Просьба посмотреть логи

**MichaNICK** · 06.04.2014, 11:35

Посмотрите пожалуйста логи, "тормозят" интернет браузеры

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**Info_bot** · 06.04.2014, 11:36

Уважаемый(ая) MichaNICK, спасибо за обращение на наш форум!

Помощь в лечении комьютера на VirusInfo.Info оказывается абсолютно бесплатно. Хелперы, в самое ближайшее время, ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в правилах оформления запроса о помощи.

Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста поддержите проект.

**thyrex** · 06.04.2014, 12:02

Так, будем чистить по частям, чтобы пост не разрастался в простыню

Выполните скрипт в AVZ

Код:

begin
BC_DeleteSvc('abzccmhg');
 BC_DeleteSvc('adscljeh');
 BC_DeleteSvc('afmttmxw');
 BC_DeleteSvc('ajlbrkwz');
 BC_DeleteSvc('ajusofoy');
 BC_DeleteSvc('aklfftzu');
 BC_DeleteSvc('amoojkmn');
 BC_DeleteSvc('apvvghbl');
 BC_DeleteSvc('apwavypu');
 BC_DeleteSvc('arcvxdin');
 BC_DeleteSvc('aulpzkkf');
 BC_DeleteSvc('auycwljp');
 BC_DeleteSvc('axmyazli');
 BC_DeleteSvc('aysfotae');
 BC_DeleteSvc('bbdpzpml');
 BC_DeleteSvc('bbprvofp');
 BC_DeleteSvc('binudsra');
 BC_DeleteSvc('bnckokfp');
 BC_DeleteSvc('bpbgdshr');
 BC_DeleteSvc('bqrxaxhg');
 BC_DeleteSvc('bvhtvuvt');
 BC_DeleteSvc('bykojkyn');
 BC_DeleteSvc('cbhmtsvz');
 BC_DeleteSvc('cccyqtan');
 BC_DeleteSvc('cdpcmcrc');
 BC_DeleteSvc('cfhjzhui');
 BC_DeleteSvc('ckefqblo');
 BC_DeleteSvc('cmfpfjrc');
 BC_DeleteSvc('cmkbatey');
 BC_DeleteSvc('cmkvqsby');
 BC_DeleteSvc('cqcmyelb');
 BC_DeleteSvc('cqfezivf');
 BC_DeleteSvc('csbmzanj');
 BC_DeleteSvc('csqwaxfu');
 BC_DeleteSvc('ctagdppr');
 BC_DeleteSvc('cyejgevc');
 BC_DeleteSvc('czhwtiot');
 BC_DeleteSvc('daffkird');
 BC_DeleteSvc('damdhwlq');
 BC_DeleteSvc('dedzyvbj');
 BC_DeleteSvc('dkcjjtbu');
 BC_DeleteSvc('dklcbtkb');
 BC_DeleteSvc('djjqfafn');
 BC_DeleteSvc('dmwllncj');
 BC_DeleteSvc('drmhmvew');
 BC_DeleteSvc('dslveikd');
 BC_DeleteSvc('dwpskgzm');
 BC_DeleteSvc('dxkejkkw');
 BC_DeleteSvc('eaokhorv');
 BC_DeleteSvc('efvybexs');
 BC_DeleteSvc('emxhphlf');
 BC_DeleteSvc('endwvark');
 BC_DeleteSvc('eosockhv');
 BC_DeleteSvc('eoxzdmyv');
 BC_DeleteSvc('eqtvwimy');
 BC_DeleteSvc('esjpvrir');
 BC_DeleteSvc('etfesdkj');
 BC_DeleteSvc('evijtulx');
 BC_DeleteSvc('ezgonvgj');
 BC_DeleteSvc('fahipqcn');
 BC_DeleteSvc('fanhgogc');
 BC_DeleteSvc('fgwbwqia');
 BC_DeleteSvc('fikyyoyy');
 BC_DeleteSvc('fjpfurzm');
 BC_DeleteSvc('fnntqnvd');
 BC_DeleteSvc('frhdubrf');
 BC_DeleteSvc('ftabohjb');
 BC_DeleteSvc('ftaehkto');
 BC_DeleteSvc('fuglbgir');
 BC_DeleteSvc('fvfsctwg');
 BC_DeleteSvc('gahmzpym');
 BC_DeleteSvc('gamgziwv');
 BC_DeleteSvc('gaspsjlo');
 BC_DeleteSvc('gatgesbc');
 BC_DeleteSvc('gidrtbdo');
 BC_DeleteSvc('giycmaet');
 BC_DeleteSvc('gjapxhgz');
