�� esetnod32.ru [��: �� ]

��

Wed, 25 Jun 2014 16:52:11 +0400

��  � �� .
�� Firefox, �� (��) �� .
�� ESET NOD32 �� SystemVolume Information

��,
��
http://forum.esetnod32.ru/forum9/topic3998/
25.06.2014 16:52:11, santy.

��

Wed, 25 Jun 2014 16:27:45 +0400

��  � �� .
� �� ,�� firefox � �� .�� , �� 5 ��.
�� ,�� ?
�� ?
25.06.2014 16:27:45, �� .

��

Wed, 25 Jun 2014 15:54:51 +0400

��  � �� .
� Firefox ��

====quote====
�� Extension BonanzaDeals 3.0 bonanzadeals.net default Firefox 25.0 C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\nbg17que.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
�� Extension CinemaLoad 3.3.0.0 default Firefox 25.0 C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\nbg17que.default\extensions\{deb24184-8668-490a-af07-b4fd27016097}.xpi
�� Extension Fast Start 4.2.3 lightningnewtab.com default Firefox 25.0 C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\nbg17que.default\extensions\faststartff@gmail.com
�� Extension Quick Start 3.1.3 lightningnewtab.com default Firefox 25.0 C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\nbg17que.default\extensions\quick_start@gmail.com
�� Extension shortcut 1.1.1 lightning default Firefox 25.0 C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\nbg17que.default\extensions\shortcutff@gmail.com
�� Extension SuperMegaBest.com 3.1 SuperMegaBest.com default Firefox 25.0 C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\nbg17que.default\extensions\jid1-n5ARdBzHkUEdAA@jetpack.xpi
�� Extension WebAlta Toolbar 1.02 Eu2 default Firefox 25.0 C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\nbg17que.default\extensions\{4933189D-C7F7-4C6E-834B-A29F087BFD24}.xpi

=============

� ��

====quote====
�� Extension LinguaLeo 1.0.7.2 �� C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nglbhlefjhcjockellmeclkcijildjhi\1.0.7.2_0
�� Extension Newhub 9.4.15 �� C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aoejbmmillcdifgagjpdlaamnalbielp\9.4.15_1

=============

�� , �� .
25.06.2014 15:54:51, santy.

��

Wed, 25 Jun 2014 14:10:40 +0400

��  � �� .
� �� mail.ru,��
�� (Bingo ads), �� -�� Yet Another Cleaner(�� ,� �� )
firefox.txt
google.txt
25.06.2014 14:10:40, �� .

��

Wed, 25 Jun 2014 13:29:15 +0400

��  � �� .
� �� ,� �� ��, �� mail.ru, yandex
�� ��

��

��
http://forum.esetnod32.ru/forum9/topic10570/
25.06.2014 13:29:15, santy.

��

Wed, 25 Jun 2014 13:23:23 +0400

��  � �� .
�� ,��,�� ...
AdwCleaner[R0].txt
AdwCleaner[S0].txt

25.06.2014 13:23:23, �� .

��

Wed, 25 Jun 2014 11:33:18 +0400

��  � �� .
� �� ,

�� ,

��,

��
http://forum.esetnod32.ru/forum9/topic7084/
25.06.2014 11:33:18, santy.

��

Wed, 25 Jun 2014 11:15:34 +0400

��  � �� .
�� ?
Malwerybyte.txt

25.06.2014 11:15:34, �� .

��

Wed, 25 Jun 2014 05:38:24 +0400

��  � �� .
� �� (2.*) �� - �� threat scan
25.06.2014 05:38:24, santy.

��

Tue, 24 Jun 2014 22:38:45 +0400

��  � �� .
��
�� - � �� .
��
24.06.2014 22:38:45, RP55 RP55.

��

Tue, 24 Jun 2014 22:29:13 +0400

��  � �� .
�� ))) �� -�� ,�� .�� .�� .�� -�� ))
24.06.2014 22:29:13, �� .

��

Tue, 24 Jun 2014 20:03:39 +0400

��  � �� .

====quote====
24.06.2014 18:15:57 �� , �� = C:\WINDOWS\system32\hfnapi.dll �� Win32/RiskWare.NetFilter.B ��
24.06.2014 18:15:54 �� , �� = C:\WINDOWS\system32\hfpapi.dll �� Win32/RiskWare.NetFilter.B ��
24.06.2014 16:22:49 �� , �� = C:\WINDOWS\system32\hfnapi.dll �� Win32/RiskWare.NetFilter.B �� HOME-2E7D12D90B\User

=============

�� .

�� uVS:
- �� ;
- �� uVS(start.exe), �� : �� , �� - �� - �� ;
- �� ;
�� - �� _�� "��"
====code====


;uVS v3.82.8 [http://dsrt.dyndns.org]
;Target OS: NTv5.1

OFFSGNSAVE
zoo %SystemDrive%\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\IEPLUGINSERVICES\PLUGINSERVICE.EXE
addsgn 1A7ABE9A5583338CF42B627DA804DE52730188D29971535C9148B9985C5DB0C7F214056CC0239572D38F06F7451649F5C7FA44BB12DAB15F2A8400C6D0052273 8 Win32/ELEX.AD [ESET-NOD32]

zoo %Sys32%\NETUPDSRV.EXE
addsgn 1AA3E79A5583D98CF42B254E3143FE86C9AA77B381AC48128D9A7B84B49771C15EF730F2B71065C26E8CDB1603EA177FBDABE48455D2C42BEA32502F879F23FE 8 NetworkUpdate.mbam

zoo %Sys32%\NETHTSRV.EXE
addsgn 1ABC099A5583D98CF42B254E3143FE86C9AA77B381AC48128D9A7B04549471C15EF730F2B71065C26E8CDB1603EA177FBDABE48455D2C42BEA32502F879F23FE 8 NetworkUpdate.mbam

delall %SystemDrive%\DOCUME~1\ALLUSE~1\APPLIC~1\WINCERT\WIN32C~1.DLL
delall %SystemRoot%\TEMP\0.DEL
;------------------------autoscript---------------------------

sreg

chklst
delvir

delref %Sys32%\DRIVERS\NETHFDRV.SYS
del %Sys32%\DRIVERS\NETHFDRV.SYS

delref HTTP://WEBALTA.RU/SEARCH?FROM=FF&Q=
; Network System Driver
exec C:\Program Files\Common Files\Config\uninstinethnfd.exe

deltmp
delnfr
areg

;-------------------------------------------------------------

=============
��, �� .
------------
��,
��
http://forum.esetnod32.ru/forum9/topic10688/
24.06.2014 20:03:39, santy.

��

Tue, 24 Jun 2014 18:54:20 +0400

��  � �� .
1 � 2
��.txt
HOME-2E7D12D90B_2014-06-24_18-41-37.7z
24.06.2014 18:54:20, �� .

��

Tue, 24 Jun 2014 17:50:39 +0400

��  � �� .
1. ��
http://forum.esetnod32.ru/forum9/topic2687/

2. ��
http://forum.esetnod32.ru/forum9/topic1408/

3. ��
24.06.2014 17:50:39, santy.

��

Tue, 24 Jun 2014 17:23:58 +0400

��  � �� .
��!�� ...�� ,�� ,� �� ...

��.txt
HOME-2E7D12D90B_2014-06-24_18-41-37.7z
24.06.2014 17:23:58, �� .

����� esetnod32.ru [����: ���� � ��� �� �����]

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

���� � ��� �� �����

�� esetnod32.ru [��: �� ]

��

��

��

��

��

��

��

��

��

��

��

��

��

��

��