Антивирус находит вирусы,вроде бы удаляет. Но они появляются снова.:(
Printable View
Антивирус находит вирусы,вроде бы удаляет. Но они появляются снова.:(
Многовато :(
Профиксить:
[CODE]
O2 - BHO: erxybloe.dll - {20909876-4567-3908-4056-909834565102} - D:\WINDOWS\system32\erxybloe.dll
O2 - BHO: opshbbty.dll - {22596546-2036-9451-6058-658402589722} - D:\WINDOWS\system32\opshbbty.dll
O2 - BHO: rijxbkin.dll - {25FD6584-698F-BCD2-602C-698745210352} - D:\WINDOWS\system32\rijxbkin.dll
O2 - BHO: lassaplo.dll - {2B69874A-C58C-458D-69F0-698F874E41B2} - D:\WINDOWS\system32\lassaplo.dll
O2 - BHO: skqncbib.dll - {32023698-6984-8541-9654-698745012523} - D:\WINDOWS\system32\skqncbib.dll (file missing)
O2 - BHO: yxcschlp.dll - {35671234-7890-ABCD-CDEF-567801237653} - D:\WINDOWS\system32\yxcschlp.dll
O2 - BHO: nhmxcjkl.dll - {37AC9076-C898-B098-D098-A18319080973} - D:\WINDOWS\system32\nhmxcjkl.dll (file missing)
O2 - BHO: akjsckaq.dll - {3A908760-8000-4000-A000-9000322145A3} - D:\WINDOWS\system32\akjsckaq.dll (file missing)
O2 - BHO: lijzclit.dll - {3C954872-1230-6541-9548-6541025884C3} - D:\WINDOWS\system32\lijzclit.dll
O2 - BHO: oswxdttb.dll - {43512378-9874-5641-1025-985420368734} - D:\WINDOWS\system32\oswxdttb.dll
O2 - BHO: mpwddapi.dll - {45694105-5108-9405-3695-954187462154} - D:\WINDOWS\system32\mpwddapi.dll
O2 - BHO: nhmxdjkl.dll - {47AC9076-C898-B098-D098-A18319080974} - D:\WINDOWS\system32\nhmxdjkl.dll
O2 - BHO: akjsdkaq.dll - {4A908760-8000-4000-A000-9000322145A4} - D:\WINDOWS\system32\akjsdkaq.dll
O2 - BHO: (no name) - {4C69034A-F45F-D34D-A33A-C33C4D324FC4} - D:\WINDOWS\system32\arjrbler.dll (file missing)
O2 - BHO: zptlcsys.dll - {50940F85-F015-14F1-A05F-F69858AC6D05} - D:\WINDOWS\system32\zptlcsys.dll
O2 - BHO: ptjhehlp.dll - {528DF602-9541-A985-210A-984A698C6F25} - D:\WINDOWS\system32\ptjhehlp.dll
O2 - BHO: pjjxedwd.dll - {54FAE856-AD58-20CB-A025-CD4895FA6E45} - D:\WINDOWS\system32\pjjxedwd.dll
O2 - BHO: ozfyebyt.dll - {5A069845-2036-6084-9054-6087502480A5} - D:\WINDOWS\system32\ozfyebyt.dll
O2 - BHO: arjrcler.dll - {5C69034A-F45F-D34D-A33A-C33C4D324FC5} - D:\WINDOWS\system32\arjrcler.dll (file missing)
O2 - BHO: tysqbkol.dll - {5D098345-6785-1098-5413-678067AE03D5} - D:\WINDOWS\system32\tysqbkol.dll
O2 - BHO: pqzfajke.dll - {60A345CD-ABCD-EFAB-CDEF-ABCD01020306} - D:\WINDOWS\system32\pqzfajke.dll
O2 - BHO: (no name) - {6629FF4F-ACDB-5C90-A098-FACB3456A266} - D:\WINDOWS\system32\mpmyfapi.dll (file missing)
