Тормозит интернет и многие exe файлы вышли из строя
Тормозит интернет и многие exe файлы вышли из строя
Выполните скрипт в AVZ
Компьютер перезагрузится.Код:begin SearchRootkit(true, true); SetAVZGuardStatus(True); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\zkvrm8ijfk.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\y65q1ghm.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\xdj0afwrr.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\x6ypp86g.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\uvwrm3i2jk.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\tt66k81wh.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\o81almhn60p.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\m1iejfvg.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\l2c0d03e.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\fvb66s86e81.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\ek5fbwxc85.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\eafvb60djtp.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\bb66s81e3.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\949.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\936.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\934.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\926.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\925.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\888.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\81alc1s.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\747.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\739.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\736.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\725.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\70nj1uq.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\665.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\5ek5fbw.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\569.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\567.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\531.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\521.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\442.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\3wrx91o.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\3gbrsnd.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\316.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\283.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\26wrrss.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\1ufgbh6.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\154.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\145.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\143.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\045.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\023.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\020.exe',''); QuarantineFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\016.exe',''); QuarantineFile('C:\DOCUME~1\Armaxa\LOCALS~1\Temp\Gn12MzS1.sys',''); TerminateProcessByName('c:\documents and settings\armaxa\application data\lsass.exe'); QuarantineFile('c:\documents and settings\armaxa\application data\lsass.exe',''); DeleteFile('c:\documents and settings\armaxa\application data\lsass.exe'); DeleteFile('C:\DOCUME~1\Armaxa\LOCALS~1\Temp\Gn12MzS1.sys'); RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Local Security Authentication Server'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\016.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\020.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\023.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\045.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\143.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\145.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\154.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\1ufgbh6.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\26wrrss.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\283.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\316.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\3gbrsnd.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\3wrx91o.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\442.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\521.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\531.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\567.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\569.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\5ek5fbw.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\665.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\70nj1uq.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\725.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\736.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\739.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\747.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\81alc1s.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\888.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\925.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\926.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\934.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\936.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\949.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\bb66s81e3.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\eafvb60djtp.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\ek5fbwxc85.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\fvb66s86e81.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\l2c0d03e.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\m1iejfvg.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\o81almhn60p.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\tt66k81wh.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\uvwrm3i2jk.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\x6ypp86g.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\xdj0afwrr.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\y65q1ghm.exe'); DeleteFile('C:\Documents and Settings\Armaxa\DoctorWeb\Quarantine\zkvrm8ijfk.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021817.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021819.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021821.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021823.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021825.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021827.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021829.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021831.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021833.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021836.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021837.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021838.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021839.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021840.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021841.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021842.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021843.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021844.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021845.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021846.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021847.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021848.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021849.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021850.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021851.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021852.exe'); DeleteFile('C:\System Volume Information\_restore{3A0CB424-4BB5-4377-8EFF-7666A3DFEA48}\RP34\A0021853.exe'); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(true); end.
Пришлите карантин согласно Приложения 3 правил по красной ссылке Прислать запрошенный карантин вверху темы
Сделайте новые логи
Сделайте лог полного сканирования МВАМ
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
Готово
ОтключитеСистемное восстановление!!! как- посмотреть можно тут
- Выполните скрипт в AVZ
После перезагрузки:Код:begin SearchRootkit(true, true); SetAVZGuardStatus(True); DeleteFileMask(GetAVZDirectory + 'Quarantine', '*.*', true); RegKeyStrParamWrite('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon','UserInit', GetEnvironmentVariable ('WinDir')+'\System32\userinit.exe,'); QuarantineFile('c:\documents and settings\Armaxa\local settings\Temp\701.exe',''); QuarantineFile('c:\documents and settings\Armaxa\doctorweb\quarantine\juzjf.exe',''); QuarantineFile('c:\documents and settings\Armaxa\local settings\Temp\4244.exe',''); DeleteFile('c:\documents and settings\Armaxa\local settings\Temp\701.exe'); DeleteFile('c:\documents and settings\Armaxa\local settings\Temp\4244.exe'); DeleteFile('c:\documents and settings\Armaxa\doctorweb\quarantine\juzjf.exe'); QuarantineFile('c:\documents and settings\localservice\application data\microsoft\vydefaqu.exe',''); QuarantineFile('c:\documents and settings\localservice\application data\microsoft\segyvol.exe',''); DeleteFile('c:\documents and settings\localservice\application data\microsoft\segyvol.exe'); DeleteFile('c:\documents and settings\localservice\application data\microsoft\vydefaqu.exe'); DeleteFileMask('c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5', '*.*', true); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(true); end.
- выполните такой скрипт
- Файл quarantine.zip из папки AVZ загрузите по ссылке Прислать запрошенный карантин вверху темыКод:begin CreateQurantineArchive(GetAVZDirectory+'quarantine.zip'); end.
