Постоянно создается куча EXE-файлов в Windows\TEmp.
Запускал DrWeb CureIt, Kaspersky AVPTool, AVZ. Ничего не находят.
Загружался с Флэшки- Alkid Live - DrWeb и Kaspersky и этом случае ничего не нашли.
Комп тормозит. Помогите !
Printable View
Постоянно создается куча EXE-файлов в Windows\TEmp.
Запускал DrWeb CureIt, Kaspersky AVPTool, AVZ. Ничего не находят.
Загружался с Флэшки- Alkid Live - DrWeb и Kaspersky и этом случае ничего не нашли.
Комп тормозит. Помогите !
Сделайте [URL="http://virusinfo.info/showthread.php?t=40118"]лог gmer[/URL].
Лог GMer - посылаю
Люди Добрые!
А почему мне никто не отвечает ?
- [URL="http://virusinfo.info/showthread.php?t=7239"]Выполните скрипт в AVZ[/URL]
[CODE]
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\Temp\5858060.exe','');
QuarantineFile('C:\WINDOWS\Temp\588ca0f.exe','');
QuarantineFile('C:\WINDOWS\Temp\4a20357.exe','');
QuarantineFile('c:\windows\system32\winlogon.exe','');
QuarantineFile('C:\WINDOWS\Temp\4a7dfd7.exe','');
QuarantineFile('C:\WINDOWS\Temp\13181ae.exe','');
QuarantineFile('C:\WINDOWS\Temp\13cdff8.exe','');
QuarantineFile('C:\WINDOWS\Temp\c482c89.exe','');
QuarantineFile('C:\WINDOWS\Temp\ba2bc14.exe','');
QuarantineFile('C:\WINDOWS\Temp\ba3fc89.exe','');
QuarantineFile('C:\WINDOWS\Temp\634112d.exe','');
QuarantineFile('C:\WINDOWS\Temp\63838f9.exe','');
QuarantineFile('C:\WINDOWS\Temp\8d35576.exe','');
QuarantineFile('C:\WINDOWS\Temp\8d3c574.exe','');
QuarantineFile('C:\WINDOWS\Temp\8d52658.exe','');
QuarantineFile('C:\WINDOWS\Temp\6e0c83f.exe','');
QuarantineFile('C:\WINDOWS\Temp\b5a3a08.exe','');
QuarantineFile('C:\WINDOWS\Temp\d48a990.exe','');
QuarantineFile('C:\WINDOWS\Temp\95e2f96.exe','');
QuarantineFile('C:\WINDOWS\Temp\47bec0d.exe','');
QuarantineFile('C:\WINDOWS\Temp\248c3de.exe','');
QuarantineFile('C:\WINDOWS\Temp\08c49ed.exe','');
QuarantineFile('C:\WINDOWS\Temp\0921206.exe','');
QuarantineFile('C:\WINDOWS\Temp\66bf1e2.exe','');
QuarantineFile('C:\WINDOWS\Temp\781431e.exe','');
QuarantineFile('C:\WINDOWS\Temp\9077655.exe','');
QuarantineFile('C:\WINDOWS\Temp\8bb14ed.exe','');
QuarantineFile('C:\WINDOWS\Temp\eb43d6b.exe','');
QuarantineFile('C:\WINDOWS\Temp\7306230.exe','');
QuarantineFile('C:\WINDOWS\Temp\3e3a695.exe','');
QuarantineFile('C:\WINDOWS\Temp\de41363.exe','');
QuarantineFile('C:\WINDOWS\Temp\c6edfa1.exe','');
QuarantineFile('C:\WINDOWS\Temp\248c3de.exe','');
QuarantineFile('C:\WINDOWS\Temp\e61cb3e.exe','');
QuarantineFile('C:\WINDOWS\Temp\7b281f4.exe','');
QuarantineFile('C:\WINDOWS\Temp\217660b.exe','');
QuarantineFile('C:\WINDOWS\Temp\34d6d95.exe','');
QuarantineFile('C:\WINDOWS\Temp\517bb9a.exe','');
QuarantineFile('C:\WINDOWS\Temp\4a22648.exe','');
QuarantineFile('C:\WINDOWS\Temp\4c3ac6d.exe','');
QuarantineFile('C:\WINDOWS\Temp\25714c4.exe','');
QuarantineFile('C:\WINDOWS\Temp\26b572f.exe','');
QuarantineFile('C:\WINDOWS\Temp\2795f70.exe','');
QuarantineFile('C:\WINDOWS\Temp\29e59b9.exe','');
QuarantineFile('C:\WINDOWS\Temp\2a17c40.exe','');
QuarantineFile('C:\WINDOWS\Temp\9cf44b7.exe','');
