вирус [not-a-virus:AdWare.Win32.Eorezo.afob ]

Printable View

03.09.2015, 11:05
loud

Вложений: 2

вирус [not-a-virus:AdWare.Win32.Eorezo.afob ]

подцепили какойто вирус, вот логи по интсрукции
03.09.2015, 11:06
Info_bot

Уважаемый(ая) [B]loud[/B], спасибо за обращение на наш форум!

Помощь в лечении комьютера на VirusInfo.Info оказывается абсолютно бесплатно. Хелперы в самое ближайшее время ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в [URL="http://virusinfo.info/pravila.html"]правилах оформления запроса о помощи[/URL].

Если вы хотите получить персональную гарантированную помощь в приоритетном режиме, то воспользуйтесь платным сервисом [URL="http://virusinfo.info/content.php?r=613-sub_pomogite"]Помогите+[/URL].

Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста [URL="http://virusinfo.info/content.php?r=113-virusinfo.info-donate"]поддержите проект[/URL].
03.09.2015, 15:10
mrak74

Здравствуйте !!!

[URL="http://virusinfo.info/showthread.php?t=130828"]отключите антивирусную программу [/URL]

[URL="http://virusinfo.info/showthread.php?t=4491"]Пофиксите в HijackThis:[/URL] (в Windows Vista/7/8 необходимо запускать через правую кнопку мыши Запуск от имени администратора)):
[CODE]O4 - HKLM\..\Run: [gmsd_ru_025010077] "C:\Program Files (x86)\gmsd_ru_025010077\gmsd_ru_025010077.exe"
O4 - HKLM\..\Run: [app-helper] C:\Program Files (x86)\Application Assistance\app-helper.exe
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCTRAY.EXE" /regrun /qqrepair
O4 - HKLM\..\RunOnce: [upgmsd_ru_025010077.exe] C:\Users\Sergey\AppData\Local\gmsd_ru_025010077\upgmsd_ru_025010077.exe -runonce[/CODE]
[URL="http://virusinfo.info/showthread.php?t=7239"][B]Выполните скрипт в AVZ[/B]:[/URL]
[CODE]begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
TerminateProcessByName('c:\users\sergey\appdata\local\gmsd_ru_025010077\upgmsd_ru_025010077.exe');
TerminateProcessByName('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qqpctray.exe');
TerminateProcessByName('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qqpcrtp.exe');
TerminateProcessByName('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qqpcrealtimespeedup.exe');
TerminateProcessByName('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\plugins\qmnetmon\qqpcnetflow.exe');
TerminateProcessByName('c:\program files (x86)\gmsd_ru_025010077\gmsd_ru_025010077.exe');
StopService('TSSysKit');
StopService('TSDefenseBt');
StopService('TSCPM');
StopService('TS888x64');
StopService('TFsFlt');
StopService('TAOKernelDriver');
StopService('TAOAccelerator');
StopService('QQSysMonX64');
StopService('QMUdisk');
StopService('QQPCRTP');
QuarantineFile('C:\Users\Sergey\appdata\local\kometa\kometaup.exe','');
QuarantineFile('C:\Users\Sergey\AppData\Local\Host installer\951460485_installcube.exe','');
QuarantineFile('C:\Users\Sergey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Internet Ехplorer Вrowsеr.lnk','');
QuarantineFile('C:\Users\Sergey\AppData\Roaming\Browsers\exe.erolpxei.bat','');
QuarantineFile('C:\Users\Sergey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооgle Сhrоmе.lnk','');
QuarantineFile('C:\Users\Sergey\AppData\Roaming\Browsers\exe.emorhc.bat','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\FileSmash\QMSoftExt64.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\FileSmash\QMSoftExt.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMContextUninstall64.dll','');
QuarantineFile('C:\Program Files (x86)\Application Assistance\app-helper.exe','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSSysKit64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSDefenseBT64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tscpm64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TS888x64.sys','');
QuarantineFile('C:\Windows\system32\Drivers\TFsFltX64.sys','');
QuarantineFile('C:\Windows\system32\Drivers\TAOKernel64.sys','');
QuarantineFile('C:\Windows\system32\Drivers\TAOAccelerator64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQSysMonX64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMUdisk64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOFrame.exe','');
QuarantineFile('C:\Users\Sergey\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Sdkclient.dll','');
QuarantineFile('C:\Users\Sergey\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\QQPMIpc.dll','');
QuarantineFile('C:\Users\Sergey\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidDevice.dll','');
QuarantineFile('C:\ProgramData\Tencent\TSVulFw\TSVulFW.DAT','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSZip.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSWebMon.dat','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSWebDownLoadProtect.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSSysKitProxy.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSClinicWebFix.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpktt.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkreport.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkproxy.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkcom.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVUpload.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVInterface.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVEng.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tave.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVCache.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOWorkFlowMgr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOKernelControl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOClient.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOBase.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SXComBase.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\StartupMgrDll.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\sqlite.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SoftMgr\processlogdll.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SoftMgr\PCSoftMgrToolsDll.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SoftMgr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\scc.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\RefuseInject.DLL','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCHardware.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQFileFlt.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMWlanMacDll.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMUl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\qqwifitrayplugin\qqwifitrayplugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMWebFWCtrl\QMWebFWCtrl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMUpdateModule\QMUpdateModule.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMUDiskMgr\QMUDiskMgr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTrojanPlugin\QMTrojanPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTpkTrayPlugin\QMTpkTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTPIEStartPage\QMTPIEStartPage.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSXTrayPlugin\QMSXTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMStartupMonitorNotify\QMStartupMonitorNotify.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSoftPlugin\QMSoftPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSccTrayPlugin\QMSccTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMRtpPlugin\QMRtpPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMQQLoginPlugin\QMQQLoginPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMPreDownload\QMPreDownload.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMPerfCtrl\QMPerfCtrl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMTrayPlugin\QMPerfCtrl\QMPerf.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMNewsTips\QMNewsTips.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMMobileTrayPlugin\QMMobileTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMLogCtrl\QMLogCtrl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMKCheck\QMKCheck.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMHwFloatWnd\QMHwFloatWnd.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMHealthAssistDispatch\QMHealthAssistDispatch.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMDnsMonitor\QMDnsMonitor.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMClinicTrayPlugin\QMClinicTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMBJTrayPlugin\QMBJTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMAVTrayPlugin\QMAVTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMAutoTaskPlugin\QMAutoTaskPlugin.dll','');
QuarantineFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qmsysrepprov.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOPlatform.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOLUIControl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOCommon.DLL','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSpeedupPlugin\SpeedupRocket\SpeedupRocket.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSkinMgr.dll','');
QuarantineFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qmscripthost.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSafeBoxHelperDll.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMRtpDLL.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMRtpCheck.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMNetworkMgr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMMain.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMIpc.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMIEsafeDll.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMForbiddenWinKey.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMFileMon.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMExt.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMEmMat.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMEmKit.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMDns.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMDlder.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMCommon.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMAVProxy.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMAssocScan.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\ptrate.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\ProcessManager.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\SpecialPlugin\QMHipsSpecial.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\RtpCommon.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMRepairPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMNetMonPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMHips.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMCpm.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMCloudInter\QMCloudInter.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMBDScanner.dat','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\oDayProtect.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\NetflowMgr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\MemDefrag.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GFFtsysCustom.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GFCustom.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GarbageCleaner.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GameUpgrade.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\dr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\DLProtectComm.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\communic.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\AndroidAssistHelper.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\7z.dll','');
QuarantineFile('c:\users\sergey\appdata\local\gmsd_ru_025010077\upgmsd_ru_025010077.exe','');
QuarantineFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qqpctray.exe','');
QuarantineFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qqpcrtp.exe','');
QuarantineFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qqpcrealtimespeedup.exe','');
QuarantineFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\plugins\qmnetmon\qqpcnetflow.exe','');
QuarantineFile('c:\program files (x86)\gmsd_ru_025010077\gmsd_ru_025010077.exe','');
DeleteFile('C:\Users\Sergey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Internet Ехplorer Вrowsеr.lnk');
DeleteFile('C:\Users\Sergey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооgle Сhrоmе.lnk');
DeleteFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\plugins\qmnetmon\qqpcnetflow.exe','32');
DeleteFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qqpcrealtimespeedup.exe','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\7z.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\AndroidAssistHelper.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\communic.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\DLProtectComm.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\dr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GameUpgrade.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GarbageCleaner.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GFCustom.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GFFtsysCustom.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\MemDefrag.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\NetflowMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\oDayProtect.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMBDScanner.dat','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMCloudInter\QMCloudInter.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMCpm.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMHips.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMNetMonPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMRepairPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\RtpCommon.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\SpecialPlugin\QMHipsSpecial.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\ProcessManager.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\ptrate.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMAssocScan.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMAVProxy.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMCommon.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMDlder.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMDns.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMEmKit.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMEmMat.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMExt.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMFileMon.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMForbiddenWinKey.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMIEsafeDll.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMIpc.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMMain.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMNetworkMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMRtpCheck.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMRtpDLL.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSafeBoxHelperDll.dll','32');
DeleteFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qmscripthost.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSkinMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSpeedupPlugin\SpeedupRocket\SpeedupRocket.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOCommon.DLL','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOLUIControl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOPlatform.dll','32');
DeleteFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qmsysrepprov.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMAutoTaskPlugin\QMAutoTaskPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMAVTrayPlugin\QMAVTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMBJTrayPlugin\QMBJTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMClinicTrayPlugin\QMClinicTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMDnsMonitor\QMDnsMonitor.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMHealthAssistDispatch\QMHealthAssistDispatch.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMHwFloatWnd\QMHwFloatWnd.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMKCheck\QMKCheck.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMLogCtrl\QMLogCtrl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMMobileTrayPlugin\QMMobileTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMTrayPlugin\QMPerfCtrl\QMPerf.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMPerfCtrl\QMPerfCtrl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMPreDownload\QMPreDownload.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMQQLoginPlugin\QMQQLoginPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMRtpPlugin\QMRtpPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSccTrayPlugin\QMSccTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSoftPlugin\QMSoftPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMStartupMonitorNotify\QMStartupMonitorNotify.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSXTrayPlugin\QMSXTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTPIEStartPage\QMTPIEStartPage.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTpkTrayPlugin\QMTpkTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTrojanPlugin\QMTrojanPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMUDiskMgr\QMUDiskMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMUpdateModule\QMUpdateModule.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMWebFWCtrl\QMWebFWCtrl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\qqwifitrayplugin\qqwifitrayplugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMUl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMWlanMacDll.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQFileFlt.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCHardware.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\RefuseInject.DLL','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\scc.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SoftMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SoftMgr\PCSoftMgrToolsDll.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SoftMgr\processlogdll.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\sqlite.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\StartupMgrDll.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SXComBase.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOBase.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOClient.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOKernelControl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOWorkFlowMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVCache.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tave.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVEng.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVInterface.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVUpload.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkcom.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkproxy.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkreport.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpktt.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSClinicWebFix.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSSysKitProxy.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSWebDownLoadProtect.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSWebMon.dat','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSZip.dll','32');
DeleteFile('C:\ProgramData\Tencent\TSVulFw\TSVulFW.DAT','32');
DeleteFile('C:\Users\Sergey\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidDevice.dll','32');
DeleteFile('C:\Users\Sergey\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\QQPMIpc.dll','32');
DeleteFile('C:\Users\Sergey\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Sdkclient.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCRTP.exe','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOFrame.exe','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMUdisk64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQSysMonX64.sys','32');
DeleteFile('C:\Windows\system32\Drivers\TAOAccelerator64.sys','32');
DeleteFile('C:\Windows\system32\Drivers\TAOKernel64.sys','32');
DeleteFile('C:\Windows\system32\Drivers\TFsFltX64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TS888x64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tscpm64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSDefenseBT64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSSysKit64.sys','32');
DeleteFile('C:\Program Files (x86)\Application Assistance\app-helper.exe','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMContextUninstall64.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCTRAY.EXE','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\FileSmash\QMSoftExt.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\FileSmash\QMSoftExt64.dll','32');
DeleteFile('C:\Program Files (x86)\gmsd_ru_025010077\gmsd_ru_025010077.exe','32');
DeleteFile('C:\Users\Sergey\AppData\Local\gmsd_ru_025010077\upgmsd_ru_025010077.exe','32');
DeleteFile('C:\Users\Sergey\AppData\Roaming\Browsers\exe.emorhc.bat','32');
DeleteFile('C:\Users\Sergey\AppData\Roaming\Browsers\exe.erolpxei.bat','32');
DeleteFile('C:\Users\Sergey\appdata\local\kometa\kometaup.exe','32');
DelCLSID('{63332668-8CE1-445D-A5EE-25929176714E}');
DelCLSID('{754DF2CE-51E8-4895-B53C-6381418B84AE}');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','app-helper');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved','{CBDECEF7-7A29-4cbf-A009-2673D82C7BF9}');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','QQPCTray');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved','{754DF2CE-51E8-4895-B53C-6381418B84AE}');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','gmsd_ru_025010077');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','upgmsd_ru_025010077.exe');
DeleteService('TSSysKit');
DeleteService('TSDefenseBt');
DeleteService('TSCPM');
DeleteService('TS888x64');
DeleteService('TFsFlt');
DeleteService('TAOKernelDriver');
DeleteService('TAOAccelerator');
DeleteService('QQSysMonX64');
DeleteService('QMUdisk');
DeleteService('TAOFrame');
DeleteService('QQPCRTP');
ExecuteSysClean;
ExecuteWizard('SCU',2,2,true);
RebootWindows(true);
end.[/CODE]

