santy (Все сообщения пользователя) - Форум технической поддержки ESET NOD32

Цитата
так же временно попробуйте его обновить с серверов ESET

Цитата
Зашифровал в основном файлы .doc .xls .pdf .jpg .exe и другие. зашифровал примерно 70% файлов, по какому принципу выбирал - не понятно, 1с не тронул. Всем файлам к имени добавил id-32206A44.[[email protected]].java (например: ViberSetup.exe.id-32206A44.[[email protected]].java).

Размещено 21.11.2017 16:23:27

Эдуард,
т.е. сейчас у вас антивирус не установлен.

выполняем скрипт в uVS:
- скопировать содержимое кода в буфер обмена;
- стартуем uVS(start.exe), далее выбираем: текущий пользователь, меню - скрипты - выполнить скрипт из буфера обмена;
- закрываем все браузеры перед выполнением скрипта;
при деинсталляции программ - соглашаемся на деинсталляцию_удаление подтверждаем "да"

Код
;uVS v4.0.10 [http://dsrt.dyndns.org] ;Target OS: NTv6.3 v400c OFFSGNSAVE ;------------------------autoscript--------------------------- deldirex %SystemDrive%\USERS\UZER\APPDATA\LOCALLOW\UNITY\WEBPLAYER\LOADER deldirex %SystemDrive%\USERS\ADMINISTRATOR\APPDATA\LOCALLOW\UNITY\WEBPLAYER\LOADER delref {D5FEC983-01DB-414A-9456-AF95AC9ED7B5}\[CLSID] delref HTTP://SEARCH.QIP.RU/?QUERY={SEARCHTERMS} delref HTTP://SEARCH.QIP.RU/IE apply deltmp delref %SystemDrive%\USERS\UZER\APPDATA\LOCAL\TEMP\SETUP-YABROWSER.EXE delref {DECA92E0-AF85-439E-9204-86679978DA08}\[CLSID] delref %Sys32%\DSTOKENCLEAN.EXE delref {47E30D54-DAC1-473A-AFF7-2355BF78881F}\[CLSID] delref %Sys32%\STORAGEUSAGE.DLL delref %Sys32%\WINDOWSACTIONDIALOG.EXE delref {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}\[CLSID] delref {E51DFD48-AA36-4B45-BB52-E831F02E8316}\[CLSID] delref {FF87090D-4A9A-4F47-879B-29A80C355D61}\[CLSID] delref {45F26E9E-6199-477F-85DA-AF1EDFE067B1}\[CLSID] delref {7CCA6768-8373-4D28-8876-83E8B4E3A969}\[CLSID] delref %Sys32%\SPACEMAN.EXE delref {297EE78C-BA95-4E94-81D3-D6E7F089C7B5}\[CLSID] delref {A6BA00FE-40E8-477C-B713-C64A14F18ADB}\[CLSID] delref %Sys32%\SIHCLIENT.EXE delref %Sys32%\DSREGCMD.EXE delref %SystemDrive%\PROGRAM FILES (X86)\SIMPLITEC\KMPFASTER\SERVICEPROVIDER.EXE delref %SystemRoot%\SYSWOW64\COMPMGMTLAUNCHER.EXE delref %SystemRoot%\SYSWOW64\DRIVERS\MRXSMB.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\USBXHCI.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\SRV2.SYS delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\HTTP.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\TCPIP.SYS delref %SystemRoot%\SYSWOW64\UMPOEXT.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\DMVSC.SYS delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\SPACEPORT.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\FVEVOL.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\AFD.SYS delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS delref %SystemRoot%\SYSWOW64\LSM.DLL delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID] delref {19916E01-B44E-4E31-94A4-4696DF46157B}\[CLSID] delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID] delref {88D969C0-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C1-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C2-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C3-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C4-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C5-F192-11D4-A65F-0040963251E5}\[CLSID] delref {CA8A9780-280D-11CF-A24D-444553540000}\[CLSID] delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID] delref %SystemDrive%\USERS\UZER\APPDATA\LOCAL\TEMP\NKCPOPGGJCJKIICPENIKEOGIOEDNJEAC.CRX delref %SystemDrive%\PROGRAM FILES (X86)\GARENA PLUS\BBTALK\PLUGINS\NPPLUGIN\NPGARENATALKPLUGIN.DLL delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID] delref {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}\[CLSID] delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\58.0.3029.81\INSTALLER\CHRMSTP.EXE delref %SystemRoot%\SYSWOW64\BLANK.HTM delref {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}\[CLSID] delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID] delref {55344AC6-630B-430C-B292-C7BE21F90061}\[CLSID] delref {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}\[CLSID] delref {307A6C42-0000-0010-8000-00AA00389B71}\[CLSID] delref %SystemDrive%\PROGRAM FILES\WINDOWS DEFENDER\MSASCUIL.EXE delref %Sys32%\BLANK.HTM delref APPMGMT\[SERVICE] delref HELPSVC\[SERVICE] delref SACSVR\[SERVICE] delref TBS\[SERVICE] delref VMMS\[SERVICE] delref MESSENGER\[SERVICE] delref RDSESSMGR\[SERVICE] delref %Sys32%\DRIVERS\EAGLEX64.SYS delref %SystemDrive%\PROGRAM FILES (X86)\GARENA PLUS\ROOM\SAFEDRV.SYS delref %Sys32%\DRIVERS\VBOXNETFLT.SYS delref %Sys32%\PSXSS.EXE delref %SystemDrive%\USERS\ADMINISTRATOR\APPDATA\ROAMING\HEWLETTPACKARD\HPDETECT\1.0.0.0\NPHPDETECT.DLL delref %SystemDrive%\USERS\ADMINISTRATOR\APPDATA\LOCALLOW\UNITY\WEBPLAYER\LOADER\UNITYWEBPLUGINAX.OCX delref %SystemDrive%\USERS\ADMINISTRATOR\APPDATA\LOCAL\MAIL.RU\GAMECENTER\NPDETECTOR.DLL delref %SystemDrive%\USERS\ADMINISTRATOR\APPDATA\LOCAL\HHD SOFTWARE\HEX EDITOR NEO\PATCHAPI\DLL\X86\HEXPATCH32.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.26.9\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.1\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.32.7\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.27.5\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.15\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.1\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.25.11\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.3\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.23.9\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.24.7\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.25.5\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.13\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.5\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.31.5\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.30.3\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.24.15\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\DAO\DAO360.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.26.9\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\TAPILUA.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.1\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.22.5\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\AEPROAM.DLL delref %SystemRoot%\SYSWOW64\RSTRUI.EXE delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.32.7\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.21.165\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\LISTSVC.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.27.5\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.15\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.1\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.21.153\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\WBEM\NLMCIM.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.25.11\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.3\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.23.9\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\WPCCPL.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.24.7\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.25.5\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES\NVIDIA CORPORATION\INSTALLER2\INSTALLER.{75288034-F9D7-468E-9353-75854FF07BC0}\NVI2.DLL delref %SystemRoot%\SYSWOW64\GPSVC.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.13\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.5\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\IDLISTEN.