QuarantineFile('C:\WINDOWS\Temp\dff2720.exe','');
QuarantineFile('C:\WINDOWS\Temp\94d7802.exe','');
QuarantineFile('C:\WINDOWS\Temp\5b1f7f6.exe','');
QuarantineFile('C:\WINDOWS\Temp\5bad812.exe','');
QuarantineFile('C:\WINDOWS\Temp\9a68c4e.exe','');
QuarantineFile('C:\WINDOWS\Temp\dd4ed9b.exe','');
QuarantineFile('C:\WINDOWS\Temp\0bf0f91.exe','');
QuarantineFile('C:\WINDOWS\Temp\1caa92f.exe','');
QuarantineFile('C:\WINDOWS\Temp\2ad88d6.exe','');
QuarantineFile('C:\WINDOWS\Temp\39baf1b.exe','');
QuarantineFile('C:\WINDOWS\Temp\49a0634.exe','');
QuarantineFile('C:\WINDOWS\Temp\59d378d.exe','');
QuarantineFile('C:\WINDOWS\Temp\67c75b3.exe','');
QuarantineFile('C:\WINDOWS\Temp\797c72b.exe','');
QuarantineFile('C:\WINDOWS\Temp\89ce3d5.exe','');
QuarantineFile('C:\WINDOWS\Temp\a629e96.exe','');
QuarantineFile('C:\WINDOWS\Temp\caacaa5.exe','');
QuarantineFile('C:\WINDOWS\Temp\f65e3fa.exe','');
QuarantineFile('C:\WINDOWS\Temp\f6acd14.exe','');
QuarantineFile('C:\WINDOWS\Temp\f6b3a43.exe','');
QuarantineFile('C:\WINDOWS\Temp\781431e.exe','');
QuarantineFile('C:\WINDOWS\Temp\78a06ef.exe','');
QuarantineFile('C:\WINDOWS\Temp\8259144.exe','');
QuarantineFile('C:\WINDOWS\Temp\8c9955d.exe','');
QuarantineFile('C:\WINDOWS\Temp\8d395ee.exe','');
QuarantineFile('C:\WINDOWS\Temp\c5754f6.exe','');
QuarantineFile('C:\WINDOWS\Temp\cee50ed.exe','');
QuarantineFile('C:\WINDOWS\Temp\9a6c515.exe','');
QuarantineFile('C:\WINDOWS\Temp\9cf44b7.exe','');
QuarantineFile('C:\WINDOWS\Temp\5c5cf6c.exe','');
QuarantineFile('C:\WINDOWS\Temp\5fae173.exe','');
QuarantineFile('C:\WINDOWS\Temp\613195a.exe','');
QuarantineFile('C:\WINDOWS\Temp\739d1a7.exe','');
QuarantineFile('C:\WINDOWS\Temp\7493e43.exe','');
QuarantineFile('C:\WINDOWS\Temp\20dfd48.exe','');
QuarantineFile('C:\WINDOWS\Temp\211f7c2.exe','');
QuarantineFile('C:\WINDOWS\Temp\21f57de.exe','');
QuarantineFile('C:\WINDOWS\Temp\2570297.exe','');
QuarantineFile('C:\WINDOWS\Temp\609e1cd.exe','');
QuarantineFile('C:\WINDOWS\Temp\de41363.exe','');
QuarantineFile('C:\WINDOWS\Temp\16f7e1c.exe','');
QuarantineFile('C:\WINDOWS\Temp\19c9f7c.exe','');
QuarantineFile('C:\WINDOWS\Temp\19ce3c9.exe','');
QuarantineFile('C:\WINDOWS\Temp\1b5d7fc.exe','');
QuarantineFile('C:\WINDOWS\Temp\1c4c7ab.exe','');
QuarantineFile('C:\WINDOWS\Temp\1c5ef92.exe','');
QuarantineFile('C:\WINDOWS\Temp\7da9a74.exe','');
QuarantineFile('C:\WINDOWS\Temp\bab89a7.exe','');
QuarantineFile('C:\WINDOWS\Temp\2cb9215.exe','');
QuarantineFile('C:\WINDOWS\Temp\97b66d4.exe','');
QuarantineFile('C:\WINDOWS\Temp\37d6730.exe','');
QuarantineFile('C:\WINDOWS\Temp\37f3056.exe','');
QuarantineFile('C:\WINDOWS\Temp\388f00e.exe','');
QuarantineFile('C:\WINDOWS\Temp\38dceb2.exe','');
QuarantineFile('C:\WINDOWS\Temp\3931ac5.exe','');
QuarantineFile('C:\WINDOWS\Temp\e4f50ac.exe','');
QuarantineFile('C:\WINDOWS\Temp\bf4f85c.exe','');
QuarantineFile('C:\WINDOWS\Temp\bf65575.exe','');
QuarantineFile('C:\WINDOWS\Temp\0c323d7.exe','');
QuarantineFile('C:\WINDOWS\Temp\0e77174.exe','');
