Подсистема печати недоступна.

Скачайте [URL="http://virusinfo.info/showthread.php?t=17109"]IceSword [/URL], поищите и скопируйте файлы:
[CODE]c:\windows\system32\winhelp32.exe
C:\WINDOWS\system32\vmmreg32.dll
C:\WINDOWS\SYSTEM32\drivers\VIDEO.sys
C:\WINDOWS\SYSTEM32\webmin\VIDEO.bkp
C:\WINDOWS\SYSTEM32\VIDEO.sys
C:\WINDOWS\SYSTEM32\VIDEO.bkp
C:\WINDOWS\SYSTEM32\webmin\vmmreg32.bkp
C:\WINDOWS\SYSTEM32\webmin\winhelp32.exe
C:\WINDOWS\SYSTEM32\webmin\winhelp32.bkp
[/CODE]
Скопированные с помощью IceSword файлы сохраните в карантине ...avz\quarantine\.
Потом удалите их с помощью [URL="http://virusinfo.info/showthread.php?t=17228"]force delete[/URL]
Если Вы какие-то файлы не обнаружите - переходите к следующему шагу.

Отключите
- ПК от интернета/локалки
- Антивирус и Файрвол.
- Системное восстановление.
- [URL="http://virusinfo.info/showthread.php?t=7239"]Выполните скрипт 1 [/URL]
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\windows\system32\winhelp32.exe');
StopService('Winyh38');
StopService('Winyc00');
StopService('Winxs21');
StopService('Winxo04');
StopService('Winwr66');
StopService('Winwl42');
StopService('Winwc51');
StopService('Winvi68');
StopService('Winul12');
StopService('Wintm15');
StopService('Wintm02');
StopService('Wintl47');
StopService('Winsy10');
StopService('Winsm32');
StopService('Winrx00');
StopService('Winrj82');
StopService('Winqy42');
StopService('Winqu08');
StopService('Winqq75');
StopService('Winqk87');
StopService('Winqk11');
StopService('Winph25');
StopService('Winpc74');
StopService('Winpb45');
StopService('Winow02');
StopService('Winoq45');
StopService('Winoa25');
StopService('Winnn37');
StopService('Winnf71');
StopService('Winnc82');
StopService('Winmq08');
StopService('Winmc15');
StopService('Winle67');
StopService('Winle21');
StopService('Winks37');
StopService('Winkd54');
StopService('Winkc15');
StopService('Winjy80');
StopService('Winis84');
StopService('Winip75');
StopService('Wingw75');
StopService('Wingf31');
StopService('Winfn44');
StopService('Winfi35');
StopService('Winfg82');
StopService('Winfc18');
StopService('Wineq37');
StopService('Wineq12');
StopService('Windu34');
StopService('Windt58');
StopService('Windn55');
StopService('Wincn81');
StopService('Winch41');
StopService('Wince40');
StopService('Winca46');
StopService('Winba03');
StopService('Winaq71');
StopService('Winai04');
StopService('VIDEO');
StopService('Dyi75');
StopService('ati7pnxx');
DelBHO('{7C6E1044-DBF1-EDB3-57BB-D40A130EA5BD}');
QuarantineFile('C:\windows\system32\drivers\PlugPlay.sys','');
QuarantineFile('C:\WINDOWS\Temp\BN8.tmp','');
QuarantineFile('C:\WINDOWS\Temp\BN1.tmp','');
QuarantineFile('C:\WINDOWS\SYSTEM32\VIDEO.sys','');
QuarantineFile('c:\windows\system32\msvcrtd.exe','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winyh38.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winyc00.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winxs21.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winxo04.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winwr66.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winwl42.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winwc51.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winvi68.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winul12.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\Wintm15.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wintm02.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wintl47.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winsy10.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winsm32.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winrx00.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winrj82.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winqy42.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winqu08.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winqq75.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winqk87.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winqk11.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winph25.