ПОМОГИТЕ!!!!!!! ПЛИЗЗЗЗЗЗЗЗЗЗЗЗ!!!!!
Printable View
ПОМОГИТЕ!!!!!!! ПЛИЗЗЗЗЗЗЗЗЗЗЗЗ!!!!!
Лог Хиджака приложите.
[size="1"][color="#666686"][B][I]Добавлено через 5 минут[/I][/B][/color][/size]
Выполнить скрипт:
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\system32\ntos.exe','');
QuarantineFile('C:\Documents and Settings\Карабаджан\Application Data\Microsoft\Windows\lsass.exe','');
DeleteService('Winyb22');
DeleteService('Winvq66');
DeleteService('Wintv77');
DeleteService('Winub00');
DeleteService('Winub77');
DeleteService('Winvh44');
DeleteService('Winsu77');
DeleteService('Winst88');
DeleteService('Winrh33');
DeleteService('Winog44');
DeleteService('Winke33');
DeleteService('Winmf33');
DeleteService('Winnm33');
DeleteService('Winnp33');
DeleteService('Winji44');
DeleteService('Winji00');
DeleteService('Winio33');
DeleteService('Winic44');
DeleteService('Wingr33');
DeleteService('Wingd88');
DeleteService('Wingf33');
DeleteService('Winfu77');
DeleteService('Winea00');
QuarantineFile('C:\WINDOWS\System32\Drivers\Windq33.sys','');
DeleteService('Windq33');
DeleteService('Wincu55');
DeleteService('Winbq66');
DeleteService('Winbo44');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winav22.sys','');
DeleteService('Winav22');
DeleteService('ati6xgxx');
DeleteService('ati6tkxx');
DeleteService('ati6cjxx');
DeleteService('ati5ipxx');
DeleteService('ati5mtxx');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4jaxx.sys','');
DeleteService('ati4jaxx');
QuarantineFile('C:\Program Files\ESET\CyberMania.exe','');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4jaxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati5ipxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati5mtxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati6tkxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati6cjxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati6xgxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winav22.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winbo44.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Windq33.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wincu55.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winbq66.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winea00.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winfu77.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wingf33.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wingd88.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wingr33.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winic44.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winji00.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winio33.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winji44.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winke33.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winmf33.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winnm33.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winnp33.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winsu77.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winst88.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winrh33.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winog44.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winub00.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winub77.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winvh44.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winvq66.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winyb22.sys');
DeleteFile('C:\Documents and Settings\Карабаджан\Application Data\Microsoft\Windows\lsass.exe');
DeleteFile('C:\WINDOWS\system32\ntos.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.[/CODE]
Сделать заново логи после перезагрузки.
Загрузить карантин по Правилам через [url]http://virusinfo.info/upload_virus.php?tid=45822[/url]