Устанавливаются программы и спам в браузере [not-a-virus:AdWare.Win32.Eorezo.brqa, not-a-virus:AdWare.Win32.PriceGong.a ]

Вложений: 2

Постоянно скачиваются и устанавливаются программы. Чистил всё с помощью Dr.Web - не помогает

Уважаемый(ая) [B]Efreets[/B], спасибо за обращение на наш форум!

Удаление вирусов - абсолютно бесплатная услуга на VirusInfo.Info. Хелперы в самое ближайшее время ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в [URL="http://virusinfo.info/pravila.html"]правилах оформления запроса о помощи[/URL].

[INFORMATION]Если вы хотите получить персональную гарантированную помощь в приоритетном режиме, то воспользуйтесь платным сервисом [URL="http://virusinfo.info/content.php?r=613-sub_pomogite"]Помогите+[/URL].[/INFORMATION]

Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста [URL="http://virusinfo.info/content.php?r=113-virusinfo.info-donate"]поддержите проект[/URL].

Выполните скрипт в AVZ
[code]begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
QuarantineFile('C:\Users\Ксю\appdata\local\smartweb\__u.exe','');
QuarantineFile('C:\Users\Ксю\AppData\Local\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe','');
QuarantineFile('C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe','');
QuarantineFile('C:\Program Files (x86)\Max Deal\max_deal_helper_service.exe','');
QuarantineFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-7.exe','');
QuarantineFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-6.exe','');
QuarantineFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-5.exe','');
QuarantineFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-4.exe','');
QuarantineFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-3.exe','');
QuarantineFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-2.exe','');
QuarantineFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-11.exe','');
QuarantineFile('C:\Program Files (x86)\Total-1.8\Total-1.8-codedownloader.exe','');
QuarantineFile('C:\Program Files (x86)\disco games\disco_games_updating_service.exe','');
QuarantineFile('C:\Program Files (x86)\disco games\disco_games_notification_service.exe','');
QuarantineFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-7.exe','');
QuarantineFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\5D358BB0-C12E-4068-9DE4-C2683A1EC7FA-6.exe','');
QuarantineFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-5.exe','');
QuarantineFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-4.exe','');
QuarantineFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-3.exe','');
QuarantineFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-2.exe','');
QuarantineFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-11.exe','');
QuarantineFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\ClickMovie1-Downloaderv10-codedownloader.exe','');
QuarantineFile('C:\Program Files (x86)\Crazy Shopperama\crazy_shopperama_helper_service.exe','');
QuarantineFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','');
QuarantineFile('C:\Program Files (x86)\Total-1.8\0c5f72e4-6e07-4424-9123-0ba831572343.exe','');
QuarantineFile('C:\Program Files (x86)\Total-1.8\477743fb-57f6-4afc-9f77-cdc2218c6945.exe','');
QuarantineFile('C:\Users\Ксю\AppData\Local\zoxPuZ\IFNMSqiRT1.bat','');
QuarantineFile('C:\ProgramData\MumcXgTHJlitUSE\OQoiPT5.bat','');
SetServiceStart('wixocuji', 4);
SetServiceStart('WdsManPro', 4);
SetServiceStart('swsesrvc_1.10.0.25', 4);
SetServiceStart('SSFK', 4);
SetServiceStart('lutynyke', 4);
SetServiceStart('hidekoqe', 4);
DeleteService('hidekoqe');
DeleteService('lutynyke');
DeleteService('SSFK');
DeleteService('swsesrvc_1.10.0.25');
DeleteService('WdsManPro');
DeleteService('wixocuji');
QuarantineFile('C:\Users\Ксю\AppData\Local\Virtual Kingdom\zBin\VirtualKingdom.dll','');
QuarantineFile('C:\Users\Ксю\AppData\Local\Virtual Kingdom\zBin\hiljmwt.dll','');
QuarantineFile('C:\Users\Ксю\AppData\Local\SmartWeb\swhk.dll','');
