Dr.Web обновленный почему то не справляется, обнаруживает их каждый раз...
прилагаю логи
Dr.Web обновленный почему то не справляется, обнаруживает их каждый раз...
прилагаю логи
Последний раз редактировалось 1Tseman; 04.07.2010 в 12:08.
Выполните скрипт в AVZ
Компьютер перезагрузитсяКод:begin SearchRootkit(true, true); SetAVZGuardStatus(True); TerminateProcessByName('C:\RECYCLER\S-1-5-21-0049525393-2027911346-805001232-5370\syscr.exe'); TerminateProcessByName('c:\windows\system32\qtplugin.exe'); TerminateProcessByName('c:\windows\system32\wmsrvc.exe'); TerminateProcessByName('c:\windows\temp\tmp1298.exe'); TerminateProcessByName('\Device\HarddiskVolume1\DOCUME~1\test\LOCALS~1\Temp\RarSFX0\s42asxp.exe'); QuarantineFile('C:\RECYCLER\S-1-5-21-0049525393-2027911346-805001232-5370\syscr.exe',''); QuarantineFile('C:\WINDOWS\system32\dllcache\wstpager.ax:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\dllcache\wiasf.ax:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\dllcache\daxctle.ocx:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\dllcache\cnfgprts.ocx:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\asctrls.ocx:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\appwiz.cpl:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\wfp6.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\usb.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\syssetup.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\oem0.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\Nokia6830Bluetooth.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\nokia6822IrDA.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\nokia6610iIrDA.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\netsla30.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\netsis.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\netlm.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\netcem33.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\mstask.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\mfsocket.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\mdmosi.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\mdmlasno.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\mdmbug3.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\mdmadc.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\iereset.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\usrlogon.cmd:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\pubprn.vbs:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\nwc.cpl:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\netsetup.cpl:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\msscds32.ax:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\ksxbar.ax:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\irprops.cpl:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\ieuinit.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\hhctrl.ocx:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\inf\brmfcsto.inf:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\windows.chm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\taskbar.chm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\soundrec.chm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\msmqconcepts.chm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\joy.chm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\freecell.chm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\drwtsn32.chm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\datetime.chm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\colormgt.chm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\ciadmin.htm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\Help\apps.chm:Wxzs+vE:$DATA',''); QuarantineFile('C:\WINDOWS\system32\qtplugin.exe',''); QuarantineFile('C:\WINDOWS\system32\sdra64.exe',''); QuarantineFile('C:\WINDOWS\system32\ctndxvpv.exe',''); QuarantineFile('C:\Documents and Settings\NetworkService\ufbeqqaf.exe',''); QuarantineFile('C:\Documents and Settings\NetworkService\mii.exe',''); QuarantineFile('C:\Documents and Settings\NetworkService\Application Data\Microsoft\kigudou.exe',''); QuarantineFile('c:\windows\system32\wmsrvc.exe',''); QuarantineFile('c:\windows\temp\tmp1298.exe',''); QuarantineFile('\Device\HarddiskVolume1\DOCUME~1\test\LOCALS~1\Temp\RarSFX0\s42asxp.exe',''); DeleteFile('C:\RECYCLER\S-1-5-21-0049525393-2027911346-805001232-5370\syscr.exe'); DeleteFile('\Device\HarddiskVolume1\DOCUME~1\test\LOCALS~1\Temp\RarSFX0\s42asxp.exe'); DeleteFile('c:\windows\temp\tmp1298.exe'); DeleteFile('c:\windows\system32\wmsrvc.exe'); DeleteFile('C:\Documents and Settings\NetworkService\Application Data\Microsoft\kigudou.exe'); DeleteFile('C:\Documents and Settings\NetworkService\mii.exe'); DeleteFile('C:\Documents and Settings\NetworkService\ufbeqqaf.exe'); DeleteFile('C:\WINDOWS\system32\ctndxvpv.exe'); DeleteFile('C:\WINDOWS\system32\sdra64.exe'); DeleteFile('C:\WINDOWS\system32\qtplugin.exe'); DeleteFile('C:\WINDOWS\Help\apps.chm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\Help\ciadmin.htm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\Help\colormgt.chm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\Help\datetime.chm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\Help\drwtsn32.chm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\Help\freecell.chm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\Help\joy.chm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\Help\msmqconcepts.chm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\Help\soundrec.chm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\Help\taskbar.chm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\Help\windows.chm:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\brmfcsto.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\hhctrl.ocx:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\ieuinit.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\irprops.cpl:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\ksxbar.ax:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\msscds32.ax:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\nwc.cpl:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\pubprn.vbs:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\usrlogon.cmd:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\iereset.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\mdmadc.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\mdmbug3.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\mdmlasno.