maksim9090
Новый пользователь
- Сообщения
- 13
- Реакции
- 0
O22 - ScheduledTask: (Ready) {35E77861-D381-4472-990F-4D153A7546E2} - {root} - C:\Users\Icelander\Desktop\Microsoft Office Word 2007.exe (no file)
O22 - ScheduledTask: (Ready) {3BA34AEE-7573-4D69-9326-8E0CC9944986} - {root} - C:\Users\Icelander\Desktop\Microsoft Office Word 2007.exe (no file)
O22 - ScheduledTask: (Ready) {5634FBAA-06AE-42E8-A422-4376423C529F} - {root} - C:\Users\Icelander\Desktop\Microsoft Office Word 2007.exe (no file)
O22 - ScheduledTask: (Ready) {744984E8-68C2-465F-81D4-7821923130ED} - {root} - C:\Users\Icelander\Desktop\Microsoft Office Word 2007.exe (no file)
O22 - ScheduledTask: (Ready) {A225F1CB-E598-4580-A71B-B2A385482110} - {root} - C:\Users\Icelander\Desktop\Microsoft Office Word 2007.exe (no file)
-[RO] "C:\Users\Icelander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk" -> ["C:\Program Files (x86)\Mozilla Firefox\firefox.exe"]
-[RO] "C:\Users\Icelander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (3).lnk" -> ["C:\Program Files (x86)\Mozilla Firefox\firefox.exe"]
-[RO] "C:\Users\Icelander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk" -> ["C:\Program Files (x86)\Mozilla Firefox\firefox.exe"]
%appdata%\Malwarebytes\Malwarebytes' Anti-Malware\Logs
start
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-4033456328-1276868299-3160323743-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: No Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-4033456328-1276868299-3160323743-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin HKU\.DEFAULT: @altergeo.ru/Html5loc -> C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\npHtml5loc.dll [No File]
FF Extension: No Name - C:\Users\Icelander\AppData\Roaming\Mozilla\Firefox\Profiles\ylbx495u.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [not found]
CHR HKLM\...\Chrome\Extension: [kneggodalbcmgdkkfhbhbicbbahnacjb] - hxxp://vk.ijmelto.ru/index.xml
CHR HKLM-x32\...\Chrome\Extension: [kneggodalbcmgdkkfhbhbicbbahnacjb] - hxxp://vk.ijmelto.ru/index.xml
2015-11-29 23:32 - 2015-12-05 17:23 - 00000000 ____D C:\Users\Все пользователи\jDpJCtrobZ
2015-11-29 23:32 - 2015-12-05 17:23 - 00000000 ____D C:\Users\Все пользователи\DWRQOsnEtf
2015-11-29 23:32 - 2015-12-05 17:23 - 00000000 ____D C:\Users\Все пользователи\BewZgzwnfFjAOTI
2015-11-29 23:32 - 2015-12-05 17:23 - 00000000 ____D C:\ProgramData\jDpJCtrobZ
2015-11-29 23:32 - 2015-12-05 17:23 - 00000000 ____D C:\ProgramData\DWRQOsnEtf
2015-11-29 23:32 - 2015-12-05 17:23 - 00000000 ____D C:\ProgramData\BewZgzwnfFjAOTI
EmptyTemp:
Reboot:
end
start
CreateRestorePoint:
FF Extension: Рамблер-Ассистент - C:\Users\Icelander\AppData\Roaming\Mozilla\Firefox\Profiles\ylbx495u.default\extensions\rambler_toolbar@rambler.ru [2013-11-23] [not signed]
SearchScopes: HKU\S-1-5-21-4033456328-1276868299-3160323743-1000 -> Moikrug URL = hxxp://moikrug.ru/persons/?clid=143436&charset=utf-8&keywords={searchTerms}&submitted=1
EmptyTemp:
Reboot:
end
скрин можно?аваст выдает этот url:mal
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - MSConfig..HKLM: 2014/04/05 [MailRuUpdater] C:\Users\Icelander\AppData\Local\MailRu\MailRuUpdater.exe (no file)
O4 - MSConfig..HKLM: 2015/09/06 [VkontakteDJ] C:\VkontakteDJ\VKontakteDJ.exe /H (no file)
O9 - Extra button: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O22 - ScheduledTask: (Ready) AlterGeoUpdaterS-1-5-18 - {root} - C:\Program Files (x86)\AlterGeo\Html5 geolocation provider\html5locsvc.exe /task (no file)
O22 - ScheduledTask: (Ready) {229071E9-9FBC-4C1E-8315-7BD41F25CCDD} - {root} - "c:\program files (x86)\mozilla firefox\firefox.exe" http://www.skype.com/go/downloading?source=lightinstaller&ver=6.22.81.104&LastError=12002 (no file)
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?