-
Junior Member
- Вес репутации
- 49
Trojan.Win32.Inject.aohy
Здравствуйте! Дело было так... началось все с черного экрана (при загрузки винды не появлялся рабочий стол, а тока черный экран)
с ним разобрался... возникла вторая проблема
все браузеры перестали открывать сайты, тока их коды
файр фокс просит обновить бразер за деньги
Trojan.Win32.Inject.aohy такой троян)
до этого прогонял cureIT
ничего!
Надеюсь на вашу помощь!
virusinfo_cure размер большой, куда кинуть? 2.41 весит
Последний раз редактировалось shachiburi; 16.02.2011 в 22:45.
-
Будь в курсе!
Будь в курсе!
Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:
-
-
-
Junior Member
- Вес репутации
- 49
у virusinfo_cure размер большой, че делать? весит 2.41
-
Сообщение от
shachiburi
virusinfo_cure размер большой,
Мы его не запрашивали. Это автокарантин
Выполните скрипт в AVZ
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\Windows\service.exe','');
QuarantineFile('c:\program files\common files\akamai\netsession_win_dbc0250.dll','');
QuarantineFile('C:\Windows\system32\heokclf.dll','');
DeleteFile('C:\Windows\system32\heokclf.dll');
DeleteFile('C:\Windows\service.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
Компьютер перезагрузится.
Пришлите карантин согласно Приложения 3 правил по красной ссылке Прислать запрошенный карантин вверху темы
Сделайте новые логи
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 Reconnect
-
-
Junior Member
- Вес репутации
- 49
Спасибо огромное, помогло! вот еще в шапке добавил
-
Выполните скрипт в AVZ:
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DeleteFile('C:\Windows\system32\klite.dll');
DeleteFile('C:\Program Files\Common Files\ukbsyix.oc');
DeleteFile('C:\Program Files\Common Files\wuxunon.ta');
DeleteFile('C:\Program Files\Common Files\ykjankj.ja');
DeleteFile('C:\Program Files\Common Files\zybivof.do');
DeleteFile('C:\Windows\Installer\9f40075.msi');
DeleteFile('C:\Windows\system32\msctfime.iem');
DeleteFileMask( 'C:\Users\Shachiburi\DoctorWeb\Quarantine', '*.*',true);
BC_ImportDeletedList;
ExecuteSysClean;
DelBHO('{FF0FE70F-B832-42F1-BAFF-247753B5E452}');
DelBHO('{F1E59DF7-D7FC-4ED6-BC1D-D13BE02FE6C5}');
BC_Activate;
RebootWindows(true);
end.
Компьютер перезагрузится.
Сделайте новые логи (п.1-3 раздела Диагностика правил).
I am not young enough to know everything...
-
-
Junior Member
- Вес репутации
- 49
-
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 Reconnect
-
-
Junior Member
- Вес репутации
- 49
-
Здравствуйте.
Удалите в MBAM:
Код:
Заражённые ключи в реестре:
HKEY_CLASSES_ROOT\CLSID\{86AEFBE8-763F-0647-899C-A93278894599} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{86AEFBE8-763F-0647-899C-A93278894599} (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{F1E59DF7-D7FC-4ED6-BC1D-D13BE02FE6C5} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{F552632F-867D-4052-B836-7F83A5302534} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{F743CF0F-181C-4D72-B4EE-95435ED4B86B} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\se_gov.Ogn_hob.1 (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1E59DF7-D7FC-4ED6-BC1D-D13BE02FE6C5} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{FF0FE70F-B832-42F1-BAFF-247753B5E452} (Password.Stealer) -> No action taken.
HKEY_CLASSES_ROOT\se_gov.Ogn_Rab.1 (Password.Stealer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E59D37-D7FC-4ED6-BC1D-D13BE02FE6C5} (Trojan.Kerlofost) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E59DF7-D7FC-4ED6-BC1D-D13BE02FE6C5} (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\Software\SearchHelper (Adware.Reklosoft) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\APSX85 (Rootkit.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DOGKILLER (Worm.Megania) -> No action taken.
