тормозит комп, выскакивают порно баннеры .Помогите пожалуйста.
тормозит комп, выскакивают порно баннеры .Помогите пожалуйста.
Уважаемый(ая) coroner66, спасибо за обращение на наш форум!
Помощь в лечении комьютера на VirusInfo.Info оказывается абсолютно бесплатно. Хелперы в самое ближайшее время ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в правилах оформления запроса о помощи.
Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста поддержите проект.
acestream и связанное с ним расширение для браузеров AS Magic Player удалите
bonusberry удалите через Установку программ
Скрипты будут выданы в несколько этапов, ибо с таким количеством тушек Pirrit немудрено по ошибке снести и что-то лишнее. Просьба систему не переустанавливать из-за длительности процесса
Выполните скрипт в AVZ
Компьютер перезагрузится.Код:procedure DeleteDirectoryF(N: String); begin DeleteFileMask(N, '*', true); DeleteDirectory(N); end; begin ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.'); ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true); if not IsWOW64 then begin SearchRootkit(true, true); SetAVZGuardStatus(True); end; TerminateProcessByName('c:\windows\temp\mrtd78.tmp\stdrt.exe'); QuarantineFile('C:\Users\Olga\AppData\Local\CursorRuntimeStart\CursorRuntimeStart.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CursorPythonRemote\CursorPythonRemote.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CursorFolderTrash\CursorFolderTrash.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CursorDaemonFile\CursorDaemonFile.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CronJREThumbnail\CronJREThumbnail.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CronDLCIcon\CronDLCIcon.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CopyOSShareware\CopyOSShareware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CopyOpenRepository\CopyOpenRepository.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CopyFrozenProcess\CopyFrozenProcess.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CopyDriverTooltip\CopyDriverTooltip.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CopyDebuggerWinsock\CopyDebuggerWinsock.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ControlFunctionNet\ControlFunctionNet.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\d8c3738fe5c6376db8980bafaedd75ba\ControlDockInteractive.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ControlDebugRegister\ControlDebugRegister.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ContextualDefaultRepository\ContextualDefaultRepository.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ContextualControlProgram\ContextualControlProgram.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompileScriptSyntax\CompileScriptSyntax.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompilerTaskWiget\CompilerTaskWiget.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompilerFunctionScript\CompilerFunctionScript.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompilerFinderStart\CompilerFinderStart.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompilerEncondingProgram\CompilerEncondingProgram.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompilerDesktopNative\CompilerDesktopNative.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompilerDebugWYSIWYG\CompilerDebugWYSIWYG.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompileMinimalTooltip\CompileMinimalTooltip.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompileDriverExport\CompileDriverExport.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompileDesktopScript\CompileDesktopScript.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompileCopyRoot\CompileCopyRoot.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompileContextualOffice\CompileContextualOffice.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CompileCompilerCopy\CompileCompilerCopy.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CommandODBCRepository\CommandODBCRepository.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CommandInteractiveSyntax\CommandInteractiveSyntax.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CommandIndexMotion\CommandIndexMotion.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CommandDirectXKeyboard\CommandDirectXKeyboard.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CommandDirect3dMacro\CommandDirect3dMacro.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CommandControlRoot\CommandControlRoot.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CodecDatabaseGNU\CodecDatabaseGNU.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CodecCursorTooltip\CodecCursorTooltip.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CodecCronSnapshot\CodecCronSnapshot.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ClipboardRawRecycle\ClipboardRawRecycle.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ClipboardLogScript\ClipboardLogScript.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ClipboardIconIndex\ClipboardIconIndex.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ClipboardFirmwareFrozen\ClipboardFirmwareFrozen.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ClassOfficePerl\ClassOfficePerl.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ClassGUIKeyboard\ClassGUIKeyboard.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ClassContextualTooltip\ClassContextualTooltip.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CGIRubySyntax\CGIRubySyntax.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CGIOCRPerl\CGIOCRPerl.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CGIMetafileMinimal\CGIMetafileMinimal.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\c7613d483a70b7bff657cf57976e81a3\CGIImportThumbnail.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CGIDockWizard\CGIDockWizard.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CGIDirectXScript\CGIDirectXScript.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CGIDefaultStart\CGIDefaultStart.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CGICopyIcon\CGICopyIcon.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\CGIContextualMotion\CGIContextualMotion.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\BIOSMBRPython\BIOSMBRPython.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\BIOSIndexWindows\BIOSIndexWindows.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\BIOSDLCLog\BIOSDLCLog.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\6712a6ac76f4a65b859eac17d68f393d\BIOSDLCKeyboard.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\BackupRootSprite\BackupRootSprite.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\BackupRecycleSoftware\BackupRecycleSoftware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\BackupMetafileShareware\BackupMetafileShareware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\BackupFinderMinimal\BackupFinderMinimal.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\BackupCronRuntime\BackupCronRuntime.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\BackupClipboardIcon\BackupClipboardIcon.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ArchiveSnapshotSyntax\ArchiveSnapshotSyntax.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ArchiveMotionRegister\ArchiveMotionRegister.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ArchiveIndexText\ArchiveIndexText.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ArchiveDebuggerDriver\ArchiveDebuggerDriver.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ArchiveCronFormat\ArchiveCronFormat.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ArchiveBIOSSchema\ArchiveBIOSSchema.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\AppSharewareStart\AppSharewareStart.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ApplicationPrivacyScrolling\ApplicationPrivacyScrolling.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ApplicationNetProcess\ApplicationNetProcess.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ApplicationMySQLTrash\ApplicationMySQLTrash.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ApplicationMetafileWYSIWYG\ApplicationMetafileWYSIWYG.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ApplicationMemorySymbolic\ApplicationMemorySymbolic.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ApplicationFirmwareWiget\ApplicationFirmwareWiget.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\AppInteractiveLog\AppInteractiveLog.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\AppIndexMySQL\AppIndexMySQL.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\d0bff567014fa6c21e2963c073c7de3a\AppFAT32MySQL.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\AppDirect3dRepository\AppDirect3dRepository.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\AppDashboardSchema\AppDashboardSchema.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\APIRemoteWinsock\APIRemoteWinsock.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\APIRecycleWord\APIRecycleWord.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\APIMethodRuby\APIMethodRuby.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\APIMethodNative\APIMethodNative.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\APIGammaKernel\APIGammaKernel.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\APIDaemonFirmware\APIDaemonFirmware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\AddonSyntaxTask\AddonSyntaxTask.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\AddonMotionProcess\AddonMotionProcess.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\AddonImportSchema\AddonImportSchema.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\AddonCommandStart\AddonCommandStart.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\AddonAppMinimal\AddonAppMinimal.exe',''); QuarantineFile('C:\WINDOWS\SysWOW64\lnsecsl.exe',''); QuarantineFile('c:\program files (x86)\bonusberry\basement\extensionupdaterservice.exe',''); QuarantineFile('c:\windows\temp\mrtd78.tmp\stdrt.exe',''); QuarantineFileF('C:\Users\Olga\AppData\Local\CursorRuntimeStart', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CursorPythonRemote', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CursorFolderTrash', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CursorDaemonFile', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CronJREThumbnail', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CronDLCIcon', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CopyOSShareware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CopyOpenRepository', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CopyFrozenProcess', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CopyDriverTooltip', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CopyDebuggerWinsock', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ControlFunctionNet', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\d8c3738fe5c6376db8980bafaedd75ba', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ControlDebugRegister', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ContextualDefaultRepository', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ContextualControlProgram', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompileScriptSyntax', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompilerTaskWiget', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompilerFunctionScript', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompilerFinderStart', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompilerEncondingProgram', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompilerDesktopNative', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompilerDebugWYSIWYG', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompileMinimalTooltip', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompileDriverExport', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompileDesktopScript', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompileCopyRoot', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompileContextualOffice', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