После перезагрузки выполните скрипт:
[CODE]begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.[/CODE]

Загрузите quarantine.zip из папки AVZ по красной ссылке [B]вверху[/B] темы [COLOR="Red"]Прислать запрошенный карантин[/COLOR]
- Сделайте повторные логи по правилам п.2 и 3 раздела Диагностика.(virusinfo_syscheck.zip;hijackthis.log )
03.09.2015, 18:55
loud

Вложений: 2

выполнил скрипт но не помогло, может в безопасном режиме попробовать?
04.09.2015, 08:19
mrak74

[quote="loud;1310710"]может в безопасном режиме попробовать?[/quote]
Не надо.

[URL="http://virusinfo.info/showthread.php?t=7239"][B]Выполните скрипт в AVZ[/B]:[/URL]
[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qqpctray.exe');
TerminateProcessByName('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qqpcrealtimespeedup.exe');
TerminateProcessByName('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\plugins\qmnetmon\qqpcnetflow.exe');
SetServiceStart('TSSysKit', 4);
SetServiceStart('TSDefenseBt', 4);
SetServiceStart('TSCPM', 4);
SetServiceStart('TS888x64', 4);
SetServiceStart('TFsFlt', 4);
SetServiceStart('TAOAccelerator', 4);
SetServiceStart('QQSysMonX64', 4);
SetServiceStart('QMUdisk', 4);
StopService('TSSysKit');
StopService('TSDefenseBt');
StopService('TSCPM');
StopService('TS888x64');
StopService('TFsFlt');
StopService('TAOAccelerator');
StopService('QQSysMonX64');
StopService('QMUdisk');
StopService('QQPCRTP');
QuarantineFile('C:\Users\Sergey\AppData\Local\Host installer\951460485_installcube.exe','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCTray.exe','');
QuarantineFile('C:\Windows\system32\Drivers\TFsFltX64.sys','');
QuarantineFile('C:\Windows\system32\Drivers\TAOAccelerator64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCRTP.exe','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSSysKit64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TsDefenseBT64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tscpm64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TS888x64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQSysMonX64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMUdisk64.sys','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpktt.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSSysKitProxy.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSWebMon.dat','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSZip.dll','');
QuarantineFile('C:\ProgramData\Tencent\TSVulFw\TSVulFW.DAT','');
QuarantineFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qmsysrepprov.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMAutoTaskPlugin\QMAutoTaskPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMAVTrayPlugin\QMAVTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMBJTrayPlugin\QMBJTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMClinicTrayPlugin\QMClinicTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMDnsMonitor\QMDnsMonitor.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMHealthAssistDispatch\QMHealthAssistDispatch.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMHwFloatWnd\QMHwFloatWnd.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMKCheck\QMKCheck.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMLogCtrl\QMLogCtrl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMMobileTrayPlugin\QMMobileTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMNewsTips\QMNewsTips.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMTrayPlugin\QMPerfCtrl\QMPerf.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMPerfCtrl\QMPerfCtrl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMPreDownload\QMPreDownload.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMQQLoginPlugin\QMQQLoginPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMRtpPlugin\QMRtpPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSccTrayPlugin\QMSccTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSoftPlugin\QMSoftPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMStartupMonitorNotify\QMStartupMonitorNotify.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSXTrayPlugin\QMSXTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTPIEStartPage\QMTPIEStartPage.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTpkTrayPlugin\QMTpkTrayPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTrojanPlugin\QMTrojanPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMUDiskMgr\QMUDiskMgr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMUpdateModule\QMUpdateModule.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMWebFWCtrl\QMWebFWCtrl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\qqwifitrayplugin\qqwifitrayplugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMUl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQFileFlt.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCHardware.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\RefuseInject.DLL','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\scc.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SoftMgr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SoftMgr\processlogdll.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\sqlite.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\StartupMgrDll.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SXComBase.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOBase.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOClient.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOWorkFlowMgr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tave.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVEng.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVInterface.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVUpload.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkcom.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkproxy.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkreport.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOPlatform.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOLUIControl.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOCommon.DLL','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSpeedupPlugin\SpeedupRocket\SpeedupRocket.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSkinMgr.dll','');
QuarantineFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qmscripthost.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSafeBoxHelperDll.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMRtpDLL.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMRtpCheck.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMNetworkMgr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMMain.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMIpc.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMForbiddenWinKey.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMFileMon.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMExt.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMEmMat.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMDns.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMDlder.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMCommon.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMAVProxy.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMAssocScan.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\ptrate.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\ProcessManager.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\SpecialPlugin\QMHipsSpecial.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\RtpCommon.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMRepairPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMNetMonPlugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMHips.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMCpm.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMCloudInter\QMCloudInter.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMBDScanner.dat','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\oDayProtect.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\NetflowMgr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\MemDefrag.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GFFtsysCustom.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GFCustom.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GarbageCleaner.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GameUpgrade.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\dr.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\DLProtectComm.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\communic.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\AndroidAssistHelper.dll','');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\7z.dll','');
DeleteFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\plugins\qmnetmon\qqpcnetflow.exe','32');
DeleteFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qqpcrealtimespeedup.exe','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\7z.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\AndroidAssistHelper.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\communic.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\DLProtectComm.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\dr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GameUpgrade.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GarbageCleaner.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GFCustom.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\GFFtsysCustom.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\MemDefrag.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\NetflowMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\oDayProtect.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMBDScanner.dat','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMCloudInter\QMCloudInter.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMCpm.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMHips.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMNetMonPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\QMRepairPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\RtpCommon.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\SpecialPlugin\QMHipsSpecial.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\ProcessManager.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\ptrate.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMAssocScan.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMAVProxy.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMCommon.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMDlder.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMDns.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMEmMat.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMExt.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMFileMon.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMForbiddenWinKey.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMIpc.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMMain.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMNetworkMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMRtpCheck.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMRtpDLL.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSafeBoxHelperDll.dll','32');
DeleteFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qmscripthost.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSkinMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSpeedupPlugin\SpeedupRocket\SpeedupRocket.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOCommon.DLL','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOLUIControl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMSSO\Bin\SSOPlatform.dll','32');
DeleteFile('c:\program files (x86)\tencent\qqpcmgr\10.10.16434.218\qmsysrepprov.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMAutoTaskPlugin\QMAutoTaskPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMAVTrayPlugin\QMAVTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMBJTrayPlugin\QMBJTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMClinicTrayPlugin\QMClinicTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMDnsMonitor\QMDnsMonitor.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMHealthAssistDispatch\QMHealthAssistDispatch.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMHwFloatWnd\QMHwFloatWnd.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMKCheck\QMKCheck.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMLogCtrl\QMLogCtrl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMMobileTrayPlugin\QMMobileTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMNewsTips\QMNewsTips.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMTrayPlugin\QMPerfCtrl\QMPerf.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMPerfCtrl\QMPerfCtrl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMPreDownload\QMPreDownload.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMQQLoginPlugin\QMQQLoginPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMRtpPlugin\QMRtpPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSccTrayPlugin\QMSccTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSoftPlugin\QMSoftPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMStartupMonitorNotify\QMStartupMonitorNotify.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMSXTrayPlugin\QMSXTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTPIEStartPage\QMTPIEStartPage.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTpkTrayPlugin\QMTpkTrayPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMTrojanPlugin\QMTrojanPlugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMUDiskMgr\QMUDiskMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMUpdateModule\QMUpdateModule.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\QMWebFWCtrl\QMWebFWCtrl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\qmtrayplugin\qqwifitrayplugin\qqwifitrayplugin.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMUl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMWlanMacDll.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQFileFlt.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCHardware.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\RefuseInject.DLL','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\scc.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SoftMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SoftMgr\processlogdll.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\sqlite.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\StartupMgrDll.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOBase.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\SXComBase.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOClient.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOKernelControl.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAOWorkFlowMgr.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVCache.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tave.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVEng.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVInterface.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TAVUpload.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkcom.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkproxy.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpkreport.dll','32');
DeleteFile('C:\ProgramData\Tencent\TSVulFw\TSVulFW.DAT','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSWebMon.dat','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSSysKitProxy.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tpk\2.0.10604.1805\tpktt.dll','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QMUdisk64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQSysMonX64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TS888x64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\tscpm64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSSysKit64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCRTP.exe','32');
DeleteFile('C:\Windows\system32\Drivers\TAOAccelerator64.sys','32');
DeleteFile('C:\Windows\system32\Drivers\TFsFltX64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\TSDefenseBT64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218\QQPCTray.exe','32');
DelBHO('{50F4150A-48B2-417A-BE4C-C83F580FB904}');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','QQPCTray');
DeleteService('TSSysKit');
DeleteService('TSDefenseBt');
DeleteService('TSCPM');
DeleteService('TS888x64');
DeleteService('TFsFlt');
DeleteService('TAOAccelerator');
DeleteService('QQSysMonX64');
DeleteService('QMUdisk');
DeleteService('QQPCRTP');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteWizard('SCU',2,2,true);
RebootWindows(true);
end.[/CODE]

