Win32/Adware.Virtumonde и Win32/PrivacyRemover.M64

все тоже самое... заставка и отключенные вкладки управления рабочим столом и заставкой... вроде все сделал как надо, прикрепляю логи

Отключите
- ПК от интернета/локалки
- Антивирус и Файрвол.
- Системное восстановление.

- [URL="http://virusinfo.info/showthread.php?t=7239"]Выполните скрипт 1[/URL]
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DeleteService('Xvx78');
DeleteService('Xno06');
DeleteService('Xku44');
DeleteService('Xfh81');
DeleteService('Wqf28');
DeleteService('Wom15');
DeleteService('Wlv11');
DeleteService('Wkv78');
DeleteService('Vws40');
DeleteService('Vnm58');
DeleteService('Upu50');
DeleteService('Ujm15');
DeleteService('Ucv05');
DeleteService('Sun28');
DeleteService('Ssb57');
DeleteService('Saq40');
DeleteService('Rfj73');
DeleteService('restore');
DeleteService('Rbh71');
DeleteService('Qub46');
DeleteService('Qqw02');
DeleteService('Pjl07');
DeleteService('Pav83');
DeleteService('Onj13');
DeleteService('Omi35');
DeleteService('Nsj28');
DeleteService('Nrt50');
DeleteService('Mxg86');
DeleteService('Mqu23');
DeleteService('Mqc54');
DeleteService('Mgh06');
DeleteService('Lvc77');
DeleteService('Lkc84');
DeleteService('Lds67');
DeleteService('lbrtfdc');
DeleteService('Kyp78');
DeleteService('Kqt73');
DeleteService('Kpe37');
DeleteService('Kdj03');
DeleteService('Jdg13');
DeleteService('Ivp36');
DeleteService('Ilw13');
DeleteService('Iij14');
DeleteService('Ibj16');
DeleteService('Hsx80');
DeleteService('Hrb32');
DeleteService('Hkl17');
DeleteService('Hic33');
DeleteService('Hcs36');
DeleteService('Gyx51');
DeleteService('Goq28');
DeleteService('Gju88');
DeleteService('Geh30');
DeleteService('Gcg38');
DeleteService('Fyw15');
DeleteService('Fpi46');
DeleteService('Fie73');
DeleteService('Fhj88');
DeleteService('Elv30');
DeleteService('Dbq25');
DeleteService('Csx54');
DeleteService('Cbs52');
DeleteService('Bvj20');
DeleteService('Bmq07');
DeleteService('Avv52');
DeleteService('Aca26');
QuarantineFile('C:\Documents and Settings\11_1.ZR\Рабочий стол\.//..//~tmp1174.exe','');
QuarantineFile('C:\WINDOWS\system32\blphcrpcj0ej8r.scr','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Avv52.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Bmq07.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Bvj20.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Cbs52.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Csx54.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Dbq25.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Elv30.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Fhj88.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Fie73.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\Fpi46.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Fyw15.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Gcg38.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Geh30.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Gju88.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Goq28.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Gyx51.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Hcs36.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Hic33.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Hkl17.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Hrb32.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Hsx80.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Ibj16.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Iij14.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\Jdg13.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Kdj03.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Kpe37.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Kqt73.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Kyp78.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Lds67.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Lkc84.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Lvc77.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\Mgh06.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Mqc54.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Mqu23.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Nrt50.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Nsj28.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Omi35.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\Onj13.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Pav83.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Qqw02.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Qub46.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Rbh71.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Rfj73.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Saq40.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Ssb57.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Sun28.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Ucv05.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Ujm15.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Upu50.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Vnm58.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Vws40.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wkv78.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wlv11.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wom15.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wqf28.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Xfh81.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Xku44.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Xno06.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Xvx78.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Aca26.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\restore.sys','');
DeleteFile('C:\WINDOWS\System32\Drivers\Aca26.sys');
