Антивирус находит вирусы,вроде бы удаляет. Но они появляются снова.
Антивирус находит вирусы,вроде бы удаляет. Но они появляются снова.
Многовато
Профиксить:
Выполнить скрипт:Код:O2 - BHO: erxybloe.dll - {20909876-4567-3908-4056-909834565102} - D:\WINDOWS\system32\erxybloe.dll O2 - BHO: opshbbty.dll - {22596546-2036-9451-6058-658402589722} - D:\WINDOWS\system32\opshbbty.dll O2 - BHO: rijxbkin.dll - {25FD6584-698F-BCD2-602C-698745210352} - D:\WINDOWS\system32\rijxbkin.dll O2 - BHO: lassaplo.dll - {2B69874A-C58C-458D-69F0-698F874E41B2} - D:\WINDOWS\system32\lassaplo.dll O2 - BHO: skqncbib.dll - {32023698-6984-8541-9654-698745012523} - D:\WINDOWS\system32\skqncbib.dll (file missing) O2 - BHO: yxcschlp.dll - {35671234-7890-ABCD-CDEF-567801237653} - D:\WINDOWS\system32\yxcschlp.dll O2 - BHO: nhmxcjkl.dll - {37AC9076-C898-B098-D098-A18319080973} - D:\WINDOWS\system32\nhmxcjkl.dll (file missing) O2 - BHO: akjsckaq.dll - {3A908760-8000-4000-A000-9000322145A3} - D:\WINDOWS\system32\akjsckaq.dll (file missing) O2 - BHO: lijzclit.dll - {3C954872-1230-6541-9548-6541025884C3} - D:\WINDOWS\system32\lijzclit.dll O2 - BHO: oswxdttb.dll - {43512378-9874-5641-1025-985420368734} - D:\WINDOWS\system32\oswxdttb.dll O2 - BHO: mpwddapi.dll - {45694105-5108-9405-3695-954187462154} - D:\WINDOWS\system32\mpwddapi.dll O2 - BHO: nhmxdjkl.dll - {47AC9076-C898-B098-D098-A18319080974} - D:\WINDOWS\system32\nhmxdjkl.dll O2 - BHO: akjsdkaq.dll - {4A908760-8000-4000-A000-9000322145A4} - D:\WINDOWS\system32\akjsdkaq.dll O2 - BHO: (no name) - {4C69034A-F45F-D34D-A33A-C33C4D324FC4} - D:\WINDOWS\system32\arjrbler.dll (file missing) O2 - BHO: zptlcsys.dll - {50940F85-F015-14F1-A05F-F69858AC6D05} - D:\WINDOWS\system32\zptlcsys.dll O2 - BHO: ptjhehlp.dll - {528DF602-9541-A985-210A-984A698C6F25} - D:\WINDOWS\system32\ptjhehlp.dll O2 - BHO: pjjxedwd.dll - {54FAE856-AD58-20CB-A025-CD4895FA6E45} - D:\WINDOWS\system32\pjjxedwd.dll O2 - BHO: ozfyebyt.dll - {5A069845-2036-6084-9054-6087502480A5} - D:\WINDOWS\system32\ozfyebyt.dll O2 - BHO: arjrcler.dll - {5C69034A-F45F-D34D-A33A-C33C4D324FC5} - D:\WINDOWS\system32\arjrcler.dll (file missing) O2 - BHO: tysqbkol.dll - {5D098345-6785-1098-5413-678067AE03D5} - D:\WINDOWS\system32\tysqbkol.dll O2 - BHO: pqzfajke.dll - {60A345CD-ABCD-EFAB-CDEF-ABCD01020306} - D:\WINDOWS\system32\pqzfajke.dll O2 - BHO: (no name) - {6629FF4F-ACDB-5C90-A098-FACB3456A266} - D:\WINDOWS\system32\mpmyfapi.dll (file missing) O2 - BHO: zxmscwin.dll - {6A041F13-A111-12A3-B0CF-F99818AA68A6} - D:\WINDOWS\system32\zxmscwin.dll (file missing) O2 - BHO: mndhfdwd.dll - {6C648541-1025-9650-9057-6541258720C6} - D:\WINDOWS\system32\mndhfdwd.dll O2 - BHO: arjrdler.dll - {6C69034A-F45F-D34D-A33A-C33C4D324FC6} - D:\WINDOWS\system32\arjrdler.dll (file missing) O2 - BHO: apsgfjba.dll - {6FD45A54-9875-698F-E56E-65102358FDF6} - D:\WINDOWS\system32\apsgfjba.dll (file missing) O2 - BHO: (no name) - {7629FF4F-ACDB-5C90-A098-FACB3456A267} - D:\WINDOWS\system32\mpmygapi.dll (file missing) O2 - BHO: mndsgsrv.dll - {77FD640A-158F-48AC-FD14-1597F14A9777} - D:\WINDOWS\system32\mndsgsrv.dll (file missing) O2 - BHO: zxmsdwin.dll - {7A041F13-A111-12A3-B0CF-F99818AA68A7} - D:\WINDOWS\system32\zxmsdwin.dll O2 - BHO: arjreler.dll - {7C69034A-F45F-D34D-A33A-C33C4D324FC7} - D:\WINDOWS\system32\arjreler.dll O2 - BHO: mnmhgsrv.dll - {7C8D1401-A58D-A81C-CD24-A5915C4517C7} - D:\WINDOWS\system32\mnmhgsrv.dll O2 - BHO: yxfhcjpg.dll - {83BA45AF-FAAA-CDDD-BEEE-BCDE1234AB38} - D:\WINDOWS\system32\yxfhcjpg.dll O2 - BHO: mpmyhapi.dll - {8629FF4F-ACDB-5C90-A098-FACB3456A268} - D:\WINDOWS\system32\mpmyhapi.dll (file missing) O2 - BHO: mndshsrv.dll - {87FD640A-158F-48AC-FD14-1597F14A9778} - D:\WINDOWS\system32\mndshsrv.dll O2 - BHO: ypdjgbmp.dll - {91954FAC-1023-154F-895A-1458258AD819} - D:\WINDOWS\system32\ypdjgbmp.dll O2 - BHO: (no name) - {9490415F-65F8-B5C5-D8BA-9405FB120549} - D:\WINDOWS\system32\yzztimsn.dll (file missing) O2 - BHO: jke34kl32.dll - {9629FF4F-ACDB-5C90-A098-FACB3456A269} - D:\WINDOWS\system32\jke34kl32.dll (file missing) O2 - BHO: yzztjmsn.dll - {A490415F-65F8-B5C5-D8BA-9405FB12054A} - D:\WINDOWS\system32\yzztjmsn.dll (file missing) O2 - BHO: s2da2f323.dll - {A629FF4F-ACDB-5C90-A098-FACB3456A26A} - D:\WINDOWS\system32\s2da2f323.dll O2 - BHO: yzztkmsn.dll - {B490415F-65F8-B5C5-D8BA-9405FB12054B} - D:\WINDOWS\system32\yzztkmsn.dll
Сделать новые логи. Карантин загрузить по красной ссылке вверху темы.Код:begin SearchRootkit(true, true); SetAVZGuardStatus(True); QuarantineFile('D:\WINDOWS\Mstray.exe',''); QuarantineFile('D:\WINDOWS\system32\Drivers\sojuscsi.sys',''); QuarantineFile('D:\WINDOWS\system32\Drivers\sojubus.sys',''); QuarantineFile('D:\WINDOWS\system32\drivers\eth8023.sys',''); QuarantineFile('D:\WINDOWS\system32\zxmsdwin.dll',''); QuarantineFile('D:\WINDOWS\system32\zptlcsys.dll',''); QuarantineFile('D:\WINDOWS\system32\zgrjdx.dll',''); QuarantineFile('D:\WINDOWS\System32\zdbdb.dll',''); QuarantineFile('D:\WINDOWS\system32\yzztkmsn.dll',''); QuarantineFile('D:\WINDOWS\system32\yxfhcjpg.dll',''); QuarantineFile('D:\WINDOWS\system32\yxcschlp.dll',''); QuarantineFile('D:\WINDOWS\system32\ypdjgbmp.dll',''); QuarantineFile('D:\WINDOWS\system32\wyrsdj.dll',''); QuarantineFile('D:\WINDOWS\system32\ujkwet.dll',''); QuarantineFile('D:\WINDOWS\system32\tysqbkol.dll',''); QuarantineFile('D:\WINDOWS\system32\tuker.dll',''); QuarantineFile('D:\WINDOWS\system32\tisqatyu.dll',''); QuarantineFile('D:\WINDOWS\system32\tfsdmz.dll',''); QuarantineFile('D:\WINDOWS\system32\tdggrz.dll',''); QuarantineFile('D:\WINDOWS\system32\sergy.dll',''); QuarantineFile('D:\WINDOWS\system32\s2da2f323.dll',''); QuarantineFile('D:\WINDOWS\system32\rijxbkin.dll',''); QuarantineFile('D:\WINDOWS\system32\ptjhehlp.dll',''); QuarantineFile('D:\WINDOWS\system32\pqzfajke.dll',''); QuarantineFile('D:\WINDOWS\system32\pjjxedwd.dll',''); QuarantineFile('D:\WINDOWS\system32\pedadt.dll',''); QuarantineFile('D:\WINDOWS\system32\ozfyebyt.dll',''); QuarantineFile('D:\WINDOWS\system32\oswxdttb.dll',''); QuarantineFile('D:\WINDOWS\system32\oqrthc.dll',''); QuarantineFile('D:\WINDOWS\system32\opshbbty.dll',''); QuarantineFile('D:\WINDOWS\System32\njritc.dll',''); QuarantineFile('D:\WINDOWS\system32\nhmxdjkl.dll',''); QuarantineFile('D:\WINDOWS\system32\nhmxcjkl.dll',''); QuarantineFile('D:\WINDOWS\system32\mpwddapi.dll',''); QuarantineFile('D:\WINDOWS\system32\mnmhgsrv.dll',''); QuarantineFile('D:\WINDOWS\system32\mndshsrv.dll',''); QuarantineFile('D:\WINDOWS\system32\mndhfdwd.dll',''); QuarantineFile('D:\WINDOWS\system32\lijzclit.dll',''); QuarantineFile('D:\WINDOWS\system32\lassaplo.dll',''); QuarantineFile('D:\WINDOWS\System32\lariytrz.dll',''); QuarantineFile('D:\WINDOWS\system32\jkjkll.dll',''); QuarantineFile('D:\WINDOWS\system32\ijdyapaw.dll',''); QuarantineFile('D:\WINDOWS\System32\hmsdvf.dll',''); QuarantineFile('D:\WINDOWS\system32\hjk.dll',''); QuarantineFile('D:\WINDOWS\System32\hgfhk.dll',''); QuarantineFile('D:\WINDOWS\system32\gjbhr.dll',''); QuarantineFile('D:\WINDOWS\system32\ghjyer.dll',''); QuarantineFile('D:\WINDOWS\system32\fsrgeb.dll',''); QuarantineFile('D:\WINDOWS\system32\erxybloe.dll',''); QuarantineFile('D:\WINDOWS\system32\ergfwe.dll',''); QuarantineFile('D:\WINDOWS\system32\ddserh.dll',''); QuarantineFile('D:\WINDOWS\system32\cedafb.dll',''); QuarantineFile('D:\WINDOWS\System32\asfjthj.dll',''); QuarantineFile('D:\WINDOWS\system32\arjreler.dll',''); QuarantineFile('D:\WINDOWS\system32\akjsdkaq.dll',''); QuarantineFile('d:\windows\system32\winlogon.exe',''); QuarantineFile('d:\windows\system32\p2001.exe',''); DeleteFile('D:\WINDOWS\system32\akjsdkaq.dll'); DeleteFile('D:\WINDOWS\system32\arjreler.dll'); DeleteFile('D:\WINDOWS\System32\asfjthj.dll'); DeleteFile('D:\WINDOWS\system32\cedafb.dll'); DeleteFile('D:\WINDOWS\system32\ddserh.dll'); DeleteFile('D:\WINDOWS\system32\ergfwe.dll'); DeleteFile('D:\WINDOWS\system32\erxybloe.dll'); DeleteFile('D:\WINDOWS\system32\fsrgeb.dll'); DeleteFile('D:\WINDOWS\system32\ghjyer.dll'); DeleteFile('D:\WINDOWS\system32\gjbhr.dll'); DeleteFile('D:\WINDOWS\System32\hgfhk.dll'); DeleteFile('D:\WINDOWS\system32\hjk.dll'); DeleteFile('D:\WINDOWS\System32\hmsdvf.dll'); DeleteFile('D:\WINDOWS\system32\ijdyapaw.dll'); DeleteFile('D:\WINDOWS\system32\jkjkll.dll'); DeleteFile('D:\WINDOWS\System32\lariytrz.dll'); DeleteFile('D:\WINDOWS\system32\lassaplo.dll'); DeleteFile('D:\WINDOWS\system32\lijzclit.dll'); DeleteFile('D:\WINDOWS\system32\mndhfdwd.dll'); DeleteFile('D:\WINDOWS\system32\mndshsrv.dll'); DeleteFile('D:\WINDOWS\system32\mnmhgsrv.dll'); DeleteFile('D:\WINDOWS\system32\mpwddapi.dll'); DeleteFile('D:\WINDOWS\system32\nhmxcjkl.dll'); DeleteFile('D:\WINDOWS\system32\nhmxdjkl.dll'); DeleteFile('D:\WINDOWS\System32\njritc.dll'); DeleteFile('D:\WINDOWS\system32\opshbbty.dll'); DeleteFile('D:\WINDOWS\system32\oqrthc.dll'); DeleteFile('D:\WINDOWS\system32\oswxdttb.dll'); DeleteFile('D:\WINDOWS\system32\ozfyebyt.dll'); DeleteFile('D:\WINDOWS\system32\pedadt.dll'); DeleteFile('D:\WINDOWS\system32\pjjxedwd.dll'); DeleteFile('D:\WINDOWS\system32\pqzfajke.dll'); DeleteFile('D:\WINDOWS\system32\ptjhehlp.dll'); DeleteFile('D:\WINDOWS\system32\rijxbkin.dll'); DeleteFile('D:\WINDOWS\system32\s2da2f323.dll'); DeleteFile('D:\WINDOWS\system32\sergy.dll'); DeleteFile('D:\WINDOWS\system32\tdggrz.dll'); DeleteFile('D:\WINDOWS\system32\tfsdmz.dll'); DeleteFile('D:\WINDOWS\system32\tisqatyu.dll'); DeleteFile('D:\WINDOWS\system32\tuker.dll'); DeleteFile('D:\WINDOWS\system32\tysqbkol.dll'); DeleteFile('D:\WINDOWS\system32\ujkwet.dll'); DeleteFile('D:\WINDOWS\system32\wyrsdj.dll'); DeleteFile('D:\WINDOWS\system32\ypdjgbmp.dll'); DeleteFile('D:\WINDOWS\system32\yxcschlp.dll'); DeleteFile('D:\WINDOWS\system32\yxfhcjpg.dll'); DeleteFile('D:\WINDOWS\system32\yzztkmsn.dll'); DeleteFile('D:\WINDOWS\System32\zdbdb.dll'); DeleteFile('D:\WINDOWS\system32\zgrjdx.dll'); DeleteFile('D:\WINDOWS\system32\zptlcsys.dll'); DeleteFile('D:\WINDOWS\system32\zxmsdwin.dll'); DeleteFile('D:\WINDOWS\Mstray.exe'); DeleteFile('asefry.dll'); DeleteFile('asfhjy.dll'); DeleteFile('awef.dll'); DeleteFile('bjrvm.dll'); DeleteFile('bnxnb.dll'); DeleteFile('cdxbfxdb.dll'); DeleteFile('chmfcmh.dll'); DeleteFile('crugd.dll'); DeleteFile('dbfb.dll'); DeleteFile('dfhsh.dll'); DeleteFile('dger.dll'); DeleteFile('dhdhvv.dll'); DeleteFile('dnteh.dll'); DeleteFile('drghszd.dll'); DeleteFile('