�� esetnod32.ru [��: ��: Win32/Qhost �� ]

��: Win32/Qhost ��

Sat, 30 Mar 2013 16:18:18 +0400

��: Win32/Qhost ��  � �� .
��

====quote====
�� : 1
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> ��: (1) ��: (0) -> �� .

=============
�� . �� .

�� 
http://forum.esetnod32.ru/forum9/topic3998/
30.03.2013 16:18:18, zloyDi.

��: Win32/Qhost ��

Sat, 30 Mar 2013 15:42:32 +0400

��: Win32/Qhost ��  � �� .
�� .
�� , �� .
�� MBAM �� [FILE ID=14067]
MBAM-log-2013-03-30 (15-37-38).txt
30.03.2013 15:42:32, Terrran.

��: Win32/Qhost ��

Sat, 30 Mar 2013 14:43:30 +0400

��: Win32/Qhost ��  � �� .
�� !

� �� UVS �� script.cmd
�� , �� ,
�� �� �� �� � �� .
�� , �� !

====code====

;uVS v3.77.8 script [http://dsrt.dyndns.org]
;Target OS: NTv5.1

delall %SystemDrive%\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\BPROTECTOR\BPROTECT.EXE
delall %SystemDrive%\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\IBUPDATERSERVICE\IBSVC.EXE
delall PROTECTOR.DLL
delref HTTP://HOME.SWEETIM.COM/?CRG=3.1010000.10002&BARID={67CE6FE3-4DFA-11E2-AD0D-00240103A219}
delref HTTP://SEARCH.BABYLON.COM/?AF=101587&BABSRC=HP_SS&MNTRID=58558EE300000000000000240103A219
delref HTTP://SEARCH.BABYLON.COM/?AF=101587&BABSRC=NT_SS&MNTRID=58558EE300000000000000240103A219
exec "C:\PROGRAM FILES\BABYLONTOOLBAR\BABYLONTOOLBAR\1.5.3.17\UNINSTALL.EXE"
exec C:\PROGRAM FILES\DVDVIDEOSOFT\UNINSTALL.EXE
exec C:\PROGRAM FILES\DVDVIDEOSOFTTB\UNINSTALL.EXE
exec "C:\PROGRAM FILES\MAIL.RU\GUARD\GUARDMAILRU.EXE" /UNINSTALL
exec MSIEXEC.EXE /X{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
exec "C:\PROGRAM FILES\MCAFEE SECURITY SCAN\UNINSTALL.EXE"
exec "E:\DIST\OBSOLETE\UNINS000.EXE"
exec "C:\PROGRAM FILES\PANDORA.TV\PANSERVICE\UNINS000.EXE"
exec MSIEXEC.EXE /X{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
regt 3
regt 12
regt 14
regt 18
deltmp
delnfr
restart

============= � �� ��.
��
�� .

��(�� ) �� MBAM
http://forum.esetnod32.ru/forum9/topic682/
�� �� . ��
30.03.2013 14:43:30, zloyDi.

��: Win32/Qhost ��

Sat, 30 Mar 2013 14:36:23 +0400

��: Win32/Qhost ��  � �� .
��.

ESET NOD32 Antivirus
��: C\WINDOWS\system32\drivers\etc\hosts
��: Win32/Qhost ��
��: �� - ��

�� . �� , �� , ��
�� [FILE ID=14066]
FGN_2013-03-30_14-17-25.rar
30.03.2013 14:36:23, Terrran.

����� esetnod32.ru [����: ������: Win32/Qhost ��������� ���������]

������: Win32/Qhost ��������� ���������

������: Win32/Qhost ��������� ���������

������: Win32/Qhost ��������� ���������

������: Win32/Qhost ��������� ���������

�� esetnod32.ru [��: ��: Win32/Qhost �� ]

��: Win32/Qhost ��

��: Win32/Qhost ��

��: Win32/Qhost ��

��: Win32/Qhost ��