RP55 RP55 (Все сообщения пользователя) - Форум технической поддержки ESET NOD32

Размещено 06.10.2021 11:04:31

1) Скопируйте текст КОДа - в буфер обмена.
uVS: start.exe, текущий пользователь, меню, скрипты - выполнить скрипт из буфера обмена.
ПЕРЕД ВЫПОЛНЕНИЕМ СКРИПТА, ЗАКРЫТЬ БРАУЗЕРЫ!
ВНИМАНИЕ : По окончанию выполнения скрипта компьютер выполнит перезагрузку !

<code>
;uVS v4.11.9 [http://dsrt.dyndns.org:8888]
;Target OS: NTv6.3
v400c
OFFSGNSAVE
delhst 0.0.0.0 expire.eset.com
delhst 0.0.0.0 edf.eset.com
dnsreset
winsockreset
restart

</code>

2) Выполните лог в AdwCleaner
http://forum.esetnod32.ru/forum9/topic7084/

после завершения сканирования:
Записи относящиеся к Mail.Ru и Yandex можете не удалять ( если пользуетесь программой )
На вкладке:
Папки (Folders) для Mail.Ru и Yandex снимите [V]
-----------
Пробуем активировать антивирус > пишем по результату.

Изменено: RP55 RP55 - 06.10.2021 11:09:16

Перейти

Размещено 01.10.2021 20:32:45

Скопируйте текст КОДа - в буфер обмена.
uVS: start.exe, текущий пользователь, меню, скрипты - выполнить скрипт из буфера обмена.
ПЕРЕД ВЫПОЛНЕНИЕМ СКРИПТА, ЗАКРЫТЬ БРАУЗЕРЫ!
ВНИМАНИЕ : По окончанию выполнения скрипта компьютер выполнит перезагрузку !