QuarantineFile('C:\WINDOWS\Temp\324a6e4.exe','');
QuarantineFile('C:\WINDOWS\Temp\3b6fd93.exe','');
QuarantineFile('C:\WINDOWS\Temp\3be1be8.exe','');
QuarantineFile('C:\WINDOWS\Temp\3c72d15.exe','');
QuarantineFile('C:\WINDOWS\Temp\84f52bd.exe','');
QuarantineFile('C:\WINDOWS\Temp\852f22f.exe','');
QuarantineFile('C:\WINDOWS\Temp\86c50f8.exe','');
QuarantineFile('C:\WINDOWS\Temp\88af2c7.exe','');
QuarantineFile('C:\WINDOWS\Temp\d88b084.exe','');
QuarantineFile('C:\WINDOWS\Temp\ec95650.exe','');
QuarantineFile('C:\WINDOWS\Temp\f327333.exe','');
QuarantineFile('C:\WINDOWS\Temp\f5fdc0c.exe','');
QuarantineFile('C:\WINDOWS\Temp\62757ec.exe','');
QuarantineFile('C:\WINDOWS\Temp\627736e.exe','');
QuarantineFile('C:\WINDOWS\Temp\62812ea.exe','');
QuarantineFile('C:\WINDOWS\Temp\66bf1e2.exe','');
QuarantineFile('C:\WINDOWS\Temp\676e343.exe','');
QuarantineFile('C:\WINDOWS\Temp\39b6405.exe','');
QuarantineFile('C:\WINDOWS\Temp\fbbf0a2.exe','');
QuarantineFile('C:\WINDOWS\Temp\54bd177.exe','');
QuarantineFile('C:\WINDOWS\Temp\4c53b09.exe','');
QuarantineFile('C:\WINDOWS\Temp\4ec04db.exe','');
QuarantineFile('C:\WINDOWS\Temp\50e7a52.exe','');
QuarantineFile('C:\WINDOWS\Temp\5244443.exe','');
QuarantineFile('C:\WINDOWS\Temp\54fd096.exe','');
QuarantineFile('C:\WINDOWS\Temp\573a73e.exe','');
QuarantineFile('C:\WINDOWS\Temp\be06e5d.exe','');
QuarantineFile('C:\WINDOWS\Temp\cf8a20e.exe','');
QuarantineFile('C:\WINDOWS\Temp\d1587f8.exe','');
QuarantineFile('C:\WINDOWS\Temp\e61cb3e.exe','');
QuarantineFile('C:\WINDOWS\Temp\899886f.exe','');
QuarantineFile('C:\WINDOWS\Temp\9ec3fae.exe','');
QuarantineFile('C:\WINDOWS\Temp\6a8aa0e.exe','');
QuarantineFile('C:\WINDOWS\Temp\6d8f421.exe','');
QuarantineFile('C:\WINDOWS\Temp\7306230.exe','');
QuarantineFile('C:\WINDOWS\Temp\74a8754.exe','');
QuarantineFile('C:\WINDOWS\Temp\7617a81.exe','');
QuarantineFile('C:\WINDOWS\Temp\6a59512.exe','');
QuarantineFile('C:\WINDOWS\Temp\f8b3b9c.exe','');
QuarantineFile('C:\WINDOWS\Temp\f9c1296.exe','');
QuarantineFile('C:\WINDOWS\Temp\0e9a3f4.exe','');
QuarantineFile('C:\WINDOWS\Temp\116bef8.exe','');
QuarantineFile('C:\WINDOWS\Temp\143cd87.exe','');
QuarantineFile('C:\WINDOWS\Temp\16bf665.exe','');
QuarantineFile('C:\WINDOWS\Temp\58a8a11.exe','');
QuarantineFile('C:\WINDOWS\Temp\59472f1.exe','');
QuarantineFile('C:\WINDOWS\Temp\d5f8696.exe','');
QuarantineFile('C:\WINDOWS\Temp\d656ce5.exe','');
QuarantineFile('C:\WINDOWS\Temp\a8b722a.exe','');
QuarantineFile('C:\WINDOWS\Temp\a9e6973.exe','');
QuarantineFile('C:\WINDOWS\Temp\aec7f5a.exe','');
QuarantineFile('C:\WINDOWS\Temp\8bb14ed.exe','');
QuarantineFile('C:\WINDOWS\Temp\8e31ce7.exe','');
QuarantineFile('C:\WINDOWS\Temp\908b5d0.exe','');
QuarantineFile('C:\WINDOWS\Temp\94323bf.exe','');
QuarantineFile('C:\WINDOWS\Temp\b28bf38.exe','');
QuarantineFile('C:\WINDOWS\Temp\b33b690.exe','');
QuarantineFile('C:\WINDOWS\Temp\b390c9b.exe','');
QuarantineFile('C:\WINDOWS\Temp\b43b2ca.exe','');
QuarantineFile('C:\WINDOWS\Temp\b47f4ff.exe','');