Заражённые папки:
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66} (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome\content (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\defaults (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\defaults\preferences (Trojan.Kerlofost) -> No action taken.
c:\Windows\System32\0F6226 (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC (Worm.AutoRun) -> No action taken.
c:\Windows\System32\76682F (Worm.AutoRun) -> No action taken.
c:\Windows\System32\ACF7EF (Worm.AutoRun) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\E_N4 (Worm.Autorun) -> No action taken.
Заражённые файлы:
c:\Users\shachiburi\AppData\Roaming\Dk.Tmp (Spyware.OnLineGames) -> No action taken.
c:\Users\shachiburi\AppData\Roaming\f.exe (Malware.Packer.Gen) -> No action taken.
c:\program files\common files\aeosdit.oi (Backdoor.Bot) -> No action taken.
c:\program files\common files\bojqcuc.uo (Backdoor.Bot) -> No action taken.
c:\program files\common files\bqcinoa.mo (Backdoor.Bot) -> No action taken.
c:\program files\common files\cosgfwz.yc (Backdoor.Bot) -> No action taken.
c:\program files\common files\cukszed.dk (Backdoor.Bot) -> No action taken.
c:\program files\common files\dahgmcs.su (Backdoor.Bot) -> No action taken.
c:\program files\common files\doesqca.ek (Backdoor.Bot) -> No action taken.
c:\program files\common files\dozozck.je (Backdoor.Bot) -> No action taken.
c:\program files\common files\eeiwpgt.ea (Backdoor.Bot) -> No action taken.
c:\program files\common files\eqxqlav.ou (Backdoor.Bot) -> No action taken.
c:\program files\common files\fgxyikl.pk (Backdoor.Bot) -> No action taken.
c:\program files\common files\fijizej.qu (Backdoor.Bot) -> No action taken.
c:\program files\common files\fmfoxce.cg (Backdoor.Bot) -> No action taken.
c:\program files\common files\gczcteh.jq (Backdoor.Bot) -> No action taken.
c:\program files\common files\gkqgasd.zy (Backdoor.Bot) -> No action taken.
c:\program files\common files\hqveegx.gm (Backdoor.Bot) -> No action taken.
c:\program files\common files\iabodiy.qw (Backdoor.Bot) -> No action taken.
c:\program files\common files\iixenyu.oa (Backdoor.Bot) -> No action taken.
c:\program files\common files\patkzof.ow (Backdoor.Bot) -> No action taken.
c:\program files\common files\pqoouml.cc (Backdoor.Bot) -> No action taken.
c:\program files\common files\psuqdon.iu (Backdoor.Bot) -> No action taken.
c:\program files\common files\pwpghic.vc (Backdoor.Bot) -> No action taken.
c:\program files\common files\pwvwqyj.he (Backdoor.Bot) -> No action taken.
c:\program files\common files\qcvuood.yy (Backdoor.Bot) -> No action taken.
c:\program files\common files\qmakjai.zu (Backdoor.Bot) -> No action taken.
c:\program files\common files\qqzclii.ns (Backdoor.Bot) -> No action taken.
c:\program files\common files\qsomxsr.rq (Backdoor.Bot) -> No action taken.
c:\program files\common files\qufsfkd.zc (Backdoor.Bot) -> No action taken.
c:\program files\common files\qunscwp.ue (Backdoor.Bot) -> No action taken.
c:\program files\common files\sefalow.ea (Backdoor.Bot) -> No action taken.
c:\program files\common files\sqvilgb.fo (Backdoor.Bot) -> No action taken.
c:\program files\common files\syngucc.qw (Backdoor.Bot) -> No action taken.
c:\program files\common files\Tenparty.dat (Spyware.OnLineGames) -> No action taken.
c:\program files\common files\twpyouc.mc (Backdoor.Bot) -> No action taken.
c:\program files\common files\twsaqka.uq (Backdoor.Bot) -> No action taken.
