Krusher Posted September 9, 2010 Report Share Posted September 9, 2010 Недавно после выключения компьютера начали появляться синий экран смерти - http://s59.radikal.ru/i163/1009/0d/4c2291e728bd.jpg Логи прикрепил. virusinfo_syscheck.zip virusinfo_syscure.zip info.txt log.txt virusinfo_syscheck.zip virusinfo_syscure.zip info.txt log.txt Link to comment Share on other sites More sharing options...
edde Posted September 10, 2010 Report Share Posted September 10, 2010 Выполните скрипт авз beginSearchRootkit(true, true);SetAVZGuardStatus(True);TerminateProcessByName('c:\windows\config\csrss.exe');QuarantineFile('c:\windows\config\csrss.exe','');QuarantineFile('c:\windows\system32\drivers\sfc.sys','');QuarantineFile('c:\documents and settings\all users\systems.exe','');QuarantineFile('c:\program files\internet explorer\setupapi.dll','');QuarantineFile('explorer.exe c:\windows\config\csrss.exe','');DeleteFile('c:\windows\config\csrss.exe');DeleteFile('c:\windows\system32\drivers\sfc.sys');QuarantineFile('%windir%\system32\sfcfiles.dll','');RenameFile('%windir%\system32\sfcfiles.dll', '%windir%\system32\sfcfiles.bak');CopyFile('%windir%\system32\dllcache\sfcfiles.dll', '%windir%\system32\sfcfiles.dll');DeleteFile('%windir%\system32\sfcfiles.bak');DeleteFile('c:\documents and settings\all users\systems.exe');DeleteFile('c:\program files\internet explorer\setupapi.dll');DeleteFile('explorer.exe c:\windows\config\csrss.exe');RegKeyParamDel('HKEY_LOCAL_MACHINE','System\CurrentControlSet\Control\Session Manager\AppCertDlls','DefaultVerifier');BC_ImportAll;ExecuteSysClean;BC_Activate;ExecuteRepair(16);RebootWindows(true);end. Компьютер перезагрузится выполните второй скрипт beginCreateQurantineArchive(GetAVZDirectory+'quarantine.zip');end. В результате выполнения скрипта будет создан архив с карантином Карантин с паролем virus вышлите на ящик myedde@mail.ru скачайте ftp://ftp.drweb.com/pub/drweb/cureit/setup.exe проведите проверку Обновите базы Повторите логи Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now