O2 - BHO: zxmscwin.dll - {6A041F13-A111-12A3-B0CF-F99818AA68A6} - D:\WINDOWS\system32\zxmscwin.dll (file missing)
O2 - BHO: mndhfdwd.dll - {6C648541-1025-9650-9057-6541258720C6} - D:\WINDOWS\system32\mndhfdwd.dll
O2 - BHO: arjrdler.dll - {6C69034A-F45F-D34D-A33A-C33C4D324FC6} - D:\WINDOWS\system32\arjrdler.dll (file missing)
O2 - BHO: apsgfjba.dll - {6FD45A54-9875-698F-E56E-65102358FDF6} - D:\WINDOWS\system32\apsgfjba.dll (file missing)
O2 - BHO: (no name) - {7629FF4F-ACDB-5C90-A098-FACB3456A267} - D:\WINDOWS\system32\mpmygapi.dll (file missing)
O2 - BHO: mndsgsrv.dll - {77FD640A-158F-48AC-FD14-1597F14A9777} - D:\WINDOWS\system32\mndsgsrv.dll (file missing)
O2 - BHO: zxmsdwin.dll - {7A041F13-A111-12A3-B0CF-F99818AA68A7} - D:\WINDOWS\system32\zxmsdwin.dll
O2 - BHO: arjreler.dll - {7C69034A-F45F-D34D-A33A-C33C4D324FC7} - D:\WINDOWS\system32\arjreler.dll
O2 - BHO: mnmhgsrv.dll - {7C8D1401-A58D-A81C-CD24-A5915C4517C7} - D:\WINDOWS\system32\mnmhgsrv.dll
O2 - BHO: yxfhcjpg.dll - {83BA45AF-FAAA-CDDD-BEEE-BCDE1234AB38} - D:\WINDOWS\system32\yxfhcjpg.dll
O2 - BHO: mpmyhapi.dll - {8629FF4F-ACDB-5C90-A098-FACB3456A268} - D:\WINDOWS\system32\mpmyhapi.dll (file missing)
O2 - BHO: mndshsrv.dll - {87FD640A-158F-48AC-FD14-1597F14A9778} - D:\WINDOWS\system32\mndshsrv.dll
O2 - BHO: ypdjgbmp.dll - {91954FAC-1023-154F-895A-1458258AD819} - D:\WINDOWS\system32\ypdjgbmp.dll
O2 - BHO: (no name) - {9490415F-65F8-B5C5-D8BA-9405FB120549} - D:\WINDOWS\system32\yzztimsn.dll (file missing)
O2 - BHO: jke34kl32.dll - {9629FF4F-ACDB-5C90-A098-FACB3456A269} - D:\WINDOWS\system32\jke34kl32.dll (file missing)
O2 - BHO: yzztjmsn.dll - {A490415F-65F8-B5C5-D8BA-9405FB12054A} - D:\WINDOWS\system32\yzztjmsn.dll (file missing)
O2 - BHO: s2da2f323.dll - {A629FF4F-ACDB-5C90-A098-FACB3456A26A} - D:\WINDOWS\system32\s2da2f323.dll
O2 - BHO: yzztkmsn.dll - {B490415F-65F8-B5C5-D8BA-9405FB12054B} - D:\WINDOWS\system32\yzztkmsn.dll
[/CODE]
Выполнить скрипт:
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('D:\WINDOWS\Mstray.exe','');
QuarantineFile('D:\WINDOWS\system32\Drivers\sojuscsi.sys','');
QuarantineFile('D:\WINDOWS\system32\Drivers\sojubus.sys','');
QuarantineFile('D:\WINDOWS\system32\drivers\eth8023.sys','');
QuarantineFile('D:\WINDOWS\system32\zxmsdwin.dll','');
QuarantineFile('D:\WINDOWS\system32\zptlcsys.dll','');
QuarantineFile('D:\WINDOWS\system32\zgrjdx.dll','');
QuarantineFile('D:\WINDOWS\System32\zdbdb.dll','');
QuarantineFile('D:\WINDOWS\system32\yzztkmsn.dll','');