TerminateProcessByName('c:\users\Ксю\appdata\local\smartweb\smartwebapp.exe');
TerminateProcessByName('c:\users\Ксю\appdata\local\smartweb\smartwebhelper.exe');
TerminateProcessByName('c:\program files (x86)\sfk\ssfk.exe');
TerminateProcessByName('c:\program files (x86)\swiftsearch_1.10.0.25\service\swsesrvc.exe');
TerminateProcessByName('c:\users\Ксю\appdata\local\gmsd_ru_005010156\upgmsd_ru_005010156.exe');
TerminateProcessByName('c:\programdata\zwminiproz\wminipro.exe');
QuarantineFile('c:\programdata\zwminiproz\wminipro.exe','');
QuarantineFile('c:\users\Ксю\appdata\local\gmsd_ru_005010156\upgmsd_ru_005010156.exe','');
QuarantineFile('c:\program files (x86)\swiftsearch_1.10.0.25\service\swsesrvc.exe','');
QuarantineFile('c:\program files (x86)\sfk\ssfk.exe','');
QuarantineFile('c:\users\Ксю\appdata\local\smartweb\smartwebhelper.exe','');
QuarantineFile('c:\users\Ксю\appdata\local\smartweb\smartwebapp.exe','');
TerminateProcessByName('c:\users\acf6~1\appdata\local\temp\nscdaf8.tmp');
TerminateProcessByName('c:\users\Ксю\appdata\local\308d6c66-1448474081-df11-9e70-00266c7a7d31\qnsmde30.tmp');
QuarantineFile('c:\users\Ксю\appdata\local\308d6c66-1448474081-df11-9e70-00266c7a7d31\qnsmde30.tmp','');
QuarantineFile('c:\users\acf6~1\appdata\local\temp\nscdaf8.tmp','');
TerminateProcessByName('c:\program files (x86)\308d6c66-1448386334-df11-9e70-00266c7a7d31\jnshd1e7.tmp');
TerminateProcessByName('c:\program files (x86)\308d6c66-1448386334-df11-9e70-00266c7a7d31\knsrb79d.tmpfs');
QuarantineFile('c:\program files (x86)\308d6c66-1448386334-df11-9e70-00266c7a7d31\knsrb79d.tmpfs','');
QuarantineFile('c:\program files (x86)\308d6c66-1448386334-df11-9e70-00266c7a7d31\jnshd1e7.tmp','');
TerminateProcessByName('c:\program files (x86)\gmsd_ru_005010156\gmsd_ru_005010156.exe');
QuarantineFile('c:\program files (x86)\gmsd_ru_005010156\gmsd_ru_005010156.exe','');
TerminateProcessByName('c:\users\acf6~1\appdata\local\temp\is-pq7ab.tmp\689.exe');
TerminateProcessByName('c:\users\acf6~1\appdata\local\temp\is-iqvc7.tmp\689.exe');
TerminateProcessByName('c:\users\acf6~1\appdata\local\temp\is-74798.tmp\689.tmp');
QuarantineFile('c:\users\acf6~1\appdata\local\temp\is-74798.tmp\689.tmp','');
QuarantineFile('c:\users\acf6~1\appdata\local\temp\is-iqvc7.tmp\689.exe','');
QuarantineFile('c:\users\acf6~1\appdata\local\temp\is-pq7ab.tmp\689.exe','');
DeleteFile('c:\users\acf6~1\appdata\local\temp\is-pq7ab.tmp\689.exe','32');
DeleteFile('c:\users\acf6~1\appdata\local\temp\is-iqvc7.tmp\689.exe','32');
DeleteFile('c:\users\acf6~1\appdata\local\temp\is-74798.tmp\689.tmp','32');
DeleteFile('c:\program files (x86)\gmsd_ru_005010156\gmsd_ru_005010156.exe','32');
DeleteFile('c:\program files (x86)\308d6c66-1448386334-df11-9e70-00266c7a7d31\jnshd1e7.tmp','32');
DeleteFile('c:\program files (x86)\308d6c66-1448386334-df11-9e70-00266c7a7d31\knsrb79d.tmpfs','32');
DeleteFile('c:\users\acf6~1\appdata\local\temp\nscdaf8.tmp','32');
DeleteFile('c:\users\Ксю\appdata\local\308d6c66-1448474081-df11-9e70-00266c7a7d31\qnsmde30.tmp','32');
DeleteFile('c:\users\Ксю\appdata\local\smartweb\smartwebapp.exe','32');
DeleteFile('c:\users\Ксю\appdata\local\smartweb\smartwebhelper.exe','32');
DeleteFile('c:\program files (x86)\sfk\ssfk.exe','32');
DeleteFile('c:\program files (x86)\swiftsearch_1.10.0.25\service\swsesrvc.exe','32');
DeleteFile('c:\users\Ксю\appdata\local\gmsd_ru_005010156\upgmsd_ru_005010156.exe','32');
DeleteFile('c:\programdata\zwminiproz\wminipro.exe','32');
DeleteFile('C:\Users\Ксю\AppData\Local\SmartWeb\swhk.dll','32');
DeleteFile('C:\Users\Ксю\AppData\Local\Virtual Kingdom\zBin\hiljmwt.dll','32');
DeleteFile('C:\Users\Ксю\AppData\Local\Virtual Kingdom\zBin\VirtualKingdom.dll','32');