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winpc74.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winpb45.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winow02.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winoq45.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winoa25.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winnn37.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winnf71.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winnc82.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winmq08.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winmc15.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winle67.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winle21.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winks37.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winkd54.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winkc15.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winjy80.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winis84.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winip75.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wingw75.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wingf31.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winfn44.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winfi35.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winfg82.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winfc18.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wineq37.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wineq12.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Windu34.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Windt58.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Windn55.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wincn81.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winch41.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wince40.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winca46.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winba03.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winaq71.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winai04.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Dyi75.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati7pnxx.sys','');
QuarantineFile('C:\WINDOWS\system32\blphcckgj0e7a3.scr','');
QuarantineFile('C:\WINDOWS\SYSTEM32\webmin\winhelp32.exe','');
QuarantineFile('C:\WINDOWS\SYSTEM32\webmin\vmmreg32.bkp','');
QuarantineFile('C:\WINDOWS\SYSTEM32\webmin\VIDEO.bkp','');
QuarantineFile('C:\WINDOWS\SYSTEM32\drivers\VIDEO.sys','');
QuarantineFile('C:\WINDOWS\SYSTEM32\VIDEO.bkp','');
QuarantineFile('C:\WINDOWS\SYSTEM32\VIDEO.sys','');
QuarantineFile('C:\WINDOWS\system32\vmmreg32.dll','');
QuarantineFile('c:\windows\system32\winhelp32.exe','');
QuarantineFile('C:\WINDOWS\SYSTEM32\webmin\winhelp32.bkp','');
DeleteFile('C:\WINDOWS\SYSTEM32\webmin\winhelp32.bkp');
DeleteFile('c:\windows\system32\winhelp32.exe');
DeleteFile('C:\WINDOWS\system32\vmmreg32.dll');
DeleteFile('C:\WINDOWS\SYSTEM32\drivers\VIDEO.sys');
DeleteFile('C:\WINDOWS\SYSTEM32\webmin\VIDEO.bkp');
DeleteFile('C:\WINDOWS\SYSTEM32\VIDEO.sys');
DeleteFile('C:\WINDOWS\SYSTEM32\VIDEO.bkp');
DeleteFile('C:\WINDOWS\SYSTEM32\webmin\vmmreg32.bkp');
DeleteFile('C:\WINDOWS\SYSTEM32\webmin\winhelp32.exe');
DeleteFile('C:\windows\system32\drivers\PlugPlay.sys');
DeleteFile('C:\WINDOWS\Temp\BN8.tmp');
DeleteFile('C:\WINDOWS\Temp\BN1.tmp');
DeleteFile('C:\WINDOWS\SYSTEM32\VIDEO.sys');
DeleteFile('c:\windows\system32\msvcrtd.exe');
DeleteFile('C:\WINDOWS\System32\Drivers\Winyh38.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winyc00.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winxs21.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winxo04.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winwr66.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winwl42.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winwc51.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winvi68.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winul12.sys');