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.31.5\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES\COMMON FILES\SYSTEM\OLE DB\MSDAORA.DLL delref %SystemRoot%\SYSWOW64\INETSRV\IISRSTAS.EXE delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.30.3\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.22.3\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.24.15\PSMACHINE.DLL delref G:\SETUP.EXE delref G:\STARTME.EXE delref G:\UTLOADER.EXE delref {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\[CLSID] delref E:\SONY VEGAS 13 X64\CRACK\APPLICATIONREGISTRATION.EXE delref %SystemDrive%\PROGRAM FILES (X86)\IPADIAN\IPADIAN.EXE delref E:\SONY VEGAS 13 X64\CRACK\VEGAS130.EXE delref E:\STEAMDOTA\STEAMAPPS\COMMON\ARMA 2 OPERATION ARROWHEAD\EXPANSION\BATTLEYE\UNINSTALLBE.EXE delref E:\AIONRU_3.0.0.8\AIONLEGENDUPDATER_RUS.EXE delref %SystemDrive%\PROGRAM FILES (X86)\ONTRACK\EASYRECOVERY PROFESSIONAL\EASYRECOVERY.EXE delref %SystemDrive%\PROGRAM FILES (X86)\ONTRACK\SHAREDFILES\CRISISCENTER.EXE delref %SystemDrive%\PROGRAM FILES (X86)\AIDA64\EXTREME\AIDA64.EXE delref E:\STEAMDOTA\STEAMAPPS\COMMON\ARMA 2\BATTLEYE\UNINSTALLBE.EXE delref E:\DIVINITY ORIGINAL SIN ENHANCED EDITION(V.2.0.119.430)_COOP_LAND_REPACK_BY_UBERPSYX\GAME\DIVINITY ORIGINAL SIN ENHANCED EDITION\SHIPPING\EOCAPP.EXE delref E:\DIVINITY ORIGINAL SIN ENHANCED EDITION(V.2.0.119.430)_COOP_LAND_REPACK_BY_UBERPSYX\GAME\DIVINITY ORIGINAL SIN ENHANCED EDITION\ПОСЕТИТЬ COOP-LAND.RU.URL delref E:\DIVINITY ORIGINAL SIN ENHANCED EDITION(V.2.0.119.430)_COOP_LAND_REPACK_BY_UBERPSYX\GAME\DIVINITY ORIGINAL SIN ENHANCED EDITION\ПОСЕТИТЬ REVOLT.URL delref E:\DIVINITY ORIGINAL SIN ENHANCED EDITION(V.2.0.119.430)_COOP_LAND_REPACK_BY_UBERPSYX\GAME\DIVINITY ORIGINAL SIN ENHANCED EDITION\SITE.URL delref E:\DIVINITY ORIGINAL SIN ENHANCED EDITION(V.2.0.119.430)_COOP_LAND_REPACK_BY_UBERPSYX\GAME\DIVINITY ORIGINAL SIN ENHANCED EDITION\UNINS000.EXE delref E:\SPACE ENGINEERS\BIN\SPACEENGINEERS.EXE delref E:\SPACE ENGINEERS\BIN64\SPACEENGINEERS.EXE delref E:\SPACE ENGINEERS\ПОСЕТИТЬ COOP-LAND.RU.URL delref E:\SPACE ENGINEERS\ПОСЕТИТЬ REVOLT.URL delref E:\SPACE ENGINEERS\SITE.URL delref E:\SPACE ENGINEERS\UNINS000.EXE delref %SystemDrive%\PROGRAM FILES (X86)\ONTRACK\EASYRECOVERY PROFESSIONAL\ONTRACK.URL delref E:\STEAMDOTA\STEAMAPPS\COMMON\MORTALKOMBAT_KOMPLETEEDITION\DISCCONTENTPC\MKKE.EXE delref E:\STEAMDOTA\STEAMAPPS\COMMON\MORTALKOMBAT_KOMPLETEEDITION\DISCCONTENTPC\INSTALL_RUS\UNINS000.EXE delref %SystemDrive%\PROGRAM FILES (X86)\FILE RECOVERY FOR WINDOWS\FR-FAQ.URL delref %SystemDrive%\PROGRAM FILES (X86)\FILE RECOVERY FOR WINDOWS\FRW.EXE delref %SystemDrive%\PROGRAM FILES (X86)\FILE RECOVERY FOR WINDOWS\UNINSTALL.EXE delref E:\KILLINGFLOOR\KILLINGFLOORUPDATE.EXE delref E:\KILLINGFLOOR\RUN_KF.EXE delref E:\KILLINGFLOOR\UNINS000.EXE delref E:\KILLINGFLOOR\NICK_NAME.EXE delref %SystemDrive%\PROGRAM FILES (X86)\CYBERLINK\POWERDIRECTOR10\PDR10.EXE delref E:\TSETUP\НОВАЯ ПАПКА\PEVEPE TRITON\LAUNCHER.EXE delref E:\TSETUP\НОВАЯ ПАПКА\PEVEPE TRITON\UNINS000.EXE delref E:\MASS EFFECT ANTHOLOGY 2008_2012\GAME\MASS EFFECT\BINARIES\MASSEFFECTCONFIG.EXE delref E:\MASS EFFECT ANTHOLOGY 2008_2012\GAME\MASS EFFECT\MASSEFFECTLAUNCHER.EXE delref E:\MASS EFFECT ANTHOLOGY 2008_2012\GAME\MASS EFFECT\BINARIES\MASSEFFECT.EXE delref E:\MASS EFFECT ANTHOLOGY 2008_2012\GAME\MASS EFFECT\UNINSTALL\UNINS000.EXE delref E:\MASS EFFECT ANTHOLOGY 2008_2012\GAME 2\MASS EFFECT 2\BINARIES\MASSEFFECT2CONFIG.EXE delref E:\MASS EFFECT ANTHOLOGY 2008_2012\GAME 2\MASS EFFECT 2\MASSEFFECT2LAUNCHER.EXE delref E:\MASS EFFECT ANTHOLOGY 2008_2012\GAME 2\MASS EFFECT 2\BINARIES\MASSEFFECT2.EXE delref E:\MASS EFFECT ANTHOLOGY 2008_2012\GAME 2\MASS EFFECT 2\UNINSTALL\UNINS000.EXE delref E:\NEED FOR SPEED™ UNDERCOVER\НОВАЯ ПАПКА\NEED FOR SPEED™ UNDERCOVER\LAUNCHER.EXE delref E:\NEED FOR SPEED™ UNDERCOVER\НОВАЯ ПАПКА\NEED FOR SPEED™ UNDERCOVER\UNINS000.EXE delref E:\AS\DARKSIDERS 2.DEATH LIVES.V 1.0U6 + 18 DLC\DARKSIDERS2.EXE delref E:\AS\DARKSIDERS 2.DEATH LIVES.V 1.0U6 + 18 DLC\UNINSTALL\UNINS000.EXE delref E:\SONY VEGAS 13 X64\VEGAS130.EXE delref E:\WORLD OF WARCRAFT DRAENOR\WORLD OF WARCRAFT\WORLD OF WARCRAFT\WORLD OF WARCRAFT LAUNCHER.EXE delref E:\WOW НОВ\WORLD OF WARCRAFT\DATA\RURU\ACCOUNTBILLING.URL delref E:\WOW НОВ\WORLD OF WARCRAFT\DATA\RURU\TECHSUPPORT.URL dnsreset winsockreset ;------------------------------------------------------------- restart