DeleteFile('C:\Windows\system32\drivers\swsedrvr_vt_1_10_0_25.sys','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','Application Restart #0');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','upgmsd_ru_005010156.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','SmartWeb');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','gmsd_ru_005010156');
DeleteFile('C:\ProgramData\MumcXgTHJlitUSE\OQoiPT5.bat','32');
DeleteFile('C:\Users\Ксю\AppData\Local\zoxPuZ\IFNMSqiRT1.bat','32');
DeleteFile('C:\Program Files (x86)\Total-1.8\477743fb-57f6-4afc-9f77-cdc2218c6945.exe','32');
DeleteFile('C:\Program Files (x86)\Total-1.8\0c5f72e4-6e07-4424-9123-0ba831572343.exe','32');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Program Files (x86)\Crazy Shopperama\crazy_shopperama_helper_service.exe','32');
DeleteFile('C:\Windows\Tasks\0c5f72e4-6e07-4424-9123-0ba831572343.job','32');
DeleteFile('C:\Windows\Tasks\477743fb-57f6-4afc-9f77-cdc2218c6945.job','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job','32');
DeleteFile('C:\Windows\Tasks\crazy_shopperama_helper_service.job','32');
DeleteFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\ClickMovie1-Downloaderv10-codedownloader.exe','32');
DeleteFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-11.exe','32');
DeleteFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-2.exe','32');
DeleteFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-3.exe','32');
DeleteFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-4.exe','32');
DeleteFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-5.exe','32');
DeleteFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\5D358BB0-C12E-4068-9DE4-C2683A1EC7FA-6.exe','32');
DeleteFile('C:\Program Files (x86)\ClickMovie1-Downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-7.exe','32');
DeleteFile('C:\Windows\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-7.job','32');
DeleteFile('C:\Windows\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-6.job','32');
DeleteFile('C:\Windows\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-5_user.job','32');
DeleteFile('C:\Windows\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-4.job','32');
DeleteFile('C:\Windows\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-3.job','32');
DeleteFile('C:\Windows\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-5.job','32');
DeleteFile('C:\Windows\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-2.job','32');
DeleteFile('C:\Windows\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-11.job','32');
DeleteFile('C:\Windows\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-1.job','32');
DeleteFile('C:\Windows\Tasks\disco_games_updating_service.job','32');
DeleteFile('C:\Windows\Tasks\disco_games_notification_service.job','32');
DeleteFile('C:\Program Files (x86)\disco games\disco_games_notification_service.exe','32');
DeleteFile('C:\Program Files (x86)\disco games\disco_games_updating_service.exe','32');
DeleteFile('C:\Program Files (x86)\Total-1.8\Total-1.8-codedownloader.exe','32');
DeleteFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-11.exe','32');
DeleteFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-2.exe','32');
DeleteFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-3.exe','32');
DeleteFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-4.exe','32');
DeleteFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-5.exe','32');
DeleteFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-6.exe','32');
DeleteFile('C:\Program Files (x86)\Total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-7.exe','32');
DeleteFile('C:\Windows\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-7.job','32');
DeleteFile('C:\Windows\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-6.job','32');
DeleteFile('C:\Windows\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-5_user.job','32');
DeleteFile('C:\Windows\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-5.job','32');
DeleteFile('C:\Windows\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-4.job','32');