QuarantineFile('C:\WINDOWS\Temp\b50a4c1.exe','');
QuarantineFile('C:\WINDOWS\Temp\2c452a4.exe','');
QuarantineFile('C:\WINDOWS\Temp\2cfab9d.exe','');
QuarantineFile('C:\WINDOWS\Temp\2f9296d.exe','');
QuarantineFile('C:\WINDOWS\Temp\328276e.exe','');
QuarantineFile('C:\WINDOWS\Temp\359fcc5.exe','');
QuarantineFile('C:\WINDOWS\Temp\3784b90.exe','');
QuarantineFile('C:\WINDOWS\Temp\3939c9d.exe','');
QuarantineFile('C:\WINDOWS\Temp\e7b7c11.exe','');
QuarantineFile('C:\WINDOWS\Temp\35eb169.exe','');
QuarantineFile('C:\WINDOWS\Temp\374ccd9.exe','');
QuarantineFile('C:\WINDOWS\Temp\b0b4b7f.exe','');
QuarantineFile('C:\WINDOWS\Temp\b110cb5.exe','');
QuarantineFile('C:\WINDOWS\Temp\7550501.exe','');
QuarantineFile('C:\WINDOWS\Temp\7616d1e.exe','');
QuarantineFile('C:\WINDOWS\Temp\9cf44b7.exe','');
QuarantineFile('C:\WINDOWS\Temp\9daa004.exe','');
QuarantineFile('C:\WINDOWS\Temp\e9564b0.exe','');
QuarantineFile('C:\WINDOWS\Temp\b87dccc.exe','');
QuarantineFile('C:\WINDOWS\Temp\b87ffaf.exe','');
QuarantineFile('C:\WINDOWS\Temp\cee50ed.exe','');
QuarantineFile('C:\WINDOWS\Temp\12691de.exe','');
QuarantineFile('C:\WINDOWS\Temp\13237f0.exe','');
QuarantineFile('C:\WINDOWS\Temp\145cf0b.exe','');
QuarantineFile('C:\WINDOWS\Temp\163d5ef.exe','');
QuarantineFile('C:\WINDOWS\Temp\c981c72.exe','');
QuarantineFile('C:\WINDOWS\Temp\a283df9.exe','');
QuarantineFile('C:\WINDOWS\Temp\a2f0198.exe','');
QuarantineFile('C:\WINDOWS\Temp\20ec52a.exe','');
QuarantineFile('C:\WINDOWS\Temp\b038a8a.exe','');
QuarantineFile('C:\WINDOWS\Temp\4ccba83.exe','');
QuarantineFile('C:\WINDOWS\Temp\4cfb6b2.exe','');
QuarantineFile('C:\WINDOWS\Temp\4ddd344.exe','');
QuarantineFile('C:\WINDOWS\Temp\f7d8107.exe','');
QuarantineFile('C:\WINDOWS\Temp\f80c2c2.exe','');
QuarantineFile('C:\WINDOWS\Temp\111cb8f.exe','');
QuarantineFile('C:\WINDOWS\Temp\b12ae49.exe','');
QuarantineFile('C:\WINDOWS\Temp\b50a4c1.exe','');
QuarantineFile('C:\WINDOWS\Temp\a9e6973.exe','');
QuarantineFile('C:\WINDOWS\Temp\94323bf.exe','');
QuarantineFile('C:\WINDOWS\Temp\94d7802.exe','');
QuarantineFile('C:\WINDOWS\Temp\fb930bc.exe','');
QuarantineFile('C:\WINDOWS\Temp\e68f5a7.exe','');
QuarantineFile('C:\WINDOWS\Temp\e8a6e79.exe','');
QuarantineFile('C:\WINDOWS\Temp\eae116e.exe','');
QuarantineFile('C:\WINDOWS\Temp\eb43d6b.exe','');
QuarantineFile('C:\WINDOWS\Temp\ebb4b31.exe','');
QuarantineFile('C:\WINDOWS\Temp\dd39986.exe','');
QuarantineFile('C:\WINDOWS\Temp\f872e5b.exe','');
QuarantineFile('C:\WINDOWS\Temp\f9c3f83.exe','');
QuarantineFile('C:\WINDOWS\Temp\fb3064c.exe','');
QuarantineFile('C:\WINDOWS\Temp\b192f96.exe','');
QuarantineFile('C:\WINDOWS\Temp\b193104.exe','');
QuarantineFile('C:\WINDOWS\Temp\acecce4.exe','');
QuarantineFile('C:\WINDOWS\Temp\aec4e24.exe','');
QuarantineFile('C:\WINDOWS\Temp\a7b5313.exe','');
QuarantineFile('C:\WINDOWS\Temp\9f46111.exe','');
QuarantineFile('C:\WINDOWS\Temp\a0824e1.exe','');
QuarantineFile('C:\WINDOWS\Temp\a55a516.exe','');
QuarantineFile('C:\WINDOWS\Temp\00abde2.exe','');
QuarantineFile('C:\WINDOWS\Temp\00f6170.exe','');
