Выполните скрипт в АВЗ -
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
ClearQuarantineEx(true);
QuarantineFile('C:\Users\2D\AppData\Local\00000000-1442233282-0000-0000-8C89A55B1254\snsr2D17.tmp', '');
QuarantineFile('C:\Program Files\00000000-1442222412-0000-0000-8C89A55B1254\hnsg856D.tmp', '');
QuarantineFile('C:\Program Files\00000000-1442222412-0000-0000-8C89A55B1254\jnsb6D20.tmp', '');
QuarantineFile('C:\Program Files\00000000-1442222412-0000-0000-8C89A55B1254\knsw486B.tmpfs', '');
DeleteFile('C:\Users\2D\AppData\Local\00000000-1442233282-0000-0000-8C89A55B1254\snsr2D17.tmp', '32');
DeleteFile('C:\Program Files\00000000-1442222412-0000-0000-8C89A55B1254\hnsg856D.tmp', '32');
DeleteFile('C:\Program Files\00000000-1442222412-0000-0000-8C89A55B1254\jnsb6D20.tmp', '32');
DeleteFile('C:\Program Files\00000000-1442222412-0000-0000-8C89A55B1254\knsw486B.tmpfs', '32');
ExecuteFile('schtasks.exe', '/delete /TN "{56500146-03D7-40B9-B270-A2FDE5289F25}" /F', 0, 15000, true);
DeleteService('dipubibu');
DeleteService('gyvixodu');
DeleteService('lehicewu');
DeleteService('lyxoqesu');
BC_ImportALL;
ExecuteSysClean;
ExecuteWizard('SCU', 2, 3, true);
BC_Activate;
RebootWindows(true);
end.