 BC_DeleteSvc('gjeajkmk');
 BC_DeleteSvc('gjorxjwt');
 BC_DeleteSvc('gkzdggrz');
 BC_DeleteSvc('gnlgoeur');
 BC_DeleteSvc('gouadspr');
 BC_DeleteSvc('gqbyrrcz');
 BC_DeleteSvc('gqlzkgjo');
 BC_DeleteSvc('gwduqmpm');
 BC_DeleteSvc('gwwilfkj');
 BC_DeleteSvc('hgqfklcv');
 BC_DeleteSvc('hgykchgx');
 BC_DeleteSvc('hpxamkmr');
 BC_DeleteSvc('hqqfluri');
 BC_DeleteSvc('hywmpgky');
 BC_DeleteSvc('ibowllbc');
 BC_DeleteSvc('iduewzoy');
 BC_DeleteSvc('ifqufiwg');
 BC_DeleteSvc('ifuzewlh');
 BC_DeleteSvc('iheiybzc');
 BC_DeleteSvc('ijlfpjzc');
 BC_DeleteSvc('ikbuqzkn');
 BC_DeleteSvc('imatcekc');
 BC_DeleteSvc('inqoxpmo');
 BC_DeleteSvc('inwyvqxp');
 BC_DeleteSvc('inxrgsls');
 BC_DeleteSvc('iqdayljd');
 BC_DeleteSvc('iqxkwzco');
 BC_DeleteSvc('iqyztofw');
 BC_DeleteSvc('irguzxlx');
 BC_DeleteSvc('itmbjwnj');
 BC_DeleteSvc('iythbxbn');
 BC_DeleteSvc('izbjiymj');
 BC_DeleteSvc('jbrrjair');
 BC_DeleteSvc('jdhkqvwp');
 BC_DeleteSvc('jfkoqtmf');
 BC_DeleteSvc('jkqtlpya');
 BC_DeleteSvc('jnvpusxy');
 BC_DeleteSvc('jnyjojmc');
 BC_DeleteSvc('johulpkn');
 BC_DeleteSvc('jomgmlde');
 BC_DeleteSvc('jovaqogd');
 BC_DeleteSvc('jqmwuope');
 BC_DeleteSvc('kbjyjcqj');
 BC_DeleteSvc('kedgqpbt');
 BC_DeleteSvc('klvtacha');
 BC_DeleteSvc('knpjgpjr');
 BC_DeleteSvc('konekayr');
 BC_DeleteSvc('kpcqinke');
 BC_DeleteSvc('kpipyxls');
 BC_DeleteSvc('krfkesyy');
 BC_DeleteSvc('krqzzewc');
 BC_DeleteSvc('lbmmurjj');
 BC_DeleteSvc('ldvaudir');
 BC_DeleteSvc('lfboavsu');
 BC_DeleteSvc('lhusbtbp');
 BC_DeleteSvc('llfxqddh');
 BC_DeleteSvc('lnakvltv');
 BC_DeleteSvc('locbdthr');
 BC_DeleteSvc('loodfcze');
 BC_DeleteSvc('lralsrgb');
 BC_DeleteSvc('lxgdlrod');
 BC_DeleteSvc('mfzvvspf');
 BC_DeleteSvc('mkvrclxj');
 BC_DeleteSvc('mkwmnqcb');
 BC_DeleteSvc('mlspbcmz');
 BC_DeleteSvc('mmadskce');
 BC_DeleteSvc('mmytvqsf');
 BC_DeleteSvc('mmztrbmy');
 BC_DeleteSvc('mnskohol');
 BC_DeleteSvc('mokurhld');
 BC_DeleteSvc('moxhtesc');
 BC_DeleteSvc('mppdnhcp');
 BC_DeleteSvc('mraiqcwj');
 BC_DeleteSvc('mtocavon');
 BC_DeleteSvc('mvjbcbzc');
 BC_DeleteSvc('mwacyvgs');
 BC_DeleteSvc('mwlpwvid');
 BC_DeleteSvc('mwwovvrb');
 BC_DeleteSvc('myhnljqq');
 BC_DeleteSvc('mzrdpvpw');
 BC_DeleteSvc('nalbsnwc');
 BC_DeleteSvc('natptplv');
 BC_DeleteSvc('nazfgwfd');
 BC_DeleteSvc('netfhvye');
 BC_DeleteSvc('nfragwip');
 BC_DeleteSvc('niftdllj');
 BC_DeleteSvc('nitzvjup');
 BC_DeleteSvc('nkfoiotc');
 BC_DeleteSvc('nkkiehny');
 BC_DeleteSvc('nlunbgcs');
 BC_DeleteSvc('nodgtfxa');
 BC_DeleteSvc('nqdcqfwe');
 BC_DeleteSvc('nqnwlnfq');
 BC_DeleteSvc('nrzdiqmm');
 BC_DeleteSvc('nsmbcyat');
 BC_DeleteSvc('nuvjzruh');
 BC_DeleteSvc('nvnvekvc');
 BC_DeleteSvc('nwlcohqa');
 BC_DeleteSvc('nxqwnvbp');
 BC_DeleteSvc('nzqiiagz');
BC_Activate;
RebootWindows(false);
end.