После перезагрузки выполните скрипт:
[CODE]begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.[/CODE]

Загрузите quarantine.zip из папки AVZ по красной ссылке [B]вверху[/B] темы [COLOR="Red"]Прислать запрошенный карантин[/COLOR]
- Сделайте повторные логи по правилам п.2 и 3 раздела Диагностика.(virusinfo_syscheck.zip;hijackthis.log )

+
[LIST][*]Скачайте [B][URL="http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner"]AdwCleaner (by Xplode)[/URL][/B] и сохраните его на [B]Рабочем столе[/B].[*]Запустите его (в ОС [B]Windows Vista/Seven[/B] необходимо запускать через правую кн. мыши [B]от имени администратора[/B]), нажмите кнопку [B]"Scan"[/B] и дождитесь окончания сканирования.[*]Когда сканирование будет завершено, отчет будет сохранен в следующем расположении: [B][COLOR="Blue"]C:\AdwCleaner\AdwCleaner[R0].txt[/COLOR][/B].[*]Прикрепите отчет к своему следующему сообщению.[/LIST]

Подробнее читайте в [URL="http://virusinfo.info/showthread.php?t=146192"]этом руководстве[/URL].
08.09.2015, 14:52
loud

Вложений: 3

Все равно не удаляется какая то хрень на китайском языке, не может удалить пишет нет доступа, и еще лог AVZ делается полчаса, это так и должно быть? дома за 3 минуты сканирует
08.09.2015, 15:02
mrak74

[url=http://virusinfo.info/showthread.php?t=146192&p=1041864&viewfull=1#post1041864]Удалите в AdwCleaner[/url] всё, кроме папок с названиями программ которыми вы пользуетесь (если ничем из перечисленного в логе не пользуетесь, то удалите всё). Отчет после удаления прикрепите.

+ [URL="http://virusinfo.info/showthread.php?t=121767"][B]Сделайте полный образ автозапуска uVS[/B][/URL]
08.09.2015, 15:12
CyberHelper

Итог лечения

Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]3[/B][*]Обработано файлов: [B]244[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\program files (x86)\application assistance\app-helper.exe - [B]Trojan.Win32.Agent.igtz[/B] ( AVAST4: Win32:Malware-gen )[*] c:\program files (x86)\gmsd_ru_025010077\gmsd_ru_025010077.exe - [B]not-a-virus:AdWare.Win32.Eorezo.afob[/B][*] c:\users\sergey\appdata\local\gmsd_ru_025010077\upgmsd_ru_025010077.exe - [B]not-a-virus:AdWare.Win32.Eorezo.afob[/B][*] c:\users\sergey\appdata\local\host installer\951460485_installcube.exe - [B]not-a-virus:Downloader.MSIL.Agent.glg[/B][/LIST][/LIST]