QuarantineFile('C:\WINDOWS\Temp\014202c.exe','');
QuarantineFile('C:\WINDOWS\Temp\d50e761.exe','');
QuarantineFile('C:\WINDOWS\Temp\d656ce5.exe','');
QuarantineFile('C:\WINDOWS\Temp\c8c8f5f.exe','');
QuarantineFile('C:\WINDOWS\Temp\02b8942.exe','');
QuarantineFile('C:\WINDOWS\Temp\06ad0aa.exe','');
QuarantineFile('C:\WINDOWS\Temp\d47b5c1.exe','');
QuarantineFile('C:\WINDOWS\Temp\dc2c088.exe','');
QuarantineFile('C:\WINDOWS\Temp\c50a67a.exe','');
QuarantineFile('C:\WINDOWS\Temp\c5754f6.exe','');
QuarantineFile('C:\WINDOWS\Temp\c6edfa1.exe','');
QuarantineFile('C:\WINDOWS\Temp\c869a34.exe','');
DeleteFile('C:\WINDOWS\Temp\5858060.exe');
DeleteFile('C:\WINDOWS\Temp\588ca0f.exe');
DeleteFile('C:\WINDOWS\Temp\4a20357.exe');
DeleteFile('C:\WINDOWS\Temp\4a7dfd7.exe');
DeleteFile('C:\WINDOWS\Temp\13181ae.exe');
DeleteFile('C:\WINDOWS\Temp\13cdff8.exe');
DeleteFile('C:\WINDOWS\Temp\c482c89.exe');
DeleteFile('C:\WINDOWS\Temp\ba2bc14.exe');
DeleteFile('C:\WINDOWS\Temp\ba3fc89.exe');
DeleteFile('C:\WINDOWS\Temp\634112d.exe');
DeleteFile('C:\WINDOWS\Temp\63838f9.exe');
DeleteFile('C:\WINDOWS\Temp\8d35576.exe');
DeleteFile('C:\WINDOWS\Temp\8d3c574.exe');
DeleteFile('C:\WINDOWS\Temp\8d52658.exe');
DeleteFile('C:\WINDOWS\Temp\6e0c83f.exe');
DeleteFile('C:\WINDOWS\Temp\b5a3a08.exe');
DeleteFile('C:\WINDOWS\Temp\d48a990.exe');
DeleteFile('C:\WINDOWS\Temp\95e2f96.exe');
DeleteFile('C:\WINDOWS\Temp\47bec0d.exe');
DeleteFile('C:\WINDOWS\Temp\248c3de.exe');
DeleteFile('C:\WINDOWS\Temp\08c49ed.exe');
DeleteFile('C:\WINDOWS\Temp\0921206.exe');
DeleteFile('C:\WINDOWS\Temp\66bf1e2.exe');
DeleteFile('C:\WINDOWS\Temp\781431e.exe');
DeleteFile('C:\WINDOWS\Temp\9077655.exe');
DeleteFile('C:\WINDOWS\Temp\8bb14ed.exe');
DeleteFile('C:\WINDOWS\Temp\eb43d6b.exe');
DeleteFile('C:\WINDOWS\Temp\7306230.exe');
DeleteFile('C:\WINDOWS\Temp\3e3a695.exe');
DeleteFile('C:\WINDOWS\Temp\de41363.exe');
DeleteFile('C:\WINDOWS\Temp\c6edfa1.exe');
DeleteFile('C:\WINDOWS\Temp\248c3de.exe');
DeleteFile('C:\WINDOWS\Temp\e61cb3e.exe');
DeleteFile('C:\WINDOWS\Temp\7b281f4.exe');
DeleteFile('C:\WINDOWS\Temp\217660b.exe');
DeleteFile('C:\WINDOWS\Temp\34d6d95.exe');
DeleteFile('C:\WINDOWS\Temp\517bb9a.exe');
DeleteFile('C:\WINDOWS\Temp\4a22648.exe');
DeleteFile('C:\WINDOWS\Temp\4c3ac6d.exe');
DeleteFile('C:\WINDOWS\Temp\25714c4.exe');
DeleteFile('C:\WINDOWS\Temp\26b572f.exe');
DeleteFile('C:\WINDOWS\Temp\2795f70.exe');
DeleteFile('C:\WINDOWS\Temp\29e59b9.exe');
DeleteFile('C:\WINDOWS\Temp\2a17c40.exe');
DeleteFile('C:\WINDOWS\Temp\9cf44b7.exe');
DeleteFile('C:\WINDOWS\Temp\dff2720.exe');
DeleteFile('C:\WINDOWS\Temp\94d7802.exe');
DeleteFile('C:\WINDOWS\Temp\5b1f7f6.exe');
DeleteFile('C:\WINDOWS\Temp\5bad812.exe');
DeleteFile('C:\WINDOWS\Temp\9a68c4e.exe');
DeleteFile('C:\WINDOWS\Temp\dd4ed9b.exe');
DeleteFile('C:\WINDOWS\Temp\0bf0f91.exe');
DeleteFile('C:\WINDOWS\Temp\1caa92f.exe');
DeleteFile('C:\WINDOWS\Temp\2ad88d6.exe');
DeleteFile('C:\WINDOWS\Temp\39baf1b.exe');
DeleteFile('C:\WINDOWS\Temp\49a0634.exe');