CompileCompilerCopy', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CommandODBCRepository', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CommandInteractiveSyntax', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CommandIndexMotion', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CommandDirectXKeyboard', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CommandDirect3dMacro', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CommandControlRoot', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CodecDatabaseGNU', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CodecCursorTooltip', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CodecCronSnapshot', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ClipboardRawRecycle', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ClipboardLogScript', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ClipboardIconIndex', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ClipboardFirmwareFrozen', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ClassOfficePerl', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ClassGUIKeyboard', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ClassContextualTooltip', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CGIRubySyntax', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CGIOCRPerl', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CGIMetafileMinimal', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\c7613d483a70b7bff657cf57976e81a3', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CGIDockWizard', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CGIDirectXScript', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CGIDefaultStart', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CGICopyIcon', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\CGIContextualMotion', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\BIOSMBRPython', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\BIOSIndexWindows', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\BIOSDLCLog', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\6712a6ac76f4a65b859eac17d68f393d', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\BackupRootSprite', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\BackupRecycleSoftware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\BackupMetafileShareware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\BackupFinderMinimal', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\BackupCronRuntime', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\BackupClipboardIcon', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ArchiveSnapshotSyntax', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ArchiveMotionRegister', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ArchiveIndexText', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ArchiveDebuggerDriver', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ArchiveCronFormat', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ArchiveBIOSSchema', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\AppSharewareStart', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ApplicationPrivacyScrolling', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ApplicationNetProcess', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ApplicationMySQLTrash', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ApplicationMetafileWYSIWYG', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ApplicationMemorySymbolic', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ApplicationFirmwareWiget', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\AppInteractiveLog', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\AppIndexMySQL', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\d0bff567014fa6c21e2963c073c7de3a', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\AppDirect3dRepository', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\AppDashboardSchema', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\APIRemoteWinsock', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\APIRecycleWord', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\APIMethodRuby', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\APIMethodNative', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\APIGammaKernel', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\APIDaemonFirmware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\AddonSyntaxTask', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\AddonMotionProcess', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\AddonImportSchema', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\AddonCommandStart', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\AddonAppMinimal', '*.*', true,'', 0, 0, '', ''); DeleteFile('c:\windows\temp\mrtd78.tmp\stdrt.exe','32'); DeleteFile('C:\WINDOWS\SysWOW64\lnsecsl.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\AddonAppMinimal\AddonAppMinimal.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\AddonCommandStart\AddonCommandStart.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\AddonImportSchema\AddonImportSchema.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\AddonMotionProcess\AddonMotionProcess.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\AddonSyntaxTask\AddonSyntaxTask.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\APIDaemonFirmware\APIDaemonFirmware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\APIGammaKernel\APIGammaKernel.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\APIMethodNative\APIMethodNative.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\APIMethodRuby\APIMethodRuby.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\APIRecycleWord\APIRecycleWord.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\APIRemoteWinsock\APIRemoteWinsock.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\AppDashboardSchema\AppDashboardSchema.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\AppDirect3dRepository\AppDirect3dRepository.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\d0bff567014fa6c21e2963c073c7de3a\AppFAT32MySQL.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\AppIndexMySQL\AppIndexMySQL.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\AppInteractiveLog\AppInteractiveLog.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ApplicationFirmwareWiget\ApplicationFirmwareWiget.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ApplicationMemorySymbolic\ApplicationMemorySymbolic.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ApplicationMetafileWYSIWYG\ApplicationMetafileWYSIWYG.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ApplicationMySQLTrash\ApplicationMySQLTrash.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ApplicationNetProcess\ApplicationNetProcess.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ApplicationPrivacyScrolling\ApplicationPrivacyScrolling.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\AppSharewareStart\AppSharewareStart.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ArchiveBIOSSchema\ArchiveBIOSSchema.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ArchiveCronFormat\ArchiveCronFormat.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ArchiveDebuggerDriver\ArchiveDebuggerDriver.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ArchiveIndexText\ArchiveIndexText.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ArchiveMotionRegister\ArchiveMotionRegister.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ArchiveSnapshotSyntax\ArchiveSnapshotSyntax.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\BackupClipboardIcon\BackupClipboardIcon.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\BackupCronRuntime\BackupCronRuntime.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\BackupFinderMinimal\BackupFinderMinimal.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\BackupMetafileShareware\BackupMetafileShareware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\BackupRecycleSoftware\BackupRecycleSoftware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\BackupRootSprite\BackupRootSprite.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\6712a6ac76f4a65b859eac17d68f393d\BIOSDLCKeyboard.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\BIOSDLCLog\BIOSDLCLog.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\BIOSIndexWindows\BIOSIndexWindows.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\BIOSMBRPython\BIOSMBRPython.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CGIContextualMotion\CGIContextualMotion.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CGICopyIcon\CGICopyIcon.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CGIDefaultStart\CGIDefaultStart.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CGIDirectXScript\CGIDirectXScript.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CGIDockWizard\CGIDockWizard.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\c7613d483a70b7bff657cf57976e81a3\CGIImportThumbnail.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CGIMetafileMinimal\CGIMetafileMinimal.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CGIOCRPerl\CGIOCRPerl.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CGIRubySyntax\CGIRubySyntax.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ClassContextualTooltip\ClassContextualTooltip.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ClassGUIKeyboard\ClassGUIKeyboard.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ClassOfficePerl\ClassOfficePerl.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ClipboardFirmwareFrozen\ClipboardFirmwareFrozen.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ClipboardIconIndex\ClipboardIconIndex.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ClipboardLogScript\ClipboardLogScript.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ClipboardRawRecycle\ClipboardRawRecycle.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CodecCronSnapshot\CodecCronSnapshot.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CodecCursorTooltip\CodecCursorTooltip.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CodecDatabaseGNU\CodecDatabaseGNU.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CommandControlRoot\CommandControlRoot.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CommandDirect3dMacro\CommandDirect3dMacro.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CommandDirectXKeyboard\CommandDirectXKeyboard.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CommandIndexMotion\CommandIndexMotion.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CommandInteractiveSyntax\CommandInteractiveSyntax.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CommandODBCRepository\CommandODBCRepository.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompileCompilerCopy\CompileCompilerCopy.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompileContextualOffice\CompileContextualOffice.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompileCopyRoot\CompileCopyRoot.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompileDesktopScript\CompileDesktopScript.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompileDriverExport\CompileDriverExport.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompileMinimalTooltip\CompileMinimalTooltip.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompilerDebugWYSIWYG\CompilerDebugWYSIWYG.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompilerDesktopNative\CompilerDesktopNative.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompilerEncondingProgram\CompilerEncondingProgram.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompilerFinderStart\CompilerFinderStart.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompilerFunctionScript\CompilerFunctionScript.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompilerTaskWiget\CompilerTaskWiget.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CompileScriptSyntax\CompileScriptSyntax.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ContextualControlProgram\ContextualControlProgram.