DeleteFile('C:\Windows\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-3.job','32');
DeleteFile('C:\Windows\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-2.job','32');
DeleteFile('C:\Windows\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-11.job','32');
DeleteFile('C:\Windows\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-1.job','32');
DeleteFile('C:\Windows\Tasks\XKOJNO.job','32');
DeleteFile('C:\Windows\Tasks\XB.job','32');
DeleteFile('C:\Windows\Tasks\wPFobpOb.job','32');
DeleteFile('C:\Windows\Tasks\SAUFPPP.job','32');
DeleteFile('C:\Windows\Tasks\max_deal_helper_service.job','32');
DeleteFile('C:\Windows\Tasks\LWXM.job','32');
DeleteFile('C:\Windows\Tasks\LGPAHB.job','32');
DeleteFile('C:\Windows\Tasks\IQSF.job','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job','32');
DeleteFile('C:\Program Files (x86)\Max Deal\max_deal_helper_service.exe','32');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe','32');
DeleteFile('C:\Windows\system32\Tasks\477743fb-57f6-4afc-9f77-cdc2218c6945','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP1','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP2','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP3','64');
DeleteFile('C:\Windows\system32\Tasks\crazy_shopperama_helper_service','64');
DeleteFile('C:\Windows\system32\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-1','64');
DeleteFile('C:\Windows\system32\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-11','64');
DeleteFile('C:\Windows\system32\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-2','64');
DeleteFile('C:\Windows\system32\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-3','64');
DeleteFile('C:\Windows\system32\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-4','64');
DeleteFile('C:\Windows\system32\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-5','64');
DeleteFile('C:\Windows\system32\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-6','64');
DeleteFile('C:\Windows\system32\Tasks\d528dafa-994d-4025-9dd0-44dc506221a3-7','64');
DeleteFile('C:\Windows\system32\Tasks\disco_games_notification_service','64');
DeleteFile('C:\Windows\system32\Tasks\disco_games_updating_service','64');
DeleteFile('C:\Windows\system32\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-1','64');
DeleteFile('C:\Windows\system32\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-11','64');
DeleteFile('C:\Windows\system32\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-2','64');
DeleteFile('C:\Windows\system32\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-3','64');
DeleteFile('C:\Windows\system32\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-4','64');
DeleteFile('C:\Windows\system32\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-5','64');
DeleteFile('C:\Windows\system32\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-6','64');
DeleteFile('C:\Windows\system32\Tasks\fee3bdec-e924-4884-97de-6cead8a0bda0-7','64');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineCore','64');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineUA','64');
DeleteFile('C:\Windows\system32\Tasks\max_deal_helper_service','64');
DeleteFile('C:\Windows\system32\Tasks\ReimageUpdater','64');
DeleteFile('C:\Windows\system32\Tasks\SmartWeb Upgrade Trigger Task','64');
DeleteFile('C:\Windows\system32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Core','64');
DeleteFile('C:\Windows\system32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Pending Update','64');
DeleteFile('C:\Windows\system32\Tasks\Virtual Kingdom','64');
DeleteFile('C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe','32');
DeleteFile('C:\Users\Ксю\AppData\Local\SmartWeb\SmartWebHelper.exe','32');
DeleteFile('C:\Users\Ксю\appdata\local\smartweb\__u.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.[/code]Будет выполнена перезагрузка компьютера.