QuarantineFile('D:\WINDOWS\system32\yxfhcjpg.dll','');
QuarantineFile('D:\WINDOWS\system32\yxcschlp.dll','');
QuarantineFile('D:\WINDOWS\system32\ypdjgbmp.dll','');
QuarantineFile('D:\WINDOWS\system32\wyrsdj.dll','');
QuarantineFile('D:\WINDOWS\system32\ujkwet.dll','');
QuarantineFile('D:\WINDOWS\system32\tysqbkol.dll','');
QuarantineFile('D:\WINDOWS\system32\tuker.dll','');
QuarantineFile('D:\WINDOWS\system32\tisqatyu.dll','');
QuarantineFile('D:\WINDOWS\system32\tfsdmz.dll','');
QuarantineFile('D:\WINDOWS\system32\tdggrz.dll','');
QuarantineFile('D:\WINDOWS\system32\sergy.dll','');
QuarantineFile('D:\WINDOWS\system32\s2da2f323.dll','');
QuarantineFile('D:\WINDOWS\system32\rijxbkin.dll','');
QuarantineFile('D:\WINDOWS\system32\ptjhehlp.dll','');
QuarantineFile('D:\WINDOWS\system32\pqzfajke.dll','');
QuarantineFile('D:\WINDOWS\system32\pjjxedwd.dll','');
QuarantineFile('D:\WINDOWS\system32\pedadt.dll','');
QuarantineFile('D:\WINDOWS\system32\ozfyebyt.dll','');
QuarantineFile('D:\WINDOWS\system32\oswxdttb.dll','');
QuarantineFile('D:\WINDOWS\system32\oqrthc.dll','');
QuarantineFile('D:\WINDOWS\system32\opshbbty.dll','');
QuarantineFile('D:\WINDOWS\System32\njritc.dll','');
QuarantineFile('D:\WINDOWS\system32\nhmxdjkl.dll','');
QuarantineFile('D:\WINDOWS\system32\nhmxcjkl.dll','');
QuarantineFile('D:\WINDOWS\system32\mpwddapi.dll','');
QuarantineFile('D:\WINDOWS\system32\mnmhgsrv.dll','');
QuarantineFile('D:\WINDOWS\system32\mndshsrv.dll','');
QuarantineFile('D:\WINDOWS\system32\mndhfdwd.dll','');
QuarantineFile('D:\WINDOWS\system32\lijzclit.dll','');
QuarantineFile('D:\WINDOWS\system32\lassaplo.dll','');
QuarantineFile('D:\WINDOWS\System32\lariytrz.dll','');
QuarantineFile('D:\WINDOWS\system32\jkjkll.dll','');
QuarantineFile('D:\WINDOWS\system32\ijdyapaw.dll','');
QuarantineFile('D:\WINDOWS\System32\hmsdvf.dll','');
QuarantineFile('D:\WINDOWS\system32\hjk.dll','');
QuarantineFile('D:\WINDOWS\System32\hgfhk.dll','');
QuarantineFile('D:\WINDOWS\system32\gjbhr.dll','');
QuarantineFile('D:\WINDOWS\system32\ghjyer.dll','');
QuarantineFile('D:\WINDOWS\system32\fsrgeb.dll','');
QuarantineFile('D:\WINDOWS\system32\erxybloe.dll','');
QuarantineFile('D:\WINDOWS\system32\ergfwe.dll','');
QuarantineFile('D:\WINDOWS\system32\ddserh.dll','');
QuarantineFile('D:\WINDOWS\system32\cedafb.dll','');
QuarantineFile('D:\WINDOWS\System32\asfjthj.dll','');
QuarantineFile('D:\WINDOWS\system32\arjreler.dll','');