Компьютер перезагрузится.

Сделайте новый лог virusinfo_syscheck.zip

**MichaNICK** · 06.04.2014, 12:19

Скрипт сделал. Прикладываю новый лог

**thyrex** · 06.04.2014, 12:48

Не увидел, что у Вас Win 7, потому BC не сработал

Дубль 2

Выполните скрипт в AVZ

Код:

begin
DeleteService('jqmwuope');
 DeleteService('jovaqogd');
 DeleteService('jomgmlde');
 DeleteService('johulpkn');
 DeleteService('jnyjojmc');
 DeleteService('jnvpusxy');
 DeleteService('jkqtlpya');
 DeleteService('jfkoqtmf');
 DeleteService('jdhkqvwp');
 DeleteService('izbjiymj');
 DeleteService('iythbxbn');
 DeleteService('itmbjwnj');
 DeleteService('irguzxlx');
 DeleteService('iqyztofw');
 DeleteService('iqxkwzco');
 DeleteService('iqdayljd');
 DeleteService('ipnnqylr');
 DeleteService('inxrgsls');
 DeleteService('inwyvqxp');
 DeleteService('inqoxpmo');
 DeleteService('imatcekc');
 DeleteService('ikbuqzkn');
 DeleteService('ijlfpjzc');
 DeleteService('iheiybzc');
 DeleteService('ifuzewlh');
 DeleteService('ifqufiwg');
 DeleteService('iduewzoy');
 DeleteService('ibowllbc');
 DeleteService('hydxhfvt');
 DeleteService('hywmpgky');
 DeleteService('hqqfluri');
 DeleteService('hpxamkmr');
 DeleteService('hgykchgx');
 DeleteService('hgqfklcv');
 DeleteService('gwwilfkj');
 DeleteService('gwduqmpm');
 DeleteService('gqlzkgjo');
 DeleteService('gqbyrrcz');
 DeleteService('gouadspr');
 DeleteService('gnlgoeur');
 DeleteService('gkzdggrz');
 DeleteService('gjorxjwt');
 DeleteService('gjeajkmk');
 DeleteService('gjapxhgz');
 DeleteService('giycmaet');
 DeleteService('gidrtbdo');
 DeleteService('gatgesbc');
 DeleteService('gaspsjlo');
 DeleteService('gamgziwv');
 DeleteService('gahmzpym');
 DeleteService('fvfsctwg');
 DeleteService('fuglbgir');
 DeleteService('ftaehkto');
 DeleteService('ftabohjb');
 DeleteService('frhdubrf');
 DeleteService('fnntqnvd');
 DeleteService('fjpfurzm');
 DeleteService('fikyyoyy');
 DeleteService('fgwbwqia');
 DeleteService('fanhgogc');
 DeleteService('fahipqcn');
 DeleteService('ezgonvgj');
 DeleteService('evijtulx');
 DeleteService('etfesdkj');
 DeleteService('esjpvrir');
 DeleteService('eqtvwimy');
 DeleteService('eoxzdmyv');
 DeleteService('eosockhv');
 DeleteService('endwvark');
 DeleteService('emxhphlf');
 DeleteService('efvybexs');
 DeleteService('eaokhorv');
 DeleteService('dxkejkkw');
 DeleteService('dwpskgzm');
 DeleteService('dslveikd');
 DeleteService('drmhmvew');
 DeleteService('dmwllncj');
 DeleteService('dklcbtkb');
 DeleteService('dkcjjtbu');
 DeleteService('djjqfafn');
 DeleteService('dedzyvbj');
 DeleteService('damdhwlq');
 DeleteService('daffkird');
 DeleteService('czhwtiot');
 DeleteService('cyejgevc');
 DeleteService('ctagdppr');
 DeleteService('cszlvknn');
 DeleteService('csqwaxfu');
 DeleteService('csbmzanj');
 DeleteService('cqfezivf');
 DeleteService('cqcmyelb');
 DeleteService('cmkvqsby');
 DeleteService('cmkbatey');
 DeleteService('cmfpfjrc');
 DeleteService('ckefqblo');
 DeleteService('cfhjzhui');
 DeleteService('cdpcmcrc');
 DeleteService('cccyqtan');
 DeleteService('cbhmtsvz');
 DeleteService('bykojkyn');
 DeleteService('bvhtvuvt');
 DeleteService('bqrxaxhg');
 DeleteService('bpbgdshr');
 DeleteService('bnckokfp');
 DeleteService('binudsra');
 DeleteService('bdypoiqu');
 DeleteService('bbprvofp');
 DeleteService('bbdpzpml');
 DeleteService('aysfotae');
 DeleteService('axmyazli');
 DeleteService('auycwljp');
 DeleteService('aulpzkkf');
 DeleteService('arcvxdin');
 DeleteService('apwavypu');
 DeleteService('apvvghbl');
 DeleteService('amoojkmn');
 DeleteService('aklfftzu');
 DeleteService('ajusofoy');
 DeleteService('ajlbrkwz');
