-

  • Google (2)
  • (10)
  • (8)
  • (11)
  • () (45)
  • (40)
  •     (4)
  • (5)
  • (36)
  •     , (3)
  •    Android (1)
  •     (6)
  •     (12)
  • (15)
  • (4)
  • - (22)
  • ... )) (6)
  • (15)
  • (31)
  • (2)
  • (7)
  • (6)
  • (15)
  • (38)
  • (4)
  • (78)
  • (81)

 -

-
: 146 : 3
-
: 118 : 2
-
: 53 : 0

 - e-mail

 

 -

   Alfizik

 -

 LiveInternet.ru:
: 26.11.2006
:
:
: 16283

:

.


: (12), , (3), Android(1)

: (81), (78), (4), (38), (15), (6), (7), (2), (31), (15), ... ))(6), -(22), (4), (15), (36), (5), (40), () (45), (11), (8), (10), Google (2)
(2)

, 02 2013 . 19:59 +
autorun-. \ - .

, , ( ) \, ( *.exe) . - , .
(*.lnk) . \, , . , \ .
" " .

, *.lnk. "" ( - ). , Google .

, . "" , , "", . "" .

022 (381x455, 29Kb)

?

1. "" ( -> -> -> -> Ok). , , ))

2. attrib. / . Win+R -> -> ... -> cmd ( ).

01 (669x338, 14Kb)

:

attrib -h -s " "



attrib -s -h z:\*.* /s /d

z - . , - .

3. , : Total Commander, Far Manager FreeCommander - .

Total Commander , (), \ , : " -> ", Alt+A "" "".

03 (552x700, 134Kb)

04 (369x468, 15Kb)

Far Manager, , F4, "Hidden" "System".

FreeCommander, \ Shift+Enter, .


===========================

===========================

autorun-?
Autorun- - , ( ) (Explorer).
, , .


Autorun- , autorun.inf () .

autorun.inf - , Windows, , . Autorun.inf Windows -. , ( ), Windows -> -> .., "" " ".

, - - , , - , . - , Windows "-" , , , , -, autorun.inf .

- , , ( ), autorun.inf. - , autorun.inf. .

""?
autorun- , .

Autorun- :
- -;
- , ;
- , , .
/

(7)

, 22 2012 . 11:24 +
, , , - Windows _. .

 01 (513x327, 35Kb)

(MBR), , .

850 ., , . , ! ? .

( ) ( ) ....

:(

- http://www.1st.rv.ua/2011/08/mbr-winlock-remove/

:
- http://freeantivirus.3dn.ru/index/bloker_trojan_mbrlock/0-702
- http://361.com.ua/blog/page3/


, .

1. LiveCD LiveUSB , :


2.


3. Windows

)) , . Windows , . MBR.


:
Dr.Web - Trojan.MBRlock
Kaspersky - Trojan-Ransom.Win32.Mbro
/

(0)

-

, 04 2010 . 15:15 +

 (574x296, 30Kb)

  • - , . - : " ? ? :)".
  • . , - . . , . : , - .
  • . , , . , , ( , , McAfee , DrWeb).
  • . . . , . , .
  • , , . ! , , - . , - :).

- , , , . , , , , . , :
  • . - . , . .
  • . , , . ( ), . - ! - . , , .
  • - - , . , , .

- http://www.xakep.ru/magazine/xs/035/102/1.asp

/

(5)

SMS- , . NOD !!!

, 06 2009 . 15:34 +
. SMS- , Windows. ! SMS, 300 .
 (653x551, 89Kb)
, )))

, , , ( ), . Win+L, . , . ))

:
1. C:\Documents and Settings\\Local Settings\Temp\922.exe
2. C:\Documents and Settings\\Local Settings\Temporary Internet Files\Content.IE5\HO9NMBT5\aa[1].exe
3. C:\WINDOWS\mfo.exe
44544 MD5 : E7A247CE628D8F455D5E895DBEF71976

:
AntiVir - TR/LockScreen.E.1
Avast - Win32:Malware-gen
AVG - SHeur2.BPQG
Comodo - Heur.Suspicious
DrWeb - Trojan.Winlock.428
Kaspersky - Trojan-Ransom.Win32.SMSer.rk
Panda - Trj/CI.A
Symantec - Trojan.Ransomlock.C
NOD !!! , !


.
LiveCD . LiveCD USB- ( Alkid Live CD iNFR@ CD). portable Dr.Web - Dr.Web CureIt!, . - http://www.freedrweb.com/cureit/
AVZ ( ), . . - http://www.z-oleg.com/secur/avz/download.php

AVZ ( )

( ).
: 13616. . , . ( ---> - , Regedit) :

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Desktop \ SafeMode
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Control \ SafeBoot
HKEY_LOCAL_MACHINE \ System \ ControlSet003 \ Control \ SafeBoot
HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Control \ SafeBoot

1 ( ). , , Windows, F8. - " ". .
/


(4)

QIP ver.8094 Win32/Induc.A

, 19 2009 . 13:24 +
Win32/Induc.A ( CodeGear Delphi) Delphi, : QIP, AIMP ( Skype, Total Commander, ).

, Delphi , , SysConst.dcu ( SysConst.bak), Delphi, , Delphi , .


Virus.Win32.Induc.a , Delphi. , .dcu-, Windows .

, Delphi 4.0-7.0. , Virus.Win32.Induc.a Delphi Sysconst.pas , Sysconst.dcu.

Delphi "use SysConst", . , Sysconst.dcu, , , . pas- .

, 8094 QIP ( QIP ). , - Runtime error 3, HKEY_LOCAL_MACHINE\SOFTWARE\Borland\Delphi\x.0 (x 4 7) RootDir ( ).


, . , .
QIP , 8095, :)

(!) ( IE8) ;)

, - QIP, .dcu- Virus.Win32.Induc.a .


Delphi , SysConst.bak, :
1. SysConst.dcu
2. SysConst.bak SysConst.dcu. , , SysConst.bak .

, . Win32/Induc.A : Avast, Kaspersky, NOD32.
/

:  
(2)

, 10 2008 . 11:16 +
, , , . ? , , ( )? . !

 (252x107, 5Kb)
VirusTotal - , , , , .






:
*
*
*
*
*

VirusTotal - , Hispasec Sistemas, IT , , , .

32 (!) :
AhnLab (V3)
Aladdin (eSafe)
ALWIL (Avast! Antivirus)
Authentium (Command Antivirus)
Avira (AntiVir)
Bit9 (FileAdvisor)
Cat Computer Services (Quick Heal)
ClamAV (ClamAV)
CA Inc. (Vet)
Doctor Web, Ltd. (DrWeb)
Eset Software (ESET NOD32)
ewido networks (ewido anti-malware)
Fortinet (Fortinet)
FRISK Software (F-Prot)
F-Secure (F-Secure)
AVG Technologies (AVG)
Hacksoft (The Hacker)
Ikarus Software (Ikarus)
Kaspersky Lab (AVP)
McAfee (VirusScan)
Microsoft (Malware Protection)
Norman (Norman Antivirus)
Panda Security (Panda Platinum)
Prevx (Prevx1)
Rising Antivirus (Rising)
Secure Computing (Webwasher)
Softwin (BitDefender)
Sophos (SAV)
Sunbelt Software (Antivirus)
Symantec (Norton Antivirus)
VirusBlokAda (VBA32)
VirusBuster (VirusBuster)

17 , :)

 (638x416, 40Kb)

- VirusTotal
/
/


 : [1]