DeleteFile('C:\WINDOWS\Temp\59d378d.exe');
DeleteFile('C:\WINDOWS\Temp\67c75b3.exe');
DeleteFile('C:\WINDOWS\Temp\797c72b.exe');
DeleteFile('C:\WINDOWS\Temp\89ce3d5.exe');
DeleteFile('C:\WINDOWS\Temp\a629e96.exe');
DeleteFile('C:\WINDOWS\Temp\caacaa5.exe');
DeleteFile('C:\WINDOWS\Temp\f65e3fa.exe');
DeleteFile('C:\WINDOWS\Temp\f6acd14.exe');
DeleteFile('C:\WINDOWS\Temp\f6b3a43.exe');
DeleteFile('C:\WINDOWS\Temp\781431e.exe');
DeleteFile('C:\WINDOWS\Temp\78a06ef.exe');
DeleteFile('C:\WINDOWS\Temp\8259144.exe');
DeleteFile('C:\WINDOWS\Temp\8c9955d.exe');
DeleteFile('C:\WINDOWS\Temp\8d395ee.exe');
DeleteFile('C:\WINDOWS\Temp\c5754f6.exe');
DeleteFile('C:\WINDOWS\Temp\cee50ed.exe');
DeleteFile('C:\WINDOWS\Temp\9a6c515.exe');
DeleteFile('C:\WINDOWS\Temp\9cf44b7.exe');
DeleteFile('C:\WINDOWS\Temp\5c5cf6c.exe');
DeleteFile('C:\WINDOWS\Temp\5fae173.exe');
DeleteFile('C:\WINDOWS\Temp\613195a.exe');
DeleteFile('C:\WINDOWS\Temp\739d1a7.exe');
DeleteFile('C:\WINDOWS\Temp\7493e43.exe');
DeleteFile('C:\WINDOWS\Temp\20dfd48.exe');
DeleteFile('C:\WINDOWS\Temp\211f7c2.exe');
DeleteFile('C:\WINDOWS\Temp\21f57de.exe');
DeleteFile('C:\WINDOWS\Temp\2570297.exe');
DeleteFile('C:\WINDOWS\Temp\609e1cd.exe');
DeleteFile('C:\WINDOWS\Temp\de41363.exe');
DeleteFile('C:\WINDOWS\Temp\16f7e1c.exe');
DeleteFile('C:\WINDOWS\Temp\19c9f7c.exe');
DeleteFile('C:\WINDOWS\Temp\19ce3c9.exe');
DeleteFile('C:\WINDOWS\Temp\1b5d7fc.exe');
DeleteFile('C:\WINDOWS\Temp\1c4c7ab.exe');
DeleteFile('C:\WINDOWS\Temp\1c5ef92.exe');
DeleteFile('C:\WINDOWS\Temp\7da9a74.exe');
DeleteFile('C:\WINDOWS\Temp\bab89a7.exe');
DeleteFile('C:\WINDOWS\Temp\2cb9215.exe');
DeleteFile('C:\WINDOWS\Temp\97b66d4.exe');
DeleteFile('C:\WINDOWS\Temp\37d6730.exe');
DeleteFile('C:\WINDOWS\Temp\37f3056.exe');
DeleteFile('C:\WINDOWS\Temp\388f00e.exe');
DeleteFile('C:\WINDOWS\Temp\38dceb2.exe');
DeleteFile('C:\WINDOWS\Temp\3931ac5.exe');
DeleteFile('C:\WINDOWS\Temp\e4f50ac.exe');
DeleteFile('C:\WINDOWS\Temp\bf4f85c.exe');
DeleteFile('C:\WINDOWS\Temp\bf65575.exe');
DeleteFile('C:\WINDOWS\Temp\0c323d7.exe');
DeleteFile('C:\WINDOWS\Temp\0e77174.exe');
DeleteFile('C:\WINDOWS\Temp\324a6e4.exe');
DeleteFile('C:\WINDOWS\Temp\3b6fd93.exe');
DeleteFile('C:\WINDOWS\Temp\3be1be8.exe');
DeleteFile('C:\WINDOWS\Temp\3c72d15.exe');
DeleteFile('C:\WINDOWS\Temp\84f52bd.exe');
DeleteFile('C:\WINDOWS\Temp\852f22f.exe');
DeleteFile('C:\WINDOWS\Temp\86c50f8.exe');
DeleteFile('C:\WINDOWS\Temp\88af2c7.exe');
DeleteFile('C:\WINDOWS\Temp\d88b084.exe');
DeleteFile('C:\WINDOWS\Temp\ec95650.exe');
DeleteFile('C:\WINDOWS\Temp\f327333.exe');
DeleteFile('C:\WINDOWS\Temp\f5fdc0c.exe');
DeleteFile('C:\WINDOWS\Temp\62757ec.exe');
DeleteFile('C:\WINDOWS\Temp\627736e.exe');
DeleteFile('C:\WINDOWS\Temp\62812ea.exe');
DeleteFile('C:\WINDOWS\Temp\66bf1e2.exe');
DeleteFile('C:\WINDOWS\Temp\676e343.exe');
DeleteFile('C:\WINDOWS\Temp\39b6405.exe');
DeleteFile('C:\WINDOWS\Temp\fbbf0a2.exe');
DeleteFile('C:\WINDOWS\Temp\54bd177.exe');
DeleteFile('C:\WINDOWS\Temp\4c53b09.exe');