 DeleteService('afmttmxw');
 DeleteService('adscljeh');
 DeleteService('abzccmhg');
 DeleteFile('C:\windows\system32\drivers\abzccmhg.sys','32');
 DeleteFile('C:\windows\system32\drivers\adscljeh.sys','32');
 DeleteFile('C:\windows\system32\drivers\afmttmxw.sys','32');
 DeleteFile('C:\windows\system32\drivers\ajlbrkwz.sys','32');
 DeleteFile('C:\windows\system32\drivers\ajusofoy.sys','32');
 DeleteFile('C:\windows\system32\drivers\amoojkmn.sys','32');
 DeleteFile('C:\windows\system32\drivers\apvvghbl.sys','32');
 DeleteFile('C:\windows\system32\drivers\apwavypu.sys','32');
 DeleteFile('C:\windows\system32\drivers\arcvxdin.sys','32');
 DeleteFile('C:\windows\system32\drivers\aulpzkkf.sys','32');
 DeleteFile('C:\windows\system32\drivers\auycwljp.sys','32');
 DeleteFile('C:\windows\system32\drivers\axmyazli.sys','32');
 DeleteFile('C:\windows\system32\drivers\aysfotae.sys','32');
 DeleteFile('C:\windows\system32\drivers\bbdpzpml.sys','32');
 DeleteFile('C:\windows\system32\drivers\bbprvofp.sys','32');
 DeleteFile('C:\windows\system32\drivers\bdypoiqu.sys','32');
 DeleteFile('C:\windows\system32\drivers\binudsra.sys','32');
 DeleteFile('C:\windows\system32\drivers\bnckokfp.sys','32');
 DeleteFile('C:\windows\system32\drivers\bpbgdshr.sys','32');
 DeleteFile('C:\windows\system32\drivers\bqrxaxhg.sys','32');
 DeleteFile('C:\windows\system32\drivers\bvhtvuvt.sys','32');
 DeleteFile('C:\windows\system32\drivers\bykojkyn.sys','32');
 DeleteFile('C:\windows\system32\drivers\cbhmtsvz.sys','32');
 DeleteFile('C:\windows\system32\drivers\cccyqtan.sys','32');
 DeleteFile('C:\windows\system32\drivers\cdpcmcrc.sys','32');
 DeleteFile('C:\windows\system32\drivers\cfhjzhui.sys','32');
 DeleteFile('C:\windows\system32\drivers\ckefqblo.sys','32');
 DeleteFile('C:\windows\system32\drivers\cmfpfjrc.sys','32');
 DeleteFile('C:\windows\system32\drivers\cmkbatey.sys','32');
 DeleteFile('C:\windows\system32\drivers\cmkvqsby.sys','32');
 DeleteFile('C:\windows\system32\drivers\cqcmyelb.sys','32');
 DeleteFile('C:\windows\system32\drivers\cqfezivf.sys','32');
 DeleteFile('C:\windows\system32\drivers\csbmzanj.sys','32');
 DeleteFile('C:\windows\system32\drivers\csqwaxfu.sys','32');
 DeleteFile('C:\windows\system32\drivers\cszlvknn.sys','32');
 DeleteFile('C:\windows\system32\drivers\ctagdppr.sys','32');
 DeleteFile('C:\windows\system32\drivers\cyejgevc.sys','32');
 DeleteFile('C:\windows\system32\drivers\daffkird.sys','32');
 DeleteFile('C:\windows\system32\drivers\damdhwlq.sys','32');
 DeleteFile('C:\windows\system32\drivers\dedzyvbj.sys','32');
 DeleteFile('C:\windows\system32\drivers\djjqfafn.sys','32');
 DeleteFile('C:\windows\system32\drivers\dkcjjtbu.sys','32');
 DeleteFile('C:\windows\system32\drivers\dklcbtkb.sys','32');
 DeleteFile('C:\windows\system32\drivers\dmwllncj.sys','32');
 DeleteFile('C:\windows\system32\drivers\drmhmvew.sys','32');
 DeleteFile('C:\windows\system32\drivers\dslveikd.sys','32');
 DeleteFile('C:\windows\system32\drivers\dwpskgzm.sys','32');
 DeleteFile('C:\windows\system32\drivers\dxkejkkw.sys','32');
 DeleteFile('C:\windows\system32\drivers\eaokhorv.sys','32');
 DeleteFile('C:\windows\system32\drivers\efvybexs.sys','32');
 DeleteFile('C:\windows\system32\drivers\emxhphlf.sys','32');
 DeleteFile('C:\windows\system32\drivers\endwvark.sys','32');
 DeleteFile('C:\windows\system32\drivers\eoxzdmyv.sys','32');
 DeleteFile('C:\windows\system32\drivers\esjpvrir.sys','32');
 DeleteFile('C:\windows\system32\drivers\etfesdkj.sys','32');
 DeleteFile('C:\windows\system32\drivers\evijtulx.sys','32');
 DeleteFile('C:\windows\system32\drivers\ezgonvgj.sys','32');