QuarantineFile('D:\WINDOWS\system32\akjsdkaq.dll','');
QuarantineFile('d:\windows\system32\winlogon.exe','');
QuarantineFile('d:\windows\system32\p2001.exe','');
DeleteFile('D:\WINDOWS\system32\akjsdkaq.dll');
DeleteFile('D:\WINDOWS\system32\arjreler.dll');
DeleteFile('D:\WINDOWS\System32\asfjthj.dll');
DeleteFile('D:\WINDOWS\system32\cedafb.dll');
DeleteFile('D:\WINDOWS\system32\ddserh.dll');
DeleteFile('D:\WINDOWS\system32\ergfwe.dll');
DeleteFile('D:\WINDOWS\system32\erxybloe.dll');
DeleteFile('D:\WINDOWS\system32\fsrgeb.dll');
DeleteFile('D:\WINDOWS\system32\ghjyer.dll');
DeleteFile('D:\WINDOWS\system32\gjbhr.dll');
DeleteFile('D:\WINDOWS\System32\hgfhk.dll');
DeleteFile('D:\WINDOWS\system32\hjk.dll');
DeleteFile('D:\WINDOWS\System32\hmsdvf.dll');
DeleteFile('D:\WINDOWS\system32\ijdyapaw.dll');
DeleteFile('D:\WINDOWS\system32\jkjkll.dll');
DeleteFile('D:\WINDOWS\System32\lariytrz.dll');
DeleteFile('D:\WINDOWS\system32\lassaplo.dll');
DeleteFile('D:\WINDOWS\system32\lijzclit.dll');
DeleteFile('D:\WINDOWS\system32\mndhfdwd.dll');
DeleteFile('D:\WINDOWS\system32\mndshsrv.dll');
DeleteFile('D:\WINDOWS\system32\mnmhgsrv.dll');
DeleteFile('D:\WINDOWS\system32\mpwddapi.dll');
DeleteFile('D:\WINDOWS\system32\nhmxcjkl.dll');
DeleteFile('D:\WINDOWS\system32\nhmxdjkl.dll');
DeleteFile('D:\WINDOWS\System32\njritc.dll');
DeleteFile('D:\WINDOWS\system32\opshbbty.dll');
DeleteFile('D:\WINDOWS\system32\oqrthc.dll');
DeleteFile('D:\WINDOWS\system32\oswxdttb.dll');
DeleteFile('D:\WINDOWS\system32\ozfyebyt.dll');
DeleteFile('D:\WINDOWS\system32\pedadt.dll');
DeleteFile('D:\WINDOWS\system32\pjjxedwd.dll');
DeleteFile('D:\WINDOWS\system32\pqzfajke.dll');
DeleteFile('D:\WINDOWS\system32\ptjhehlp.dll');
DeleteFile('D:\WINDOWS\system32\rijxbkin.dll');
DeleteFile('D:\WINDOWS\system32\s2da2f323.dll');
DeleteFile('D:\WINDOWS\system32\sergy.dll');
DeleteFile('D:\WINDOWS\system32\tdggrz.dll');
DeleteFile('D:\WINDOWS\system32\tfsdmz.dll');
DeleteFile('D:\WINDOWS\system32\tisqatyu.dll');
DeleteFile('D:\WINDOWS\system32\tuker.dll');
DeleteFile('D:\WINDOWS\system32\tysqbkol.dll');
DeleteFile('D:\WINDOWS\system32\ujkwet.dll');
DeleteFile('D:\WINDOWS\system32\wyrsdj.dll');
DeleteFile('D:\WINDOWS\system32\ypdjgbmp.dll');
DeleteFile('D:\WINDOWS\system32\yxcschlp.dll');
DeleteFile('D:\WINDOWS\system32\yxfhcjpg.dll');
DeleteFile('D:\WINDOWS\system32\yzztkmsn.dll');
DeleteFile('D:\WINDOWS\System32\zdbdb.dll');
DeleteFile('D:\WINDOWS\system32\zgrjdx.dll');