Код


;uVS v4.0.10 [http://dsrt.dyndns.org]
;Target OS: NTv6.3
v400c
OFFSGNSAVE
;------------------------autoscript---------------------------

deldirex %SystemDrive%\USERS\UZER\APPDATA\LOCALLOW\UNITY\WEBPLAYER\LOADER

deldirex %SystemDrive%\USERS\ADMINISTRATOR\APPDATA\LOCALLOW\UNITY\WEBPLAYER\LOADER

delref {D5FEC983-01DB-414A-9456-AF95AC9ED7B5}\[CLSID]
delref HTTP://SEARCH.QIP.RU/?QUERY={SEARCHTERMS}
delref HTTP://SEARCH.QIP.RU/IE
apply

deltmp
delref %SystemDrive%\USERS\UZER\APPDATA\LOCAL\TEMP\SETUP-YABROWSER.EXE
delref {DECA92E0-AF85-439E-9204-86679978DA08}\[CLSID]
delref %Sys32%\DSTOKENCLEAN.EXE
delref {47E30D54-DAC1-473A-AFF7-2355BF78881F}\[CLSID]
delref %Sys32%\STORAGEUSAGE.DLL
delref %Sys32%\WINDOWSACTIONDIALOG.EXE
delref {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}\[CLSID]
delref {E51DFD48-AA36-4B45-BB52-E831F02E8316}\[CLSID]
delref {FF87090D-4A9A-4F47-879B-29A80C355D61}\[CLSID]
delref {45F26E9E-6199-477F-85DA-AF1EDFE067B1}\[CLSID]
delref {7CCA6768-8373-4D28-8876-83E8B4E3A969}\[CLSID]
delref %Sys32%\SPACEMAN.EXE
delref {297EE78C-BA95-4E94-81D3-D6E7F089C7B5}\[CLSID]
delref {A6BA00FE-40E8-477C-B713-C64A14F18ADB}\[CLSID]
delref %Sys32%\SIHCLIENT.EXE
delref %Sys32%\DSREGCMD.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\SIMPLITEC\KMPFASTER\SERVICEPROVIDER.EXE
delref %SystemRoot%\SYSWOW64\COMPMGMTLAUNCHER.EXE
delref %SystemRoot%\SYSWOW64\DRIVERS\MRXSMB.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\USBXHCI.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\SRV2.SYS
delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\HTTP.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\TCPIP.SYS
delref %SystemRoot%\SYSWOW64\UMPOEXT.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\DMVSC.SYS
delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\SPACEPORT.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\FVEVOL.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\AFD.SYS
delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS
delref %SystemRoot%\SYSWOW64\LSM.DLL
delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID]
delref {19916E01-B44E-4E31-94A4-4696DF46157B}\[CLSID]
delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID]
delref {88D969C0-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C1-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C2-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C3-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C4-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C5-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {CA8A9780-280D-11CF-A24D-444553540000}\[CLSID]
delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID]
delref %SystemDrive%\USERS\UZER\APPDATA\LOCAL\TEMP\NKCPOPGGJCJKIICPENIKEOGIOEDNJEAC.CRX
delref %SystemDrive%\PROGRAM FILES (X86)\GARENA PLUS\BBTALK\PLUGINS\NPPLUGIN\NPGARENATALKPLUGIN.DLL
delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID]
delref {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}\[CLSID]
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\58.0.3029.81\INSTALLER\CHRMSTP.EXE
delref %SystemRoot%\SYSWOW64\BLANK.HTM
delref {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}\[CLSID]
delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID]
delref {55344AC6-630B-430C-B292-C7BE21F90061}\[CLSID]
delref {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}\[CLSID]
delref {307A6C42-0000-0010-8000-00AA00389B71}\[CLSID]
delref %SystemDrive%\PROGRAM FILES\WINDOWS DEFENDER\MSASCUIL.EXE
delref %Sys32%\BLANK.HTM
delref APPMGMT\[SERVICE]
delref HELPSVC\[SERVICE]
delref SACSVR\[SERVICE]
delref TBS\[SERVICE]
delref VMMS\[SERVICE]
delref MESSENGER\[SERVICE]
delref RDSESSMGR\[SERVICE]
delref %Sys32%\DRIVERS\EAGLEX64.SYS