 DeleteFile('C:\windows\system32\drivers\fahipqcn.sys','32');
 DeleteFile('C:\windows\system32\drivers\fgwbwqia.sys','32');
 DeleteFile('C:\windows\system32\drivers\fikyyoyy.sys','32');
 DeleteFile('C:\windows\system32\drivers\fjpfurzm.sys','32');
 DeleteFile('C:\windows\system32\drivers\fnntqnvd.sys','32');
 DeleteFile('C:\windows\system32\drivers\frhdubrf.sys','32');
 DeleteFile('C:\windows\system32\drivers\ftabohjb.sys','32');
 DeleteFile('C:\windows\system32\drivers\ftaehkto.sys','32');
 DeleteFile('C:\windows\system32\drivers\fuglbgir.sys','32');
 DeleteFile('C:\windows\system32\drivers\fvfsctwg.sys','32');
 DeleteFile('C:\windows\system32\drivers\gahmzpym.sys','32');
 DeleteFile('C:\windows\system32\drivers\gamgziwv.sys','32');
 DeleteFile('C:\windows\system32\drivers\gaspsjlo.sys','32');
 DeleteFile('C:\windows\system32\drivers\gatgesbc.sys','32');
 DeleteFile('C:\windows\system32\drivers\gidrtbdo.sys','32');
 DeleteFile('C:\windows\system32\drivers\giycmaet.sys','32');
 DeleteFile('C:\windows\system32\drivers\gjeajkmk.sys','32');
 DeleteFile('C:\windows\system32\drivers\gjorxjwt.sys','32');
 DeleteFile('C:\windows\system32\drivers\gkzdggrz.sys','32');
 DeleteFile('C:\windows\system32\drivers\gnlgoeur.sys','32');
 DeleteFile('C:\windows\system32\drivers\gouadspr.sys','32');
 DeleteFile('C:\windows\system32\drivers\gqbyrrcz.sys','32');
 DeleteFile('C:\windows\system32\drivers\gqlzkgjo.sys','32');
 DeleteFile('C:\windows\system32\drivers\gwduqmpm.sys','32');
 DeleteFile('C:\windows\system32\drivers\gwwilfkj.sys','32');
 DeleteFile('C:\windows\system32\drivers\hgqfklcv.sys','32');
 DeleteFile('C:\windows\system32\drivers\hgykchgx.sys','32');
 DeleteFile('C:\windows\system32\drivers\hpxamkmr.sys','32');
 DeleteFile('C:\windows\system32\drivers\hqqfluri.sys','32');
 DeleteFile('C:\windows\system32\drivers\hydxhfvt.sys','32');
 DeleteFile('C:\windows\system32\drivers\hywmpgky.sys','32');
 DeleteFile('C:\windows\system32\drivers\ibowllbc.sys','32');
 DeleteFile('C:\windows\system32\drivers\iduewzoy.sys','32');
 DeleteFile('C:\windows\system32\drivers\ifqufiwg.sys','32');
 DeleteFile('C:\windows\system32\drivers\ifuzewlh.sys','32');
 DeleteFile('C:\windows\system32\drivers\ijlfpjzc.sys','32');
 DeleteFile('C:\windows\system32\drivers\ikbuqzkn.sys','32');
 DeleteFile('C:\windows\system32\drivers\imatcekc.sys','32');
 DeleteFile('C:\windows\system32\drivers\inqoxpmo.sys','32');
 DeleteFile('C:\windows\system32\drivers\inxrgsls.sys','32');
 DeleteFile('C:\windows\system32\drivers\ipnnqylr.sys','32');
 DeleteFile('C:\windows\system32\drivers\iqdayljd.sys','32');
 DeleteFile('C:\windows\system32\drivers\iqxkwzco.sys','32');
 DeleteFile('C:\windows\system32\drivers\iqyztofw.sys','32');
 DeleteFile('C:\windows\system32\drivers\irguzxlx.sys','32');
 DeleteFile('C:\windows\system32\drivers\itmbjwnj.sys','32');
 DeleteFile('C:\windows\system32\drivers\iythbxbn.sys','32');
 DeleteFile('C:\windows\system32\drivers\izbjiymj.sys','32');
 DeleteFile('C:\windows\system32\drivers\jbrrjair.sys','32');
 DeleteFile('C:\windows\system32\drivers\jdhkqvwp.sys','32');
 DeleteFile('C:\windows\system32\drivers\jfkoqtmf.sys','32');
 DeleteFile('C:\windows\system32\drivers\jkqtlpya.sys','32');
 DeleteFile('C:\windows\system32\drivers\jnvpusxy.sys','32');
 DeleteFile('C:\windows\system32\drivers\jnyjojmc.sys','32');
 DeleteFile('C:\windows\system32\drivers\jomgmlde.sys','32');
 DeleteFile('C:\windows\system32\drivers\jovaqogd.sys','32');
 DeleteFile('C:\windows\system32\drivers\jqmwuope.sys','32');
ExecuteSysClean;
RebootWindows(false);
end.