DeleteFile('D:\WINDOWS\system32\zptlcsys.dll');
DeleteFile('D:\WINDOWS\system32\zxmsdwin.dll');
DeleteFile('D:\WINDOWS\Mstray.exe');
DeleteFile('asefry.dll');
DeleteFile('asfhjy.dll');
DeleteFile('awef.dll');
DeleteFile('bjrvm.dll');
DeleteFile('bnxnb.dll');
DeleteFile('cdxbfxdb.dll');
DeleteFile('chmfcmh.dll');
DeleteFile('crugd.dll');
DeleteFile('dbfb.dll');
DeleteFile('dfhsh.dll');
DeleteFile('dger.dll');
DeleteFile('dhdhvv.dll');
DeleteFile('dnteh.dll');
DeleteFile('drghszd.dll');
DeleteFile('dscef.dll');
DeleteFile('ektvm.dll');
DeleteFile('ethsh.dll');
DeleteFile('fgjderg.dll');
DeleteFile('fgthde.dll');
DeleteFile('fhjfg.dll');
DeleteFile('fjnbv.dll');
DeleteFile('fjyjy.dll');
DeleteFile('fngn.dll');
DeleteFile('frntrn.dll');
DeleteFile('fxgnfx.dll');
DeleteFile('fxnfnh.dll');
DeleteFile('gfcfg.dll');
DeleteFile('ghjkdr.dll');
DeleteFile('ghkrg.dll');
DeleteFile('ghthhh.dll');
DeleteFile('gjkhj.dll');
DeleteFile('gmnait.dll');
DeleteFile('gnfctt.dll');
DeleteFile('hffgth.dll');
DeleteFile('hfjg.dll');
DeleteFile('hfther.dll');
DeleteFile('hjaiq.dll');
DeleteFile('hjdrg.dll');
DeleteFile('hjukrt.dll');
DeleteFile('hkfgh.dll');
DeleteFile('hrergh.dll');
DeleteFile('ijatnaw.dll');
DeleteFile('ilkyu.dll');
DeleteFile('jrhhh.dll');
DeleteFile('jwlah.dll');
DeleteFile('jyjlt.dll');
DeleteFile('jzijj.dll');
DeleteFile('kduy.dll');
DeleteFile('kergt.dll');
DeleteFile('losdf.dll');
DeleteFile('mgmgmm.dll');
DeleteFile('mhgdfg.dll');
DeleteFile('mrjhtjd.dll');
DeleteFile('qrhhb.dll');
DeleteFile('reger.dll');
DeleteFile('rgghjj.dll');
DeleteFile('rhs.dll');
DeleteFile('rthkyuk.dll');
DeleteFile('sdrfh.dll');
DeleteFile('sdvfrr.dll');
DeleteFile('sdvj.dll');
DeleteFile('sehhter.dll');
DeleteFile('serger.dll');
DeleteFile('serghjm.dll');
DeleteFile('setrhes.dll');
DeleteFile('stehs.dll');
DeleteFile('sthth.dll');
DeleteFile('swegfuj.dll');
DeleteFile('thsddh.dll');
DeleteFile('thurh.dll');
DeleteFile('tyjert.dll');
DeleteFile('vhsdfg.dll');
DeleteFile('wfhyt.dll');
DeleteFile('xbcvxb.dll');
DeleteFile('xdfntt.dll');
DeleteFile('xdhdg.dll');
DeleteFile('xdndn.dll');
DeleteFile('xfgnfx.dll');
DeleteFile('xfgnhcgfm.dll');
DeleteFile('xfgnxfn.dll');
DeleteFile('xfng.dll');
DeleteFile('xgnfn.dll');
DeleteFile('ydgn.dll');
DeleteFile('yjrfe.dll');
DeleteFile('yukevg.dll');
DeleteFile('zdbfbd.dll');
DeleteFile('zfdzb.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.[/CODE]
Сделать новые логи. Карантин загрузить по красной ссылке вверху темы.