�� esetnod32.ru [��: �� ]

��

Wed, 20 Mar 2019 19:28:22 +0300

��  ESET �� vk.com � �� .

====quote====
�� :
�� chrome �� gmail. �� - ��
=============

� �� Google ( �� )
��: http://my-chrome.ru/2013/05/kak-pravilno-otklyuchit-sinxronizaciyu-v-google-chrome/
�� ( �� ) > �� ...
20.03.2019 19:28:22, RP55 RP55.

��

Wed, 20 Mar 2019 05:50:49 +0300

��  ESET �� vk.com � �� .
�� Chrome �� ?

6. �� fixlist.txt � �� Farbar Recovery Scan Tool:
�� FRST � �� Fix � ��. �� -�� (Fixlog.txt). ��, �� !

====code====

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:58A5270D [376]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]
AlternateDataStreams: C:\Users\��� ������������\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\��� ������������\TEMP:58A5270D [376]

EmptyTemp:
Reboot:

=============
+
�� , �� .
20.03.2019 05:50:49, santy.

��

Wed, 20 Mar 2019 01:15:19 +0300

��  ESET �� vk.com � �� .

====quote====
santy ��:
2.��
��
��,
3.��
http://forum.esetnod32.ru/forum9/topic7084/

*****
4.� ��, �� ,
� �� mail.ru, yandex (�� )
��
��,

5.�� FRST
http://forum.esetnod32.ru/forum9/topic2798/
=============
� �� , �� vk.com eset �� (��. ��).
�� FRST ��.
FRST.txt
Addition.txt

20.03.2019 01:15:19, �� .

��

Tue, 19 Mar 2019 04:56:02 +0300

��  ESET �� vk.com � �� .
2.��
��
��,
3.��
http://forum.esetnod32.ru/forum9/topic7084/

*****
4.� ��, �� ,
� �� �� �� mail.ru, yandex (�� )
�� ��
��,

5.�� FRST
http://forum.esetnod32.ru/forum9/topic2798/
19.03.2019 04:56:02, santy.

��

Mon, 18 Mar 2019 22:40:28 +0300

��  ESET �� vk.com � �� .
�� , �� , �� vk.com.
�� , �� (.txt ��). �� - �� .

�� chrome �� gmail. �� - �� . [FILE ID=111011]
1231.txt
18.03.2019 22:40:28, �� .

��

Mon, 18 Mar 2019 10:47:37 +0300

��  ESET �� vk.com � �� .
�� uVS:
- �� ;
- �� uVS(start.exe), �� : �� , �� - �� - �� ;
- �� ;
�� - �� _�� "��"
====code====


;uVS v4.1.3 [http://dsrt.dyndns.org]
;Target OS: NTv6.1
v400c
OFFSGNSAVE
;------------------------autoscript---------------------------

delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DDHDGFFKKEBHMKFJOJEJMPBLDMPOBFKFO%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DOHEDCGLHBBFDGAOGJHCCLACOCCBAGKJG%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPBEFKDCNDNGODFEIGFDGIODGNMBGCFHA%26INSTALLSOURCE%3DONDEMAND%26UC
apply

regt 28
regt 29
deltmp
delref %SystemRoot%\SYSWOW64\HASPLMS.EXE
delref %SystemRoot%\SYSWOW64\HASPLMV.EXE
delref {23E5D772-327A-42F5-BDEE-C65C6796BB2A}\[CLSID]
delref {177AFECE-9599-46CF-90D7-68EC9EEB27B4}\[CLSID]
delref {CEF51277-5358-477B-858C-4E14F0C80BF7}\[CLSID]
delref {59116E30-02BD-4B84-BA1E-5D77E809B1A2}\[CLSID]
delref E:\�������\QBITTORRENT\PRO100 5.20 + ���������������� ���������� 1.2 RUS\����������.EXE
delref %SystemDrive%\GAMES\PANZAR\START.EXE
delref %SystemRoot%\SYSWOW64\PEERDISTSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS
delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL
delref %SystemRoot%\SYSWOW64\UMPO.DLL
delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL
delref %SystemRoot%\SYSWOW64\CSCSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\RDVGKMD.SYS
delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS
delref %SystemRoot%\SYSWOW64\LSM.EXE
delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID]
delref {166B1BCA-3F9C-11CF-8075-444553540000}\[CLSID]
delref {233C1507-6A77-46A4-9443-F871F945D258}\[CLSID]
delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID]
delref {CA8A9780-280D-11CF-A24D-444553540000}\[CLSID]
delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID]
delref %SystemRoot%\SYSWOW64\WIN32K.SYS
delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID]
delref %SystemRoot%\SYSWOW64\BLANK.HTM
delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID]
delref {CE8EF313-75FB-4B0B-97C7-3F01A2C0B9CB}\[CLSID]
delref %Sys32%\DRIVERS\RDVGKMD.SYS
delref %Sys32%\DRIVERS\TPM.SYS
delref %Sys32%\MSSPELLCHECKINGFACILITY.DLL
delref %Sys32%\BLANK.HTM
delref HELPSVC\[SERVICE]
delref SACSVR\[SERVICE]
delref TBS\[SERVICE]
delref VMMS\[SERVICE]
delref MESSENGER\[SERVICE]
delref RDSESSMGR\[SERVICE]
delref %Sys32%\PSXSS.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.17\PSMACHINE_64.DLL
delref %Sys32%\IGFXCFG.EXE
delref %Sys32%\SHAREMEDIACPL.CPL
delref %SystemDrive%\PROGRA~2\PRO100\PRO100.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.17\PSMACHINE.DLL
delref G:\SETUP.EXE
delref D:\GAMES\HITMAN 2\RETAIL\HITMAN2.EXE
delref %SystemDrive%\USERS\������\DESKTOP\TOR BROWSER\BROWSER\FIREFOX.EXE
delref D:\GAMES\HITMAN 2\UNINS000.EXE
;-------------------------------------------------------------

restart

=============
��, �� .
------------
��,
��
http://forum.esetnod32.ru/forum9/topic10688/
18.03.2019 10:47:37, santy.

��

Mon, 18 Mar 2019 10:09:19 +0300

��  ESET �� vk.com � �� .

====quote====
santy ��:
@�� ,
��
=============
�� .
18.03.2019 10:09:19, �� .

��

Mon, 18 Mar 2019 05:24:13 +0300

��  ESET �� vk.com � �� .
@�� ,
��
18.03.2019 05:24:13, santy.

��

Mon, 18 Mar 2019 00:32:57 +0300

��  ESET �� vk.com � �� .
��, �� , �� vk.com �� , �� .
�� vk.com �� chrome, ESET �� https://grafy.cx.
�� , �� . �� vk.com.
�� ?
Windows 7 x64
EAV-0116275134
FRST.txt
Addition.txt
��-��_2019-03-18_12-02-44_v4.1.3.7z
18.03.2019 00:32:57, �� .

����� esetnod32.ru [����: ����� ������������]

����� ������������

����� ������������

����� ������������

����� ������������

����� ������������

����� ������������

����� ������������

����� ������������

����� ������������

�� esetnod32.ru [��: �� ]

��

��

��

��

��

��

��

��

��