Компьютер перезагрузится.

Сделайте новый лог

**MichaNICK** · 06.04.2014, 16:40

Скрипт выполнен. Лог новый прилагаю

**thyrex** · 06.04.2014, 16:55

Вторая часть, после еще раз придется

Выполните скрипт в AVZ

Код:

begin
 DeleteService('raqsxpux');
 DeleteService('qyoyusfa');
 DeleteService('qxosopnf');
 DeleteService('qslqkcih');
 DeleteService('qqcxmgbq');
 DeleteService('qmcbbeez');
 DeleteService('qlslcyhq');
 DeleteService('qlfftbil');
 DeleteService('qiljauuo');
 DeleteService('qfvvzero');
 DeleteService('qfacanup');
 DeleteService('pzncatle');
 DeleteService('pyxiaaim');
 DeleteService('pxquwqng');
 DeleteService('prnekewi');
 DeleteService('pqjaqofv');
 DeleteService('pmvsgrqn');
 DeleteService('pmkijlji');
 DeleteService('pmdoqapj');
 DeleteService('pknlnimc');
 DeleteService('phozzybz');
 DeleteService('pgpaeqzj');
 DeleteService('peupxcim');
 DeleteService('patsmntd');
 DeleteService('oujrorpf');
 DeleteService('oqpjthcx');
 DeleteService('olnuhhiu');
 DeleteService('ojcdggpm');
 DeleteService('oeazuqne');
 DeleteService('ocmlrdrx');
 DeleteService('oadkebnj');
 DeleteService('nzqiiagz');
 DeleteService('nxqwnvbp');
 DeleteService('nwlcohqa');
 DeleteService('nvnvekvc');
 DeleteService('nuvjzruh');
 DeleteService('nsmbcyat');
 DeleteService('nrzdiqmm');
 DeleteService('nqnwlnfq');
 DeleteService('nqdcqfwe');
 DeleteService('nodgtfxa');
 DeleteService('nlunbgcs');
 DeleteService('nkfoiotc');
 DeleteService('nitzvjup');
 DeleteService('niftdllj');
 DeleteService('nfragwip');
 DeleteService('netfhvye');
 DeleteService('nazfgwfd');
 DeleteService('natptplv');
 DeleteService('nalbsnwc');
 DeleteService('mzrdpvpw');
 DeleteService('myhnljqq');
 DeleteService('mwwovvrb');
 DeleteService('mwlpwvid');
 DeleteService('mwacyvgs');
 DeleteService('mvjbcbzc');
 DeleteService('mtocavon');
 DeleteService('mraiqcwj');
 DeleteService('mppdnhcp');
 DeleteService('mokurhld');
 DeleteService('mnskohol');
 DeleteService('mmztrbmy');
 DeleteService('mmytvqsf');
 DeleteService('mmadskce');
 DeleteService('mlspbcmz');
 DeleteService('mkwmnqcb');
 DeleteService('mkvrclxj');
 DeleteService('mfzvvspf');
 DeleteService('lxgdlrod');
 DeleteService('lrhobuak');
 DeleteService('lralsrgb');
 DeleteService('loodfcze');
 DeleteService('locbdthr');
 DeleteService('lnakvltv');
 DeleteService('llfxqddh');
 DeleteService('lhusbtbp');
 DeleteService('lfboavsu');
 DeleteService('ldvaudir');
 DeleteService('lbmmurjj');
 DeleteService('krqzzewc');
 DeleteService('krfkesyy');
 DeleteService('kpipyxls');
 DeleteService('kpcqinke');
 DeleteService('konekayr');
 DeleteService('knpjgpjr');
 DeleteService('klvtacha');
 DeleteService('kedgqpbt');
 DeleteService('kbjyjcqj');
 DeleteFile('C:\windows\system32\drivers\raqsxpux.sys','32');
 DeleteFile('C:\windows\system32\drivers\qyoyusfa.sys','32');
 DeleteFile('C:\windows\system32\drivers\qxosopnf.sys','32');
 DeleteFile('C:\windows\system32\drivers\qslqkcih.sys','32');
 DeleteFile('C:\windows\system32\drivers\qqcxmgbq.sys','32');
 DeleteFile('C:\windows\system32\drivers\qmcbbeez.sys','32');
 DeleteFile('C:\windows\system32\drivers\qlslcyhq.sys','32');
 DeleteFile('C:\windows\system32\drivers\qlfftbil.sys','32');
 DeleteFile('C:\windows\system32\drivers\qiljauuo.sys','32');
 DeleteFile('C:\windows\system32\drivers\qfvvzero.sys','32');
 DeleteFile('C:\windows\system32\drivers\qfacanup.sys','32');
 DeleteFile('C:\windows\system32\drivers\pzncatle.sys','32');
 DeleteFile('C:\windows\system32\drivers\pyxiaaim.sys','32');
 DeleteFile('C:\windows\system32\drivers\pxquwqng.sys','32');
 DeleteFile('C:\windows\system32\drivers\prnekewi.sys','32');
 DeleteFile('C:\windows\system32\drivers\pqjaqofv.sys','32');
 DeleteFile('C:\windows\system32\drivers\pmvsgrqn.sys','32');
 DeleteFile('C:\windows\system32\drivers\pmkijlji.sys','32');
 DeleteFile('C:\windows\system32\drivers\pmdoqapj.sys','32');
 DeleteFile('C:\windows\system32\drivers\pknlnimc.sys','32');
 DeleteFile('C:\windows\system32\drivers\phozzybz.sys','32');
 DeleteFile('C:\windows\system32\drivers\pgpaeqzj.sys','32');
 DeleteFile('C:\windows\system32\drivers\peupxcim.sys','32');
 DeleteFile('C:\windows\system32\drivers\patsmntd.sys','32');
