��

Tue, 22 Mar 2016 07:30:23 +0300

��  ��  � �� .
��,
3.��
http://forum.esetnod32.ru/forum9/topic7084/

*****
4.� ��, �� ,
� �� �� �� mail.ru, yandex (�� )
�� ��
��,

5.�� FRST
http://pchelpforum.ru/f26/t24207/2/#post1257991
22.03.2016 07:30:23, santy.

��

Tue, 22 Mar 2016 05:43:20 +0300

��  ��  � �� .
��
�� .txt
22.03.2016 05:43:20, Andrey Anohin.

��

Tue, 22 Mar 2016 05:26:20 +0300

��  ��  � �� .
�� , ��
�� , �� , �� Users
22.03.2016 05:26:20, santy.

��

Tue, 22 Mar 2016 00:09:10 +0300

��  ��  � �� .
�� .
�� . �� . � ��-�� .
��
TOLYA_2016-03-21_23-59-13.rar
22.03.2016 00:09:10, Andrey Anohin.

��

Mon, 21 Mar 2016 06:13:49 +0300

��  ��  � �� .
�� uVS:
- �� ;
- �� uVS(start.exe), �� : �� , �� - �� - �� ;
- �� ;
�� - �� _�� "��"
====code====


;uVS v3.87 [http://dsrt.dyndns.org]
;Target OS: NTv6.1
v385c
OFFSGNSAVE
;------------------------autoscript---------------------------

chklst
delvir

deldirex %SystemDrive%\PROGRAM FILES\REIMAGE\REIMAGE PROTECTOR

delref %SystemDrive%\USERS\BEFB~1\APPDATA\ROAMING\DIGITA~1\UPDATE~1\UPDATE~1.EXE
del %SystemDrive%\USERS\BEFB~1\APPDATA\ROAMING\DIGITA~1\UPDATE~1\UPDATE~1.EXE

deldirex %SystemDrive%\PROGRAM FILES\REIMAGE\REIMAGE REPAIR

deldirex %SystemDrive%\PROGRAM FILES (X86)\RISING\RAV

deldirex %SystemDrive%\PROGRA~2\SEARCHPROTECT\SEARCHPROTECT\BIN

delref {8984B388-A5BB-4DF7-B274-77B879E179DB}\[CLSID]
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DILAMGBDAEBKBPKKMFMMFBNAAMKHIJDEK%26INSTALLSOURCE%3DONDEMAND%26UC

delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DOFDGAFMDEGFKHFDFKMLLFEFMCMCJLLEC%26INSTALLSOURCE%3DONDEMAND%26UC

delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPCHFCKKCCLDKBCLGDEPKAONAMKIGNANH%26INSTALLSOURCE%3DONDEMAND%26UC

delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPNOOFFJHCLKOCPLOPFFDBCDGHMIFFHJI%26INSTALLSOURCE%3DONDEMAND%26UC

deldirex %SystemDrive%\IQIYI VIDEO\LSTYLE

deldirex %SystemDrive%\PROGRAM FILES (X86)\TENCENT\QQPCMGR\10.10.16434.218

delref %Sys32%\DRIVERS\TSSKX64.SYS
del %Sys32%\DRIVERS\TSSKX64.SYS

delref %SystemDrive%\USERS\����\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\ILAMGBDAEBKBPKKMFMMFBNAAMKHIJDEK\4.0.5_0\����� MAIL.RU
delref %SystemDrive%\USERS\����\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NEHAPOFAKGHLJOPFEGJOGPGPELJKHJJN\8.15.0_0\����� � ��������� � ������
delref %SystemDrive%\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\ILAMGBDAEBKBPKKMFMMFBNAAMKHIJDEK\4.0.5_0\����� MAIL.RU
delref %SystemDrive%\USERS\�����\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\AOJOECKCMJGHLCHNNENFKBFLNDBEPJPK\8.17.1_0\����� � ��������� � ������
delref %SystemDrive%\USERS\�����\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\ILAMGBDAEBKBPKKMFMMFBNAAMKHIJDEK\4.0.5_0\����� MAIL.RU
delref %SystemDrive%\USERS\�����\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\LALFIODOHDGAEJJCCFGFMMNGGGPPLMHP\8.9.0_0\��������� � ������
delref %SystemDrive%\USERS\����\APPDATA\LOCAL\YANDEX\UPDATER\PRAETORIAN.EXE
del %SystemDrive%\USERS\����\APPDATA\LOCAL\YANDEX\UPDATER\PRAETORIAN.EXE

deldirex %SystemDrive%\PROGRAM FILES (X86)\WEBGET\BIN

deldirex %SystemDrive%\PROGRAM FILES (X86)\COMMON FILES\TENCENT\QQDOWNLOAD\130

delref HTTP://QIP.RU
delref HTTP://SEARCH.QIP.RU
delref %SystemDrive%\USERS\����\APPDATA\LOCAL\TEMP\IS1590112554\277113404_STP\CODECPACK.EXE
del %SystemDrive%\USERS\����\APPDATA\LOCAL\TEMP\IS1590112554\277113404_STP\CODECPACK.EXE

delref HTTP://WWW.QIP.RU/
; Pandora Service
exec  C:\Program Files (x86)\PANDORA.TV\PanService\unins000.exe
; Search Protect
exec  C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe" /S
deltmp
delnfr
;-------------------------------------------------------------

restart

=============
��, �� .
------------
��,
��
http://forum.esetnod32.ru/forum9/topic10688/
21.03.2016 06:13:49, santy.

��

Sun, 20 Mar 2016 20:37:45 +0300

��  ��  � �� .
�� santy.
�� .(�� ).
�� .
�� zloyDi ��, �� . � �� ESET
TOLYA_2016-03-20_20-27-06.rar
20.03.2016 20:37:45, Andrey Anohin.

��

Tue, 01 Mar 2016 13:03:46 +0300

��  ��  � �� .

====quote====
Andrey Anohin ��:
�� -�� ?
=============

�� ? �� , �� .
01.03.2016 13:03:46, zloyDi.

��

Tue, 01 Mar 2016 10:04:29 +0300

��  ��  � �� .
�� , ��
��
01.03.2016 10:04:29, santy.

��

Tue, 01 Mar 2016 09:32:11 +0300

��  ��  � �� .
��.
�� "ljhalviuayrewifql"(�� ). �� , �� -�� , �� . �� ,�� .
�� ESET smart secuity 9. �� .
�� -�� ?
01.03.2016 09:32:11, Andrey Anohin.

����� esetnod32.ru [����: �������� �����]

�������� �����

�������� �����

�������� �����

�������� �����

�������� �����

�������� �����

�������� �����

�������� �����

�������� �����

�� esetnod32.ru [��: �� ]

��

��

��

��

��

��

��

��

��