DeleteFile('C:\WINDOWS\Temp\4ec04db.exe');
DeleteFile('C:\WINDOWS\Temp\50e7a52.exe');
DeleteFile('C:\WINDOWS\Temp\5244443.exe');
DeleteFile('C:\WINDOWS\Temp\54fd096.exe');
DeleteFile('C:\WINDOWS\Temp\573a73e.exe');
DeleteFile('C:\WINDOWS\Temp\be06e5d.exe');
DeleteFile('C:\WINDOWS\Temp\cf8a20e.exe');
DeleteFile('C:\WINDOWS\Temp\d1587f8.exe');
DeleteFile('C:\WINDOWS\Temp\e61cb3e.exe');
DeleteFile('C:\WINDOWS\Temp\899886f.exe');
DeleteFile('C:\WINDOWS\Temp\9ec3fae.exe');
DeleteFile('C:\WINDOWS\Temp\6a8aa0e.exe');
DeleteFile('C:\WINDOWS\Temp\6d8f421.exe');
DeleteFile('C:\WINDOWS\Temp\7306230.exe');
DeleteFile('C:\WINDOWS\Temp\74a8754.exe');
DeleteFile('C:\WINDOWS\Temp\7617a81.exe');
DeleteFile('C:\WINDOWS\Temp\6a59512.exe');
DeleteFile('C:\WINDOWS\Temp\f8b3b9c.exe');
DeleteFile('C:\WINDOWS\Temp\f9c1296.exe');
DeleteFile('C:\WINDOWS\Temp\0e9a3f4.exe');
DeleteFile('C:\WINDOWS\Temp\116bef8.exe');
DeleteFile('C:\WINDOWS\Temp\143cd87.exe');
DeleteFile('C:\WINDOWS\Temp\16bf665.exe');
DeleteFile('C:\WINDOWS\Temp\58a8a11.exe');
DeleteFile('C:\WINDOWS\Temp\59472f1.exe');
DeleteFile('C:\WINDOWS\Temp\d5f8696.exe');
DeleteFile('C:\WINDOWS\Temp\d656ce5.exe');
DeleteFile('C:\WINDOWS\Temp\a8b722a.exe');
DeleteFile('C:\WINDOWS\Temp\a9e6973.exe');
DeleteFile('C:\WINDOWS\Temp\aec7f5a.exe');
DeleteFile('C:\WINDOWS\Temp\8bb14ed.exe');
DeleteFile('C:\WINDOWS\Temp\8e31ce7.exe');
DeleteFile('C:\WINDOWS\Temp\908b5d0.exe');
DeleteFile('C:\WINDOWS\Temp\94323bf.exe');
DeleteFile('C:\WINDOWS\Temp\b28bf38.exe');
DeleteFile('C:\WINDOWS\Temp\b33b690.exe');
DeleteFile('C:\WINDOWS\Temp\b390c9b.exe');
DeleteFile('C:\WINDOWS\Temp\b43b2ca.exe');
DeleteFile('C:\WINDOWS\Temp\b47f4ff.exe');
DeleteFile('C:\WINDOWS\Temp\b50a4c1.exe');
DeleteFile('C:\WINDOWS\Temp\2c452a4.exe');
DeleteFile('C:\WINDOWS\Temp\2cfab9d.exe');
DeleteFile('C:\WINDOWS\Temp\2f9296d.exe');
DeleteFile('C:\WINDOWS\Temp\328276e.exe');
DeleteFile('C:\WINDOWS\Temp\359fcc5.exe');
DeleteFile('C:\WINDOWS\Temp\3784b90.exe');
DeleteFile('C:\WINDOWS\Temp\3939c9d.exe');
DeleteFile('C:\WINDOWS\Temp\e7b7c11.exe');
DeleteFile('C:\WINDOWS\Temp\35eb169.exe');
DeleteFile('C:\WINDOWS\Temp\374ccd9.exe');
DeleteFile('C:\WINDOWS\Temp\b0b4b7f.exe');
DeleteFile('C:\WINDOWS\Temp\b110cb5.exe');
DeleteFile('C:\WINDOWS\Temp\7550501.exe');
DeleteFile('C:\WINDOWS\Temp\7616d1e.exe');
DeleteFile('C:\WINDOWS\Temp\9cf44b7.exe');
DeleteFile('C:\WINDOWS\Temp\9daa004.exe');
DeleteFile('C:\WINDOWS\Temp\e9564b0.exe');
DeleteFile('C:\WINDOWS\Temp\b87dccc.exe');
DeleteFile('C:\WINDOWS\Temp\b87ffaf.exe');
DeleteFile('C:\WINDOWS\Temp\cee50ed.exe');
DeleteFile('C:\WINDOWS\Temp\12691de.exe');
DeleteFile('C:\WINDOWS\Temp\13237f0.exe');
DeleteFile('C:\WINDOWS\Temp\145cf0b.exe');
DeleteFile('C:\WINDOWS\Temp\163d5ef.exe');
DeleteFile('C:\WINDOWS\Temp\c981c72.exe');
DeleteFile('C:\WINDOWS\Temp\a283df9.exe');
DeleteFile('C:\WINDOWS\Temp\a2f0198.exe');
DeleteFile('C:\WINDOWS\Temp\20ec52a.exe');
DeleteFile('C:\WINDOWS\Temp\b038a8a.exe');
DeleteFile('C:\WINDOWS\Temp\4ccba83.exe');