 DeleteFile('C:\windows\system32\drivers\oujrorpf.sys','32');
 DeleteFile('C:\windows\system32\drivers\oqpjthcx.sys','32');
 DeleteFile('C:\windows\system32\drivers\onuksjpk.sys','32');
 DeleteFile('C:\windows\system32\drivers\olnuhhiu.sys','32');
 DeleteFile('C:\windows\system32\drivers\ojcdggpm.sys','32');
 DeleteFile('C:\windows\system32\drivers\oeazuqne.sys','32');
 DeleteFile('C:\windows\system32\drivers\ocmlrdrx.sys','32');
 DeleteFile('C:\windows\system32\drivers\oadkebnj.sys','32');
 DeleteFile('C:\windows\system32\drivers\nzqiiagz.sys','32');
 DeleteFile('C:\windows\system32\drivers\nxqwnvbp.sys','32');
 DeleteFile('C:\windows\system32\drivers\nwlcohqa.sys','32');
 DeleteFile('C:\windows\system32\drivers\nvnvekvc.sys','32');
 DeleteFile('C:\windows\system32\drivers\nuvjzruh.sys','32');
 DeleteFile('C:\windows\system32\drivers\nsmbcyat.sys','32');
 DeleteFile('C:\windows\system32\drivers\nrzdiqmm.sys','32');
 DeleteFile('C:\windows\system32\drivers\nqnwlnfq.sys','32');
 DeleteFile('C:\windows\system32\drivers\nqdcqfwe.sys','32');
 DeleteFile('C:\windows\system32\drivers\nodgtfxa.sys','32');
 DeleteFile('C:\windows\system32\drivers\nlunbgcs.sys','32');
 DeleteFile('C:\windows\system32\drivers\nkkiehny.sys','32');
 DeleteFile('C:\windows\system32\drivers\nkfoiotc.sys','32');
 DeleteFile('C:\windows\system32\drivers\nitzvjup.sys','32');
 DeleteFile('C:\windows\system32\drivers\niftdllj.sys','32');
 DeleteFile('C:\windows\system32\drivers\nfragwip.sys','32');
 DeleteFile('C:\windows\system32\drivers\netfhvye.sys','32');
 DeleteFile('C:\windows\system32\drivers\nazfgwfd.sys','32');
 DeleteFile('C:\windows\system32\drivers\natptplv.sys','32');
 DeleteFile('C:\windows\system32\drivers\nalbsnwc.sys','32');
 DeleteFile('C:\windows\system32\drivers\mzrdpvpw.sys','32');
 DeleteFile('C:\windows\system32\drivers\myhnljqq.sys','32');
 DeleteFile('C:\windows\system32\drivers\mwwovvrb.sys','32');
 DeleteFile('C:\windows\system32\drivers\mwlpwvid.sys','32');
 DeleteFile('C:\windows\system32\drivers\mwacyvgs.sys','32');
 DeleteFile('C:\windows\system32\drivers\mvjbcbzc.sys','32');
 DeleteFile('C:\windows\system32\drivers\mtocavon.sys','32');
 DeleteFile('C:\windows\system32\drivers\mraiqcwj.sys','32');
 DeleteFile('C:\windows\system32\drivers\mppdnhcp.sys','32');
 DeleteFile('C:\windows\system32\drivers\moxhtesc.sys','32');
 DeleteFile('C:\windows\system32\drivers\mokurhld.sys','32');
 DeleteFile('C:\windows\system32\drivers\mnskohol.sys','32');
 DeleteFile('C:\windows\system32\drivers\mmztrbmy.sys','32');
 DeleteFile('C:\windows\system32\drivers\mmytvqsf.sys','32');
 DeleteFile('C:\windows\system32\drivers\mmadskce.sys','32');
 DeleteFile('C:\windows\system32\drivers\mlspbcmz.sys','32');
 DeleteFile('C:\windows\system32\drivers\mkwmnqcb.sys','32');
 DeleteFile('C:\windows\system32\drivers\mkvrclxj.sys','32');
 DeleteFile('C:\windows\system32\drivers\mfzvvspf.sys','32');
 DeleteFile('C:\windows\system32\drivers\lrhobuak.sys','32');
 DeleteFile('C:\windows\system32\drivers\lralsrgb.sys','32');
 DeleteFile('C:\windows\system32\drivers\loodfcze.sys','32');
 DeleteFile('C:\windows\system32\drivers\locbdthr.sys','32');
 DeleteFile('C:\windows\system32\drivers\lnakvltv.sys','32');
 DeleteFile('C:\windows\system32\drivers\llfxqddh.sys','32');
 DeleteFile('C:\windows\system32\drivers\lhusbtbp.sys','32');
 DeleteFile('C:\windows\system32\drivers\lfboavsu.sys','32');
 DeleteFile('C:\windows\system32\drivers\ldvaudir.sys','32');
 DeleteFile('C:\windows\system32\drivers\lbmmurjj.sys','32');
 DeleteFile('C:\windows\system32\drivers\krqzzewc.sys','32');
 DeleteFile('C:\windows\system32\drivers\krfkesyy.sys','32');
 DeleteFile('C:\windows\system32\drivers\kpipyxls.sys','32');
 DeleteFile('C:\windows\system32\drivers\kpcqinke.sys','32');
 DeleteFile('C:\windows\system32\drivers\konekayr.sys','32');
 DeleteFile('C:\windows\system32\drivers\knpjgpjr.sys','32');
 DeleteFile('C:\windows\system32\drivers\klvtacha.sys','32');
 DeleteFile('C:\windows\system32\drivers\kedgqpbt.sys','32');
 DeleteFile('C:\windows\system32\drivers\kbjyjcqj.sys','32');
 DeleteFile('C:\Users\user\appdata\roaming\digita~1\update~1\update~1.exe','32');
ExecuteSysClean;
RebootWindows(false);
end.

