begin
ExecuteRepair(20);
RebootWindows(true);
end.
Зараженные ключи в реестре:
HKEY_CLASSES_ROOT\rs_adw.ogn_hob (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\se_gov.ogn_hob.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f1e59df7-d7fc-4ed6-bc1d-d13be02fe6c5} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f1e59df7-d7fc-4ed6-bc1d-d13be02fe6c5} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71e59d37-d7fc-4ed6-bc1d-d13be02fe6c5} (Trojan.Kerlofost) -> No action taken.
HKEY_CURRENT_USER\Software\SearchHelper (Adware.Reklosoft) -> No action taken.
Зараженные параметры в реестре:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\option_1 (Rootkit.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\option_2 (Rootkit.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\option_3 (Rootkit.Agent) -> No action taken.
Зараженные папки:
C:\Program Files\Common Files\wm\keys (Trojan.KeyLog) -> No action taken.
Зараженные файлы:
C:\Program Files\Common Files\Microsoft Shared\Office10\OfficeXP_Activator.exe (RiskWare.Tool.CK) -> No action taken.
C:\Program Files\Common Files\keylog.txt (Malware.Trace) -> No action taken.
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('q:\140062.rus\office14\onenotem.exe','');
BC_ImportQuarantineList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
KillAll::
File::
Driver::
netokt17
Folder::
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2:TCP"= -
"14437:TCP"=-
FileLook::
c:\windows\system32\wininet.dll
DirLook::
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?