delref %SystemDrive%\PROGRAM FILES (X86)\GARENA PLUS\ROOM\SAFEDRV.SYS
delref %Sys32%\DRIVERS\VBOXNETFLT.SYS
delref %Sys32%\PSXSS.EXE
delref %SystemDrive%\USERS\ADMINISTRATOR\APPDATA\ROAMING\HEWLETTPACKARD\HPDETECT\1.0.0.0\NPHPDETECT.DLL
delref %SystemDrive%\USERS\ADMINISTRATOR\APPDATA\LOCALLOW\UNITY\WEBPLAYER\LOADER\UNITYWEBPLUGINAX.OCX
delref %SystemDrive%\USERS\ADMINISTRATOR\APPDATA\LOCAL\MAIL.RU\GAMECENTER\NPDETECTOR.DLL
delref %SystemDrive%\USERS\ADMINISTRATOR\APPDATA\LOCAL\HHD SOFTWARE\HEX EDITOR NEO\PATCHAPI\DLL\X86\HEXPATCH32.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.26.9\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.1\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.32.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.27.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.15\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.1\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.25.11\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.3\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.23.9\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.24.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.25.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.13\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.31.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.30.3\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.24.15\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\DAO\DAO360.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.26.9\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\TAPILUA.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.1\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.22.5\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\AEPROAM.DLL
delref %SystemRoot%\SYSWOW64\RSTRUI.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.32.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.21.165\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\LISTSVC.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.27.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.15\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.1\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.21.153\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\WBEM\NLMCIM.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.25.11\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.3\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.23.9\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\WPCCPL.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.24.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.25.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES\NVIDIA CORPORATION\INSTALLER2\INSTALLER.{75288034-F9D7-468E-9353-75854FF07BC0}\NVI2.DLL
delref %SystemRoot%\SYSWOW64\GPSVC.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.13\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.5\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\IDLISTEN.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.31.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\SYSTEM\OLE DB\MSDAORA.DLL
delref %SystemRoot%\SYSWOW64\INETSRV\IISRSTAS.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.30.3\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.22.3\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.24.15\PSMACHINE.DLL
delref G:\SETUP.EXE
delref G:\STARTME.EXE
delref G:\UTLOADER.EXE
delref {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\[CLSID]
delref E:\SONY VEGAS 13 X64\CRACK\APPLICATIONREGISTRATION.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\IPADIAN\IPADIAN.EXE
delref E:\SONY VEGAS 13 X64\CRACK\VEGAS130.EXE