Компьютер перезагрузится.

Сделайте новый лог

**MichaNICK** · 06.04.2014, 17:07

Выполнил. Лог прилагаю

**thyrex** · 06.04.2014, 17:15

Выполните скрипт в AVZ

Код:

begin
 DeleteService('wptgmtid');
 DeleteService('wnvpatkt');
 DeleteService('wmlyqext');
 DeleteService('wlxpvkep');
 DeleteService('wiruqswj');
 DeleteService('wetmjwae');
 DeleteService('wdgsixch');
 DeleteService('wdgnhmqd');
 DeleteService('wcwzzryw');
 DeleteService('vsioampo');
 DeleteService('vrkstamo');
 DeleteService('vptjaomu');
 DeleteService('vonvaovb');
 DeleteService('vnnbdkkn');
 DeleteService('vndmcwlz');
 DeleteService('vlbvwouc');
 DeleteService('vinlczsd');
 DeleteService('vdslrhkh');
 DeleteService('vahgnpop');
 DeleteService('uylrsrrg');
 DeleteService('uygbqfdq');
 DeleteService('uwwpfiwo');
 DeleteService('utiiymjk');
 DeleteService('uqkljnut');
 DeleteService('ukcetvgk');
 DeleteService('uhvkifrm');
 DeleteService('ugkmeeks');
 DeleteService('ufffnpyd');
 DeleteService('ufapwtin');
 DeleteService('tzzqutrh');
 DeleteService('tutepvlb');
 DeleteService('tunrbubq');
 DeleteService('ttuhmsng');
 DeleteService('tsoonzfu');
 DeleteService('triyreui');
 DeleteService('tqgoprdb');
 DeleteService('tkvfqajx');
 DeleteService('taryjekb');
 DeleteService('svtgbmtv');
 DeleteService('spjqalkk');
 DeleteService('soegtmri');
 DeleteService('snsjbjur');
 DeleteService('skusbfug');
 DeleteService('sipgjklb');
 DeleteService('shfwdvrj');
 DeleteService('sdotmjjb');
 DeleteService('rwprpalm');
 DeleteService('rsubufxj');
 DeleteService('rqvsozxt');
 DeleteService('rqnghqcs');
 DeleteService('rlmldnjy');
 DeleteService('rkkolqmi');
 DeleteService('rjltfieo');
 DeleteService('riprmwjc');
 DeleteService('rgyvcdeu');
 DeleteService('rcggcegm');
 DeleteFile('C:\windows\system32\drivers\rcggcegm.sys','32');
 DeleteFile('C:\windows\system32\drivers\rgyvcdeu.sys','32');
 DeleteFile('C:\windows\system32\drivers\riprmwjc.sys','32');
 DeleteFile('C:\windows\system32\drivers\rjltfieo.sys','32');
 DeleteFile('C:\windows\system32\drivers\rkkolqmi.sys','32');
 DeleteFile('C:\windows\system32\drivers\rlmldnjy.sys','32');
 DeleteFile('C:\windows\system32\drivers\rqnghqcs.sys','32');
 DeleteFile('C:\windows\system32\drivers\rqvsozxt.sys','32');
 DeleteFile('C:\windows\system32\drivers\rsubufxj.sys','32');
 DeleteFile('C:\windows\system32\drivers\rwprpalm.sys','32');
 DeleteFile('C:\windows\system32\drivers\sdotmjjb.sys','32');
 DeleteFile('C:\windows\system32\drivers\shfwdvrj.sys','32');
 DeleteFile('C:\windows\system32\drivers\sipgjklb.sys','32');
 DeleteFile('C:\windows\system32\drivers\skusbfug.sys','32');
 DeleteFile('C:\windows\system32\drivers\snsjbjur.sys','32');
 DeleteFile('C:\windows\system32\drivers\soegtmri.sys','32');
 DeleteFile('C:\windows\system32\drivers\spjqalkk.sys','32');
 DeleteFile('C:\windows\system32\drivers\svtgbmtv.sys','32');
 DeleteFile('C:\windows\system32\drivers\taryjekb.sys','32');
 DeleteFile('C:\windows\system32\drivers\tkvfqajx.sys','32');
 DeleteFile('C:\windows\system32\drivers\tqgoprdb.sys','32');
 DeleteFile('C:\windows\system32\drivers\triyreui.sys','32');
 DeleteFile('C:\windows\system32\drivers\tsoonzfu.sys','32');
 DeleteFile('C:\windows\system32\drivers\ttuhmsng.sys','32');
 DeleteFile('C:\windows\system32\drivers\tunrbubq.sys','32');
 DeleteFile('C:\windows\system32\drivers\tutepvlb.sys','32');
 DeleteFile('C:\windows\system32\drivers\tzzqutrh.sys','32');
 DeleteFile('C:\windows\system32\drivers\ufapwtin.sys','32');
 DeleteFile('C:\windows\system32\drivers\ufffnpyd.sys','32');
 DeleteFile('C:\windows\system32\drivers\ugkmeeks.sys','32');
 DeleteFile('C:\windows\system32\drivers\uhvkifrm.sys','32');
 DeleteFile('C:\windows\system32\drivers\ukcetvgk.sys','32');
 DeleteFile('C:\windows\system32\drivers\uqkljnut.sys','32');
 DeleteFile('C:\windows\system32\drivers\utiiymjk.sys','32');
 DeleteFile('C:\windows\system32\drivers\uwwpfiwo.sys','32');
 DeleteFile('C:\windows\system32\drivers\uygbqfdq.sys','32');
 DeleteFile('C:\windows\system32\drivers\uylrsrrg.sys','32');
 DeleteFile('C:\windows\system32\drivers\vahgnpop.sys','32');
 DeleteFile('C:\windows\system32\drivers\vdslrhkh.sys','32');
 DeleteFile('C:\windows\system32\drivers\vinlczsd.sys','32');
 DeleteFile('C:\windows\system32\drivers\vlbvwouc.sys','32');
 DeleteFile('C:\windows\system32\drivers\vndmcwlz.sys','32');
 DeleteFile('C:\windows\system32\drivers\vnnbdkkn.sys','32');
 DeleteFile('C:\windows\system32\drivers\vonvaovb.sys','32');
 DeleteFile('C:\windows\system32\drivers\vptjaomu.sys','32');
 DeleteFile('C:\windows\system32\drivers\vsioampo.sys','32');
 DeleteFile('C:\windows\system32\drivers\vvusqkvg.sys','32');
 DeleteFile('C:\windows\system32\drivers\wcwzzryw.sys','32');
 DeleteFile('C:\windows\system32\drivers\wdgnhmqd.sys','32');
 DeleteFile('C:\windows\system32\drivers\wdgsixch.sys','32');
 DeleteFile('C:\windows\system32\drivers\wetmjwae.sys','32');
 DeleteFile('C:\windows\system32\drivers\wiruqswj.sys','32');
 DeleteFile('C:\windows\system32\drivers\wlbpdqxz.sys','32');
 DeleteFile('C:\windows\system32\drivers\wlxpvkep.sys','32');
 DeleteFile('C:\windows\system32\drivers\wmlyqext.sys','32');
 DeleteFile('C:\windows\system32\drivers\wnvpatkt.sys','32');
 DeleteFile('C:\windows\system32\drivers\wptgmtid.sys','32');
 DeleteFile('C:\windows\Tasks\Digital Sites.job','64');
 DeleteFile('C:\Users\user\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','32');
ExecuteSysClean;
RebootWindows(false);
end.

Компьютер перезагрузится.

Сделайте новый лог

**MichaNICK** · 06.04.2014, 17:30

Все сделал.

**thyrex** · 06.04.2014, 17:42

Выполните скрипт в AVZ

Код:

begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
 then
  begin
   SearchRootkit(true, true);
   SetAVZGuardStatus(True);
  end;
QuarantineFile('C:\windows\temp\SvcDelay.exe','');
 BC_ImportAll;
BC_Activate;
RebootWindows(false);
end.

Компьютер перезагрузится.

Пришлите карантин согласно Приложения 2 правил по красной ссылке Прислать запрошенный карантин вверху темы

**MichaNICK** · 06.04.2014, 18:00

Выполнил скрипт. Папка карантина пуста.

**thyrex** · 06.04.2014, 18:30

C:\windows\system32\Tasks\SvcDelay удалите

Пофиксите в HiJack

Код:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://webalta.ru/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://webalta.ru/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://webalta.ru/search
O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: (no name) - {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} - (no file)

В остальном порядок

**MichaNICK** · 06.04.2014, 18:50

Выполнил. На всякий случай сделал новые логи.

**thyrex** · 06.04.2014, 19:16

Порядок

Просьба посмотреть логи (заявка № 157916)

Опции темы