Код
;uVS v4.11.9 [http://dsrt.dyndns.org:8888] ;Target OS: NTv6.3 v400c OFFSGNSAVE deltmp zoo %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\A2F2D8\SVСHОST.EXE czoo regt 18 regt 25 regt 26 regt 38 ;---------command-block--------- delref %SystemDrive%\USERS\C881~1\APPDATA\LOCAL\TEMP\YANDEX_BROWSER_BITS_7848_874136952\RESPONSE delref %SystemDrive%\PROGRAM FILES (X86)\DRIVERTOOLKIT\DRIVERTOOLKIT.EXE delref %SystemDrive%\PROGRAM FILES (X86)\IOBIT\DRIVER BOOSTER\4.3.0\DRIVERBOOSTER.EXE delref %SystemDrive%\PROGRAM FILES (X86)\INTEL\INTEL(R) UPDATE MANAGER\BIN\IUMSVC.EXE delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\MICROSOFT\77D308BF35B37B5E3BC00CD7BCEB8A5E\770736A9BC40D7E735C4362084E0926D.EXE delref %SystemDrive%\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICE15\OLICENSEHEARTBEAT.EXE delref A9A33436-678B-4C9C-A211-7CC38785E79D\[CLSID] delref 752073A1-23F2-4396-85F0-8FDB879ED0ED\[CLSID] delref G:\SHELSOFT.EXE delref %SystemDrive%\USERS\АЛЁНА\DESKTOP\CAMERA_CHICONY_CNF_9085_WIN7_64_061005200300\DRVINST.EXE delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\AKAMAI\UNINSTALL.EXE delref E:\НОВАЯ ПАПКА (2)\GIPLAY-UNINSTALL.EXE delref %SystemRoot%\SYSWOW64\COMPMGMTLAUNCHER.EXE delref %SystemRoot%\SYSWOW64\GPSVC.DLL delref %SystemRoot%\SYSWOW64\PEERDISTSVC.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\MRXSMB.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\USBXHCI.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\SRV2.SYS delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\HTTP.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\TCPIP.SYS delref %SystemRoot%\SYSWOW64\UMPOEXT.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\DMVSC.SYS delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL delref %SystemRoot%\SYSWOW64\CSCSVC.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\SPACEPORT.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\FVEVOL.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\AFD.SYS delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS delref %SystemRoot%\SYSWOW64\LSM.DLL delref {D5FEC983-01DB-414A-9456-AF95AC9ED7B5}\[CLSID] delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID] delref {166B1BCA-3F9C-11CF-8075-444553540000}\[CLSID] delref {19916E01-B44E-4E31-94A4-4696DF46157B}\[CLSID] delref {233C1507-6A77-46A4-9443-F871F945D258}\[CLSID] delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID] delref %SystemDrive%\USERS\АДМИНИСТРАТОР\APPDATA\LOCALLOW\UNITY\WEBPLAYER\LOADER\UNITYWEBPLUGINAX.OCX delref {6BF52A52-394A-11D3-B153-00C04F79FAA6}\[CLSID] delref {88D969C0-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C1-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C2-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C3-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C4-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C5-F192-11D4-A65F-0040963251E5}\[CLSID] delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID] delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID] delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\53.0.2785.116\INSTALLER\CHRMSTP.EXE delref %SystemRoot%\SYSWOW64\BLANK.HTM delref {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}\[CLSID] delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID] delref {B089FE88-FB52-11D3-BDF1-0050DA34150D}\[CLSID] delref {05B38830-F4E9-4329-978B-1DD28605D202}\[CLSID] delref {056D528D-CE28-4194-9BA3-BA2E9197FF8C}\[CLSID] delref {0596C850-7BDD-4C9D-AFDF-873BE6890637}\[CLSID] delref %SystemDrive%\USERS\АДМИНИСТРАТОР\APPDATA\ROAMING\DROPBOX\BIN\DROPBOXEXT.25.DLL delref {0229E5E7-09E9-45CF-9228-0228EC7D5F17}\[CLSID] delref {2803063F-4B8D-4DC6-8874-D1802487FE2D}\[CLSID] delref {5E2121EE-0300-11D4-8D3B-444553540000}\[CLSID] delref %Sys32%\BLANK.HTM delref HELPSVC\[SERVICE] delref MBAMSERVICE\[SERVICE] delref SACSVR\[SERVICE] delref TBS\[SERVICE] delref VMMS\[SERVICE] delref MESSENGER\[SERVICE] delref RDSESSMGR\[SERVICE] delref %SystemDrive%\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\FUEL\AMD64\AODDRIVER2.SYS delref %SystemDrive%\USERS\C881~1\APPDATA\LOCAL\TEMP\CPUZ138\CPUZ138_X64.SYS delref %Sys32%\DRIVERS\MBAE64.SYS delref %SystemDrive%\USERS\C881~1\APPDATA\LOCAL\TEMP\GKERNEL.SYS delref %Sys32%\DRIVERS\FARFLT.SYS delref %Sys32%\DRIVERS\MBAM.SYS delref %Sys32%\DRIVERS\MBAMSWISSARMY.SYS delref %Sys32%\DRIVERS\MWAC.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\X6VA064 delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\AKAMAI\CONTROLPANEL.EXE delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\AMIGO\APPLICATION\44.0.2403.111\DELEGATE_EXECUTE.EXE delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.82\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.442\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.342\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.32\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.7\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.92\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.72\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.302\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.23\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.17\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.7\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.52\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\IOBIT\IOBIT UNINSTALLER\UNINSTALER_SKIPUAC.EXE delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.11\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.452\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.102\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.422\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\DAO\DAO360.DLL delref D:\CORELDRAW\CORELDRAW GRAPHICS SUITE X5\PROGRAMS\CORELDRW.EXE delref %SystemRoot%\SYSWOW64\TAPILUA.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.82\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.442\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.342\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\AEPROAM.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.32\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.7\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.92\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.72\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.302\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\RSTRUI.EXE delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.23\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\LISTSVC.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.17\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\WBEM\NLMCIM.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.7\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.52\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.11\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.452\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\WPCCPL.DLL delref D:\CORELDRAW\CORELDRAW GRAPHICS SUITE X5\WRITINGTOOLS\WT15LI.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.102\PSMACHINE.