Компьютер переодически перезагружается

Вложений: 3

Доброе время суток. Компьютер самопроизвольно перезагружается, идет левый траффик.

Закройте/выгрузите все программы кроме AVZ и Internet Explorer.
Отключите
- ПК от интернета/локалки
- Антивирус и Файрвол.
- Системное восстановление.

- [URL="http://virusinfo.info/showthread.php?t=7239"]Выполните скрипт[/URL]
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
StopService('tcpsr');
StopService('systemntmi');
StopService('netsik');
StopService('ksi32sk');
StopService('hamd3fe');
StopService('ati8yfxx');
StopService('ati8xdxx');
StopService('ati8rxxx');
StopService('ati8inxx');
StopService('ati8afxx');
StopService('ati7syxx');
StopService('ati7qwxx');
StopService('ati7ouxx');
StopService('ati7kqxx');
StopService('ati7flxx');
StopService('ati6taxx');
StopService('ati6ouxx');
StopService('ati6jpxx');
StopService('ati6hnxx');
StopService('ati6chxx');
StopService('ati5syxx');
StopService('ati5gmxx');
StopService('ati5flxx');
StopService('ati4yfxx');
StopService('ati4qwxx');
StopService('ati4ntxx');
StopService('ati4nsxx');
StopService('ati4msxx');
StopService('ati4lrxx');
StopService('ati4inxx');
StopService('ati4djxx');
StopService('ati4cixx');
StopService('ati3wdxx');
StopService('ati3rxxx');
StopService('ati3msxx');
StopService('ati3lrxx');
StopService('ati3ekxx');
StopService('ati2hmxx');
StopService('ati2agxx');
StopService('ati1rxxx');
StopService('ati1pvxx');
StopService('ati1joxx');
StopService('ati1ioxx');
StopService('ati1hnxx');
StopService('ati1gmxx');
StopService('ati1chxx');
StopService('ati0wdxx');
StopService('ati0ntxx');
StopService('ati0nsxx');
QuarantineFile('digiwet.dll','');
QuarantineFile('C:\WINDOWS\System32\rs32net.exe','');
QuarantineFile('C:\WINDOWS\System32\drivers\tcpsr.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\systemntmi.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\netsik.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\ksi32sk.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\hamd3fe.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati8yfxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati8xdxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati8rxxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati8inxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati8afxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati7syxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati7qwxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati7ouxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati7kqxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati7flxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati6taxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati6ouxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati6jpxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati6hnxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati6chxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati5syxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati5gmxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati5flxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati4yfxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati4qwxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati4ntxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati4nsxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4msxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4lrxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4inxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4djxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati4cixx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati3wdxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati3rxxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati3msxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati3lrxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati3ekxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati2hmxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati2agxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati1rxxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati1pvxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati1joxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati1ioxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati1hnxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati1gmxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati1chxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati0wdxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati0ntxx.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\ati0nsxx.sys','');
QuarantineFile('C:\Documents and Settings\Дмитрий Николаевич\Дмитрий Николаевич.exe','');
DeleteService('tcpsr');
DeleteService('systemntmi');
DeleteService('netsik');
DeleteService('ksi32sk');
DeleteService('hamd3fe');
DeleteService('ati8yfxx');
DeleteService('ati8xdxx');
DeleteService('ati8rxxx');
DeleteService('ati8inxx');
DeleteService('ati8afxx');
DeleteService('ati7syxx');
DeleteService('ati7qwxx');
DeleteService('ati7ouxx');
DeleteService('ati7kqxx');
DeleteService('ati7flxx');
DeleteService('ati6taxx');
DeleteService('ati6ouxx');
DeleteService('ati6jpxx');
DeleteService('ati6hnxx');
DeleteService('ati6chxx');
DeleteService('ati5syxx');
DeleteService('ati5gmxx');
DeleteService('ati5flxx');
DeleteService('ati4yfxx');
DeleteService('ati4qwxx');
DeleteService('ati4ntxx');
DeleteService('ati4nsxx');
DeleteService('ati4msxx');
DeleteService('ati4lrxx');
DeleteService('ati4inxx');
DeleteService('ati4djxx');
DeleteService('ati4cixx');
DeleteService('ati3wdxx');
DeleteService('ati3rxxx');
DeleteService('ati3msxx');