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\mdmosi.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\mfsocket.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\mstask.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\netcem33.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\netlm.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\netsis.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\netsla30.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\nokia6610iIrDA.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\nokia6822IrDA.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\Nokia6830Bluetooth.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\oem0.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\syssetup.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\usb.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\inf\wfp6.inf:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\appwiz.cpl:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\asctrls.ocx:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\dllcache\cnfgprts.ocx:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\dllcache\daxctle.ocx:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\dllcache\wiasf.ax:Wxzs+vE:$DATA'); DeleteFile('C:\WINDOWS\system32\dllcache\wstpager.ax:Wxzs+vE:$DATA'); RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','MSConfig'); RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','MSConfig'); RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','sazymmoo'); RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','sazymmoo'); RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','CFmon'); RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','AutoStart'); RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','autoruns'); RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','RegistryMonitor1'); RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Generic Host for Win32 Services'); BC_ImportAll; ExecuteSysClean; BC_Activate; ExecuteRepair(6); ExecuteRepair(9); ExecuteRepair(13); ExecuteRepair(16); RegKeyIntParamWrite('HKLM', 'SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum', '{BDEADF00-C265-11D0-BCED-00A0C90AB50F}', 1); RebootWindows(true); end.
Пришлите карантин согласно Приложения 3 правил по красной ссылке Прислать запрошенный карантин вверху темы
Обновите базы AVZ
Сделайте новые логи
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
карантин выслал, правда когда шло выполнения вашего скрипта, Dr.Web удалял из папки avz файлы )
логи прилагаю.
Последний раз редактировалось 1Tseman; 04.07.2010 в 12:08.
Логи старые
Антивирус нужно отключать на время выполнения скрипта
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
Статистика проведенного лечения:
- Получено карантинов: 1
- Обработано файлов: 45
- В ходе лечения обнаружены вредоносные программы:
- c:\windows\help\apps.chm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\help\ciadmin.htm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\help\colormgt.chm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\help\datetime.chm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\help\drwtsn32.chm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\help\freecell.chm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\help\joy.chm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\help\msmqconcepts.chm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\help\soundrec.chm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\help\taskbar.chm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\help\windows.chm:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\brmfcsto.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\iereset.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\mdmadc.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\mdmbug3.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\mdmlasno.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\mdmosi.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\mfsocket.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\mstask.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\netcem33.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\netlm.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\netsis.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\netsla30.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\nokia6610iirda.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\nokia6822irda.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\nokia6830bluetooth.inf:wxzs+ve:$dat a - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\oem0.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\syssetup.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\usb.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\inf\wfp6.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\appwiz.cpl:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\asctrls.ocx:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\dllcache\cnfgprts.ocx:wxzs+ve: $data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\dllcache\daxctle.ocx:wxzs+ve:$ data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\dllcache\wiasf.ax:wxzs+ve:$dat a - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\dllcache\wstpager.ax:wxzs+ve:$ data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\hhctrl.ocx:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\ieuinit.inf:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\irprops.cpl:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\ksxbar.ax:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\msscds32.ax:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\netsetup.cpl:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\nwc.cpl:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\pubprn.vbs:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
- c:\windows\system32\usrlogon.cmd:wxzs+ve:$data - Packed.Win32.Krap.w ( DrWEB: Trojan.Packed.19647, BitDefender: Gen:Heur.Krypt.11, AVAST4: Win32:Bredolab-BR [Trj] )
Уважаемый(ая) 1Tseman, наши специалисты оказали Вам всю возможную помощь по вашему обращению.
В целях поддержания безопасности вашего компьютера настоятельно рекомендуем:
Чтобы всегда быть в курсе актуальных угроз в области информационной безопасности и сохранять свой компьютер защищенным, рекомендуем следить за последними новостями ИТ-сферы портала Anti-Malware.ru:
Надеемся больше никогда не увидеть ваш компьютер зараженным!
Если Вас не затруднит, пополните пожалуйста нашу базу безопасных файлов.