- удалите в MBAM, что останется из этого
- Сделайте повторные логи по правилам п.2 и 3 раздела Диагностика.(virusinfo_syscheck.zip;hijackthis.log)Код:Заражённые ключи в реестре: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> No action taken. Заражённые файлы: c:\documents and settings\Armaxa\doctorweb\quarantine\292372.exe (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\doctorweb\quarantine\777.exe (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\doctorweb\quarantine\juzjf.exe (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\local settings\Temp\4244.exe (Trojan.FakeMS) -> No action taken. c:\documents and settings\Armaxa\local settings\Temp\701.exe (Trojan.FakeMS) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\8TA7OXYR\4k[1] (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\8TA7OXYR\4k[2] (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\8TA7OXYR\4k[4] (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\8TA7OXYR\ck[1] (Spyware.Passwords.XGen) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\8TA7OXYR\ck[2] (Spyware.Passwords.XGen) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\8TA7OXYR\ck[3] (Spyware.Passwords.XGen) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\8TA7OXYR\ck[4] (Spyware.Passwords.XGen) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\C12VCLEZ\dwjmkn[1].txt (Worm.Autorun) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\C12VCLEZ\edwkjojm[1].txt (Worm.Autorun) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\C12VCLEZ\cewcwq[1].txt (Trojan.Refroso) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\C12VCLEZ\cfdwqdwq[1].txt (Trojan.Ddox) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\C12VCLEZ\soc[1].exe (Trojan.FakeMS) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\C12VCLEZ\dcwqedwq5[1].txt (Trojan.Refroso) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\C12VCLEZ\install[1].48767.exe (Rootkit.Agent) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\C12VCLEZ\vrededwww[1].txt (Trojan.Ddox) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\CH6BGDAJ\4k[1] (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\CH6BGDAJ\4k[2] (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\CH6BGDAJ\4k[3] (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\CH6BGDAJ\4k[4] (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\CH6BGDAJ\cvdscsa[1].txt (Trojan.Ddox) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\CH6BGDAJ\cfewfcwe[1].txt (Trojan.Refroso) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\CH6BGDAJ\cfewwqe[1].txt (Worm.Autorun) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\CH6BGDAJ\ck[1] (Spyware.Passwords.XGen) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\CH6BGDAJ\ck[2] (Spyware.Passwords.XGen) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\CH6BGDAJ\ck[3] (Spyware.Passwords.XGen) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\O9YJOXUV\dwqdcwq[1].txt (Trojan.Ddox) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\O9YJOXUV\4k[1] (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\O9YJOXUV\4k[2] (Trojan.LVBP) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\O9YJOXUV\install[1].48767.exe (Rootkit.Agent) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\O9YJOXUV\cwcwwq[1].txt (Trojan.Refroso) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\O9YJOXUV\ck[1] (Spyware.Passwords.XGen) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\O9YJOXUV\ck[2] (Spyware.Passwords.XGen) -> No action taken. c:\documents and settings\Armaxa\local settings\temporary internet files\Content.IE5\O9YJOXUV\vcewwfqc[1].txt (Worm.Autorun) -> No action taken. c:\documents and settings\localservice\application data\microsoft\segyvol.exe (Trojan.LVBP) -> No action taken. c:\documents and settings\localservice\application data\microsoft\vydefaqu.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020652.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020654.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020655.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020677.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020679.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020680.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020721.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020723.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020724.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020725.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020729.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020731.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020732.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP32\A0020741.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP33\A0020747.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP33\A0020751.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP33\A0020752.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP33\A0020753.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP33\A0021748.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP33\A0021749.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP33\A0021752.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP33\A0021753.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021757.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021759.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021760.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021764.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021765.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021766.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021788.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021790.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021793.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021796.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021797.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021808.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021809.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021810.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021814.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021815.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021857.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021789.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP34\A0021835.exe (Trojan.LVBP) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021949.exe (Trojan.FakeMS) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021950.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021951.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021952.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021953.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021954.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021955.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021956.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021957.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021958.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021959.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021960.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021962.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021963.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021964.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021965.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021966.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021967.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021968.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021969.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021970.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021971.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021972.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021973.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021974.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021975.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021976.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021977.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021978.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021980.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021981.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021982.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021983.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021984.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021985.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021986.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021987.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021988.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021989.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021990.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021991.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021992.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021993.exe (Trojan.Refroso) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021994.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021961.exe (Worm.Autorun) -> No action taken. c:\system volume information\_restore{3a0cb424-4bb5-4377-8eff-7666a3dfea48}\RP35\A0021979.exe (Trojan.Refroso) -> No action taken. c:\documents and settings\Armaxa\secupdat.dat (Worm.Autorun) -> No action taken.
- Сделайте лог MBAM
А также (перед повторными логами)
Внимание! Официальная поддержка (и выпуск обновлений) для Windows XP SP2 прекращена
Установите SP3 (может потребоваться активация) + все новые обновления для Windows
Установите Internet Explorer 8 (даже если им не пользуетесь)
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
Вроде бы все чисто стало..
Сообщение №5 прочтите и выполните.
