Здравствуйте, сегодня скачала Антивирус Касперского, он установился, но загружаться не хочет. Также пропали дрова с видеокарты, а при установлении пишет какую-то ошибку. Скажите пожалуйста, что мне делать?
Printable View
Здравствуйте, сегодня скачала Антивирус Касперского, он установился, но загружаться не хочет. Также пропали дрова с видеокарты, а при установлении пишет какую-то ошибку. Скажите пожалуйста, что мне делать?
Прочитайте и выполните Правила [url]http://virusinfo.info/pravila.html[/url]
все сделала
Выполните скрипт в AVZ
[code]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('E:\WINDOWS\system32\cmdow.exe','');
QuarantineFile('E:\WINDOWS\system32\ati2avxx.exe','');
QuarantineFile('I:\mlburmh.exe','');
QuarantineFile('E:\autorun.inf','');
QuarantineFile('C:\mlburmh.exe','');
QuarantineFile('E:\mlburmh.exe','');
QuarantineFile('E:\DOCUME~1\User\LOCALS~1\Temp\eiysq.exe','');
QuarantineFile('E:\Documents and Settings\User\Application Data\drm\drm.exe','');
DeleteFile('E:\Documents and Settings\User\Application Data\drm\drm.exe');
DeleteFile('E:\DOCUME~1\User\LOCALS~1\Temp\eiysq.exe');
DeleteFile('E:\mlburmh.exe');
DeleteFile('C:\mlburmh.exe');
DeleteFile('C:\autorun.inf');
DeleteFile('E:\autorun.inf');
DeleteFile('I:\autorun.inf');
DeleteFile('I:\mlburmh.exe');
DeleteFile('E:\WINDOWS\system32\ati2avxx.exe');
DeleteFile('E:\WINDOWS\system32\cmdow.exe');
DeleteFile('E:\WINDOWs\Tasks\autochk.job');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(9);
RebootWindows(true);
end. [/code]Компьютер перезагрузится
Пришлите карантин согласно [B]Приложения 3[/B] правил по красной ссылке [COLOR="Red"][U][B]Прислать запрошенный карантин[/B][/U][/COLOR] вверху темы
Сделайте новые логи
Вот
Выполните скрипт в AVZ
[code]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DeleteFile('E:\WINDOWS\system32\ati2avxx.bak');
DeleteFile('E:\WINDOWS\system32\aoupbie.dll');
DeleteFile('e:\windows\system32\imes.dll');
DeleteFile('e:\windows\system32\ati2avxx.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(9);
RebootWindows(true);
end. [/code]Компьютер перезагрузится
Сделайте новые логи AVZ
Сделала
Сделайте такой лог [url]http://virusinfo.info/showpost.php?p=457118&postcount=1[/url]
В текстовом же формате?
[URL="http://virusinfo.info/showpost.php?p=493584&postcount=2"]Удалите в МВАМ[/URL]
[CODE]Зараженные ключи в реестре:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppSvc32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFWSvc.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRepair.COM (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loaddll.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antiu.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arswp.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ast.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastu3.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avu3launcher.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\eghost.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fyfirewall.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ghost.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmor.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\irsetup.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpf.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvscan.kxp (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvxp_1.kxp (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapw32.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npfmntor.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqdoctor.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqdoctormain.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqkav.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqsc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsagent.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsaupd.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanu3.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\selfupdate.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartup.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sreng.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\syssafe.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trojandetector.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trojanwall.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trojdie.kxp (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uihost.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umxagent.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umxattachment.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umxcfg.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umxfwhlp.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umxpol.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upiea.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uplive.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\usbcleaner.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wopticlean.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zjb.exe (Security.Hijack) -> No action taken.
Зараженные файлы:
C:\System Volume Information\_restore{0BF2E6A1-59D9-43BA-8DB3-B6E624875133}\RP20\A0005102.exe (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00001.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00002.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00003.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00004.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00005.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00006.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00007.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00008.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00009.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00010.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00011.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00012.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00013.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00014.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00015.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00016.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00017.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00018.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00019.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00020.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00021.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-17\avz00022.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-18\avz00001.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-18\avz00002.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Infected\2010-04-18\avz00003.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Quarantine\2010-04-17\avz00001.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Quarantine\2010-04-17\avz00003.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Quarantine\2010-04-17\avz00006.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Quarantine\2010-04-17\avz00007.dta (Malware.Packer) -> No action taken.
E:\Documents and Settings\User\Рабочий стол\avz4\Quarantine
E:\RECYCLER\S-1-5-21-1547161642-1708537768-725345543-1003\De2.exe (Ransom.PinkBlocker) -> No action taken.[/CODE]
Большое спасибо за помощь!!! Удалила, Касперский заработал. А посоветуйте пожалуйста, каким антивирусом лучше пользоваться? Заранее благодарна!
Выбор антивируса - это личное дело самого пользователя. Кому-то подходит один, кому-то другой.
Установите [url="http://www.microsoft.com/downloads/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&displaylang=ru"]SP3[/url] (может потребоваться активация) + все новые патчи
Установите [url="http://www.microsoft.com/rus/windows/internet-explorer/default.aspx"]Internet Explorer 8[/url]
Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]26[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\autorun.inf - [B]Worm.Win32.AutoRun.wzu[/B] ( BitDefender: Trojan.Autorun.RU, AVAST4: VBS:Malware-gen )[*] c:\mlburmh.exe - [B]Worm.Win32.AutoRun.diq[/B] ( DrWEB: Win32.HLLW.Autoruner.2497, BitDefender: Trojan.Agent.Delf.JA, NOD32: Win32/AutoRun.QV worm, AVAST4: Win32:AutoRun-ANQ [Wrm] )[*] e:\autorun.inf - [B]Worm.Win32.AutoRun.wzu[/B] ( BitDefender: Trojan.Autorun.RU, AVAST4: VBS:Malware-gen )[*] e:\docume~1\user\locals~1\temp\eiysq.exe - [B]Trojan-Ransom.Win32.PinkBlocker.anq[/B][*] e:\mlburmh.exe - [B]Worm.Win32.AutoRun.diq[/B] ( DrWEB: Win32.HLLW.Autoruner.2497, BitDefender: Trojan.Agent.Delf.JA, NOD32: Win32/AutoRun.QV worm, AVAST4: Win32:AutoRun-ANQ [Wrm] )[*] e:\windows\system32\ati2avxx.exe - [B]Worm.Win32.AutoRun.diq[/B] ( DrWEB: Win32.HLLW.Autoruner.2497, BitDefender: Trojan.Agent.Delf.JA, NOD32: Win32/AutoRun.QV worm, AVAST4: Win32:AutoRun-ANQ [Wrm] )[*] e:\windows\system32\cmdow.exe - [B]not-a-virus:RiskTool.Win32.HideWindows[/B][*] i:\autorun.inf - [B]Worm.Win32.AutoRun.wzu[/B] ( BitDefender: Trojan.Autorun.RU, AVAST4: VBS:Malware-gen )[*] i:\mlburmh.exe - [B]Worm.Win32.AutoRun.diq[/B] ( DrWEB: Win32.HLLW.Autoruner.2497, BitDefender: Trojan.Agent.Delf.JA, NOD32: Win32/AutoRun.QV worm, AVAST4: Win32:AutoRun-ANQ [Wrm] )[/LIST][/LIST]