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.422\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\IDLISTEN.DLL delref %SystemDrive%\PROGRAM FILES\COMMON FILES\SYSTEM\OLE DB\MSDAORA.DLL delref D:\CHROMIUM\CHROME-WIN32\CHROME.EXE delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\AMIGO\APPLICATION\AMIGO.EXE delref {5A8FF410-F3CE-4844-B31B-F18D911239E8}\[CLSID] delref G:\MOUNT&BLADE-WITH_FIRE_AND_SWORD.EXE delref %SystemDrive%\PROGRAM FILES (X86)\THRIXXX\WEBLAUNCH\BINARIES\NPWEBLAUNCH.DLL delref %SystemDrive%\PROGRAM FILES (X86)\ATI TECHNOLOGIES\HYDRAVISION\HYDRADM.EXE delref {B4F3A835-0E21-4959-BA22-42B3008E02FF}\[CLSID] delref %SystemDrive%\PROGRAM FILES (X86)\CHM4YOU!\CHM4YOU!.EXE delref D:\GOD2\THRIXXX\HENTAI 3D 2 - CRY OF PLEASURE\BINARIES\HENTAI3D2-052.003.EXE delref D:\LIFE IS HARD V0.92\LIFEISHARD.EXE delref D:\L2\L2COMPLEX_IL_UPDATER.EXE delref %SystemDrive%\PROGRAM FILES (X86)\DIABLO III\DIABLO III LAUNCHER.EXE delref %SystemDrive%\PROGRAM FILES (X86)\DIABLO III\MANUAL.URL delref %SystemDrive%\PROGRAM FILES (X86)\DIABLO III\UNINSTALL.EXE delref %SystemDrive%\PROGRAM FILES (X86)\DIABLO III\TECHSUPPORT.URL delref %SystemDrive%\PROGRAM FILES (X86)\DIABLO III\BATTLENETACCOUNT.URL delref HTTP://A1KER.BLOGSPOT.COM/ delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DDHDGFFKKEBHMKFJOJEJMPBLDMPOBFKFO%26INSTALLSOURCE%3DONDEMAND%26UC delref HTTP://FRATGASER.BIZ/?SEARCHID=1&L10N=RU&FROMSEARCH=1&IMSID=A03ABF81642562CFF8079561BCF57252&TEXT={SEARCHTERMS} delref HTTP://LNK.DO/ATGET delref HTTP://WWW.BING.COM/SEARCH?Q={SEARCHTERMS}&SRC=IE-SEARCHBOX&FORM=IESR02 delref HTTP://LNK.DO/LLVBI delref HTTP://WWW.GOOGLE.RU/SEARCH?HL=RU&Q={SEARCHTERMS}&BTNG=%D0%9F%D0%BE%D0%B8%D1%81%D0%BA+%D0%B2+GOOGLE&LR= delref HTTP://OVGORSKIY.RU delref HTTP://LNK.DO/BLCW3 delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DLMJEGMLICAMNIMMFHCMPKCLMIGMMCBEH%26INSTALLSOURCE%3DONDEMAND%26UC delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DEFAIDNBMNNNIBPCAJPCGLCLEFINDMKAJ%26INSTALLSOURCE%3DONDEMAND%26UC delref HTTP://LNK.DO/HV36N delref HTTP://LNK.DO/VOZPJ delref HTTP://YANDEX.RU/SEARCH/?WIN=200&CLID=2148308&TEXT={SEARCHTERMS} delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DGKDKFNBDDPDPIDBPNLJCOCPJEAAFNGDB%26INSTALLSOURCE%3DONDEMAND%26UC delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPMPOAAHLECCAIBBHFJFIMIGEPMFMMBBK%26INSTALLSOURCE%3DONDEMAND%26UC delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPHKDCINMMLJBLPNKOHLIPAIODLONPINF%26INSTALLSOURCE%3DONDEMAND%26UC delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DODIJCGAFKHPOBJLNFDGIACPDENPMBGME%26INSTALLSOURCE%3DONDEMAND%26UC delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPJFKGJLNOCFAKOHEOAPICNKNOGLIPAPD%26INSTALLSOURCE%3DONDEMAND%26UC delall %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\A2F2D8\SVСHОST.EXE delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\USER DATA\DEFAULT\EXTENSIONS\MDPLJNDCMBEIKFNLFLCGGAIPGNHIEDBL\9.57_1\SAVEFROM.NET ПОМОЩНИК delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\USER DATA\DEFAULT\EXTENSIONS\NPDPPLBICNMPOIGIDFDJADAMGFKILAAK\9.58_0\SAVEFROM.NET ПОМОЩНИК delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\USER DATA\DFLTUSER\EXTENSIONS\KCKNBENJNKKJKNPHMNIDANJIFBGPHJKE\4.18_0\THE SAFE SURFING delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\USER DATA\DFLTUSER\EXTENSIONS\MDPLJNDCMBEIKFNLFLCGGAIPGNHIEDBL\6.90_0\SAVEFROM.NET ПОМОЩНИК delref %SystemDrive%\USERS\АЛЁНА\\LOCAL SETTINGS\APPLICATION DATA\YANDEX\YANDEXBROWSER\USER DATA\DEFAULT\EXTENSIONS\HELPER@SAVEFROM.NET.CRX delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DFLTUSER\EXTENSIONS\CNAIBNEHBBINOOHHJAFKNIHMLOPDHHIP\416.7.2.88\NEWS TAB delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\USER DATA\DFLTUSER\EXTENSIONS\CNAIBNEHBBINOOHHJAFKNIHMLOPDHHIP\416.7.2.88\NEWS TAB delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\CNAIBNEHBBINOOHHJAFKNIHMLOPDHHIP\416.7.2.88\NEWS TAB apply restart