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ContextualDefaultRepository\ContextualDefaultRepository.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ControlDebugRegister\ControlDebugRegister.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\d8c3738fe5c6376db8980bafaedd75ba\ControlDockInteractive.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ControlFunctionNet\ControlFunctionNet.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CopyDebuggerWinsock\CopyDebuggerWinsock.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CopyDriverTooltip\CopyDriverTooltip.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CopyFrozenProcess\CopyFrozenProcess.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CopyOpenRepository\CopyOpenRepository.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CopyOSShareware\CopyOSShareware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CronDLCIcon\CronDLCIcon.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CronJREThumbnail\CronJREThumbnail.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CursorDaemonFile\CursorDaemonFile.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CursorFolderTrash\CursorFolderTrash.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CursorPythonRemote\CursorPythonRemote.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\CursorRuntimeStart\CursorRuntimeStart.exe','32'); DeleteService('CursorRuntimeStart.exe'); DeleteService('CursorPythonRemote.exe'); DeleteService('CursorFolderTrash.exe'); DeleteService('CursorDaemonFile.exe'); DeleteService('CronJREThumbnail.exe'); DeleteService('CronDLCIcon.exe'); DeleteService('CopyOSShareware.exe'); DeleteService('CopyOpenRepository.exe'); DeleteService('CopyFrozenProcess.exe'); DeleteService('CopyDriverTooltip.exe'); DeleteService('CopyDebuggerWinsock.exe'); DeleteService('ControlFunctionNet.exe'); DeleteService('ControlDockInteractive.exe'); DeleteService('ControlDebugRegister.exe'); DeleteService('ContextualDefaultRepository.exe'); DeleteService('ContextualControlProgram.exe'); DeleteService('CompileScriptSyntax.exe'); DeleteService('CompilerTaskWiget.exe'); DeleteService('CompilerFunctionScript.exe'); DeleteService('CompilerFinderStart.exe'); DeleteService('CompilerEncondingProgram.exe'); DeleteService('CompilerDesktopNative.exe'); DeleteService('CompilerDebugWYSIWYG.exe'); DeleteService('CompileMinimalTooltip.exe'); DeleteService('CompileDriverExport.exe'); DeleteService('CompileDesktopScript.exe'); DeleteService('CompileCopyRoot.exe'); DeleteService('CompileContextualOffice.exe'); DeleteService('CompileCompilerCopy.exe'); DeleteService('CommandODBCRepository.exe'); DeleteService('CommandInteractiveSyntax.exe'); DeleteService('CommandIndexMotion.exe'); DeleteService('CommandDirectXKeyboard.exe'); DeleteService('CommandDirect3dMacro.exe'); DeleteService('CommandControlRoot.exe'); DeleteService('CodecDatabaseGNU.exe'); DeleteService('CodecCursorTooltip.exe'); DeleteService('CodecCronSnapshot.exe'); DeleteService('ClipboardRawRecycle.exe'); DeleteService('ClipboardLogScript.exe'); DeleteService('ClipboardIconIndex.exe'); DeleteService('ClipboardFirmwareFrozen.exe'); DeleteService('ClassOfficePerl.exe'); DeleteService('ClassGUIKeyboard.exe'); DeleteService('ClassContextualTooltip.exe'); DeleteService('CGIRubySyntax.exe'); DeleteService('CGIOCRPerl.exe'); DeleteService('CGIMetafileMinimal.exe'); DeleteService('CGIImportThumbnail.exe'); DeleteService('CGIDockWizard.exe'); DeleteService('CGIDirectXScript.exe'); DeleteService('CGIDefaultStart.exe'); DeleteService('CGICopyIcon.exe'); DeleteService('CGIContextualMotion.exe'); DeleteService('BIOSMBRPython.exe'); DeleteService('BIOSIndexWindows.exe'); DeleteService('BIOSDLCLog.exe'); DeleteService('BIOSDLCKeyboard.exe'); DeleteService('BackupRootSprite.exe'); DeleteService('BackupRecycleSoftware.exe'); DeleteService('BackupMetafileShareware.exe'); DeleteService('BackupFinderMinimal.exe'); DeleteService('BackupCronRuntime.exe'); DeleteService('BackupClipboardIcon.exe'); DeleteService('ArchiveSnapshotSyntax.exe'); DeleteService('ArchiveMotionRegister.exe'); DeleteService('ArchiveIndexText.exe'); DeleteService('ArchiveDebuggerDriver.exe'); DeleteService('ArchiveCronFormat.exe'); DeleteService('ArchiveBIOSSchema.exe'); DeleteService('AppSharewareStart.exe'); DeleteService('ApplicationPrivacyScrolling.exe'); DeleteService('ApplicationNetProcess.exe'); DeleteService('ApplicationMySQLTrash.exe'); DeleteService('ApplicationMetafileWYSIWYG.exe'); DeleteService('ApplicationMemorySymbolic.exe'); DeleteService('ApplicationFirmwareWiget.exe'); DeleteService('AppInteractiveLog.exe'); DeleteService('AppIndexMySQL.exe'); DeleteService('AppFAT32MySQL.exe'); DeleteService('AppDirect3dRepository.exe'); DeleteService('AppDashboardSchema.exe'); DeleteService('APIRemoteWinsock.exe'); DeleteService('APIRecycleWord.exe'); DeleteService('APIMethodRuby.exe'); DeleteService('APIMethodNative.exe'); DeleteService('APIGammaKernel.exe'); DeleteService('APIDaemonFirmware.exe'); DeleteService('Adobe Licensing Console'); DeleteService('AddonSyntaxTask.exe'); DeleteService('AddonMotionProcess.exe'); DeleteService('AddonImportSchema.exe'); DeleteService('AddonCommandStart.exe'); DeleteService('AddonAppMinimal.exe'); DeleteDirectoryF('c:\windows\temp\mrtd78.tmp'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\AddonAppMinimal'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\AddonCommandStart'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\AddonImportSchema'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\AddonMotionProcess'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\AddonSyntaxTask'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\APIDaemonFirmware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\APIGammaKernel'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\APIMethodNative'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\APIMethodRuby'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\APIRecycleWord'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\APIRemoteWinsock'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\AppDashboardSchema'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\AppDirect3dRepository'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\d0bff567014fa6c21e2963c073c7de3a'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\AppIndexMySQL'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\AppInteractiveLog'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ApplicationFirmwareWiget'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ApplicationMemorySymbolic'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ApplicationMetafileWYSIWYG'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ApplicationMySQLTrash'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ApplicationNetProcess'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ApplicationPrivacyScrolling'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\AppSharewareStart'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ArchiveBIOSSchema'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ArchiveCronFormat'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ArchiveDebuggerDriver'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ArchiveIndexText'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ArchiveSnapshotSyntax'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\BackupClipboardIcon'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\BackupCronRuntime'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\BackupFinderMinimal'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\BackupMetafileShareware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\BackupRecycleSoftware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\BackupRootSprite'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\6712a6ac76f4a65b859eac17d68f393d'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\BIOSDLCLog'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\BIOSIndexWindows'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\BIOSMBRPython'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CGIContextualMotion'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CGICopyIcon'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CGIDefaultStart'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CGIDirectXScript'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CGIDockWizard'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\c7613d483a70b7bff657cf57976e81a3'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CGIMetafileMinimal'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CGIOCRPerl'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CGIRubySyntax'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ClassContextualTooltip'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ClassGUIKeyboard'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ClassOfficePerl'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ClipboardFirmwareFrozen'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ClipboardIconIndex'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ClipboardLogScript'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ClipboardRawRecycle'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CodecCronSnapshot'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CodecCursorTooltip'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CodecDatabaseGNU'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CommandControlRoot'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CommandDirect3dMacro'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CommandDirectXKeyboard'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CommandIndexMotion'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CommandInteractiveSyntax'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CommandODBCRepository'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompileCompilerCopy'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompileContextualOffice'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompileCopyRoot'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompileDesktopScript'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompileDriverExport'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompileMinimalTooltip'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompilerDebugWYSIWYG'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompilerDesktopNative'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompilerEncondingProgram'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompilerFinderStart'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompilerFunctionScript'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompilerTaskWiget'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CompileScriptSyntax'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ContextualControlProgram'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ContextualDefaultRepository'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ControlDebugRegister'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\d8c3738fe5c6376db8980bafaedd75ba'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ControlFunctionNet'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CopyDebuggerWinsock'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CopyDriverTooltip'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CopyOpenRepository'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CopyFrozenProcess'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CopyOSShareware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CronDLCIcon'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CronJREThumbnail'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CursorDaemonFile'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CursorFolderTrash'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CursorPythonRemote'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\CursorRuntimeStart'); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(false); end.
