Спам на 25-ый порт

Вложений: 2

Спам на 25-ый порт

Здравствуйте! Собственно САБЖ

[URL="http://www.majorgeeks.com/downloadget.php?id=5199&file=15&evp=0d36c3ec48c6373fd5daac78f0c6a417"]скачайте [/URL]C:\WINDOWS\system32\Drivers\Dkr41.sys - force delete
выполните скрипт
[code]
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\system32\ntos.exe','');
DeleteService('Ygn75');
DeleteService('Yfm63');
DeleteService('Xfm20');
DeleteService('Xfm17');
DeleteService('Xfl07');
DeleteService('Wel17');
DeleteService('Wek52');
DeleteService('Wek41');
DeleteService('Vdk28');
DeleteService('Vdj30');
DeleteService('Ucj20');
DeleteService('Uci74');
DeleteService('tcpsr');
DeleteService('Tah18');
DeleteService('Qwe28');
DeleteService('Qxe31');
DeleteService('Qxe64');
DeleteService('Ryg17');
DeleteService('Ryg52');
DeleteService('Ovd52');
DeleteService('Ovd30');
DeleteService('Msa31');
DeleteService('Nuc20');
DeleteService('Ouc07');
DeleteService('Ouc18');
DeleteService('Ovc06');
DeleteService('Lsa30');
DeleteService('Lsa41');
DeleteService('Lsa85');
DeleteService('Lsy85');
DeleteService('Kry63');
DeleteService('Jqx74');
DeleteService('Ipv41');
DeleteService('Hov07');
DeleteService('Gnt75');
DeleteService('Els30');
DeleteService('Fls20');
DeleteService('Fms17');
DeleteService('Fms53');
DeleteService('Fms63');
DeleteService('Dkr74');
DeleteService('Dkq06');
DeleteService('Cip07');
DeleteService('Aho74');
DeleteService('Aho31');
DeleteService('Aho17');
DeleteService('Ahn85');
DeleteService('Ahn28');
DeleteService('Ahn06');
DeleteService('Dkr41');
QuarantineFile('C:\WINDOWS\system32\Drivers\Dkr41.sys','');
QuarantineFile('C:\WINDOWS\system32\WinNt32.dll','');
DeleteFile('C:\WINDOWS\system32\WinNt32.dll');
DeleteFile('C:\WINDOWS\system32\Drivers\Dkr41.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ahn06.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ahn28.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ahn85.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Aho17.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Aho31.sys');
DeleteFile('Aho74.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Cip07.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Dkq06.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Dkr74.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Els30.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Fls20.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Fms17.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Fms53.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Fms63.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Fmt52.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Gnt75.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Hou74.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Hov07.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ipv41.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Jqx74.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Kry63.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Lsa30.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Lsa41.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Lsa85.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Lsy85.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Msa31.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Nuc20.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ouc07.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ouc18.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ovd30.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ovd52.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Qwe28.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Qxe31.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Qxe64.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ryg17.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ryg52.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Tah18.sys');
DeleteFile('C:\WINDOWS\System32\drivers\tcpsr.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Uci74.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ucj20.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Vdj28.sys');
DeleteFile('Vdj30.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Vdk28.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wek41.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wek52.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wel17.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Xfl07.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Xfm17.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Xfm20.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Yfm63.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ygn75.sys');
DeleteFile('C:\WINDOWS\system32\ntos.exe');
DeleteFile('WinNt32.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
[/code]
пришлите карантин согласно приложения 2 правил
повторите логи

Вложений: 3

Благодарю за помощь!

1. Отключите восстановление системы и антивирус.
2. [URL="http://virusinfo.info/showthread.php?t=7239"]Выполните скрипт в AVZ:[/URL]

[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DeleteFile('C:\WINDOWS\System32\Drivers\Dkr41.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Hou28.sys');
DeleteFile('Ovc06.sys');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteRepair(1);
BC_DeleteSvc('Dkr41');
BC_DeleteSvc('Hou28');
BC_DeleteSvc('Ovc06');
BC_Activate;
RebootWindows(true);
end.[/CODE]
После выполнения скрипта компьютер перезагрузится!

3. [URL="http://virusinfo.info/showthread.php?t=4491"]Пофиксите в HijackThis:[/URL]

[QUOTE]O20 - Winlogon Notify: WinNt32 - C:\WINDOWS\[/QUOTE]

4. Сделайте новые логи (только п.2 и 3 раздела Диагностика).

Вложений: 2

Логи

1. Обновите базы АВЗ
2. Прочитайте и выполните пункт 4 в сообщении Синауридзе Александр.

Вложений: 1

Прошу прошения если опять накосячил.
Подозрительные файлы не выкладваются размер превышает лимит

читайте правила вслух ....