c:\program files\common files\tyrmbiw.os (Backdoor.Bot) -> No action taken.
c:\program files\common files\uilcyom.ke (Backdoor.Bot) -> No action taken.
c:\program files\common files\ukmqhuz.zk (Backdoor.Bot) -> No action taken.
c:\program files\common files\uuaixkx.ne (Backdoor.Bot) -> No action taken.
c:\program files\common files\vimawko.ke (Backdoor.Bot) -> No action taken.
c:\program files\common files\vkrmeka.mc (Backdoor.Bot) -> No action taken.
c:\program files\common files\vyhgkyr.wi (Backdoor.Bot) -> No action taken.
c:\program files\common files\wmkgcuf.ys (Backdoor.Bot) -> No action taken.
c:\program files\common files\wmlyvca.mg (Backdoor.Bot) -> No action taken.
c:\program files\common files\xgdgnsm.xc (Backdoor.Bot) -> No action taken.
c:\program files\common files\xolytqs.dg (Backdoor.Bot) -> No action taken.
c:\program files\common files\xqxcdqv.wg (Backdoor.Bot) -> No action taken.
c:\program files\common files\xsrargw.di (Backdoor.Bot) -> No action taken.
c:\program files\common files\xysubkt.we (Backdoor.Bot) -> No action taken.
c:\program files\common files\ykrykqm.bw (Backdoor.Bot) -> No action taken.
c:\program files\common files\zgluboy.rw (Backdoor.Bot) -> No action taken.
c:\program files\common files\ziwouyi.ki (Backdoor.Bot) -> No action taken.
c:\program files\common files\zoygcqj.ww (Backdoor.Bot) -> No action taken.
c:\program files\common files\zuxgtek.xu (Backdoor.Bot) -> No action taken.
c:\program files\common files\zwmsowj.gk (Backdoor.Bot) -> No action taken.
c:\program files\common files\zyscmoc.cu (Backdoor.Bot) -> No action taken.
c:\program files\common files\jolkhmw.pk (Backdoor.Bot) -> No action taken.
c:\program files\common files\joxclov.ze (Backdoor.Bot) -> No action taken.
c:\program files\common files\jwpctwa.py (Backdoor.Bot) -> No action taken.
c:\program files\common files\kgbuegu.ew (Backdoor.Bot) -> No action taken.
c:\program files\common files\kubanux.qy (Backdoor.Bot) -> No action taken.
c:\program files\common files\laiaqqu.xe (Backdoor.Bot) -> No action taken.
c:\program files\common files\lqmafex.fw (Backdoor.Bot) -> No action taken.
c:\program files\common files\lsnabgj.by (Backdoor.Bot) -> No action taken.
c:\program files\common files\mqniloe.vw (Backdoor.Bot) -> No action taken.
c:\program files\common files\mszmtyf.gm (Backdoor.Bot) -> No action taken.
c:\program files\common files\nugubio.qy (Backdoor.Bot) -> No action taken.
c:\program files\common files\nyewuat.cg (Backdoor.Bot) -> No action taken.
c:\program files\common files\oaicvin.ui (Backdoor.Bot) -> No action taken.
c:\program files\common files\ocmeuad.cw (Backdoor.Bot) -> No action taken.
c:\program files\common files\octaikl.te (Backdoor.Bot) -> No action taken.
c:\program files\common files\oefatqe.bg (Backdoor.Bot) -> No action taken.
c:\program files\common files\osaemyr.pc (Backdoor.Bot) -> No action taken.
c:\program files\common files\oshetgz.jw (Backdoor.Bot) -> No action taken.
c:\program files\common files\iyrohwf.pu (Backdoor.Bot) -> No action taken.
c:\program files\common files\oyjilko.pw (Backdoor.Bot) -> No action taken.