DeleteFile('C:\WINDOWS\System32\drivers\Wintm15.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wintm02.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wintl47.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winsy10.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winsm32.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winrx00.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winrj82.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winqy42.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winqu08.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winqq75.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winqk87.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winqk11.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winph25.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winpc74.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winpb45.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winow02.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winoq45.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winoa25.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winnn37.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winnf71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winnc82.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winmq08.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winmc15.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winle67.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winle21.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winks37.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winkd54.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winkc15.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winjy80.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winis84.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winip75.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wingw75.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wingf31.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winfn44.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winfi35.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winfg82.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winfc18.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wineq37.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wineq12.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Windu34.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Windt58.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Windn55.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wincn81.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winch41.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wince40.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winca46.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winba03.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winaq71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winai04.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Dyi75.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati7pnxx.sys');
DeleteFile('C:\WINDOWS\system32\blphcckgj0e7a3.scr');
BC_ImportAll;
ExecuteSysClean;
BC_DeleteSvc('AlerterAlerter');
BC_DeleteSvc('AlerterAlerterTermService');
BC_DeleteSvc('ALGRDSessMgr');
BC_DeleteSvc('AppMgmtMSDTC');
BC_DeleteSvc('AudioSrvRasMan');
BC_DeleteSvc('AudioSrvRasManDcomLaunch');
BC_DeleteSvc('AudioSrvRasManRasAutolanmanworkstation');
BC_DeleteSvc('AudioSrvSENS');
BC_DeleteSvc('BITSAudioSrvSENS');
BC_DeleteSvc('BrowserPolicyAgent');
BC_DeleteSvc('BrowserPolicyAgentSysmonLog');
BC_DeleteSvc('CiSvcMSIServer');
BC_DeleteSvc('CiSvcSPIDERNT');
BC_DeleteSvc('Dhcpdmadmin');
BC_DeleteSvc('dmadminWmiApSrv');
BC_DeleteSvc('dmadminWmiApSrvlanmanworkstation');
BC_DeleteSvc('EventlogTrkWks');
BC_DeleteSvc('ImapiServicegusvc');
BC_DeleteSvc('lanmanworkstationBITSAudioSrvSENS');
BC_DeleteSvc('lanmanworkstationMSDTC');
BC_DeleteSvc('lanmanworkstationScheduleFastUserSwitchingCompatibility');
BC_DeleteSvc('MessengerW32Time');
BC_DeleteSvc('msupdate');
BC_DeleteSvc('msupdateAppMgmt');