delref E:\STEAMDOTA\STEAMAPPS\COMMON\ARMA 2 OPERATION ARROWHEAD\EXPANSION\BATTLEYE\UNINSTALLBE.EXE
delref E:\AIONRU_3.0.0.8\AIONLEGENDUPDATER_RUS.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\ONTRACK\EASYRECOVERY PROFESSIONAL\EASYRECOVERY.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\ONTRACK\SHAREDFILES\CRISISCENTER.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\AIDA64\EXTREME\AIDA64.EXE
delref E:\STEAMDOTA\STEAMAPPS\COMMON\ARMA 2\BATTLEYE\UNINSTALLBE.EXE
delref E:\DIVINITY ORIGINAL SIN ENHANCED EDITION(V.2.0.119.430)_COOP_LAND_REPACK_BY_UBERPSYX\GAME\DIVINITY ORIGINAL SIN ENHANCED EDITION\SHIPPING\EOCAPP.EXE
delref E:\DIVINITY ORIGINAL SIN ENHANCED EDITION(V.2.0.119.430)_COOP_LAND_REPACK_BY_UBERPSYX\GAME\DIVINITY ORIGINAL SIN ENHANCED EDITION\ПОСЕТИТЬ COOP-LAND.RU.URL
delref E:\DIVINITY ORIGINAL SIN ENHANCED EDITION(V.2.0.119.430)_COOP_LAND_REPACK_BY_UBERPSYX\GAME\DIVINITY ORIGINAL SIN ENHANCED EDITION\ПОСЕТИТЬ REVOLT.URL
delref E:\DIVINITY ORIGINAL SIN ENHANCED EDITION(V.2.0.119.430)_COOP_LAND_REPACK_BY_UBERPSYX\GAME\DIVINITY ORIGINAL SIN ENHANCED EDITION\SITE.URL
delref E:\DIVINITY ORIGINAL SIN ENHANCED EDITION(V.2.0.119.430)_COOP_LAND_REPACK_BY_UBERPSYX\GAME\DIVINITY ORIGINAL SIN ENHANCED EDITION\UNINS000.EXE
delref E:\SPACE ENGINEERS\BIN\SPACEENGINEERS.EXE
delref E:\SPACE ENGINEERS\BIN64\SPACEENGINEERS.EXE
delref E:\SPACE ENGINEERS\ПОСЕТИТЬ COOP-LAND.RU.URL
delref E:\SPACE ENGINEERS\ПОСЕТИТЬ REVOLT.URL
delref E:\SPACE ENGINEERS\SITE.URL
delref E:\SPACE ENGINEERS\UNINS000.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\ONTRACK\EASYRECOVERY PROFESSIONAL\ONTRACK.URL
delref E:\STEAMDOTA\STEAMAPPS\COMMON\MORTALKOMBAT_KOMPLETEEDITION\DISCCONTENTPC\MKKE.EXE
delref E:\STEAMDOTA\STEAMAPPS\COMMON\MORTALKOMBAT_KOMPLETEEDITION\DISCCONTENTPC\INSTALL_RUS\UNINS000.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\FILE RECOVERY FOR WINDOWS\FR-FAQ.URL
delref %SystemDrive%\PROGRAM FILES (X86)\FILE RECOVERY FOR WINDOWS\FRW.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\FILE RECOVERY FOR WINDOWS\UNINSTALL.EXE
delref E:\KILLINGFLOOR\KILLINGFLOORUPDATE.EXE
delref E:\KILLINGFLOOR\RUN_KF.EXE
delref E:\KILLINGFLOOR\UNINS000.EXE
delref E:\KILLINGFLOOR\NICK_NAME.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\CYBERLINK\POWERDIRECTOR10\PDR10.EXE
delref E:\TSETUP\НОВАЯ ПАПКА\PEVEPE TRITON\LAUNCHER.EXE
delref E:\TSETUP\НОВАЯ ПАПКА\PEVEPE TRITON\UNINS000.EXE
delref E:\MASS  EFFECT ANTHOLOGY 2008_2012\GAME\MASS EFFECT\BINARIES\MASSEFFECTCONFIG.EXE
delref E:\MASS  EFFECT ANTHOLOGY 2008_2012\GAME\MASS EFFECT\MASSEFFECTLAUNCHER.EXE
delref E:\MASS  EFFECT ANTHOLOGY 2008_2012\GAME\MASS EFFECT\BINARIES\MASSEFFECT.EXE
delref E:\MASS  EFFECT ANTHOLOGY 2008_2012\GAME\MASS EFFECT\UNINSTALL\UNINS000.EXE
delref E:\MASS  EFFECT ANTHOLOGY 2008_2012\GAME 2\MASS EFFECT 2\BINARIES\MASSEFFECT2CONFIG.EXE
delref E:\MASS  EFFECT ANTHOLOGY 2008_2012\GAME 2\MASS EFFECT 2\MASSEFFECT2LAUNCHER.EXE
delref E:\MASS  EFFECT ANTHOLOGY 2008_2012\GAME 2\MASS EFFECT 2\BINARIES\MASSEFFECT2.EXE
delref E:\MASS  EFFECT ANTHOLOGY 2008_2012\GAME 2\MASS EFFECT 2\UNINSTALL\UNINS000.EXE
delref E:\NEED FOR SPEED™ UNDERCOVER\НОВАЯ ПАПКА\NEED FOR SPEED™ UNDERCOVER\LAUNCHER.EXE
delref E:\NEED FOR SPEED™ UNDERCOVER\НОВАЯ ПАПКА\NEED FOR SPEED™ UNDERCOVER\UNINS000.EXE
delref E:\AS\DARKSIDERS 2.DEATH LIVES.V 1.0U6 + 18 DLC\DARKSIDERS2.EXE
delref E:\AS\DARKSIDERS 2.DEATH LIVES.V 1.0U6 + 18 DLC\UNINSTALL\UNINS000.EXE
delref E:\SONY VEGAS 13 X64\VEGAS130.EXE
delref E:\WORLD OF WARCRAFT DRAENOR\WORLD OF WARCRAFT\WORLD OF WARCRAFT\WORLD OF WARCRAFT LAUNCHER.EXE
delref E:\WOW НОВ\WORLD OF WARCRAFT\DATA\RURU\ACCOUNTBILLING.URL
delref E:\WOW НОВ\WORLD OF WARCRAFT\DATA\RURU\TECHSUPPORT.URL