c:\program files\common files\tcwgtmg.es (Backdoor.Bot) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\oneg179340512.exe (Spyware.Passwords) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\rundii32.exe (Trojan.Downloader) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\E_N4\cnvpe.fne (Worm.Autorun) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\E_N4\dp1.fne (Worm.Autorun) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\E_N4\eAPI.fne (Worm.Autorun) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\E_N4\HtmlView.fne (HackTool.Patcher) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\E_N4\internet.fne (HackTool.Patcher) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\E_N4\krnln.fnr (Trojan.Agent) -> No action taken.
c:\Users\shachiburi\local settings\temporary internet files\Content.IE5\A8PY77CL\info[1].exe (Trojan.Agent) -> No action taken.
c:\Windows\TenSafe.exe (Spyware.Passwords) -> No action taken.
c:\Windows\ctfmons.exe (Trojan.Agent) -> No action taken.
c:\Users\shachiburi\AppData\Roaming\avdrn.dat (Malware.Trace) -> No action taken.
c:\Windows\System32\dbr01005.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr03004.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr05005.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr06004.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr07005.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr08006.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr09004.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr10003.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr12005.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr13005.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr15005.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr17002.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr19001.iem (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr01005.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr03004.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr05005.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr06004.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr07005.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr08006.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr09004.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr10003.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr12005.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr13005.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr15005.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr17002.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr18002.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\dbr19001.mdd (Trojan.GamesThief) -> No action taken.
c:\Windows\System32\gbvgbv12.exe (Trojan.GamesThief) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\632795185.exe (Trojan.FakeAlert.Gen) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\taskmgr.exe (Trojan.Downloader) -> No action taken.
c:\Windows\bhoReg.reg (Malware.Trace) -> No action taken.
c:\Windows\System32\gbvgbv01.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv03.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv05.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv06.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv07.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv08.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv09.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv10.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv13.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv15.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv17.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv18.exe (Trojan.OnlineGames) -> No action taken.
c:\Windows\System32\gbvgbv19.exe (Trojan.OnlineGames) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome.manifest (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\extension.reg (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\install.rdf (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome\content\extensions.xul (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome\content\logo.png (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome\content\main.js (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome\content\main.xul (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome\content\q.png (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome\content\q_gray.png (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome\content\x.png (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\chrome\content\x_gray.png (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\defaults\preferences\main.js (Trojan.Kerlofost) -> No action taken.
c:\program files\common files\{7445f2b0-cf99-11dd-ad8b-0800200c9a66}\defaults\preferences\main.js.old (Trojan.Kerlofost) -> No action taken.
c:\Windows\System32\0F6226\25cb67ff.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\29baaa97.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\3f6f809d.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\402719ee.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\5b5eaea1.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\6c05c1c3.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\6e07cb24.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\75beb4ed.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\78cce4b2.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\9f06db2b.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\a6fa41c7.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\d8827215.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\eb56eeb3.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\f2754580.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\0F6226\f8be0118.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\krnln.fnr (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\a7.ini (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\a8.ini (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\cnvpe.fne (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\dp1.fne (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\eAPI.fne (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\HtmlView.fne (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\internet.fne (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\RegEx.fnr (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\shell.fne (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC\spec.fne (Worm.AutoRun) -> No action taken.
c:\Windows\System32\76682F\670df5.txt (Worm.AutoRun) -> No action taken.
c:\Windows\System32\76682F\6a0d8f.txt (Worm.AutoRun) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\E_N4\shell.fne (Worm.Autorun) -> No action taken.
c:\Users\shachiburi\AppData\Local\Temp\E_N4\spec.fne (Worm.Autorun) -> No action taken.
