Всем привет, помогите с ошибкой
Printable View
Всем привет, помогите с ошибкой
Пофиксите в HijackThis:
[code]
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O2 - BHO: COM+ Service - {3C49DDAC-3DA4-4743-AF6C-5974FEAF875C} - C:\WINDOWS\system32\winload.dll (file missing)
O2 - BHO: Yahoo Toolbar - {54C7D1DD-4296-451e-B756-1E94F665B4FF} - C:\WINDOWS\system32\yatool.dll (file missing)
O2 - BHO: ConnectionServices module - {6D7B211A-88EA-490c-BAB9-3600D8D7C503} - C:\Program Files\ConnectionServices\ConnectionServices.dll (file missing)
O2 - BHO: BitAccelerator module - {92860A02-4D69-48c1-82D7-EF6B2C609502} - C:\Program Files\BitAccelerator\BitAccelerator.dll (file missing)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
[/code]
Выполните скрипт в AVZ:
[code]
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ClearQuarantine;
QuarantineFile('C:\Program Files\Internet Explorer\setupapi.dll','');
QuarantineFile('C:\WINDOWS\system32\regscan.exe','');
QuarantineFile('C:\WINDOWS\system32\winload.dll','');
QuarantineFile('C:\WINDOWS\system32\ntos.exe','');
QuarantineFile('C:\WINDOWS\TEMP\NTEF8B032.exe','');
QuarantineFile('C:\WINDOWS\system32\basebvwld32.dll','');
QuarantineFile('C:\WINDOWS\system32\basenbi32.dll','');
QuarantineFile('C:\WINDOWS\system32\basehrcu32.dll','');
QuarantineFile('C:\WINDOWS\system32\baseartnb32.dll','');
DeleteFile('C:\WINDOWS\system32\basebvwld32.dll');
DeleteFile('C:\WINDOWS\TEMP\NTEF8B032.exe');
DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe');
DeleteFile('C:\WINDOWS\system32\ntos.exe');
DeleteFile('C:\WINDOWS\system32\winload.dll');
DeleteFile('C:\WINDOWS\system32\regscan.exe');
DeleteFile('C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL');
DeleteFile('C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL');
DeleteFile('C:\WINDOWS\system32\baseartnb32.dll');
DeleteFile('C:\WINDOWS\system32\basehrcu32.dll');
DeleteFile('C:\WINDOWS\system32\basenbi32.dll');
DeleteFile('C:\Program Files\Internet Explorer\setupapi.dll');
BC_ImportALL;
BC_DeleteSvc('Vdj17');
BC_DeleteSvc('Qwd85');
BC_DeleteSvc('Nta30');
BC_DeleteSvc('Lrx17');
BC_DeleteSvc('Iqx42');
BC_DeleteSvc('Elr41');
ExecuteSysClean;
ExecuteRepair(9);
BC_Activate;
RebootWindows(true);
end.[/code]
Компьютер перезагрузится.
Пришлите карантин согласно приложению 3 правил
(загружать тут: [url]http://virusinfo.info/upload_virus.php?tid=23020[/url]).
Отключите восстановление системы, очистите кэш IE и временнные папки.
Сделайте новые логи.