Код

;uVS v4.11.9 [http://dsrt.dyndns.org:8888]
;Target OS: NTv6.3
v400c
OFFSGNSAVE
deltmp
zoo %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\A2F2D8\SVСHОST.EXE
czoo
regt 18
regt 25
regt 26
regt 38

;---------command-block---------
delref %SystemDrive%\USERS\C881~1\APPDATA\LOCAL\TEMP\YANDEX_BROWSER_BITS_7848_874136952\RESPONSE
delref %SystemDrive%\PROGRAM FILES (X86)\DRIVERTOOLKIT\DRIVERTOOLKIT.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\IOBIT\DRIVER BOOSTER\4.3.0\DRIVERBOOSTER.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\INTEL\INTEL(R) UPDATE MANAGER\BIN\IUMSVC.EXE
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\MICROSOFT\77D308BF35B37B5E3BC00CD7BCEB8A5E\770736A9BC40D7E735C4362084E0926D.EXE
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICE15\OLICENSEHEARTBEAT.EXE
delref A9A33436-678B-4C9C-A211-7CC38785E79D\[CLSID]
delref 752073A1-23F2-4396-85F0-8FDB879ED0ED\[CLSID]
delref G:\SHELSOFT.EXE
delref %SystemDrive%\USERS\АЛЁНА\DESKTOP\CAMERA_CHICONY_CNF_9085_WIN7_64_061005200300\DRVINST.EXE
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\AKAMAI\UNINSTALL.EXE
delref E:\НОВАЯ ПАПКА (2)\GIPLAY-UNINSTALL.EXE
delref %SystemRoot%\SYSWOW64\COMPMGMTLAUNCHER.EXE
delref %SystemRoot%\SYSWOW64\GPSVC.DLL
delref %SystemRoot%\SYSWOW64\PEERDISTSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\MRXSMB.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\USBXHCI.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\SRV2.SYS
delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\HTTP.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\TCPIP.SYS
delref %SystemRoot%\SYSWOW64\UMPOEXT.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\DMVSC.SYS
delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL
delref %SystemRoot%\SYSWOW64\CSCSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\SPACEPORT.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\FVEVOL.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\AFD.SYS
delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS
delref %SystemRoot%\SYSWOW64\LSM.DLL
delref {D5FEC983-01DB-414A-9456-AF95AC9ED7B5}\[CLSID]
delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID]
delref {166B1BCA-3F9C-11CF-8075-444553540000}\[CLSID]
delref {19916E01-B44E-4E31-94A4-4696DF46157B}\[CLSID]
delref {233C1507-6A77-46A4-9443-F871F945D258}\[CLSID]
delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID]
delref %SystemDrive%\USERS\АДМИНИСТРАТОР\APPDATA\LOCALLOW\UNITY\WEBPLAYER\LOADER\UNITYWEBPLUGINAX.OCX
delref {6BF52A52-394A-11D3-B153-00C04F79FAA6}\[CLSID]
delref {88D969C0-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C1-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C2-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C3-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C4-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C5-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID]
delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID]
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\53.0.2785.116\INSTALLER\CHRMSTP.EXE
delref %SystemRoot%\SYSWOW64\BLANK.HTM
delref {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}\[CLSID]
delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID]
delref {B089FE88-FB52-11D3-BDF1-0050DA34150D}\[CLSID]
delref {05B38830-F4E9-4329-978B-1DD28605D202}\[CLSID]
delref {056D528D-CE28-4194-9BA3-BA2E9197FF8C}\[CLSID]
delref {0596C850-7BDD-4C9D-AFDF-873BE6890637}\[CLSID]
delref %SystemDrive%\USERS\АДМИНИСТРАТОР\APPDATA\ROAMING\DROPBOX\BIN\DROPBOXEXT.25.DLL
delref {0229E5E7-09E9-45CF-9228-0228EC7D5F17}\[CLSID]
delref {2803063F-4B8D-4DC6-8874-D1802487FE2D}\[CLSID]
delref {5E2121EE-0300-11D4-8D3B-444553540000}\[CLSID]
delref %Sys32%\BLANK.HTM
delref HELPSVC\[SERVICE]
delref MBAMSERVICE\[SERVICE]
delref SACSVR\[SERVICE]
delref TBS\[SERVICE]
delref VMMS\[SERVICE]
delref MESSENGER\[SERVICE]
delref RDSESSMGR\[SERVICE]
delref %SystemDrive%\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\FUEL\AMD64\AODDRIVER2.SYS
delref %SystemDrive%\USERS\C881~1\APPDATA\LOCAL\TEMP\CPUZ138\CPUZ138_X64.SYS
delref %Sys32%\DRIVERS\MBAE64.SYS
delref %SystemDrive%\USERS\C881~1\APPDATA\LOCAL\TEMP\GKERNEL.SYS
delref %Sys32%\DRIVERS\FARFLT.SYS
delref %Sys32%\DRIVERS\MBAM.SYS
delref %Sys32%\DRIVERS\MBAMSWISSARMY.SYS
delref %Sys32%\DRIVERS\MWAC.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\X6VA064
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\AKAMAI\CONTROLPANEL.EXE
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\AMIGO\APPLICATION\44.0.2403.111\DELEGATE_EXECUTE.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.82\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.442\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.342\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.32\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.92\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.72\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.302\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.23\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.17\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.52\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\IOBIT\IOBIT UNINSTALLER\UNINSTALER_SKIPUAC.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.11\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.452\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.102\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.422\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\DAO\DAO360.DLL
delref D:\CORELDRAW\CORELDRAW GRAPHICS SUITE X5\PROGRAMS\CORELDRW.EXE