DeleteService('ati3lrxx');
DeleteService('ati3ekxx');
DeleteService('ati2hmxx');
DeleteService('ati2agxx');
DeleteService('ati1rxxx');
DeleteService('ati1pvxx');
DeleteService('ati1joxx');
DeleteService('ati1ioxx');
DeleteService('ati1hnxx');
DeleteService('ati1gmxx');
DeleteService('ati1chxx');
DeleteService('ati0wdxx');
DeleteService('ati0ntxx');
DeleteService('ati0nsxx');
DeleteFile('digiwet.dll');
DeleteFile('C:\WINDOWS\System32\rs32net.exe');
DeleteFile('C:\WINDOWS\System32\drivers\tcpsr.sys');
DeleteFile('C:\WINDOWS\system32\drivers\systemntmi.sys');
DeleteFile('C:\WINDOWS\system32\drivers\netsik.sys');
DeleteFile('C:\WINDOWS\system32\drivers\ksi32sk.sys');
DeleteFile('C:\WINDOWS\System32\drivers\hamd3fe.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati8yfxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati8xdxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati8rxxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati8inxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati8afxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati7syxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati7qwxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati7ouxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati7kqxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati7flxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati6taxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati6ouxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati6jpxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati6hnxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati6chxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati5syxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati5gmxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati5flxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati4yfxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati4qwxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati4ntxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati4nsxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4msxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4lrxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4inxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4djxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati4cixx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati3wdxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati3rxxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati3msxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati3lrxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati3ekxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati2hmxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati2agxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati1rxxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati1pvxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati1joxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati1ioxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati1hnxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati1gmxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati1chxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati0wdxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati0ntxx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\ati0nsxx.sys');
BC_ImportAll;
ExecuteSysClean;
BC_DeleteSvc('tcpsr');
BC_DeleteSvc('systemntmi');
BC_DeleteSvc('netsik');
BC_DeleteSvc('ksi32sk');
BC_DeleteSvc('hamd3fe');
BC_DeleteSvc('ati8yfxx');
BC_DeleteSvc('ati8xdxx');
BC_DeleteSvc('ati8rxxx');
BC_DeleteSvc('ati8inxx');
BC_DeleteSvc('ati8afxx');
BC_DeleteSvc('ati7syxx');
BC_DeleteSvc('ati7qwxx');
BC_DeleteSvc('ati7ouxx');
BC_DeleteSvc('ati7kqxx');
BC_DeleteSvc('ati7flxx');
BC_DeleteSvc('ati6taxx');
BC_DeleteSvc('ati6ouxx');
BC_DeleteSvc('ati6jpxx');
BC_DeleteSvc('ati6hnxx');
BC_DeleteSvc('ati6chxx');
BC_DeleteSvc('ati5syxx');
BC_DeleteSvc('ati5gmxx');
BC_DeleteSvc('ati5flxx');
BC_DeleteSvc('ati4yfxx');
BC_DeleteSvc('ati4qwxx');
BC_DeleteSvc('ati4ntxx');
BC_DeleteSvc('ati4nsxx');
BC_DeleteSvc('ati4msxx');
BC_DeleteSvc('ati4lrxx');
BC_DeleteSvc('ati4inxx');
BC_DeleteSvc('ati4djxx');
BC_DeleteSvc('ati4cixx');
BC_DeleteSvc('ati3wdxx');
BC_DeleteSvc('ati3rxxx');
BC_DeleteSvc('ati3msxx');
BC_DeleteSvc('ati3lrxx');
BC_DeleteSvc('ati3ekxx');
BC_DeleteSvc('ati2hmxx');
BC_DeleteSvc('ati2agxx');
BC_DeleteSvc('ati1rxxx');
BC_DeleteSvc('ati1pvxx');
BC_DeleteSvc('ati1joxx');
BC_DeleteSvc('ati1ioxx');
BC_DeleteSvc('ati1hnxx');
BC_DeleteSvc('ati1gmxx');
BC_DeleteSvc('ati1chxx');
BC_DeleteSvc('ati0wdxx');
BC_DeleteSvc('ati0ntxx');
BC_DeleteSvc('ati0nsxx');
BC_Activate;
RebootWindows(true);
end.
[/CODE]

После перезагрузки:

- [url="http://virusinfo.info/showthread.php?t=10025"] Очистите [/url]темп-папки, кэш проводников и корзину.
- Закройте все программы, включая Антивирус и Файрвол, Оставьте запущенным [B]только Internet Explorer[/B]. Если он не запущен - запустите!!!
- Сделайте повторные логи
[b]virusinfo_syscure.zip
virusinfo_syscheck.zip
hijackthis.log [/b]
- Включите Антвирус и Файрволл
- Подключите ПК к интернету/локалке
- Закачайте карантин по ссылке [COLOR="Red"][B]Прислать запрошенный карантин[/B][/COLOR] вверху темы (Приложение 3 правил).
- Прикрепите логи к новому сообщению.

Итог лечения

Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]106[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\documents and settings\дмитрий николаевич\дмитрий николаевич.exe - [B]Trojan.Win32.Rabbit.bi[/B] ( DrWEB: Trojan.DownLoad.33158 )[*] c:\windows\system32\drivers\ksi32sk.sys - [B]Rootkit.Win32.Agent.kqq[/B] ( DrWEB: Trojan.NtRootKit.2943 )[/LIST][/LIST]