Вход на некоторые сайты заблокирован.

[88]

Выскочил баннер. Удалила подбором кода. После этого оказались заблокированы в контакте и одноклассники. Блокировку сняла через ПУСК — ВЫПОЛНИТЬ — и так далее, очистив файл hosts. Но вход на некоторые сайты и в поисковики остается заблокированным. Вошла в систему в безопасном режиме, проверила антивирусником. NOD ничего не находит, avz находит 14 подозрительных файлов, возможно троянская программа. Все эти действия результата не дали. Что посоветуете Сносить ОС не хочется.

Просканировала предложенной программой. Вот что получилось.

Logfile of random’s system information tool 1.06 (written by random/random)
Run by 1 at 2010-05-31 01:31:47
Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (53%) free of 30 GB
Total RAM: 383 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:32:03, on 31.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:Program FilesCommon FilesArcSoftConnection ServiceBinACDaemon.exe
C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesArcSoftConnection ServiceBinArcCon.ac
C:Program FilesHPDigital Imagingbinhpqtra08.exe
C:WINDOWSsystem32sistray.exe
C:Program FilesHPDigital ImagingbinhpqSTE08.exe
C:Program FilesOperaopera.exe
D:Program FilesRSIT.exe
C:Program Filestrend micro1.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
F2 — REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,\?globalrootsystemrootsystem32Xs5p4TA.exe,\?globalrootsystemrootsystem32ChQKxvs.exe,
O2 — BHO: HP Print Enhancer — {0347C33E-8762-4905-BF09-768834316C61} — C:Program FilesHPSmart Web Printinghpswp_printenhancer.dll
O2 — BHO: HP Print Clips — {053F9267-DC04-4294-A72C-58F732D338C0} — C:Program FilesHPSmart Web Printinghpswp_framework.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [RemoteControl] «C:Program FilesCyberLinkPowerDVDPDVDServ.exe»
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [ArcSoft Connection Service] C:Program FilesCommon FilesArcSoftConnection ServiceBinACDaemon.exe
O4 — HKLM..Run: [Nikon Transfer Monitor] C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe
O4 — Global Startup: Utility Tray.lnk = C:WINDOWSsystem32sistray.exe
O4 — Global Startup: Ускоренный запуск Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Google Sidewiki… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 — Extra button: Альбом клипов HP — {58ECB495-38F0-49cb-A538-10282ABF65E7} — C:Program FilesHPSmart Web Printinghpswp_extensions.dll
O9 — Extra button: Расширенный выбор HP — {700259D7-1666-479a-93B1-3250410481E8} — C:Program FilesHPSmart Web Printinghpswp_extensions.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{9929AFD7-A871-4379-BB43-3B69CF54309E}: NameServer = 78.36.171.200 212.48.193.36
O23 — Service: ArcSoft Connect Daemon (ACDaemon) — ArcSoft Inc. — C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба Google Update (gupdate) (gupdate) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 6688 bytes

======Scheduled tasks folder======

C:WINDOWStasksGoogleUpdateTaskMachineCore.job
C:WINDOWStasksGoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer — C:Program FilesHPSmart Web Printinghpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips — C:Program FilesHPSmart Web Printinghpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-09-19 16844800]
«SkyTel»=C:WINDOWSSkyTel.EXE [2007-08-03 1826816]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«SiSPower»=SiSPower.dll,ModeAgent []
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«RemoteControl»=C:Program FilesCyberLinkPowerDVDPDVDServ.exe [2005-01-12 32768]
«HP Software Update»=C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-03-11 49152]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2009-10-07 1461080]
«ArcSoft Connection Service»=C:Program FilesCommon FilesArcSoftConnection ServiceBinACDaemon.exe [2010-03-18 207360]
«Nikon Transfer Monitor»=C:Program FilesCommon FilesNikonMonitorNkMonitor.exe [2009-09-15 479232]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-06-09 15360]

C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
HP Digital Imaging Monitor.lnk — C:Program FilesHPDigital Imagingbinhpqtra08.exe
Utility Tray.lnk — C:WINDOWSsystem32sistray.exe
Ускоренный запуск Adobe Reader.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