delref %SystemRoot%\SYSWOW64\TAPILUA.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.82\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.442\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.342\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\AEPROAM.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.32\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.92\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.72\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.302\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\RSTRUI.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.23\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\LISTSVC.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.17\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\WBEM\NLMCIM.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.52\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.11\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.452\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\WPCCPL.DLL
delref D:\CORELDRAW\CORELDRAW GRAPHICS SUITE X5\WRITINGTOOLS\WT15LI.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.102\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.422\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\IDLISTEN.DLL
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\SYSTEM\OLE DB\MSDAORA.DLL
delref D:\CHROMIUM\CHROME-WIN32\CHROME.EXE
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\AMIGO\APPLICATION\AMIGO.EXE
delref {5A8FF410-F3CE-4844-B31B-F18D911239E8}\[CLSID]
delref G:\MOUNT&BLADE-WITH_FIRE_AND_SWORD.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\THRIXXX\WEBLAUNCH\BINARIES\NPWEBLAUNCH.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\ATI TECHNOLOGIES\HYDRAVISION\HYDRADM.EXE
delref {B4F3A835-0E21-4959-BA22-42B3008E02FF}\[CLSID]
delref %SystemDrive%\PROGRAM FILES (X86)\CHM4YOU!\CHM4YOU!.EXE
delref D:\GOD2\THRIXXX\HENTAI 3D 2 - CRY OF PLEASURE\BINARIES\HENTAI3D2-052.003.EXE
delref D:\LIFE IS HARD V0.92\LIFEISHARD.EXE
delref D:\L2\L2COMPLEX_IL_UPDATER.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\DIABLO III\DIABLO III LAUNCHER.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\DIABLO III\MANUAL.URL
delref %SystemDrive%\PROGRAM FILES (X86)\DIABLO III\UNINSTALL.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\DIABLO III\TECHSUPPORT.URL
delref %SystemDrive%\PROGRAM FILES (X86)\DIABLO III\BATTLENETACCOUNT.URL
delref HTTP://A1KER.BLOGSPOT.COM/
delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DDHDGFFKKEBHMKFJOJEJMPBLDMPOBFKFO%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTP://FRATGASER.BIZ/?SEARCHID=1&L10N=RU&FROMSEARCH=1&IMSID=A03ABF81642562CFF8079561BCF57252&TEXT={SEARCHTERMS}
delref HTTP://LNK.DO/ATGET
delref HTTP://WWW.BING.COM/SEARCH?Q={SEARCHTERMS}&SRC=IE-SEARCHBOX&FORM=IESR02
delref HTTP://LNK.DO/LLVBI
delref HTTP://WWW.GOOGLE.RU/SEARCH?HL=RU&Q={SEARCHTERMS}&BTNG=%D0%9F%D0%BE%D0%B8%D1%81%D0%BA+%D0%B2+GOOGLE&LR=
delref HTTP://OVGORSKIY.RU
delref HTTP://LNK.DO/BLCW3
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DLMJEGMLICAMNIMMFHCMPKCLMIGMMCBEH%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DEFAIDNBMNNNIBPCAJPCGLCLEFINDMKAJ%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTP://LNK.DO/HV36N
delref HTTP://LNK.DO/VOZPJ
delref HTTP://YANDEX.RU/SEARCH/?WIN=200&CLID=2148308&TEXT={SEARCHTERMS}
delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DGKDKFNBDDPDPIDBPNLJCOCPJEAAFNGDB%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPMPOAAHLECCAIBBHFJFIMIGEPMFMMBBK%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPHKDCINMMLJBLPNKOHLIPAIODLONPINF%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DODIJCGAFKHPOBJLNFDGIACPDENPMBGME%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPJFKGJLNOCFAKOHEOAPICNKNOGLIPAPD%26INSTALLSOURCE%3DONDEMAND%26UC
delall %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\A2F2D8\SVСHОST.EXE
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\USER DATA\DEFAULT\EXTENSIONS\MDPLJNDCMBEIKFNLFLCGGAIPGNHIEDBL\9.57_1\SAVEFROM.NET ПОМОЩНИК
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\USER DATA\DEFAULT\EXTENSIONS\NPDPPLBICNMPOIGIDFDJADAMGFKILAAK\9.58_0\SAVEFROM.NET ПОМОЩНИК
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\USER DATA\DFLTUSER\EXTENSIONS\KCKNBENJNKKJKNPHMNIDANJIFBGPHJKE\4.18_0\THE SAFE SURFING
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\USER DATA\DFLTUSER\EXTENSIONS\MDPLJNDCMBEIKFNLFLCGGAIPGNHIEDBL\6.90_0\SAVEFROM.NET ПОМОЩНИК
delref %SystemDrive%\USERS\АЛЁНА\\LOCAL SETTINGS\APPLICATION DATA\YANDEX\YANDEXBROWSER\USER DATA\DEFAULT\EXTENSIONS\HELPER@SAVEFROM.NET.CRX
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DFLTUSER\EXTENSIONS\CNAIBNEHBBINOOHHJAFKNIHMLOPDHHIP\416.7.2.88\NEWS TAB
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\USER DATA\DFLTUSER\EXTENSIONS\CNAIBNEHBBINOOHHJAFKNIHMLOPDHHIP\416.7.2.88\NEWS TAB
delref %SystemDrive%\USERS\АЛЁНА\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\CNAIBNEHBBINOOHHJAFKNIHMLOPDHHIP\416.7.2.88\NEWS TAB
apply
restart

+
2) Далее
Выполните лог в AdwCleaner ( Если программа не установиться переходите к пункту №3 )
http://forum.esetnod32.ru/forum9/topic7084/

после завершения сканирования:
Записи относящиеся к Mail.Ru и Yandex можете не удалять ( если пользуетесь программой )
На вкладке:
Папки (Folders) для Mail.Ru и Yandex снимите [V]

Удалите найденное в AdwCleaner по кнопке Очистить (Clean), подтвердите действие
с автоперезагрузкой

3) В системе хвосты от ESET
Удалит их так:

Удалите антивирус по инструкции: Так.

4) Лог FRST - сейчас посмотрю.

Перейти