Эта ссылка не просто такПодробнее в "ComboFix. Руководство по применению."
:OTL
O3 - HKU\S-1-5-21-353495810-25160049-2951638232-1000\..\Toolbar\WebBrowser: (no name) - {09900DE8-1DCA-443F-9243-26FF581438AF} - No CLSID value found.
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe File not found
O13 - gopher Prefix: missing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:7BA6D322
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:1CB3187E
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:CF31AEF5
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:FA7CDE12
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:61A065F2
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:E14FA16F
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:BACB6B6C
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:BDEBC850
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A652BC99
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:88A44CC1
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:D3A8AA31
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:91730504
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:27F44544
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:8EDA76B4
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:33384BC0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:2C678471
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:E0AE69BE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8776F88E
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:5AF0DC60
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:CDCEE6BF
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:404390E0
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:38E2864F
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:15DE523E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:CD6E25A6
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:A29CC312
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:12C32D25
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:60C897F3
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:ACCFA538
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:B1EEADE7
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:726D640A
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:DC0B1070
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:90015502
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:B5988350
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:2342AE46
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:98AE08EA
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:06EB9DC2
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:114BD271
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:3559A02E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:38C4D9C2
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:50DD4118
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:71441FEF
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:64EEA19D
:files
autorun.inf /alldrives
recycler /alldrives
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
[CreateRestorePoint]
[emptyflash]
[Reboot]
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?