BC_DeleteSvc('msupdateBrowserPolicyAgent');
BC_DeleteSvc('NetmanNla');
BC_DeleteSvc('NetmanNtmsSvc');
BC_DeleteSvc('NetmanNtmsSvcmnmsrvc');
BC_DeleteSvc('NtLmSspSysmonLog');
BC_DeleteSvc('NtmsSvcEventlog');
BC_DeleteSvc('NtmsSvcEventlogClipSrv');
BC_DeleteSvc('PlugPlay');
BC_DeleteSvc('PlugPlayodserv');
BC_DeleteSvc('PolicyAgentSpooler');
BC_DeleteSvc('RasAutolanmanworkstation');
BC_DeleteSvc('RasManDnscache');
BC_DeleteSvc('RpcLocatorAudioSrvRasManRasAutolanmanworkstation');
BC_DeleteSvc('RpcLocatorSPIDERNTdmadminWmiApSrv');
BC_DeleteSvc('RSVPLmHosts');
BC_DeleteSvc('ScheduleFastUserSwitchingCompatibility');
BC_DeleteSvc('ScheduleFastUserSwitchingCompatibilitylanmanworkstationMSDTC');
BC_DeleteSvc('ShellHWDetectionlanmanserver');
BC_DeleteSvc('ShellHWDetectionScheduleFastUserSwitchingCompatibilitylanmanworkstationMSDTC');
BC_DeleteSvc('SPIDERNTdmadminWmiApSrv');
BC_DeleteSvc('SPIDERNTdmadminWmiApSrvSENS');
BC_DeleteSvc('SPIDERNTdmadminWmiApSrvTapiSrv');
BC_DeleteSvc('srservicelanmanworkstation');
BC_DeleteSvc('TermServicelanmanworkstationMSDTC');
BC_DeleteSvc('TrkWksPlugPlay');
BC_DeleteSvc('W32Timedmadmin');
BC_DeleteSvc('W32TimeNtmsSvcEventlog');
BC_DeleteSvc('W32TimeW32Timedmadmin');
BC_DeleteSvc('winmgmtTermServicelanmanworkstationMSDTC');
BC_DeleteSvc('wscsvcSSDPSRV');
BC_DeleteSvc('wuauservDnscache');
BC_DeleteSvc('xmlprovNetlogon');
BC_DeleteSvc('xmlprovNetlogonDhcp');
BC_DeleteSvc('Winyh38');
BC_DeleteSvc('Winyc00');
BC_DeleteSvc('Winxs21');
BC_DeleteSvc('Winxo04');
BC_DeleteSvc('Winwr66');
BC_DeleteSvc('Winwl42');
BC_DeleteSvc('Winwc51');
BC_DeleteSvc('Winvi68');
BC_DeleteSvc('Winul12');
BC_DeleteSvc('Wintm15');
BC_DeleteSvc('Wintm02');
BC_DeleteSvc('Wintl47');
BC_DeleteSvc('Winsy10');
BC_DeleteSvc('Winsm32');
BC_DeleteSvc('Winrx00');
BC_DeleteSvc('Winrj82');
BC_DeleteSvc('Winqy42');
BC_DeleteSvc('Winqu08');
BC_DeleteSvc('Winqq75');
BC_DeleteSvc('Winqk87');
BC_DeleteSvc('Winqk11');
BC_DeleteSvc('Winph25');
BC_DeleteSvc('Winpc74');
BC_DeleteSvc('Winpb45');
BC_DeleteSvc('Winow02');
BC_DeleteSvc('Winoq45');
BC_DeleteSvc('Winoa25');
BC_DeleteSvc('Winnn37');
BC_DeleteSvc('Winnf71');
BC_DeleteSvc('Winnc82');
BC_DeleteSvc('Winmq08');
BC_DeleteSvc('Winmc15');
BC_DeleteSvc('Winle67');
BC_DeleteSvc('Winle21');
BC_DeleteSvc('Winks37');
BC_DeleteSvc('Winkd54');
BC_DeleteSvc('Winkc15');
BC_DeleteSvc('Winjy80');
BC_DeleteSvc('Winis84');
BC_DeleteSvc('Winip75');
BC_DeleteSvc('Wingw75');
BC_DeleteSvc('Wingf31');
BC_DeleteSvc('Winfn44');
BC_DeleteSvc('Winfi35');
BC_DeleteSvc('Winfg82');
BC_DeleteSvc('Winfc18');
BC_DeleteSvc('Wineq37');
BC_DeleteSvc('Wineq12');
BC_DeleteSvc('Windu34');
BC_DeleteSvc('Windt58');
BC_DeleteSvc('Windn55');
BC_DeleteSvc('Wincn81');
BC_DeleteSvc('Winch41');
BC_DeleteSvc('Wince40');
BC_DeleteSvc('Winca46');
BC_DeleteSvc('Winba03');
BC_DeleteSvc('Winaq71');
BC_DeleteSvc('Winai04');
BC_DeleteSvc('VIDEO');
BC_DeleteSvc('Dyi75');
BC_DeleteSvc('ati7pnxx');
BC_Activate;
RebootWindows(true);
end.
[/CODE]

После перезагрузки:

- [URL="http://virusinfo.info/showthread.php?t=7239"]Выполните скрипт 2 [/URL]
[CODE]begin
executerepair(5);
executerepair(6);
executerepair(8);
executerepair(9);
executerepair(11);
executerepair(16);
executerepair(17);
RegKeyStrParamWrite('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders', 'Startup', '%USERPROFILE%\Главное меню\Программы\Автозагрузка');
RegKeyStrParamWrite('HKEY_LOCAL_MACHINE', 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders', 'Common Startup', '%ALLUSERSPROFILE%\Главное меню\Программы\Автозагрузка');
RebootWindows(true);
end.
[/CODE]

После перезагрузки:
- [url="http://virusinfo.info/showthread.php?t=10025"] Очистите [/url]темп-папки, кэш проводников и корзину.
- Закройте все программы, включая Антивирус и Файрвол, Оставьте запущенным [B]только Internet Explorer[/B]. Если он не запущен - запустите!!!
- Сделайте повторные логи по правилам.
- Включите Антвирус и Файрволл
- Подключите ПК к интернету/локалке
- Закачайте карантин по ссылке [COLOR="Red"][B]Прислать запрошенный карантин[/B][/COLOR] вверху темы (Приложение 3 правил).
- Прикрепите логи к новому сообщению.