Показано с 1 по 2 из 2.

Virus affected PC

  1. #1
    Junior Member Репутация
    Регистрация
    14.03.2009
    Сообщений
    1
    Вес репутации
    33

    Virus affected PC

    help!!!
    its very slow
    Вложения Вложения

  2. #2
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    3001
    Switch off/disable:
    - Antivirus and and, if you have - Firewall.
    - System Restore

    - Execute following script
    Код:
    begin
    SearchRootkit(true, true);
    SetAVZGuardStatus(True);
     TerminateProcessByName('c:\windows\system32\iexplorer.exe');
     TerminateProcessByName('c:\windows\system32\28463\svchost.exe');
     StopService('zbpreelh');
     StopService('yjslqem');
     StopService('ygfee');
     StopService('yenaolvwo');
     StopService('wsjabkl');
     StopService('woeqokn');
     StopService('vwhnmn');
     StopService('vmypyswoz');
     StopService('uwlegc');
     StopService('tapicMsaid');
     StopService('qhksqvzg');
     StopService('ppvqbua');
     StopService('ogfycwh');
     StopService('ocwwg');
     StopService('mwpptvg');
     StopService('mwmrq');
     StopService('mbgjw');
     StopService('lzfvvii');
     StopService('luaoidcp');
     StopService('lngayq');
     StopService('kodeg');
     StopService('jjtqv');
     StopService('ifohis');
     StopService('haimln');
     StopService('gqctc');
     StopService('gfwpicj');
     StopService('fvualvng');
     StopService('ftfpr');
     StopService('enqwovfd');
     StopService('ehjpbadq');
     StopService('cqlntuwy');
     StopService('bzoiuest');
     StopService('bnhxbk');
     StopService('bcugjf');
     StopService('augyl');
     StopService('afwzufe');
     StopService('32731');
     StopService('23287');
     QuarantineFile('C:\WINDOWS\system32\yaskrpc.exe','');
     QuarantineFile('c:\windows\system32\olsdzs.dll','');
     QuarantineFile('C:\WINDOWS\system32\mstask.dll','');
     QuarantineFile('c:\windows\system32\iexplorer.exe','');
     QuarantineFile('c:\windows\system32\28463\svchost.exe','');
     QuarantineFile('C:\WINDOWS\system32\03.tmp','');
     QuarantineFile('C:\WINDOWS\system32\02.tmp','');
     QuarantineFile('C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\89964834\32731.sys','');
     QuarantineFile('C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\03704283\23287.sys','');
     DeleteService('zbpreelh');
     DeleteService('yjslqem');
     DeleteService('ygfee');
     DeleteService('yenaolvwo');
     DeleteService('wsjabkl');
     DeleteService('woeqokn');
     DeleteService('vwhnmn');
     DeleteService('vmypyswoz');
     DeleteService('uwlegc');
     DeleteService('tapicMsaid');
     DeleteService('qhksqvzg');
     DeleteService('ppvqbua');
     DeleteService('ogfycwh');
     DeleteService('ocwwg');
     DeleteService('mwpptvg');
     DeleteService('mwmrq');
     DeleteService('mbgjw');
     DeleteService('lzfvvii');
     DeleteService('luaoidcp');
     DeleteService('lngayq');
     DeleteService('kodeg');
     DeleteService('jjtqv');
     DeleteService('ifohis');
     DeleteService('haimln');
     DeleteService('gqctc');
     DeleteService('gfwpicj');
     DeleteService('fvualvng');
     DeleteService('ftfpr');
     DeleteService('enqwovfd');
     DeleteService('ehjpbadq');
     DeleteService('cqlntuwy');
     DeleteService('bzoiuest');
     DeleteService('bnhxbk');
     DeleteService('bcugjf');
     DeleteService('augyl');
     DeleteService('afwzufe');
     DeleteService('32731');
     DeleteService('23287');
     DeleteFile('C:\WINDOWS\system32\yaskrpc.exe');
     DeleteFile('c:\windows\system32\olsdzs.dll');
     DeleteFile('c:\windows\system32\iexplorer.exe');
     DeleteFile('c:\windows\system32\28463\svchost.exe');
     DeleteFile('C:\WINDOWS\system32\03.tmp');
     DeleteFile('C:\WINDOWS\system32\02.tmp');
     DeleteFile('C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL');
     DeleteFile('C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\89964834\32731.sys');
     DeleteFile('C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\03704283\23287.sys');
     DelBHO('{FE063DB9-4EC0-403e-8DD8-394C54984B2C}');
     DelBHO('{FE063DB1-4EC0-403e-8DD8-394C54984B2C}');
    BC_ImportAll;
    ExecuteSysClean;
     BC_DeleteSvc('zbpreelh');
     BC_DeleteSvc('yjslqem');
     BC_DeleteSvc('ygfee');
     BC_DeleteSvc('yenaolvwo');
     BC_DeleteSvc('wsjabkl');
     BC_DeleteSvc('woeqokn');
     BC_DeleteSvc('vwhnmn');
     BC_DeleteSvc('vmypyswoz');
     BC_DeleteSvc('uwlegc');
     BC_DeleteSvc('tapicMsaid');
     BC_DeleteSvc('qhksqvzg');
     BC_DeleteSvc('ppvqbua');
     BC_DeleteSvc('ogfycwh');
     BC_DeleteSvc('ocwwg');
     BC_DeleteSvc('mwpptvg');
     BC_DeleteSvc('mwmrq');
     BC_DeleteSvc('mbgjw');
     BC_DeleteSvc('lzfvvii');
     BC_DeleteSvc('luaoidcp');
     BC_DeleteSvc('lngayq');
     BC_DeleteSvc('kodeg');
     BC_DeleteSvc('jjtqv');
     BC_DeleteSvc('ifohis');
     BC_DeleteSvc('haimln');
     BC_DeleteSvc('gqctc');
     BC_DeleteSvc('gfwpicj');
     BC_DeleteSvc('fvualvng');
     BC_DeleteSvc('ftfpr');
     BC_DeleteSvc('enqwovfd');
     BC_DeleteSvc('ehjpbadq');
     BC_DeleteSvc('cqlntuwy');
     BC_DeleteSvc('bzoiuest');
     BC_DeleteSvc('bnhxbk');
     BC_DeleteSvc('bcugjf');
     BC_DeleteSvc('augyl');
     BC_DeleteSvc('afwzufe');
     BC_DeleteSvc('32731');
     BC_DeleteSvc('23287');
    BC_Activate;
    RebootWindows(true);
    end.
    After reboot:

    - Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
    - Close all the programs and start only Internet Explorer!!!
    - Repeat 3 log files in accordance with the rules.
    - Switch Antivirus and, if you have - Firewall, on.
    - Go On-Line
    - Upload the quarantine over the link Upload quarantined files on the top of this page.
    - Attach 3 logs to your new post..

Похожие темы

  1. Kaspersky Anti-Virus: forbidden incoming virus Trojan-Downloader.BAT.Small.aq
    От makstarikov в разделе Помогите!
    Ответов: 28
    Последнее сообщение: 29.06.2012, 13:01
  2. Virus removal tool does not eliminate identified virus (заявка №41545)
    От CyberHelper в разделе Отчеты сервиса лечения VirusInfo
    Ответов: 2
    Последнее сообщение: 13.12.2010, 12:00
  3. Virus Removal Tool Failed to remove Virus (заявка №38037)
    От CyberHelper в разделе Отчеты сервиса лечения VirusInfo
    Ответов: 1
    Последнее сообщение: 18.11.2010, 18:00
  4. my pc is/was kido affected?
    От aldokasper в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 09.09.2010, 20:26
  5. Ответов: 5
    Последнее сообщение: 22.01.2009, 01:13

Свернуть/Развернуть Ваши права в разделе

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •  
Page generated in 0.00306 seconds with 17 queries