======List of files/folders created in the last 1 months======

2010-05-31 01:31:49 —-D—- C:Program Filestrend micro
2010-05-31 01:31:47 —-D—- C:rsit
2010-05-31 00:45:58 —-D—- C:WINDOWSsystem32appmgmt
2010-05-30 22:15:10 —-A—- C:SAFEBOOT_REPAIR.TXT
2010-05-30 17:10:58 —-D—- C:Documents and Settings1Application DataHelp
2010-05-28 00:43:27 —-A—- C:WINDOWSsystem32gDX5Lyt.exe
2010-05-27 23:55:59 —-D—- C:Program FilesQuickTime
2010-05-27 22:58:36 —-D—- C:32788R22FWJFW(2)
2010-05-27 22:35:36 —-D—- C:WINDOWSpss
2010-05-26 21:00:24 —-D—- C:Program FilesCommon FilesSysAware Soft
2010-05-26 06:21:21 —-A—- C:Program FilesCommon Fileskeylog.txt
2010-05-23 23:05:18 —-A—- C:WINDOWSViewNX.INI
2010-05-23 22:52:06 —-D—- C:Documents and Settings1Application DataApple Computer
2010-05-23 22:46:32 —-D—- C:Documents and Settings1Application DataNikon
2010-05-23 22:41:49 —-D—- C:Documents and SettingsAll UsersApplication DataSync Schema
2010-05-23 22:40:45 —-D—- C:Program FilesCommon Filesmuvee Technologies
2010-05-23 22:40:32 —-D—- C:Program FilesCommon FilesNikon
2010-05-23 22:40:32 —-D—- C:Documents and SettingsAll UsersApplication DataNikon
2010-05-23 22:40:24 —-D—- C:Program FilesNikon
2010-05-23 22:38:54 —-D—- C:Documents and SettingsAll UsersApplication DataUltima_T15
2010-05-23 22:38:54 —-D—- C:Documents and SettingsAll UsersApplication DataSpeech Enhancer
2010-05-23 22:38:54 —-D—- C:Documents and SettingsAll UsersApplication DataEnterNHelp
2010-05-23 22:34:11 —-HD—- C:Documents and SettingsAll UsersApplication DataArcSoft
2010-05-23 22:32:59 —-D—- C:Program FilesCommon FilesArcSoft
2010-05-23 22:32:59 —-D—- C:Program FilesArcSoft
2010-05-23 22:29:44 —-D—- C:Documents and Settings1Application DataArcSoft
2010-05-23 13:45:26 —-D—- C:Program FilesVirtualDub
2010-05-22 07:17:22 —-D—- C:FlashAudio
2010-05-22 02:10:26 —-D—- C:FlashVideos
2010-05-22 02:09:52 —-A—- C:WINDOWSsystem32xvidvfw.dll
2010-05-22 02:09:50 —-A—- C:WINDOWSsystem32xvidcore.dll
2010-05-21 19:30:43 —-A—- C:WINDOWSsystem32ptpusb.dll
2010-05-21 19:30:41 —-A—- C:WINDOWSsystem32ptpusd.dll
2010-05-14 21:22:47 —-D—- C:Program Filescandle_1024x768
2010-05-14 21:21:06 —-D—- C:Program Filescat_1024x768
2010-05-14 21:19:44 —-D—- C:Program Filescat_1280x1024