DeleteFile('C:\WINDOWS\system32\drivers\restore.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Xvx78.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Xno06.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Xku44.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Xfh81.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wqf28.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wom15.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wlv11.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wkv78.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Vws40.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Upu50.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ujm15.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ucv05.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Sun28.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Saq40.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Rfj73.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Rbh71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Qub46.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Qqw02.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Pjl07.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Pav83.sys');
DeleteFile('C:\WINDOWS\System32\drivers\Onj13.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Omi35.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Nsj28.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Nrt50.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Mxg86.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Mqu23.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Mqc54.sys');
DeleteFile('C:\WINDOWS\System32\drivers\Mgh06.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Lvc77.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Lkc84.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Lds67.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Kyp78.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Kqt73.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Kpe37.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Kdj03.sys');
DeleteFile('C:\WINDOWS\System32\drivers\Jdg13.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ilw13.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Iij14.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ibj16.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Hsx80.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Hrb32.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Hkl17.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Hic33.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Hcs36.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Gyx51.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Goq28.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Gju88.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Geh30.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Gcg38.sys');
DeleteFile('C:\WINDOWS\System32\drivers\Fpi46.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Fie73.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Fhj88.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Elv30.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Dbq25.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Csx54.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Cbs52.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Bvj20.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Bmq07.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Avv52.sys');
DeleteFile('C:\WINDOWS\system32\blphcrpcj0ej8r.scr');
DeleteFile('C:\Documents and Settings\11_1.ZR\Рабочий стол\.//..//~tmp1174.exe');
DelWinlogonNotifyByFileName('lwqkun.dll');
BC_ImportAll;
ExecuteSysClean;
ExecuteRepair(7);
ExecuteRepair(14);
BC_DeleteSvc('Xvx78');
BC_DeleteSvc('Xno06');
BC_DeleteSvc('Xku44');
BC_DeleteSvc('Xfh81');
BC_DeleteSvc('Wqf28');
BC_DeleteSvc('Wom15');
BC_DeleteSvc('Wlv11');
BC_DeleteSvc('Wkv78');
BC_DeleteSvc('Vws40');
BC_DeleteSvc('Vnm58');
BC_DeleteSvc('Upu50');
BC_DeleteSvc('Ujm15');
BC_DeleteSvc('Ucv05');
BC_DeleteSvc('Sun28');
BC_DeleteSvc('Ssb57');
BC_DeleteSvc('Saq40');
BC_DeleteSvc('Rfj73');
BC_DeleteSvc('restore');
BC_DeleteSvc('Rbh71');
BC_DeleteSvc('Qub46');
BC_DeleteSvc('Qqw02');
BC_DeleteSvc('Pjl07');
BC_DeleteSvc('Pav83');
BC_DeleteSvc('Onj13');
BC_DeleteSvc('Omi35');
BC_DeleteSvc('Nsj28');
BC_DeleteSvc('Nrt50');
BC_DeleteSvc('Mxg86');
BC_DeleteSvc('Mqu23');
BC_DeleteSvc('Mqc54');
BC_DeleteSvc('Mgh06');
BC_DeleteSvc('Lvc77');
BC_DeleteSvc('Lkc84');
BC_DeleteSvc('Lds67');
BC_DeleteSvc('lbrtfdc');
BC_DeleteSvc('Kyp78');
BC_DeleteSvc('Kqt73');
BC_DeleteSvc('Kpe37');
BC_DeleteSvc('Kdj03');
BC_DeleteSvc('Jdg13');
BC_DeleteSvc('Ivp36');
BC_DeleteSvc('Ilw13');
BC_DeleteSvc('Iij14');
BC_DeleteSvc('Ibj16');
BC_DeleteSvc('Hsx80');
BC_DeleteSvc('Hrb32');
BC_DeleteSvc('Hkl17');
BC_DeleteSvc('Hic33');
BC_DeleteSvc('Hcs36');
BC_DeleteSvc('Gyx51');
BC_DeleteSvc('Goq28');
BC_DeleteSvc('Gju88');
BC_DeleteSvc('Geh30');
BC_DeleteSvc('Gcg38');
BC_DeleteSvc('Fyw15');
BC_DeleteSvc('Fpi46');
BC_DeleteSvc('Fie73');
BC_DeleteSvc('Fhj88');
BC_DeleteSvc('Elv30');
BC_DeleteSvc('Dbq25');
BC_DeleteSvc('Csx54');
BC_DeleteSvc('Cbs52');
BC_DeleteSvc('Bvj20');
BC_DeleteSvc('Bmq07');
BC_DeleteSvc('Avv52');
BC_DeleteSvc('Aca26');
BC_Activate;
RebootWindows(true);
end.
[/CODE]

После перезагрузки:

- [URL="http://virusinfo.info/showthread.php?t=7239"]Выполните скрипт 2[/URL]
[CODE]
begin
executerepair(5);
executerepair(6);
executerepair(8);
executerepair(9);
executerepair(11);
executerepair(16);
executerepair(17);
RebootWindows(true);
end.
[/CODE]

После перезагрузки:
- [url="http://virusinfo.info/showthread.php?t=10025"] Очистите [/url]темп-папки, кэш проводников и корзину.
- Закройте все программы, включая Антивирус и Файрвол, Оставьте запущенным [B]только Internet Explorer[/B]. Если он не запущен - запустите!!!
- Сделайте повторные логи по правилам.
- Включите Антвирус и Файрволл
- Подключите ПК к интернету/локалке
- Закачайте карантин по ссылке [COLOR="Red"][B]Прислать запрошенный карантин[/B][/COLOR] вверху темы (Приложение 3 правил).
- Прикрепите логи к новому сообщению.