dscef.dll'); DeleteFile('ektvm.dll'); DeleteFile('ethsh.dll'); DeleteFile('fgjderg.dll'); DeleteFile('fgthde.dll'); DeleteFile('fhjfg.dll'); DeleteFile('fjnbv.dll'); DeleteFile('fjyjy.dll'); DeleteFile('fngn.dll'); DeleteFile('frntrn.dll'); DeleteFile('fxgnfx.dll'); DeleteFile('fxnfnh.dll'); DeleteFile('gfcfg.dll'); DeleteFile('ghjkdr.dll'); DeleteFile('ghkrg.dll'); DeleteFile('ghthhh.dll'); DeleteFile('gjkhj.dll'); DeleteFile('gmnait.dll'); DeleteFile('gnfctt.dll'); DeleteFile('hffgth.dll'); DeleteFile('hfjg.dll'); DeleteFile('hfther.dll'); DeleteFile('hjaiq.dll'); DeleteFile('hjdrg.dll'); DeleteFile('hjukrt.dll'); DeleteFile('hkfgh.dll'); DeleteFile('hrergh.dll'); DeleteFile('ijatnaw.dll'); DeleteFile('ilkyu.dll'); DeleteFile('jrhhh.dll'); DeleteFile('jwlah.dll'); DeleteFile('jyjlt.dll'); DeleteFile('jzijj.dll'); DeleteFile('kduy.dll'); DeleteFile('kergt.dll'); DeleteFile('losdf.dll'); DeleteFile('mgmgmm.dll'); DeleteFile('mhgdfg.dll'); DeleteFile('mrjhtjd.dll'); DeleteFile('qrhhb.dll'); DeleteFile('reger.dll'); DeleteFile('rgghjj.dll'); DeleteFile('rhs.dll'); DeleteFile('rthkyuk.dll'); DeleteFile('sdrfh.dll'); DeleteFile('sdvfrr.dll'); DeleteFile('sdvj.dll'); DeleteFile('sehhter.dll'); DeleteFile('serger.dll'); DeleteFile('serghjm.dll'); DeleteFile('setrhes.dll'); DeleteFile('stehs.dll'); DeleteFile('sthth.dll'); DeleteFile('swegfuj.dll'); DeleteFile('thsddh.dll'); DeleteFile('thurh.dll'); DeleteFile('tyjert.dll'); DeleteFile('vhsdfg.dll'); DeleteFile('wfhyt.dll'); DeleteFile('xbcvxb.dll'); DeleteFile('xdfntt.dll'); DeleteFile('xdhdg.dll'); DeleteFile('xdndn.dll'); DeleteFile('xfgnfx.dll'); DeleteFile('xfgnhcgfm.dll'); DeleteFile('xfgnxfn.dll'); DeleteFile('xfng.dll'); DeleteFile('xgnfn.dll'); DeleteFile('ydgn.dll'); DeleteFile('yjrfe.dll'); DeleteFile('yukevg.dll'); DeleteFile('zdbfbd.dll'); DeleteFile('zfdzb.dll'); BC_ImportDeletedList; ExecuteSysClean; BC_Activate; RebootWindows(true); end.
Последний раз редактировалось PavelA; 27.06.2008 в 12:56.
Павел
AVZ HijackThis помощь с 10-00 до 18-00МСК
Windows7, SEP(work)
WindowsXP KIS(home)
На up не реагирую
Уважаемый(ая) Snaipe, наши специалисты оказали Вам всю возможную помощь по вашему обращению.
В целях поддержания безопасности вашего компьютера настоятельно рекомендуем:
Чтобы всегда быть в курсе актуальных угроз в области информационной безопасности и сохранять свой компьютер защищенным, рекомендуем следить за последними новостями ИТ-сферы портала Anti-Malware.ru:
Надеемся больше никогда не увидеть ваш компьютер зараженным!
Если Вас не затруднит, пополните пожалуйста нашу базу безопасных файлов.