скачайте C:\WINDOWS\system32\Drivers\Winko83.sys- force delete
выполните скрипт ...
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\Windows\System32\SVCHOST32.exe','');
DeleteService('ydG37');
DeleteService('Winye58');
DeleteService('Winwc71');
DeleteService('Winva60');
DeleteService('Winuy72');
DeleteService('Winty71');
DeleteService('Winsw58');
DeleteService('Winrv60');
DeleteService('Winru26');
DeleteService('Winqu47');
DeleteService('Winqu37');
DeleteService('Winos71');
DeleteService('Winor61');
DeleteService('Winlp15');
DeleteService('Winlo71');
DeleteService('Winkp60');
DeleteService('Winim36');
DeleteService('Winim04');
DeleteService('Winhm71');
DeleteService('Winhl36');
DeleteService('Wingk47');
DeleteService('Winei61');
DeleteService('Winei03');
DeleteService('Windi14');
DeleteService('Windh58');
DeleteService('Windh25');
DeleteService('Windg04');
DeleteService('Wincf60');
DeleteService('Wincf26');
DeleteService('Winbg60');
DeleteService('Winbf60');
DeleteService('Winbf58');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winaf58.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winae82.sys','');
DeleteService('Winae82');
DeleteService('Winae48');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winae48.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\vbE71.sys','');
DeleteService('vbE71');
DeleteService('vbE58');
QuarantineFile('C:\WINDOWS\System32\Drivers\vbE58.sys','');
DeleteService('twB58');
QuarantineFile('C:\WINDOWS\System32\Drivers\twB58.sys','');
DeleteService('swB36');
QuarantineFile('C:\WINDOWS\System32\Drivers\swB36.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\swB25.sys','');
DeleteService('swB25');
DeleteService('swB03');
QuarantineFile('C:\WINDOWS\System32\Drivers\swB03.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\rwA82.sys','');
DeleteService('rwA82');
QuarantineFile('C:\WINDOWS\System32\Drivers\rvA47.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\osW14.sys','');
DeleteService('osW14');
QuarantineFile('C:\WINDOWS\System32\Drivers\orU47.sys','');
DeleteService('orU47');
DeleteService('mrU47');
QuarantineFile('C:\WINDOWS\System32\Drivers\mrU47.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\mqT03.sys','');
DeleteService('mqT03');
QuarantineFile('C:\WINDOWS\System32\Drivers\lqT82.sys','');
DeleteService('lqT82');
QuarantineFile('C:\WINDOWS\System32\Drivers\lpT25.sys','');
DeleteService('lpT25');
DeleteService('kpS47');
QuarantineFile('C:\WINDOWS\System32\Drivers\kpS47.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\joR14.sys','');
DeleteService('joR14');
QuarantineFile('C:\WINDOWS\System32\Drivers\joR03.sys','');
DeleteService('joR03');
DeleteService('jnQ14');
QuarantineFile('C:\WINDOWS\System32\Drivers\hmP72.sys','');
DeleteService('hmP72');
QuarantineFile('C:\WINDOWS\System32\Drivers\hmP37.sys','');
DeleteService('hmP37');
DeleteService('fkN03');
QuarantineFile('C:\WINDOWS\System32\Drivers\fkN03.sys','');
DeleteService('ejM71');
QuarantineFile('C:\WINDOWS\System32\Drivers\ejM71.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\diM36.sys','');
DeleteService('diM36');
DeleteService('diL72');
QuarantineFile('C:\WINDOWS\System32\Drivers\diL72.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\diL71.sys','');
DeleteService('diL71');
DeleteService('diL48');
QuarantineFile('C:\WINDOWS\System32\Drivers\cgK71.sys','');
DeleteService('cgK71');
DeleteService('cgK25');
QuarantineFile('C:\WINDOWS\System32\Drivers\cgK25.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\cgJ60.sys','');
DeleteService('cgJ60');
DeleteService('bgJ14');
QuarantineFile('C:\WINDOWS\System32\Drivers\bgJ14.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Winko83.sys','');
DeleteService('Winko83');
QuarantineFile('C:\WINDOWS\system32\Drivers\Winko83.sys','');
QuarantineFile('C:\WINDOWS\system32\WinCtrl32.dll','');
DeleteFile('C:\WINDOWS\system32\WinCtrl32.dll');
DeleteFile('C:\WINDOWS\system32\Drivers\Winko83.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winko83.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\bgJ14.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\cgJ60.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\cgK25.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\cgK71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\diL48.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\diL71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\diL72.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\diM36.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ejM71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\fkN03.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\hmP37.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\hmP72.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\jnQ14.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\joR03.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\joR14.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\kpS47.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\lpT25.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\lqT82.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\mqT03.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\mrU47.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\orU47.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\osW14.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\rvA47.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\rwA82.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\swB03.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\swB25.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\swB36.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\twB58.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\vbE58.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\vbE71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winae48.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winae82.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winaf58.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winbf58.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winbf60.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winbg60.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wincf26.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wincf60.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Windg04.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Windh25.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Windh58.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Windi14.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winei03.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winei61.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Wingk47.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winhl36.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winhm71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winim04.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winim36.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winkp60.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winlo71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winlp15.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winor61.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winos71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winqu37.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winqu47.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winru26.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winrv60.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winrw14.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winsw58.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winua14.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winty71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winuy72.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winva60.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winwc71.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Winye58.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\ydG37.sys');
DeleteFile('C:\Windows\System32\SVCHOST32.exe');
DeleteFile('WinCtrl32.dll');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
пришлите карантин согласно приложения 3 правил ....
повторите логи ...