Пришлите карантин согласно Приложения 2 правил по красной ссылке Прислать запрошенный карантин вверху темы
Сделайте новые логи
Последний раз редактировалось thyrex; 26.10.2014 в 10:39.
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
bonusberry не нашел у себя в списке программ
Все остальное выполняйте
После выполнения скрипта из сообщения №3 и отправки карантина, выполните следующий скрипт в AVZ
Компьютер перезагрузится.Код:procedure DeleteDirectoryF(N: String); begin DeleteFileMask(N, '*', true); DeleteDirectory(N); end; begin ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.'); ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true); if not IsWOW64 then begin SearchRootkit(true, true); SetAVZGuardStatus(True); end; QuarantineFile('C:\Users\Olga\AppData\Local\SoftwareSyntaxTask\SoftwareSyntaxTask.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ScreenshotSoftwareWinsock\ScreenshotSoftwareWinsock.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\RepositoryScrollingSyntax\RepositoryScrollingSyntax.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\RemoteRepositorySDK\RemoteRepositorySDK.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\RegisterScreenshotShareware\RegisterScreenshotShareware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\PythonSpriteTask\PythonSpriteTask.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\PythonRawWord\PythonRawWord.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\PublicSDKSymbolic\PublicSDKSymbolic.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\PerlSchemaUtility\PerlSchemaUtility.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\PathRawRecycle\PathRawRecycle.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\PathQuickSymbolic\PathQuickSymbolic.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\OSProgramRegister\OSProgramRegister.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\OpenRubySymbolic\OpenRubySymbolic.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ODBCRegisterSyntax\ODBCRegisterSyntax.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\OCRRegisterRuby\OCRRegisterRuby.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\OCROfficeSamba\OCROfficeSamba.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\NativeSymbolicTrash\NativeSymbolicTrash.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\NativeQuickWYSIWYG\NativeQuickWYSIWYG.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\NativeOpenRaw\NativeOpenRaw.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MotionSchemaWiget\MotionSchemaWiget.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MotionQuickWizard\MotionQuickWizard.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MotionProgramTask\MotionProgramTask.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\d0bff567014fa6c21e2963c073c7de3a\MotionProcessSyntax.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MinimalSymbolicWiget\MinimalSymbolicWiget.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MinimalSambaTooltip\MinimalSambaTooltip.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MetafileSambaSoftware\MetafileSambaSoftware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MemoryProgramWin32\MemoryProgramWin32.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MemoryProgramSymbolic\MemoryProgramSymbolic.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MemoryOpenRegister\MemoryOpenRegister.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MemoryMySQLProgram\MemoryMySQLProgram.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MBROSWindows\MBROSWindows.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MacroSoftwareStart\MacroSoftwareStart.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\MacroMinimalPath\MacroMinimalPath.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\KernelProgramQuick\KernelProgramQuick.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\JREScreenshotWin32\JREScreenshotWin32.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\JREMinimalTrash\JREMinimalTrash.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\25b890982ce4c4cafdb94d2e504d220d\JAVAMetafileProgram.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\InterpreterSDKShareware\InterpreterSDKShareware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\InterpreterMetafilePerl\InterpreterMetafilePerl.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\InterpreterMemorySnapshot\InterpreterMemorySnapshot.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\InterpreterMemoryRuby\InterpreterMemoryRuby.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\InterpreterLogPath\InterpreterLogPath.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\InteractiveScreenshotSnapshot\InteractiveScreenshotSnapshot.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\InteractiveOpenUtility\InteractiveOpenUtility.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\InteractiveMinimalWord\InteractiveMinimalWord.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\IndexWinsockWYSIWYG\IndexWinsockWYSIWYG.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\IndexRegisterSDK\IndexRegisterSDK.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\IndexOSRuntime\IndexOSRuntime.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\IndexMinimalOS\IndexMinimalOS.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\IndexJREScrolling\IndexJREScrolling.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\GUIInteractiveJRE\GUIInteractiveJRE.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\GNUMotionOS\GNUMotionOS.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\GNUIconRuntime\GNUIconRuntime.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\GammaSambaWYSIWYG\GammaSambaWYSIWYG.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\GammaOSRegister\GammaOSRegister.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\GammaMinimalRepository\GammaMinimalRepository.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\GammaMacroRegister\GammaMacroRegister.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FunctionSymbolicWiget\FunctionSymbolicWiget.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FunctionMemoryODBC\FunctionMemoryODBC.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FunctionJRERaw\FunctionJRERaw.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FrozenSharewareThumbnail\FrozenSharewareThumbnail.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FrozenRuntimeWin32\FrozenRuntimeWin32.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FrozenLogOCR\FrozenLogOCR.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FrozenJAVAPath\FrozenJAVAPath.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FrozenInteractiveMotion\FrozenInteractiveMotion.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FrozenFunctionQuick\FrozenFunctionQuick.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FormatInterpreterJRE\FormatInterpreterJRE.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FolderScreenshotWizard\FolderScreenshotWizard.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FolderOpenWindows\FolderOpenWindows.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FolderKernelRepository\FolderKernelRepository.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FolderImportKernel\FolderImportKernel.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FolderFreewareWin32\FolderFreewareWin32.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FirmwareKeyboardPython\FirmwareKeyboardPython.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FirmwareInterpreterShareware\FirmwareInterpreterShareware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FirmwareInteractiveODBC\FirmwareInteractiveODBC.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FirmwareFolderRepository\FirmwareFolderRepository.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FinderWindowsWinsock\FinderWindowsWinsock.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FirmwareFolderRecycle\FirmwareFolderRecycle.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FinderOCRSoftware\FinderOCRSoftware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FinderMotionOS\FinderMotionOS.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FinderInteractiveWin32\FinderInteractiveWin32.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FileMetafileMySQL\FileMetafileMySQL.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FileLogODBC\FileLogODBC.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\59dd441fb0c4bc5dea75f4ea8c0a995b\FileInterpreterWizard.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FileImportSDK\FileImportSDK.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\FAT32RuntimeStart\FAT32RuntimeStart.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\125340a0a7ec23c50f45f604b26e8565\FAT32MotionOCR.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ExportLogTask\ExportLogTask.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\ExportFunctionScrolling\ExportFunctionScrolling.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\EncondingGNUSprite\EncondingGNUSprite.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\EncondingFunctionSprite\EncondingFunctionSprite.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\EncondingFormatJAVA\EncondingFormatJAVA.exe',''); QuarantineFileF('C:\Users\Olga\AppData\Local\SoftwareSyntaxTask', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ScreenshotSoftwareWinsock', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\RepositoryScrollingSyntax', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\RemoteRepositorySDK', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\RegisterScreenshotShareware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\PythonSpriteTask', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\PythonRawWord', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\PublicSDKSymbolic', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\PerlSchemaUtility', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\PathRawRecycle', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\PathQuickSymbolic', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\OSProgramRegister', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\OpenRubySymbolic', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ODBCRegisterSyntax', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\OCRRegisterRuby', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\OCROfficeSamba', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\NativeSymbolicTrash', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\NativeQuickWYSIWYG', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\NativeOpenRaw', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MotionSchemaWiget', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MotionQuickWizard', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MotionProgramTask', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\d0bff567014fa6c21e2963c073c7de3a', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MinimalSymbolicWiget', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MinimalSambaTooltip', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MetafileSambaSoftware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MemoryProgramWin32', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MemoryProgramSymbolic', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MemoryOpenRegister', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MemoryMySQLProgram', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MBROSWindows', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MacroSoftwareStart', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\MacroMinimalPath', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\KernelProgramQuick', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\JREScreenshotWin32', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\JREMinimalTrash', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\25b890982ce4c4cafdb94d2e504d220d', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\InterpreterSDKShareware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\InterpreterMetafilePerl', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\InterpreterMemorySnapshot', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\InterpreterMemoryRuby', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\InterpreterLogPath', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\InteractiveScreenshotSnapshot', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\InteractiveOpenUtility', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\IndexRegisterSDK', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\InteractiveMinimalWord', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\IndexWinsockWYSIWYG', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\IndexOSRuntime', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\IndexMinimalOS', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\IndexJREScrolling', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\GUIInteractiveJRE', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\GNUMotionOS', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\GNUIconRuntime', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\GammaSambaWYSIWYG', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\GammaOSRegister', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\GammaMinimalRepository', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\GammaMacroRegister', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FunctionSymbolicWiget', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FunctionMemoryODBC', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FunctionJRERaw', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FrozenSharewareThumbnail', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FrozenRuntimeWin32', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FrozenLogOCR', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FrozenJAVAPath', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FrozenInteractiveMotion', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FrozenFunctionQuick', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FormatInterpreterJRE', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FolderScreenshotWizard', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FolderOpenWindows', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FolderKernelRepository', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FolderImportKernel', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FolderFreewareWin32', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FirmwareKeyboardPython', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FirmwareInterpreterShareware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FirmwareInteractiveODBC', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FirmwareFolderRepository', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FinderWindowsWinsock', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FirmwareFolderRecycle', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FinderOCRSoftware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FinderMotionOS', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FinderInteractiveWin32', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FileMetafileMySQL', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FileLogODBC', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\59dd441fb0c4bc5dea75f4ea8c0a995b', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FileImportSDK', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\FAT32RuntimeStart', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\125340a0a7ec23c50f45f604b26e8565', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ExportLogTask', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\ExportFunctionScrolling', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\EncondingGNUSprite', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\EncondingFunctionSprite', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\EncondingFormatJAVA', '*.*', true,'', 0, 0, '', ''); DeleteFile('C:\Users\Olga\AppData\Local\EncondingFormatJAVA\EncondingFormatJAVA.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\EncondingFunctionSprite\EncondingFunctionSprite.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\EncondingGNUSprite\EncondingGNUSprite.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ExportFunctionScrolling\ExportFunctionScrolling.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ExportLogTask\ExportLogTask.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\125340a0a7ec23c50f45f604b26e8565\FAT32MotionOCR.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FAT32RuntimeStart\FAT32RuntimeStart.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FileImportSDK\FileImportSDK.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\59dd441fb0c4bc5dea75f4ea8c0a995b\FileInterpreterWizard.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FileLogODBC\FileLogODBC.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FileMetafileMySQL\FileMetafileMySQL.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FinderInteractiveWin32\FinderInteractiveWin32.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FinderMotionOS\FinderMotionOS.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FinderOCRSoftware\FinderOCRSoftware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FinderWindowsWinsock\FinderWindowsWinsock.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FirmwareFolderRecycle\FirmwareFolderRecycle.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FirmwareFolderRepository\FirmwareFolderRepository.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FirmwareInteractiveODBC\FirmwareInteractiveODBC.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FirmwareInterpreterShareware\FirmwareInterpreterShareware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FirmwareKeyboardPython\FirmwareKeyboardPython.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FolderFreewareWin32\FolderFreewareWin32.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FolderImportKernel\FolderImportKernel.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FolderKernelRepository\FolderKernelRepository.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FolderOpenWindows\FolderOpenWindows.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FolderScreenshotWizard\FolderScreenshotWizard.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FormatInterpreterJRE\FormatInterpreterJRE.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FrozenFunctionQuick\FrozenFunctionQuick.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FrozenInteractiveMotion\FrozenInteractiveMotion.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FrozenJAVAPath\FrozenJAVAPath.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FrozenLogOCR\FrozenLogOCR.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FrozenRuntimeWin32\FrozenRuntimeWin32.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FrozenSharewareThumbnail\FrozenSharewareThumbnail.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FunctionJRERaw\FunctionJRERaw.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FunctionMemoryODBC\FunctionMemoryODBC.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\FunctionSymbolicWiget\FunctionSymbolicWiget.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\GammaMacroRegister\GammaMacroRegister.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\GammaMinimalRepository\GammaMinimalRepository.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\GammaOSRegister\GammaOSRegister.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\GammaSambaWYSIWYG\GammaSambaWYSIWYG.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\GNUIconRuntime\GNUIconRuntime.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\GNUMotionOS\GNUMotionOS.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\GUIInteractiveJRE\GUIInteractiveJRE.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\IndexJREScrolling\IndexJREScrolling.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\IndexMinimalOS\IndexMinimalOS.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\IndexOSRuntime\IndexOSRuntime.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\IndexRegisterSDK\IndexRegisterSDK.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\IndexWinsockWYSIWYG\IndexWinsockWYSIWYG.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\InteractiveMinimalWord\InteractiveMinimalWord.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\InteractiveOpenUtility\InteractiveOpenUtility.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\InteractiveScreenshotSnapshot\InteractiveScreenshotSnapshot.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\InterpreterLogPath\InterpreterLogPath.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\InterpreterMemoryRuby\InterpreterMemoryRuby.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\InterpreterMemorySnapshot\InterpreterMemorySnapshot.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\InterpreterMetafilePerl\InterpreterMetafilePerl.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\InterpreterSDKShareware\InterpreterSDKShareware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\25b890982ce4c4cafdb94d2e504d220d\JAVAMetafileProgram.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\JREMinimalTrash\JREMinimalTrash.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\JREScreenshotWin32\JREScreenshotWin32.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\KernelProgramQuick\KernelProgramQuick.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MacroMinimalPath\MacroMinimalPath.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MacroSoftwareStart\MacroSoftwareStart.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MBROSWindows\MBROSWindows.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MemoryMySQLProgram\MemoryMySQLProgram.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MemoryOpenRegister\MemoryOpenRegister.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MemoryProgramSymbolic\MemoryProgramSymbolic.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MemoryProgramWin32\MemoryProgramWin32.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MetafileSambaSoftware\MetafileSambaSoftware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MinimalSambaTooltip\MinimalSambaTooltip.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MinimalSymbolicWiget\MinimalSymbolicWiget.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\d0bff567014fa6c21e2963c073c7de3a\MotionProcessSyntax.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MotionProgramTask\MotionProgramTask.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MotionQuickWizard\MotionQuickWizard.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\MotionSchemaWiget\MotionSchemaWiget.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\NativeOpenRaw\NativeOpenRaw.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\NativeQuickWYSIWYG\NativeQuickWYSIWYG.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\NativeSymbolicTrash\NativeSymbolicTrash.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\OCROfficeSamba\OCROfficeSamba.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\OCRRegisterRuby\OCRRegisterRuby.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ODBCRegisterSyntax\ODBCRegisterSyntax.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\OpenRubySymbolic\OpenRubySymbolic.