компьютер зависает,также проблемы со звуком! проблема в течении месяца появилась!
Printable View
компьютер зависает,также проблемы со звуком! проблема в течении месяца появилась!
[URL="http://virusinfo.info/showthread.php?t=4491"]Пофиксите[/URL] в [U]Hijackthis[/U]:
[CODE]R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe
O2 - BHO: aerlibP - {8EAB612A-0602-4504-B5DB-8B667621D143} - (no file)
O2 - BHO: ygalibP - {F3751FEB-DA46-4A56-BF64-5C544DFF1C0D} - (no file)[/CODE]
Отключите компьютер от интернета, а также [B]антивирус[/B] и/или файрвол.
Закройте все программы, запустите только AVZ и Internet Explorer.
Выполните скрипт в [U]AVZ[/U]:
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe','');
QuarantineFile('C:\WINDOWS\System32\drivers\tcpsr.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati8xexx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati8syxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati8pvxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati8hmxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati8gmxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati8bhxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati7ucxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati7ubxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati7taxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati7lrxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati7ioxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati7agxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati6xexx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati6uaxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati6tyxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati6msxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati6agxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati5vcxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati5taxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati5qwxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati5inxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati5flxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati5bgxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4ubxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4uaxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4pvxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4puxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4msxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4kqxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4jpxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4ioxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4inxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4hmxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4ekxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4dixx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati4bhxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati3wcxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati3ouxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati3ekxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati2yfxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati2uaxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati2sxxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati2pvxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1xexx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1wcxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1taxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1syxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1qvxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1msxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1jpxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1ioxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1inxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati1ejxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati0yfxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati0xdxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati0vcxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati0qvxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati0ouxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati0jpxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati0fkxx.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\ati0chxx.sys','');
QuarantineFile('C:\TEMP\~DF1153.tmp','');
DeleteService('ati8xexx');
DeleteService('ati8syxx');
DeleteService('ati8pvxx');
DeleteService('ati8hmxx');
DeleteService('ati8gmxx');
DeleteService('ati8bhxx');
DeleteService('ati7ucxx');
DeleteService('ati7ubxx');
DeleteService('ati7taxx');
DeleteService('ati7lrxx');
DeleteService('ati7ioxx');
DeleteService('ati7agxx');
DeleteService('ati6xexx');
DeleteService('ati6uaxx');
DeleteService('ati6tyxx');
DeleteService('ati6msxx');
DeleteService('ati6agxx');
DeleteService('ati5vcxx');
DeleteService('ati5taxx');
DeleteService('ati5qwxx');
DeleteService('ati5inxx');
DeleteService('ati5flxx');
DeleteService('ati5bgxx');
DeleteService('ati4ubxx');
DeleteService('ati4uaxx');
DeleteService('ati4pvxx');
DeleteService('ati4puxx');
DeleteService('ati4msxx');
DeleteService('ati4kqxx');
DeleteService('ati4jpxx');
DeleteService('ati4ioxx');
DeleteService('ati4inxx');
DeleteService('ati4hmxx');
DeleteService('ati4ekxx');
DeleteService('ati4dixx');
DeleteService('ati4bhxx');
DeleteService('ati3wcxx');
DeleteService('ati3ouxx');
DeleteService('ati3ekxx');
DeleteService('ati2yfxx');
DeleteService('ati2uaxx');
DeleteService('ati2sxxx');
DeleteService('ati2pvxx');
DeleteService('ati1xexx');
DeleteService('ati1wcxx');
DeleteService('ati1taxx');
DeleteService('ati1syxx');
DeleteService('ati1qvxx');
DeleteService('ati1msxx');
DeleteService('ati1jpxx');
DeleteService('ati1ioxx');
DeleteService('ati1inxx');
DeleteService('ati1ejxx');
DeleteService('ati0yfxx');
DeleteService('ati0xdxx');
DeleteService('ati0vcxx');
DeleteService('ati0qvxx');
DeleteService('ati0ouxx');
DeleteService('ati0jpxx');
DeleteService('ati0fkxx');
DeleteService('ati0chxx');
DeleteService('tcpsr');
DelBHO('95289393-33EA-4F8D-B952-483415B9C955');
DelCLSID('28ABC5C0-4FCB-11CF-AAX5-81CX1C635612');
DeleteFile('C:\TEMP\~DF1153.tmp');
DeleteFile('C:\WINDOWS\System32\Drivers\ati0chxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati0fkxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati0jpxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati0ouxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati0qvxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati0vcxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati0xdxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati0yfxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1ejxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1inxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1ioxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1jpxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1msxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1qvxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1syxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1taxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1wcxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati1xexx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati2pvxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati2sxxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati2uaxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati2yfxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati3ekxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati3ouxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati3wcxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4bhxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4dixx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4ekxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4hmxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4inxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4ioxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4jpxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4kqxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4msxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4puxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4pvxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4uaxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati4ubxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati5bgxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati5flxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati5inxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati5qwxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati5taxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati5vcxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati6agxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati6msxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati6tyxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati6uaxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati6xexx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati7agxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati7ioxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati7lrxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati7taxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati7ubxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati7ucxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati8bhxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati8gmxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati8hmxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati8pvxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati8syxx.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ati8xexx.sys');
DeleteFile('C:\WINDOWS\System32\drivers\tcpsr.sys');
DeleteFile('C:\Documents and Settings\PERSONA\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll');
DeleteFile('C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe');
BC_ImportALL;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(16);
RebootWindows(true);
end.[/CODE]
После выполнения скрипта компьютер перезагрузится!!!
Пришлите карантин по ссылке согласно правил [COLOR="DarkRed"][B]Прислать запрошенный карантин[/B][/COLOR] вверху темы. Очистите Temp и временные папки интернета. Сделайте новые логи по правилам.
скрипты выполнил,карантин выслал!вот новые логи!
[URL="http://virusinfo.info/showthread.php?t=4491"]Пофиксите в HiJackThis:[/URL]
[CODE]R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\PERSONA\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)[/CODE]
Что с симптомами?
Система вроде пока работает норм.,но проблема со звуком осталась... Наверно придётся переустанавливать дрова
Попробуйте переустановить и отпишитесь о результатах.
Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]130[/B][*]В ходе лечения вредоносные программы в карантинах не обнаружены[/LIST]