dnsreset
winsockreset

;-------------------------------------------------------------

restart

перезагрузка, пишем о старых и новых проблемах.
------------

[ Как создать образ автозапуска? ]

Перейти

Размещено 17.11.2017 11:19:20

ERA 6 обновился до версии 6.5.34

Цитата
Version 6.5.34.0 Changed: New Apache Tomcat 7.0.82 that includes fixed security vulnerabilities Changed: New Apache HTTP Proxy 2.4.28.0 that includes fixed security vulnerabilities Changed: New Mirror Tool that allows creation of mirror for ESET Endpoint Security and ESET Endpoint Antivirus 6.6 Changed: Increased the maximum number of concurrent ESET Virtualization Security connections to 200 Fixed: ESET Mobile Device Connector to ERA Server connectivity issues (when mobile devices were functioning correctly, however connection to ERA server was interrupted, and data in ERA Web Console was not updated) Fixed: Rare database write failures when the database server is overloaded Fixed: Increase in MultiAgent startup time Fixed: False MultiAgent overload report

Цитата

Version 6.5.34.0

Changed: New Apache Tomcat 7.0.82 that includes fixed security vulnerabilities
Changed: New Apache HTTP Proxy 2.4.28.0 that includes fixed security vulnerabilities
Changed: New Mirror Tool that allows creation of mirror for ESET Endpoint Security and ESET Endpoint Antivirus 6.6
Changed: Increased the maximum number of concurrent ESET Virtualization Security connections to 200
Fixed: ESET Mobile Device Connector to ERA Server connectivity issues (when mobile devices were functioning correctly, however connection to ERA server was interrupted, and data in ERA Web Console was not updated)
Fixed: Rare database write failures when the database server is overloaded
Fixed: Increase in MultiAgent startup time
Fixed: False MultiAgent overload report

https://forum.eset.com/topic/13632-eset-remote-administrator-6534-has-been-released/

[ Как создать образ автозапуска? ]

Перейти