вирус govome

Non-English Boards Русский
1

Ктонибудь знает как избавится от навязчивой страницы govome.com??

2

viaponz, здравствуйте и добро пожаловать на форум!

Для плодотворной работы рекомендуем ознакомиться с темой Информация о форуме.

Для подготовки отчётов (логов), необходимых для лечения Вашего компьютера от заражений, рекомендуем ознакомиться с темой Логи для помощи в очистке компьютера от заражений

Не стесняйтесь задавать вопросы, если Вам что-то непонятно. Желаем удачи!

3

как узнать какие фалйы легитимные и какие вобще нельзя удалять ?

4

Лучше ничего не удаляйте, просто сохраните отчет.

5

файлы сканирования

6

и ещё 1

7

[*]Скачайте прикрепленный файл fix.txt на Рабочий стол
[*]запустите снова программу OTL by OldTimer и нажмите run fix
[*]OTL спросит о местонахождении файла fix.txt
[*]Выберите файл, который Вы загрузили, и снова нажмите run fix.

  • Компьютер перезагрузится.
  • После перезагрузки откройте папку “C:_OTL\MovedFiles”, найдите последний .log файл (лог в формате mmddyyyy_hhmmss.log), откройте и скопируйте текст из него в следующее сообщение.

ВНИМАНИЕ! данный скрипт написан только для этого пользователя,использование его на другом компьютере может привести к неработоспособности ОС!

8

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-2695297788-303855387-2084937596-1000\Software\Microsoft\Internet Explorer\SearchScopes\DefaultScope| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\speedanalysisplus@SpeedAnalysis.com deleted successfully.
C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\speedanalysisplus@SpeedAnalysis.com\chrome\skin folder moved successfully.
C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\speedanalysisplus@SpeedAnalysis.com\chrome\content\mz folder moved successfully.
C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\speedanalysisplus@SpeedAnalysis.com\chrome\content folder moved successfully.
C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\speedanalysisplus@SpeedAnalysis.com\chrome folder moved successfully.
C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\speedanalysisplus@SpeedAnalysis.com folder moved successfully.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\speedanalysisplus@SpeedAnalysis.com deleted successfully.
File C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\speedanalysisplus@SpeedAnalysis.com not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\SpecialSavings@SpecialSavings.com deleted successfully.
C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\skin folder moved successfully.
C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\mz folder moved successfully.
C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content folder moved successfully.
C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome folder moved successfully.
C:\Users\ульталодкишка\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com folder moved successfully.
Folder C:\Users\ульталодкишка\AppData\Roaming\mozilla\Extensions\SpecialSavings@SpecialSavings.com\ not found.
Folder C:\Users\ульталодкишка\AppData\Roaming\mozilla\Extensions\speedanalysisplus@SpeedAnalysis.com\ not found.
Use Chrome’s Settings page to change the HomePage.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{8984B388-A5BB-4DF7-B274-77B879E179DB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}\ not found.
ADS C:\Users\ульталодкишка\wws_crashreport_uploader.exe:crc deleted successfully.
ADS C:\Users\ульталодкишка\WebBrowserAssets.txt:crc deleted successfully.
ADS C:\Users\ульталодкишка\vld.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\vivoxsdk.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\vivoxplatform.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\vivoxoal.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\Uninstaller.exe:crc deleted successfully.
ADS C:\Users\ульталодкишка\SoundSettings.xml:crc deleted successfully.
ADS C:\Users\ульталодкишка\pxtask_cuda_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\PlanetSide2.exe:crc deleted successfully.
ADS C:\Users\ульталодкишка\PhysX3Gpu_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\PhysX3Cooking_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\PhysX3Common_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\PhysX3CharacterKinematic_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\PhysX3_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\nvToolsExt32_1.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\LoadingScreen.xml:crc deleted successfully.
ADS C:\Users\ульталодкишка\libsndfile-1.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\libGLESv2.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\libEGL.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\LaunchPad.ini:crc deleted successfully.
ADS C:\Users\ульталодкишка\LaunchPad.ico:crc deleted successfully.
ADS C:\Users\ульталодкишка\inspector.pak:crc deleted successfully.
ADS C:\Users\ульталодкишка\InputProfile_Default.xml:crc deleted successfully.
ADS C:\Users\ульталодкишка\GraphicsDriver.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\Graphics.ini:crc deleted successfully.
ADS C:\Users\ульталодкишка\GInput_GDI.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GInput_DX8.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GInput.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GFont_FT2.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GDraw_GDI.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GDraw_D3D9.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GDraw.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GDF.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GCtrlTheme_Infinity.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GCtrlTheme_Bitmap.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GControlForms.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GControl.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\faultlog.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\dpvsd.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\DeepGraphicsWrapper.ini:crc deleted successfully.
ADS C:\Users\ульталодкишка\cudart32_42_6.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\cgGL.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\ca-bundle.crt:crc deleted successfully.
ADS C:\Users\ульталодкишка\awesomium.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\avutil-51.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\avformat-53.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\avcodec-53.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\atimgpud.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\ApexFramework_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_TurbulenceFS_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_ParticleIOS_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_Loader_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_ForceField_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_FieldSampler_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_DynamicSystemPROFILE_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_DynamicSystem_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_Destructible_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_Destructible_LEGACY_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\welcome.txt:crc deleted successfully.
ADS C:\Users\ульталодкишка\vld.ini:crc deleted successfully.
ADS C:\Users\ульталодкишка\steam_api.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\picn1020.ssm:crc deleted successfully.
ADS C:\Users\ульталодкишка\ortp.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\mss32.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\icudt.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GParse.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\GDraw_GL.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\dpvs.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\cudart64_32_16.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\cudart32_32_16.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\ClientConfigLiveLaunchpad.ini:crc deleted successfully.
ADS C:\Users\ульталодкишка\cg.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\awesomium_process.exe:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_IOFX_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_IOFX_Legacy_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_Framework_Legacy_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_Emitter_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_Emitter_Legacy_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_Common_Legacy_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_BasicIOS_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\APEX_BasicFS_x86.dll:crc deleted successfully.
ADS C:\Users\ульталодкишка\glut32.dll:crc deleted successfully.

9

========== FILES ==========
C:\RECYCLER\S-1-5-21-1229272821-776561741-839522115-1004\Dc139.exe moved successfully.
File\Folder C:\Users\ульталодкишка\AppData\Roaming\SPEEDANALYSIS.ICO. not found.
C:\Program Files (x86)\MOZILLA FIREFOX\browser\SEARCHPLUGINS\dosearches.xml moved successfully.
C:\Users\ульталодкишка\AppData\Roaming\dosearches folder moved successfully.
C:\Users\ульталодкишка\AppData\Roaming\speedanalysisplus folder moved successfully.
C:\Users\ульталодкишка\Videos\iLividSetup-r484-n-bu.exe moved successfully.
C:\Users\ульталодкишка\AppData\Local\Temp\MircosoftStudio\eGdpSvc.exe moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Все пользователи

User: г«мв «®¤ЄЁиЄ
->Temporary Internet Files folder emptied: 33170 bytes

User: ульталодкишка
->Temp folder emptied: 9002405721 bytes
->Temporary Internet Files folder emptied: 45611475 bytes
->FireFox cache emptied: 387026231 bytes
->Google Chrome cache emptied: 219017731 bytes
->Flash cache emptied: 91503 bytes

User:

10

User:

11

viaponz, проблема решена или по-прежнему открывается govome.com?

12

да решена не открывается

13

Запустите снова программу OTL by OldTimer и нажмите кнопку CleanUp для удаления программы OTL.