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\OSProgramRegister\OSProgramRegister.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\PathQuickSymbolic\PathQuickSymbolic.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\PathRawRecycle\PathRawRecycle.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\PerlSchemaUtility\PerlSchemaUtility.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\PublicSDKSymbolic\PublicSDKSymbolic.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\PythonRawWord\PythonRawWord.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\PythonSpriteTask\PythonSpriteTask.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\RegisterScreenshotShareware\RegisterScreenshotShareware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\RemoteRepositorySDK\RemoteRepositorySDK.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\RepositoryScrollingSyntax\RepositoryScrollingSyntax.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\ScreenshotSoftwareWinsock\ScreenshotSoftwareWinsock.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\SoftwareSyntaxTask\SoftwareSyntaxTask.exe','32'); DeleteService('SoftwareSyntaxTask.exe'); DeleteService('ScreenshotSoftwareWinsock.exe'); DeleteService('RepositoryScrollingSyntax.exe'); DeleteService('RemoteRepositorySDK.exe'); DeleteService('RegisterScreenshotShareware.exe'); DeleteService('PythonSpriteTask.exe'); DeleteService('PythonRawWord.exe'); DeleteService('PublicSDKSymbolic.exe'); DeleteService('PerlSchemaUtility.exe'); DeleteService('PathRawRecycle.exe'); DeleteService('PathQuickSymbolic.exe'); DeleteService('OSProgramRegister.exe'); DeleteService('OpenRubySymbolic.exe'); DeleteService('ODBCRegisterSyntax.exe'); DeleteService('OCRRegisterRuby.exe'); DeleteService('OCROfficeSamba.exe'); DeleteService('NativeSymbolicTrash.exe'); DeleteService('NativeQuickWYSIWYG.exe'); DeleteService('NativeOpenRaw.exe'); DeleteService('MotionSchemaWiget.exe'); DeleteService('MotionQuickWizard.exe'); DeleteService('MotionProgramTask.exe'); DeleteService('MotionProcessSyntax.exe'); DeleteService('MinimalSymbolicWiget.exe'); DeleteService('MinimalSambaTooltip.exe'); DeleteService('MetafileSambaSoftware.exe'); DeleteService('MemoryProgramWin32.exe'); DeleteService('MemoryProgramSymbolic.exe'); DeleteService('MemoryOpenRegister.exe'); DeleteService('MemoryMySQLProgram.exe'); DeleteService('MBROSWindows.exe'); DeleteService('MacroSoftwareStart.exe'); DeleteService('MacroMinimalPath.exe'); DeleteService('KernelProgramQuick.exe'); DeleteService('JREScreenshotWin32.exe'); DeleteService('JREMinimalTrash.exe'); DeleteService('JAVAMetafileProgram.exe'); DeleteService('InterpreterSDKShareware.exe'); DeleteService('InterpreterMetafilePerl.exe'); DeleteService('InterpreterMemorySnapshot.exe'); DeleteService('InterpreterMemoryRuby.exe'); DeleteService('InterpreterLogPath.exe'); DeleteService('InteractiveScreenshotSnapshot.exe'); DeleteService('InteractiveOpenUtility.exe'); DeleteService('InteractiveMinimalWord.exe'); DeleteService('IndexWinsockWYSIWYG.exe'); DeleteService('IndexRegisterSDK.exe'); DeleteService('IndexOSRuntime.exe'); DeleteService('IndexMinimalOS.exe'); DeleteService('IndexJREScrolling.exe'); DeleteService('GUIInteractiveJRE.exe'); DeleteService('GNUMotionOS.exe'); DeleteService('GNUIconRuntime.exe'); DeleteService('GammaSambaWYSIWYG.exe'); DeleteService('GammaOSRegister.exe'); DeleteService('GammaMinimalRepository.exe'); DeleteService('GammaMacroRegister.exe'); DeleteService('FunctionSymbolicWiget.exe'); DeleteService('FunctionMemoryODBC.exe'); DeleteService('FunctionJRERaw.exe'); DeleteService('FrozenSharewareThumbnail.exe'); DeleteService('FrozenRuntimeWin32.exe'); DeleteService('FrozenLogOCR.exe'); DeleteService('FrozenJAVAPath.exe'); DeleteService('FrozenInteractiveMotion.exe'); DeleteService('FrozenImportProcess.exe'); DeleteService('FrozenFunctionQuick.exe'); DeleteService('FormatInterpreterJRE.exe'); DeleteService('FolderScreenshotWizard.exe'); DeleteService('FolderOpenWindows.exe'); DeleteService('FolderKernelRepository.exe'); DeleteService('FolderImportKernel.exe'); DeleteService('FolderFreewareWin32.exe'); DeleteService('FirmwareKeyboardPython.exe'); DeleteService('FirmwareInterpreterShareware.exe'); DeleteService('FirmwareInteractiveODBC.exe'); DeleteService('FirmwareFolderRepository.exe'); DeleteService('FirmwareFolderRecycle.exe'); DeleteService('FinderWindowsWinsock.exe'); DeleteService('FinderOCRSoftware.exe'); DeleteService('FinderMotionOS.exe'); DeleteService('FinderInteractiveWin32.exe'); DeleteService('FileMetafileMySQL.exe'); DeleteService('FileLogODBC.exe'); DeleteService('FileInterpreterWizard.exe'); DeleteService('FileImportSDK.exe'); DeleteService('FAT32RuntimeStart.exe'); DeleteService('FAT32MotionOCR.exe'); DeleteService('ExportLogTask.exe'); DeleteService('ExportFunctionScrolling.exe'); DeleteService('EncondingGNUSprite.exe'); DeleteService('EncondingFunctionSprite.exe'); DeleteService('EncondingFormatJAVA.exe'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\SoftwareSyntaxTask'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ScreenshotSoftwareWinsock'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\RepositoryScrollingSyntax'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\RemoteRepositorySDK'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\RegisterScreenshotShareware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\PythonSpriteTask'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\PythonRawWord'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\PublicSDKSymbolic'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\PerlSchemaUtility'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\PathRawRecycle'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\PathQuickSymbolic'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\OSProgramRegister'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\OpenRubySymbolic'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ODBCRegisterSyntax'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\OCRRegisterRuby'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\OCROfficeSamba'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\NativeSymbolicTrash'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\NativeQuickWYSIWYG'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\NativeOpenRaw'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MotionSchemaWiget'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MotionQuickWizard'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MotionProgramTask'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\d0bff567014fa6c21e2963c073c7de3a'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MinimalSymbolicWiget'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MinimalSambaTooltip'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MetafileSambaSoftware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MemoryProgramWin32'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MemoryProgramSymbolic'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MemoryOpenRegister'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MemoryMySQLProgram'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MBROSWindows'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MacroSoftwareStart'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\MacroMinimalPath'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\KernelProgramQuick'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\JREScreenshotWin32'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\JREMinimalTrash'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\25b890982ce4c4cafdb94d2e504d220d'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\InterpreterSDKShareware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\InterpreterMetafilePerl'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\InterpreterMemorySnapshot'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\InterpreterMemoryRuby'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\InterpreterLogPath'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\InteractiveScreenshotSnapshot'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\InteractiveOpenUtility'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\InteractiveMinimalWord'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\IndexWinsockWYSIWYG'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\IndexRegisterSDK'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\IndexOSRuntime'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\IndexMinimalOS'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\IndexJREScrolling'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\GUIInteractiveJRE'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\GNUMotionOS'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\GNUIconRuntime'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\GammaSambaWYSIWYG'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\GammaOSRegister'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\GammaMinimalRepository'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\GammaMacroRegister'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FunctionSymbolicWiget'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FunctionMemoryODBC'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FunctionJRERaw'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FrozenSharewareThumbnail'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FrozenRuntimeWin32'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FrozenLogOCR'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FrozenJAVAPath'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FrozenInteractiveMotion'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FrozenFunctionQuick'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FormatInterpreterJRE'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FolderScreenshotWizard'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FolderOpenWindows'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FolderKernelRepository'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FolderImportKernel'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FolderFreewareWin32'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FirmwareKeyboardPython'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FirmwareInterpreterShareware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FirmwareInteractiveODBC'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FirmwareFolderRepository'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FinderWindowsWinsock'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FirmwareFolderRecycle'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FinderOCRSoftware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FinderMotionOS'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FinderInteractiveWin32'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FileMetafileMySQL'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FileLogODBC'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\59dd441fb0c4bc5dea75f4ea8c0a995b'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FileImportSDK'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\FAT32RuntimeStart'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\125340a0a7ec23c50f45f604b26e8565'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ExportLogTask'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\ExportFunctionScrolling'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\EncondingGNUSprite'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\EncondingFunctionSprite'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\EncondingFormatJAVA'); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(false); end.