DeleteFile('C:\WINDOWS\Temp\4cfb6b2.exe');
DeleteFile('C:\WINDOWS\Temp\4ddd344.exe');
DeleteFile('C:\WINDOWS\Temp\f7d8107.exe');
DeleteFile('C:\WINDOWS\Temp\f80c2c2.exe');
DeleteFile('C:\WINDOWS\Temp\111cb8f.exe');
DeleteFile('C:\WINDOWS\Temp\b12ae49.exe');
DeleteFile('C:\WINDOWS\Temp\b50a4c1.exe');
DeleteFile('C:\WINDOWS\Temp\a9e6973.exe');
DeleteFile('C:\WINDOWS\Temp\94323bf.exe');
DeleteFile('C:\WINDOWS\Temp\94d7802.exe');
DeleteFile('C:\WINDOWS\Temp\fb930bc.exe');
DeleteFile('C:\WINDOWS\Temp\e68f5a7.exe');
DeleteFile('C:\WINDOWS\Temp\e8a6e79.exe');
DeleteFile('C:\WINDOWS\Temp\eae116e.exe');
DeleteFile('C:\WINDOWS\Temp\eb43d6b.exe');
DeleteFile('C:\WINDOWS\Temp\ebb4b31.exe');
DeleteFile('C:\WINDOWS\Temp\dd39986.exe');
DeleteFile('C:\WINDOWS\Temp\f872e5b.exe');
DeleteFile('C:\WINDOWS\Temp\f9c3f83.exe');
DeleteFile('C:\WINDOWS\Temp\fb3064c.exe');
DeleteFile('C:\WINDOWS\Temp\b192f96.exe');
DeleteFile('C:\WINDOWS\Temp\b193104.exe');
DeleteFile('C:\WINDOWS\Temp\acecce4.exe');
DeleteFile('C:\WINDOWS\Temp\aec4e24.exe');
DeleteFile('C:\WINDOWS\Temp\a7b5313.exe');
DeleteFile('C:\WINDOWS\Temp\9f46111.exe');
DeleteFile('C:\WINDOWS\Temp\a0824e1.exe');
DeleteFile('C:\WINDOWS\Temp\a55a516.exe');
DeleteFile('C:\WINDOWS\Temp\00abde2.exe');
DeleteFile('C:\WINDOWS\Temp\00f6170.exe');
DeleteFile('C:\WINDOWS\Temp\014202c.exe');
DeleteFile('C:\WINDOWS\Temp\d50e761.exe');
DeleteFile('C:\WINDOWS\Temp\d656ce5.exe');
DeleteFile('C:\WINDOWS\Temp\c8c8f5f.exe');
DeleteFile('C:\WINDOWS\Temp\02b8942.exe');
DeleteFile('C:\WINDOWS\Temp\06ad0aa.exe');
DeleteFile('C:\WINDOWS\Temp\d47b5c1.exe');
DeleteFile('C:\WINDOWS\Temp\dc2c088.exe');
DeleteFile('C:\WINDOWS\Temp\c50a67a.exe');
DeleteFile('C:\WINDOWS\Temp\c5754f6.exe');
DeleteFile('C:\WINDOWS\Temp\c6edfa1.exe');
DeleteFile('C:\WINDOWS\Temp\c869a34.exe');
BC_ImportAll;
ExecuteSysClean;
ExecuteWizard('TSW', 2, 2, true);
ExecuteWizard('SCU', 2, 2, true);
RegKeyIntParamWrite('HKLM','SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer','NoDriveTypeAutoRun',221);
BC_Activate;
RebootWindows(true);
end.[/CODE]
После перезагрузки:
- выполните такой скрипт
[CODE]begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.[/CODE]
- Файл [B][COLOR="Red"]quarantine.zip[/COLOR][/B] из папки AVZ загрузите по ссылке [B][COLOR="Red"]Прислать запрошенный карантин[/COLOR][/B] вверху темы
Пролечитесь [URL="http://support.kaspersky.ru/faq/?qid=208636926"]так[/URL]
- лог работы утилиты прикрепите к сообщению
[QUOTE][B][I]По умолчанию[/I][/B] утилита выводит отчет работы в корень системного диска (диска, на котором установлена операционная система, как правило, это диск С:\).
Имя отчета имеет следующий вид: ИмяУтилиты.Версия_Дата_Время_log.txt
Например, C:\TDSSKiller.2.4.0_23.07.2010_15.31.43_log.txt[/QUOTE]
- Сделайте повторные логи по [URL="http://virusinfo.info/pravila.html"]правилам[/URL] п.2 и 3 раздела Диагностика.([COLOR="Blue"]virusinfo_syscheck.zip;hijackthis.log[/COLOR])
- Сделайте лог [URL="http://virusinfo.info/showthread.php?t=40118"][COLOR="Blue"][B]Gmer[/B][/COLOR][/URL]