Иначе червь скоро снова приползет
Microsoft MVP 2012-2016 Consumer Security
Microsoft MVP 2016 ReconnectАнтивирусная помощь
Статистика проведенного лечения:
- Получено карантинов: 1
- Обработано файлов: 140
- В ходе лечения обнаружены вредоносные программы:
- c:\\documents and settings\\armaxa\\application data\\lsass.exe - Worm.Win32.AutoRun.bypy ( DrWEB: Trojan.Packed.21318, BitDefender: Trojan.Generic.5335738, NOD32: Win32/Agent.OUF trojan, AVAST4: Win32:Inject-ABQ [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\bb66s81e3 .exe - Trojan-Downloader.Win32.Pher.haq ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\eafvb60dj tp.exe - Trojan-Downloader.Win32.Refroso.cbp ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\ek5fbwxc8 5.exe - Trojan-Downloader.Win32.Pher.hao ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\fvb66s86e 81.exe - Trojan-Downloader.Win32.Pher.hao ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\l2c0d03e. exe - Trojan-Downloader.Win32.Pher.hgl ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\m1iejfvg. exe - Trojan-Downloader.Win32.Refroso.cbq ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\o81almhn6 0p.exe - Trojan-Downloader.Win32.Refroso.cbp ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\tt66k81wh .exe - Trojan-Downloader.Win32.Refroso.cbr ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\uvwrm3i2j k.exe - Trojan-Downloader.Win32.Refroso.cbr ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\xdj0afwrr .exe - Trojan-Downloader.Win32.Refroso.cbs ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\x6ypp86g. exe - Trojan-Downloader.Win32.Refroso.cbp ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\y65q1ghm. exe - Trojan-Downloader.Win32.Refroso.cbs ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\zkvrm8ijf k.exe - Trojan-Downloader.Win32.Pher.haq ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\016.exe - Trojan-Downloader.Win32.Pher.hao ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\020.exe - Trojan-Downloader.Win32.Pher.hao ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\023.exe - Trojan-Downloader.Win32.Refroso.cbp ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\045.exe - Trojan-Downloader.Win32.Refroso.cbp ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\1ufgbh6.e xe - Trojan-Downloader.Win32.Pher.hao ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\143.exe - Trojan-Downloader.Win32.Refroso.cbr ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\145.exe - Trojan-Downloader.Win32.Pher.hao ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\154.exe - Trojan-Downloader.Win32.Pher.hgl ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\26wrrss.e xe - Trojan-Downloader.Win32.Pher.haq ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\283.exe - Trojan-Downloader.Win32.Pher.haq ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\3gbrsnd.e xe - Trojan-Downloader.Win32.Pher.hao ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\3wrx91o.e xe - Trojan-Downloader.Win32.Refroso.cbq ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\316.exe - Trojan-Downloader.Win32.Refroso.cbs ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\442.exe - Trojan-Downloader.Win32.Refroso.cbp ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\5ek5fbw.e xe - Trojan-Downloader.Win32.Refroso.cbp ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\521.exe - Trojan-Downloader.Win32.Refroso.cbq ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\531.exe - Trojan-Downloader.Win32.Refroso.cbp ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\567.exe - Trojan-Downloader.Win32.Pher.haq ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\569.exe - Trojan-Downloader.Win32.Pher.hgl ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\665.exe - Trojan-Downloader.Win32.Refroso.cbr ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\70nj1uq.e xe - Trojan-Downloader.Win32.Pher.hgl ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\725.exe - Trojan-Downloader.Win32.Pher.hgl ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\736.exe - Trojan-Downloader.Win32.Refroso.cbp ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\739.exe - Trojan-Downloader.Win32.Refroso.cbr ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\747.exe - Trojan-Downloader.Win32.Refroso.cbs ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\81alc1s.e xe - Trojan-Downloader.Win32.Pher.hgl ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\888.exe - Trojan-Downloader.Win32.Refroso.cbs ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\925.exe - Trojan-Downloader.Win32.Pher.hao ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\926.exe - Trojan-Downloader.Win32.Refroso.cbq ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\934.exe - Trojan-Downloader.Win32.Refroso.cbq ( DrWEB: Trojan.DownLoader1.37726, BitDefender: Trojan.Generic.6976251, NOD32: Win32/Lethic.AA trojan, AVAST4: Win32:Lethic-B [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\936.exe - Trojan-Downloader.Win32.Pher.haq ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
- c:\\documents and settings\\armaxa\\doctorweb\\quarantine\\949.exe - Trojan-Downloader.Win32.Pher.hgl ( DrWEB: Trojan.Packed.21230, BitDefender: Trojan.Generic.6818452, AVAST4: Win32:Refroso-DC [Trj] )
Уважаемый(ая) Armanio, наши специалисты оказали Вам всю возможную помощь по вашему обращению.
В целях поддержания безопасности вашего компьютера настоятельно рекомендуем:
Чтобы всегда быть в курсе актуальных угроз в области информационной безопасности и сохранять свой компьютер защищенным, рекомендуем следить за последними новостями ИТ-сферы портала Anti-Malware.ru:
Надеемся больше никогда не увидеть ваш компьютер зараженным!
Если Вас не затруднит, пополните пожалуйста нашу базу безопасных файлов.