Пришлите карантин согласно Приложения 2 правил по красной ссылке Прислать запрошенный карантин вверху темы
Сделайте новые логи
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
последний скрипт сделал , карантин вам отправил . Скажите что сделать дальше , вроде комп распедалился
Продолжаем зачистку
Выполните скрипт в AVZ
Компьютер перезагрузится.Код:procedure DeleteDirectoryF(N: String); begin DeleteFileMask(N, '*', true); DeleteDirectory(N); end; begin ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.'); ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true); if not IsWOW64 then begin SearchRootkit(true, true); SetAVZGuardStatus(True); end; QuarantineFile('C:\Users\Olga\AppData\Local\DriverScrollingWizard\DriverScrollingWizard.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DriverScriptWindows\DriverScriptWindows.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DriverQuickRuntime\DriverQuickRuntime.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DriverODBCScrolling\DriverODBCScrolling.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DriverMethodProgram\DriverMethodProgram.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DOSRubyRuntime\DOSRubyRuntime.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DOSNetWord\DOSNetWord.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DOSMotionPath\DOSMotionPath.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DOSMetafileRemote\DOSMetafileRemote.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DOSFrozenSchema\DOSFrozenSchema.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DockTrashWinsock\DockTrashWinsock.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DockGammaMotion\DockGammaMotion.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DLCOpenRemote\DLCOpenRemote.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DLCMethodPerl\DLCMethodPerl.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DLCMetafileRecycle\DLCMetafileRecycle.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DLCMetafileNative\DLCMetafileNative.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DLCInterpreterRemote\DLCInterpreterRemote.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DLCFolderSymbolic\DLCFolderSymbolic.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\Direct3dProcessSyntax\Direct3dProcessSyntax.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\Direct3dPerlUtility\Direct3dPerlUtility.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\Direct3dMotionOS\Direct3dMotionOS.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\Direct3dMinimalRuby\Direct3dMinimalRuby.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\Direct3dMemoryTooltip\Direct3dMemoryTooltip.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\Direct3dGNUMetafile\Direct3dGNUMetafile.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\Direct3dDriverEnconding\Direct3dDriverEnconding.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DesktopStartWizard\DesktopStartWizard.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DesktopSpriteStart\DesktopSpriteStart.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DesktopFinderProcess\DesktopFinderProcess.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DefaultMemoryWiget\DefaultMemoryWiget.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\4f6e12bcaa78bf3c575fc96544f30700\DefaultMacroRegister.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DebugSyntaxWinsock\DebugSyntaxWinsock.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DebugRawRepository\DebugRawRepository.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DebugQuickShareware\DebugQuickShareware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DebugPythonUtility\DebugPythonUtility.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DebugOpenPython\DebugOpenPython.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DebugODBCRepository\DebugODBCRepository.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\51fb98bfb3fe5da2820e14199813d144\DebuggerTrashWiget.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DebuggerDriverWord\DebuggerDriverWord.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DebuggerDirectXRepository\DebuggerDirectXRepository.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DebuggerDesktopShareware\DebuggerDesktopShareware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\acdc05f2f12fcf5d1910c61e9f60b8dd\DebugEncondingIcon.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DatabaseSpriteTooltip\DatabaseSpriteTooltip.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DatabaseGammaProcess\DatabaseGammaProcess.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DatabaseFunctionPython\DatabaseFunctionPython.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DatabaseDirect3dPython\DatabaseDirect3dPython.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DaemonOfficeShareware\DaemonOfficeShareware.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DaemonOCRWindows\DaemonOCRWindows.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DaemonMacroSDK\DaemonMacroSDK.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DaemonMacroScript\DaemonMacroScript.exe',''); QuarantineFile('C:\Users\Olga\AppData\Local\DaemonIconUtility\DaemonIconUtility.exe',''); QuarantineFileF('C:\Users\Olga\AppData\Local\DriverScrollingWizard', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DriverScriptWindows', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DriverQuickRuntime', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DriverODBCScrolling', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DriverMethodProgram', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DOSRubyRuntime', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DOSNetWord', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DOSMotionPath', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DOSMetafileRemote', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DOSFrozenSchema', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DockTrashWinsock', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DockGammaMotion', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DLCOpenRemote', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DLCMethodPerl', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DLCMetafileRecycle', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DLCMetafileNative', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DLCInterpreterRemote', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DLCFolderSymbolic', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\Direct3dProcessSyntax', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\Direct3dPerlUtility', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\Direct3dMotionOS', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\Direct3dMinimalRuby', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\Direct3dMemoryTooltip', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\Direct3dGNUMetafile', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\Direct3dDriverEnconding', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DesktopStartWizard', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DesktopSpriteStart', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DesktopFinderProcess', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DefaultMemoryWiget', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\4f6e12bcaa78bf3c575fc96544f30700', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DebugSyntaxWinsock', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DebugRawRepository', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DebugQuickShareware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DebugPythonUtility', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DebugOpenPython', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DebugODBCRepository', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\51fb98bfb3fe5da2820e14199813d144', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DebuggerDriverWord', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DebuggerDirectXRepository', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DebuggerDesktopShareware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\acdc05f2f12fcf5d1910c61e9f60b8dd', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DatabaseSpriteTooltip', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DatabaseGammaProcess', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DatabaseFunctionPython', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DatabaseDirect3dPython', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DaemonOfficeShareware', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DaemonOCRWindows', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DaemonMacroSDK', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DaemonMacroScript', '*.*', true,'', 0, 0, '', ''); QuarantineFileF('C:\Users\Olga\AppData\Local\DaemonIconUtility', '*.*', true,'', 0, 0, '', ''); DeleteFile('C:\Users\Olga\AppData\Local\DaemonIconUtility\DaemonIconUtility.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DaemonMacroScript\DaemonMacroScript.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DaemonMacroSDK\DaemonMacroSDK.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DaemonOCRWindows\DaemonOCRWindows.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DaemonOfficeShareware\DaemonOfficeShareware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DatabaseDirect3dPython\DatabaseDirect3dPython.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DatabaseFunctionPython\DatabaseFunctionPython.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DatabaseGammaProcess\DatabaseGammaProcess.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DatabaseSpriteTooltip\DatabaseSpriteTooltip.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\acdc05f2f12fcf5d1910c61e9f60b8dd\DebugEncondingIcon.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DebuggerDesktopShareware\DebuggerDesktopShareware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DebuggerDirectXRepository\DebuggerDirectXRepository.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DebuggerDriverWord\DebuggerDriverWord.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\51fb98bfb3fe5da2820e14199813d144\DebuggerTrashWiget.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DebugODBCRepository\DebugODBCRepository.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DebugOpenPython\DebugOpenPython.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DebugPythonUtility\DebugPythonUtility.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DebugQuickShareware\DebugQuickShareware.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DebugRawRepository\DebugRawRepository.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DebugSyntaxWinsock\DebugSyntaxWinsock.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\4f6e12bcaa78bf3c575fc96544f30700\DefaultMacroRegister.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DefaultMemoryWiget\DefaultMemoryWiget.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DesktopFinderProcess\DesktopFinderProcess.