevci70.dll');
DeleteFile('C:\WINDOWS\system32\smoolss.dll');
DeleteFile('C:\WINDOWS\system32\nvtui2.dll');
DeleteFile('C:\WINDOWS\system32\citdll.dll');
DeleteFile('C:\WINDOWS\system32\sybrccsp.dll');
DeleteFile('C:\WINDOWS\system32\myc71u.dll');
DeleteFile('C:\WINDOWS\system32\cwrsrv.dll');
DeleteFile('C:\WINDOWS\system32\kddsmsfi.dll');
DeleteFile('C:\WINDOWS\system32\tKpiui.dll');
DeleteFile('C:\WINDOWS\system32\dwutil.dll');
DeleteFile('C:\WINDOWS\system32\mgsign32.dll');
DeleteFile('C:\WINDOWS\system32\arsldpc.dll');
DeleteFile('C:\WINDOWS\system32\dolayx.dll');
DeleteFile('C:\WINDOWS\system32\wbpsrcwp.dll');
DeleteFile('C:\WINDOWS\system32\mqcat32.dll');
DeleteFile('C:\WINDOWS\system32\snsvcs.dll');
DeleteFile('C:\WINDOWS\system32\lOngserv.dll');
DeleteFile('C:\WINDOWS\system32\nytui2.dll');
DeleteFile('C:\WINDOWS\system32\CtdbLangTH.dll');
DeleteFile('C:\WINDOWS\system32\hvcoin.dll');
DeleteFile('C:\WINDOWS\system32\mdoeacct.dll');
DeleteFile('C:\WINDOWS\system32\egsadu.dll');
DeleteFile('C:\WINDOWS\system32\sxgina.dll');
DeleteFile('C:\WINDOWS\system32\dmprov.dll');
DeleteFile('C:\WINDOWS\system32\wnhtcpip.dll');
DeleteFile('C:\WINDOWS\system32\dtcprop2.dll');
DeleteFile('C:\WINDOWS\system32\ijakeng.dll');
DeleteFile('C:\WINDOWS\system32\dfprop.dll');
DeleteFile('C:\WINDOWS\system32\kjrberos.dll');
DeleteFile('C:\WINDOWS\system32\mmxml4.dll');
DeleteService('Network Monitor');
DeleteService('cmdService');
BC_ImportALL;
BC_Activate;
ExecuteSysClean;
RebootWindows(true);
end.[/CODE]
После выполнения скрипта компьютер перезагрузится.
Прислать карантин согласно [b]приложения 3 [url=http://virusinfo.info/showthread.php?t=1235]правил [/url][/b].
Загружать по ссылке: [url]http://virusinfo.info/upload_virus.php?tid=19626[/url]

[size="1"][color="#666686"][B][I]Добавлено через 6 минут[/I][/B][/color][/size]

Пофиксить в HijackThis следующие строчки ( [url]http://virusinfo.info/showthread.php?t=4491[/url] )
[CODE]
O9 - Extra button: (no name) - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe[/CODE]


Повторите логи

Карантин отправил. Логи:

- выполнить пункт 2 правил ...
- авз - мастер поиска и устанения проблем насройки и твики браузера все проблемы - устранить ..
- повторить логи начиная с пункта 10 правил ...

Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]3[/B][*]Обработано файлов: [B]3[/B][*]В ходе лечения вредоносные программы в карантинах не обнаружены[/LIST]