======List of files/folders modified in the last 1 months======

2010-05-31 01:31:49 —-RD—- C:Program Files
2010-05-31 01:31:14 —-D—- C:WINDOWSTemp
2010-05-31 00:45:59 —-SHD—- C:WINDOWSInstaller
2010-05-31 00:45:59 —-RSHDC—- C:WINDOWSsystem32dllcache
2010-05-31 00:45:59 —-HD—- C:Config.Msi
2010-05-31 00:45:59 —-D—- C:WINDOWSsystem32
2010-05-31 00:45:59 —-D—- C:WINDOWS
2010-05-31 00:44:52 —-A—- C:WINDOWSSchedLgU.Txt
2010-05-30 23:11:25 —-D—- C:WINDOWSsystem32drivers
2010-05-30 22:29:10 —-D—- C:WINDOWSsystem32CatRoot2
2010-05-30 22:29:09 —-A—- C:WINDOWSntbtlog.txt
2010-05-30 22:26:33 —-D—- C:Documents and Settings
2010-05-30 22:14:18 —-D—- C:WINDOWSPrefetch
2010-05-30 17:12:07 —-SH—- C:boot.ini
2010-05-30 17:12:07 —-A—- C:WINDOWSwin.ini
2010-05-30 17:12:07 —-A—- C:WINDOWSsystem.ini
2010-05-30 10:41:51 —-D—- C:Program FilesGoogle
2010-05-30 10:41:14 —-D—- C:Documents and Settings1Application DataYandex
2010-05-30 10:39:19 —-SD—- C:WINDOWSTasks
2010-05-29 20:50:05 —-D—- C:Program FilesMozilla Firefox
2010-05-29 20:05:08 —-A—- C:WINDOWSIE4 Error Log.txt
2010-05-29 11:49:41 —-A—- C:WINDOWSNeroDigital.ini
2010-05-27 23:56:36 —-D—- C:WINDOWSsystem32config
2010-05-27 23:56:23 —-D—- C:WINDOWSsystem32wbem
2010-05-27 23:56:22 —-D—- C:WINDOWSRegistration
2010-05-27 23:55:50 —-D—- C:Program FilesOpera
2010-05-27 23:55:15 —-D—- C:WINDOWSsystem32Restore
2010-05-26 21:00:24 —-RD—- C:Program FilesCommon Files
2010-05-26 16:00:05 —-SHD—- C:System Volume Information
2010-05-25 22:58:26 —-HD—- C:Program FilesInstallShield Installation Information
2010-05-23 22:40:57 —-D—- C:WINDOWSWinSxS
2010-05-23 22:38:47 —-A—- C:WINDOWSsystem32ATL71.DLL
2010-05-23 22:38:40 —-D—- C:Program FilesCommon FilesInstallShield
2010-05-23 22:37:38 —-D—- C:Program FilesInternet Explorer
2010-05-23 22:29:17 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2010-05-18 14:56:18 —-HD—- C:WINDOWSinf
2010-05-17 22:35:46 —-SD—- C:Documents and Settings1Application DataMicrosoft
2010-05-16 12:38:10 —-D—- C:temp
2010-05-10 05:53:52 —-D—- C:Documents and SettingsAll UsersApplication Dataxml_param
2010-05-09 21:47:00 —-A—- C:WINDOWSwincmd.ini
2010-05-09 21:27:32 —-D—- C:Documents and Settings1Application DataDVD Flick

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:WINDOWSsystem32DRIVERSeasdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2009-10-07 35168]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-06-09 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-14 14720]
R1 SiSkp;SiSkp; C:WINDOWSsystem32DRIVERSsrvkp.sys [2008-12-03 19072]
R1 uzezmjy3;AVZ-RK Kernel Driver; ??C:WINDOWSsystem32Driversuzezmjy3.sys []
R2 eamon;EAMON; C:WINDOWSsystem32DRIVERSeamon.sys [2009-10-07 40824]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-06-09 144384]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2007-03-08 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2007-03-08 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2007-03-08 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-09-19 4617728]
R3 MTsensor;ATK0100 ACPI UTILITY; C:WINDOWSsystem32DRIVERSATKACPI.sys [2007-08-24 5760]
R3 SiS315;SiS315; C:WINDOWSsystem32DRIVERSsisgrp.sys [2008-12-03 324096]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:WINDOWSsystem32DRIVERSSiSGbeXP.sys [2006-12-20 41600]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-06-09 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-06-09 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-06-09 17152]
R3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
R3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1); C:WINDOWSsystem32driversWsAudio_DeviceS(1).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2); C:WINDOWSsystem32driversWsAudio_DeviceS(2).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3); C:WINDOWSsystem32driversWsAudio_DeviceS(3).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4); C:WINDOWSsystem32driversWsAudio_DeviceS(4).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5); C:WINDOWSsystem32driversWsAudio_DeviceS(5).sys [2009-12-04 25704]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe [2010-03-18 113152]
R2 ekrn;Eset Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2009-10-07 472280]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:WINDOWSsystem32svchost.exe [2008-06-09 14336]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-06-09 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-06-09 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
R3 hpqcxs08;hpqcxs08; C:WINDOWSsystem32svchost.exe [2008-06-09 14336]
S2 gupdate;Служба Google Update (gupdate); C:Program FilesGoogleUpdateGoogleUpdate.exe [2010-02-16 135664]
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2009-10-07 20680]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]