-
-
Итог лечения
Статистика проведенного лечения:
- Получено карантинов: 1
- Обработано файлов: 14
- В ходе лечения обнаружены вредоносные программы:
- c:\\program files\\common files\\ukbsyix.oc - Trojan-GameThief.Win32.OnLineGames.bnsm ( DrWEB: Trojan.PWS.Stealer.342, BitDefender: Rootkit.40857, NOD32: Win32/Agent.RYZ trojan, AVAST4: Win32:Rootkit-gen [Rtk] )
- c:\\program files\\common files\\wuxunon.ta - Trojan-GameThief.Win32.OnLineGames.bnsm ( DrWEB: Trojan.PWS.Stealer.342, BitDefender: Rootkit.40857, NOD32: Win32/Agent.RYZ trojan, AVAST4: Win32:Rootkit-gen [Rtk] )
- c:\\program files\\common files\\ykjankj.ja - Trojan-GameThief.Win32.OnLineGames.bnsm ( DrWEB: Trojan.PWS.Stealer.342, BitDefender: Rootkit.40857, NOD32: Win32/Agent.RYZ trojan, AVAST4: Win32:Rootkit-gen [Rtk] )
- c:\\program files\\common files\\zybivof.do - Trojan-GameThief.Win32.OnLineGames.bnsm ( DrWEB: Trojan.PWS.Stealer.342, BitDefender: Rootkit.40857, NOD32: Win32/Agent.RYZ trojan, AVAST4: Win32:Rootkit-gen [Rtk] )
- c:\\users\\shachiburi\\doctorweb\\quarantine\\2010 1014233038.dll - Trojan-GameThief.Win32.OnLineGames.xgbt ( DrWEB: Trojan.PWS.Wsgame.23714, BitDefender: Trojan.Generic.5139439, AVAST4: Win32:OnLineGames-FYN [Trj] )
- c:\\users\\shachiburi\\doctorweb\\quarantine\\2010 1014235540.dll - Trojan-GameThief.Win32.OnLineGames.xgbt ( DrWEB: Trojan.PWS.Wsgame.23714, BitDefender: Trojan.Generic.5139439, AVAST4: Win32:OnLineGames-FYN [Trj] )
- c:\\users\\shachiburi\\doctorweb\\quarantine\\2010 1015001638.dll - Trojan-GameThief.Win32.OnLineGames.xgbt ( DrWEB: Trojan.PWS.Wsgame.23714, BitDefender: Trojan.Generic.5139439, AVAST4: Win32:OnLineGames-FYN [Trj] )
- c:\\users\\shachiburi\\doctorweb\\quarantine\\2010 1015003739.dll - Trojan-GameThief.Win32.OnLineGames.xgbt ( DrWEB: Trojan.PWS.Wsgame.23714, BitDefender: Trojan.Generic.5139439, AVAST4: Win32:OnLineGames-FYN [Trj] )
- c:\\webservers\\temporary\\kb970588.dll - Trojan-GameThief.Win32.Frethoq.cet ( DrWEB: Trojan.PWS.Gamania.34550, BitDefender: Trojan.Onlinegames.2091, NOD32: Win32/PSW.OnLineGames.PEK trojan, AVAST4: Win32:Agent-AMDC [Drp] )
- c:\\windows\\service.exe - Trojan.Win32.Swisyn.aphy ( DrWEB: Trojan.Siggen2.6786, BitDefender: Trojan.Generic.5003447, AVAST4: Win32:Malware-gen )
- c:\\windows\\system32\\heokclf.dll - Trojan.Win32.Zapchast.ess ( DrWEB: Trojan.Mayachok.based, BitDefender: Trojan.Generic.5514881, NOD32: Win32/Agent.SFM trojan, AVAST4: Win32:MalOb-HG [Cryp] )
- c:\\windows\\system32\\klite.dll - Trojan-Ransom.Win32.BHO.ca ( DrWEB: Trojan.BhoSiggen.4164, BitDefender: Trojan.Generic.6039225, AVAST4: Win32:Warezov-DJS [Trj] )
- c:\\windows\\system32\\msctfime.iem - Trojan-GameThief.Win32.OnLineGames.xdza ( DrWEB: Trojan.PWS.Wsgame.24831, BitDefender: Trojan.Generic.4849272, NOD32: Win32/PSW.OnLineGames.QLG trojan, AVAST4: Win32:Agent-AMKP [Drp] )
-