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DesktopSpriteStart\DesktopSpriteStart.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DesktopStartWizard\DesktopStartWizard.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\Direct3dDriverEnconding\Direct3dDriverEnconding.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\Direct3dGNUMetafile\Direct3dGNUMetafile.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\Direct3dMemoryTooltip\Direct3dMemoryTooltip.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\Direct3dMinimalRuby\Direct3dMinimalRuby.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\Direct3dMotionOS\Direct3dMotionOS.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\Direct3dPerlUtility\Direct3dPerlUtility.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\Direct3dProcessSyntax\Direct3dProcessSyntax.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DLCFolderSymbolic\DLCFolderSymbolic.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DLCInterpreterRemote\DLCInterpreterRemote.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DLCMetafileNative\DLCMetafileNative.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DLCMetafileRecycle\DLCMetafileRecycle.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DLCMethodPerl\DLCMethodPerl.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DLCOpenRemote\DLCOpenRemote.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DockGammaMotion\DockGammaMotion.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DockTrashWinsock\DockTrashWinsock.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DOSFrozenSchema\DOSFrozenSchema.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DOSMetafileRemote\DOSMetafileRemote.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DOSMotionPath\DOSMotionPath.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DOSNetWord\DOSNetWord.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DOSRubyRuntime\DOSRubyRuntime.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DriverMethodProgram\DriverMethodProgram.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DriverODBCScrolling\DriverODBCScrolling.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DriverQuickRuntime\DriverQuickRuntime.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DriverScriptWindows\DriverScriptWindows.exe','32'); DeleteFile('C:\Users\Olga\AppData\Local\DriverScrollingWizard\DriverScrollingWizard.exe','32'); DeleteService('DriverScrollingWizard.exe'); DeleteService('DriverScriptWindows.exe'); DeleteService('DriverQuickRuntime.exe'); DeleteService('DriverODBCScrolling.exe'); DeleteService('DriverMethodProgram.exe'); DeleteService('DOSRubyRuntime.exe'); DeleteService('DOSNetWord.exe'); DeleteService('DOSMotionPath.exe'); DeleteService('DOSMetafileRemote.exe'); DeleteService('DOSFrozenSchema.exe'); DeleteService('DockTrashWinsock.exe'); DeleteService('DockGammaMotion.exe'); DeleteService('DLCOpenRemote.exe'); DeleteService('DLCMethodPerl.exe'); DeleteService('DLCMetafileRecycle.exe'); DeleteService('DLCMetafileNative.exe'); DeleteService('DLCInterpreterRemote.exe'); DeleteService('DLCFolderSymbolic.exe'); DeleteService('Direct3dProcessSyntax.exe'); DeleteService('Direct3dPerlUtility.exe'); DeleteService('Direct3dMotionOS.exe'); DeleteService('Direct3dMinimalRuby.exe'); DeleteService('Direct3dMemoryTooltip.exe'); DeleteService('Direct3dGNUMetafile.exe'); DeleteService('Direct3dDriverEnconding.exe'); DeleteService('DesktopStartWizard.exe'); DeleteService('DesktopSpriteStart.exe'); DeleteService('DesktopFinderProcess.exe'); DeleteService('DefaultMemoryWiget.exe'); DeleteService('DefaultMacroRegister.exe'); DeleteService('DebugSyntaxWinsock.exe'); DeleteService('DebugRawRepository.exe'); DeleteService('DebugQuickShareware.exe'); DeleteService('DebugPythonUtility.exe'); DeleteService('DebugOpenPython.exe'); DeleteService('DebugODBCRepository.exe'); DeleteService('DebuggerTrashWiget.exe'); DeleteService('DebuggerDriverWord.exe'); DeleteService('DebuggerDirectXRepository.exe'); DeleteService('DebuggerDesktopShareware.exe'); DeleteService('DebugEncondingIcon.exe'); DeleteService('DatabaseSpriteTooltip.exe'); DeleteService('DatabaseGammaProcess.exe'); DeleteService('DatabaseFunctionPython.exe'); DeleteService('DatabaseDirect3dPython.exe'); DeleteService('DaemonOfficeShareware.exe'); DeleteService('DaemonOCRWindows.exe'); DeleteService('DaemonMacroSDK.exe'); DeleteService('DaemonMacroScript.exe'); DeleteService('DaemonIconUtility.exe'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DriverScrollingWizard'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DriverScriptWindows'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DriverQuickRuntime'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DriverODBCScrolling'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DriverMethodProgram'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DOSRubyRuntime'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DOSNetWord'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DOSMotionPath'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DOSMetafileRemote'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DOSFrozenSchema'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DockTrashWinsock'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DockGammaMotion'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DLCOpenRemote'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DLCMethodPerl'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DLCMetafileRecycle'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DLCMetafileNative'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DLCInterpreterRemote'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DLCFolderSymbolic'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\Direct3dProcessSyntax'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\Direct3dPerlUtility'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\Direct3dMotionOS'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\Direct3dMinimalRuby'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\Direct3dMemoryTooltip'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\Direct3dGNUMetafile'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\Direct3dDriverEnconding'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DesktopStartWizard'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DesktopSpriteStart'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DesktopFinderProcess'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DefaultMemoryWiget'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\4f6e12bcaa78bf3c575fc96544f30700'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DebugSyntaxWinsock'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DebugRawRepository'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DebugQuickShareware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DebugPythonUtility'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DebugOpenPython'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DebugODBCRepository'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\51fb98bfb3fe5da2820e14199813d144'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DebuggerDriverWord'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DebuggerDirectXRepository'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DebuggerDesktopShareware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\acdc05f2f12fcf5d1910c61e9f60b8dd'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DatabaseSpriteTooltip'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DatabaseGammaProcess'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DatabaseFunctionPython'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DatabaseDirect3dPython'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DaemonOfficeShareware'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DaemonOCRWindows'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DaemonMacroSDK'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DaemonMacroScript'); DeleteDirectoryF('C:\Users\Olga\AppData\Local\DaemonIconUtility'); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(false); end.
Пришлите карантин согласно Приложения 2 правил по красной ссылке Прислать запрошенный карантин вверху темы
Сделайте новые логи
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
карантин отправил
Вы шлете не карантин, а лог после выполнения скрипта №8 (или №9)
Новые логи где?
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
а да , да да да
вот и логи
Почему проигнорировали?
Выполните скрипт в AVZ
Компьютер перезагрузится.Код:begin ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.'); ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true); if not IsWOW64 then begin SearchRootkit(true, true); SetAVZGuardStatus(True); end; QuarantineFile('C:\Users\Olga\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE',''); QuarantineFile('C:\WINDOWS\system32\drivers\ssnfd.sys',''); DeleteService('ssnfd'); DeleteService('RgFltX64'); QuarantineFile('C:\Users\Olga\AppData\Local\CompileSyntaxWiget\RgFltX64.sys',''); QuarantineFile('c:\program files (x86)\bonusberry\basement\extensionupdaterservice.exe',''); DeleteFile('C:\Users\Olga\AppData\Local\CompileSyntaxWiget\RgFltX64.sys','32'); DeleteFile('C:\WINDOWS\system32\drivers\ssnfd.sys','32'); DeleteFile('C:\Users\Olga\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE','32'); DeleteFile('C:\WINDOWS\system32\Tasks\UpdaterEX.job','64'); DeleteFile('C:\WINDOWS\system32\Tasks\UpdaterEX','64'); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(false); end.
Пришлите карантин согласно Приложения 2 правил по красной ссылке Прислать запрошенный карантин вверху темы
Сделайте новые логи
Сделайте лог полного сканирования МВАМ
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
Почему проигнорировали?
я не проигнорировал, acestream и связанное с ним расширение для браузеров AS Magic Player я удалил
bonusberry удалите через Установку программ , я не могу прогу найти в установке программ , в ручную она не сносится
Ждем лог МВАМ + сделайте логи RSIT
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
карантин выслал
Где второй из логов RSIT?
Поместите в карантин МВАМ все найденное
удалитеC:\iexplore.bat
C:\Launcher.bat
C:\Users\Olga\AppData\Roaming\ACEStream
C:\Users\Olga\AppData\Roaming\.ACEStream
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
посмотрите
Логи в порядке
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
огромное вам спасибо . спасли
Удалите МВАМ
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
Уважаемый(ая) coroner66, наши специалисты оказали Вам всю возможную помощь по вашему обращению.
В целях поддержания безопасности вашего компьютера настоятельно рекомендуем:
Чтобы всегда быть в курсе актуальных угроз в области информационной безопасности и сохранять свой компьютер защищенным, рекомендуем следить за последними новостями ИТ-сферы портала Anti-Malware.ru:
Надеемся больше никогда не увидеть ваш компьютер зараженным!
Если Вас не затруднит, пополните пожалуйста нашу базу безопасных файлов.