---

EOF

---

info.txt logfile of random’s system information tool 1.06 2010-05-31 01:32:06

======Uninstall list======

—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}setup.exe» -l0x19 -uninst
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
32 Bit HP CIO Components Installer—>MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
7-Zip 4.65—>»C:Program Files7-ZipUninstall.exe»
ABBYY FineReader 8.0 Professional Edition—>MsiExec.exe /I{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}
ACDSee 10 Photo Manager—>MsiExec.exe /I{119E769A-C45B-47E1-A43C-14581D6058F9}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 7.0.5 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A70500000002}
ArcSoft Panorama Maker 5—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}Setup.exe» -l0x9
Daniusoft Media Converter Ultimate(Build 2.5.2.0)—>»C:Program FilesDaniusoftMedia Converter Ultimateunins000.exe»
DVD Flick 1.3.0.7—>»C:Program FilesDVD Flickunins000.exe»
ESET NOD32 Antivirus—>MsiExec.exe /I{DDBDB885-CFBA-48DD-BCDA-C44BB7C0A39C}
File Uploader—>MsiExec.exe /X{237CD223-1B9D-47E8-A76C-E478B83CCEA2}
GOM Player—>»C:Program FilesGRETECHGomPlayerUninstall.exe»
Google Update Helper—>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Планета Земля—>MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
HP Customer Participation Program 9.0—>C:Program FilesHPDigital ImagingExtCapUninstallhpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet All-In-One Software 9.0—>C:Program FilesHPDigital Imaging{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}setuphpzscr01.exe -datfile hposcr14.dat
HP Imaging Device Functions 9.0—>C:Program FilesHPDigital ImagingDeviceManagementhpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.01—>C:Program FilesHPDigital ImagingPhotoSmartEssentialhpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing—>MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0—>C:Program FilesHPDigital ImagingeSupporthpzscr01.exe -datfile hpqbud05.dat
HP Update—>MsiExec.exe /X{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}
HPSSupply—>MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Mozilla Firefox (3.5.4)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
Nero 6 Demo—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
Nero Mega Plugin Pack—>MsiExec.exe /I{EF901A4B-A25A-4962-83C6-C6691D062ED9}
Nikon Message Center—>MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
Nikon Transfer—>MsiExec.exe /X{E9757890-7EC5-46C8-99AB-B00F07B6525C}
Nokia Multimedia Converter Pro v2.0—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesNokiaMMConverterPro2Setup{08A4C07B-204D-11D6-AF25-00B0D0797201}Setup.exe»
Opera 10.00—>MsiExec.exe /X{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}
Picture Control Utility—>MsiExec.exe /X{87441A59-5E64-4096-A170-14EFE67200C3}
PowerDVD—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}Setup.exe» -uninstall
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}Setup.exe» -l0x19 -removeonly
SiS VGA Utilities—>SiSUninstall.exe VGA,R,oem2.inf
SiSAGP driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{DC226AC9-0314-496C-BE6A-B6A132628466}setup.exe» -l0x19
Total Commander (Remove or Repair)—>C:Program Filestotalcmdtcuninst.exe
ViewNX—>MsiExec.exe /X{F007CBCE-D714-4C0B-8CE9-9B0D78116468}
WinDjView 1.0.3—>C:Program FilesWinDjViewuninstall.exe
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Xilisoft AVI to DVD Converter—>C:Program FilesXilisoftAVI to DVD ConverterUninstall.exe
YouTube FLV to AVI Easy Converter 2.3.1—>»D:Program FilesYouTube FLV to AVI Easy Converterunins000.exe»
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Пакет обеспечения совместимости для выпуска 2007 системы Microsoft Office—>MsiExec.exe /X{90120000-0020-0419-0000-0000000FF1CE}
Проигрыватель Windows Media 10—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: ESET NOD32 Antivirus 3.0 (disabled)

======System event log======

Computer Name: 1-B01DF4E4F5E34
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 8477
Source Name: EventLog
Time Written: 20100510105800.000000+240
Event Type: информация
User:

Computer Name: 1-B01DF4E4F5E34
Event Code: 7036
Message: Служба «Google Software Updater» перешла в состояние Остановлена.