Выполните скрипт в AVZ
[code]begin
CreateQurantineArchive('c:\quarantine.zip');
end.[/code][b]c:\quarantine.zip[/b] пришлите по красной ссылке [color="Red"][u][b]Прислать запрошенный карантин[/b][/u][/color] [b]над первым сообщением[/b] в Вашей теме.

[B][COLOR="Red"]Выполните правила ЕЩЕ РАЗ и предоставьте НОВЫЕ логи[/COLOR][/B]

Вложений: 2

Готово

Сделайте лог [url="http://virusinfo.info/showthread.php?t=53070&p=1104657&viewfull=1#post1104657"]полного сканирования МВАМ[/url]

Вложений: 1

Пока проверялось, выскочило нормально окошек с установлением программ и спамом...

Удалите в МВАМ все найденное

Итог лечения

Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]26[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\program files (x86)\clickmovie1-downloaderv10\d528dafa-994d-4025-9dd0-44dc506221a3-5.exe - [B]not-a-virus:AdWare.NSIS.Adwapper.ai[/B] ( DrWEB: Trojan.Crossrider1.23719, BitDefender: Gen:Application.Heur.7u1@kO8q5aeO )[*] c:\program files (x86)\disco games\disco_games_updating_service.exe - [B]HEUR:Trojan-Downloader.Win32.Generic[/B] ( BitDefender: Gen:Trojan.Heur.RP.fmGfaCwDRomi, AVAST4: Win32:Malware-gen )[*] c:\program files (x86)\gmsd_ru_005010156\gmsd_ru_005010156.exe - [B]not-a-virus:AdWare.Win32.Eorezo.brqa[/B][*] c:\program files (x86)\sfk\ssfk.exe - [B]not-a-virus:AdWare.Win32.ELEX.gm[/B][*] c:\program files (x86)\swiftsearch_1.10.0.25\service\swsesrvc.exe - [B]not-a-virus:AdWare.Win32.Vitruvian.t[/B] ( DrWEB: Adware.Plugin.1186, AVAST4: Win32:Adware-CZP [Adw] )[*] c:\program files (x86)\swiftsearch_1.10.0.25\update\swiftsearchautoupdateclient.exe - [B]not-a-virus:AdWare.Win32.Vitruvian.t[/B] ( DrWEB: Adware.Plugin.1201 )[*] c:\program files (x86)\total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-2.exe - [B]Trojan.NSIS.GoogUpdate.ct[/B] ( DrWEB: Trojan.Crossrider.37144, BitDefender: Gen:Application.Heur.2u1@kCzdJQkO, AVAST4: Win32:IeEnablerC-E [Adw] )[*] c:\program files (x86)\total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-5.exe - [B]Trojan.NSIS.GoogUpdate.ct[/B] ( DrWEB: Trojan.Crossrider1.5456, BitDefender: Gen:Application.Heur.7u1@kCQDshcO )[*] c:\program files (x86)\total-1.8\fee3bdec-e924-4884-97de-6cead8a0bda0-6.exe - [B]Trojan.NSIS.GoogUpdate.ct[/B] ( BitDefender: Gen:Application.Heur.kz1@kK1W2Ngi )[*] c:\program files (x86)\total-1.8\total-1.8-codedownloader.exe - [B]Trojan.NSIS.GoogUpdate.ct[/B] ( DrWEB: Trojan.Crossrider.32918, BitDefender: Gen:Application.Heur.bv1@k4cfQjdO )[*] c:\program files (x86)\total-1.8\0c5f72e4-6e07-4424-9123-0ba831572343.exe - [B]not-a-virus:AdWare.MSIL.Agent.bfw[/B] ( DrWEB: Trojan.Crossrider.38762 )[*] c:\users\acf6~1\appdata\local\temp\is-iqvc7.tmp\689.exe - [B]not-a-virus:AdWare.Win32.InstallMonster.fpab[/B][*] c:\users\acf6~1\appdata\local\temp\is-pq7ab.tmp\689.exe - [B]not-a-virus:AdWare.Win32.Eorezo.cqah[/B] ( AVAST4: Win32:Adware-gen [Adw] )[*] c:\users\ксю\appdata\local\gmsd_ru_005010156\upgmsd_ru_005010156.exe - [B]not-a-virus:AdWare.Win32.Eorezo.brqa[/B] ( AVAST4: Win32:Adware-gen [Adw] )[*] c:\users\ксю\appdata\local\smartweb\smartwebapp.exe - [B]not-a-virus:AdWare.Win32.PriceGong.a[/B] ( DrWEB: Adware.Shopper.845, AVAST4: Win32:PriceGong-B [Adw] )[*] c:\users\ксю\appdata\local\smartweb\smartwebhelper.exe - [B]not-a-virus:AdWare.Win32.PriceGong.a[/B] ( DrWEB: Adware.Shopper.845 )[*] c:\users\ксю\appdata\local\smartweb\swhk.dll - [B]not-a-virus:AdWare.Win32.PriceGong.a[/B] ( DrWEB: Adware.Shopper.845, AVAST4: Win32:BHO-AOJ [Adw] )[*] c:\users\ксю\appdata\local\smartweb\__u.exe - [B]not-a-virus:AdWare.Win32.PriceGong.a[/B] ( DrWEB: Trojan.Siggen6.33552, AVAST4: Win32:Malware-gen )[*] c:\users\ксю\appdata\local\virtual kingdom\zbin\virtualkingdom.dll - [B]not-a-virus:AdWare.Win32.Agent.jnem[/B][*] c:\users\ксю\appdata\local\308d6c66-1448474081-df11-9e70-00266c7a7d31\qnsmde30.tmp - [B]not-a-virus:AdWare.Win32.ConvertAd.bai[/B] ( DrWEB: Adware.ClickMeIn.3745 )[/LIST][/LIST]