Подцепила Baidu

12 июля, 2015

Добрый день.
Помогите, подцепила Baidu
Вот отчет
ComboFix:

ComboFix 15-07-10.01 - Win7 12.07.2015 12:47:02.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1251.7.1049.18.2811.1830 [GMT 3:00]
Running from: C:\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VKSaver
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VKSaver\Launch VKSaver.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VKSaver\Readme.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VKSaver\Uninstall.lnk
C:\ProgramData\ntuser.pol
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru.json
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\app.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\aboutSupport.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\addonfs.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\addonmgr.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\addonStatus.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\advertisement.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\alarms.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\auth.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\authAdapter.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\backgroundImages.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\backup.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\barnavig.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\blacklist.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\bookmarks.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\branding.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\clids.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\cloudsource.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\colors.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\common-advertisement.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\common-auth\auth-manager.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\common-auth\authdefs.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\common-auth\pwdmng.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\common-auth\utils.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\common-utils.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\databaseMigration.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\dataprovider.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\dayuse.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\fastdial.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\favicons.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\frontendHelper.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\installer.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\integration.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\internalStructure.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\layout.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\metrika.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\install.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_0.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_12.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_13.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_14.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_16.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_3.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_9.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\package.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\protocolSupport.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\safebrowsing.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\screenshots.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\screenshotsGrabber.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\searchExample.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\searchSuggest.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\statistics.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\strbundle.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\sync.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\syncPinned.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\syncTopHistory.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\thumbs.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\thumbsSuggest.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\usageHistory.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\workers\barnavig.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\cbapp\parts\ycookie.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\chrome.manifest
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\chrome\yandex-vb.jar
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\components\core.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\config.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\defaults\preferences\yandex-vb.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\defaults\vendor\vendor.xml
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\install.rdf
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\AddonManager.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\DataURI.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\Foundation.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\async.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\database.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\ecustom.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\fileutils.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\misc.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\netutils.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\patterns.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\promise.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\strutils.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\sysutils.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\task.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\foundation\xmlutils.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\Log4Moz.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\Preferences.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\SimpleHTMLParser.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\SimpleProtocol.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\Stemmer.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\WindowListener.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vb@yandex.ru\modules\WinReg.jsm
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru.json
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\bar.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\aboutSupport.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\addonfs.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\addonmgr.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\addonStatus.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\anonymousStatistic.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\autoinst.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\barnavig.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\bookmarksStat.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\brand_prov.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\branding.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\browserTheme.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\browserUsage.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\clids.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\compsusage.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\contentEnvironment.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\dayuse.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\defender.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\distribution.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\incoming.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\installer.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\integration.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\mailruStat.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\install.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-5_2_0.js
C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-6_4_0.js

Сообщение от модератора "Mark D. Pearlstone"

Сообщение перенесено из темы

Добавлен спойлер.

12 июля, 2015

Порядок оформления запроса о помощи

Подцепила Baidu

Рекомендуемые сообщения

Rika1995

Mark D. Pearlstone

Пожалуйста, войдите, чтобы комментировать

Обзор

Активность

Магазин

Поддержка

Kaspersky Support Forum