Record Number: 8476
Source Name: Service Control Manager
Time Written: 20100510101301.000000+240
Event Type: информация
User:

Computer Name: 1-B01DF4E4F5E34
Event Code: 7036
Message: Служба «Google Software Updater» перешла в состояние Работает.

Record Number: 8475
Source Name: Service Control Manager
Time Written: 20100510101201.000000+240
Event Type: информация
User:

Computer Name: 1-B01DF4E4F5E34
Event Code: 7035
Message: Служба «Google Software Updater» успешно отправила управляющий элемент «запустить».

Record Number: 8474
Source Name: Service Control Manager
Time Written: 20100510101201.000000+240
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: 1-B01DF4E4F5E34
Event Code: 20158
Message: Успешно выполнено подключение пользователя «szt»к «AVANGARD», с помощью устройства «PPPoE4-0».

Record Number: 8473
Source Name: RemoteAccess
Time Written: 20100510093447.000000+240
Event Type: информация
User:

=====Application event log=====

Computer Name: 1-B01DF4E4F5E34
Event Code: 0
Message:
Record Number: 1997
Source Name: gusvc
Time Written: 20100402165724.000000+240
Event Type: информация
User:

Computer Name: 1-B01DF4E4F5E34
Event Code: 102
Message: wuaueng.dll (3216) SUS20ClientDataStore: Ядро базы данных запустило новый экземпляр (0).

Record Number: 1996
Source Name: ESENT
Time Written: 20100402165713.000000+240
Event Type: информация
User:

Computer Name: 1-B01DF4E4F5E34
Event Code: 100
Message: wuauclt (3216) Ядро базы данных 5.01.2600.5512 запущено.

Record Number: 1995
Source Name: ESENT
Time Written: 20100402165713.000000+240
Event Type: информация
User:

Computer Name: 1-B01DF4E4F5E34
Event Code: 0
Message:
Record Number: 1994
Source Name: gupdate
Time Written: 20100402165658.000000+240
Event Type: информация
User:

Computer Name: 1-B01DF4E4F5E34
Event Code: 1800
Message: Служба центра обеспечения безопасности Windows запущена.

Record Number: 1993
Source Name: SecurityCenter
Time Written: 20100402165632.000000+240
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 22 Stepping 1, GenuineIntel
«PROCESSOR_REVISION»=1601
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Запустите HijackThis, для этого кликните Пуск, Выполнить, введите

C:Program Filestrend micro1.exe

и нажмите Enter.
Откроется главное меню программы HijackThis.
Кликните по кнопке Do a system scan only.
Далее отметьте галочкой (слева) следующие строки, если они присутствуют:

F2 - REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,\?globalrootsystemrootsystem32Xs5p4TA.exe,\?globalrootsystemrootsystem32ChQKxvs.exe,

Закройте все запущенные программы (включая InternetExplorer) и окна Windows.
Кликните по кнопке Fix checked и подтвердите свои действия выбрав YES.
Перезагрузите компьютер.

Прочитайте описание программы Malwarebytes Anti-malware (MBAM).
Скачайте и выполните сканирование вашего компьютера. Удалите всё что будет найдено. В конце работы будет показан лог. Вставьте его в ваш ответ и приложите свежий RSIT лог.

[88]

Следую вашим инструкциям, но не могу скачать программу Malwarebytes Anti-malware. Из двух, предложенных ссылок ни одна не работает у меня. скорее всего тоже блокируются. что делать?

[88]

Скачала. Сканирование выполню и отошлю результат вам.

[88]

Malwarebytes’ Anti-Malware 1.46
http://www.malwarebytes.org

Версия базы данных: 4162

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

02.06.2010 9:42:52
mbam-log-2010-06-02 (09-42-52).txt

Тип сканирования: Полное сканирование (A:|C:|D:|E:|)
Просканированные объекты: 169750
Времени прошло: 22 минут, 25 секунд

Зараженные процессы в памяти: 0
Зараженные модули в памяти: 0
Зараженные ключи в реестре: 0
Зараженные параметры в реестре: 203
Объекты реестра заражены: 2
Зараженные папки: 0
Зараженные файлы: 3

Зараженные процессы в памяти:
(Вредоносных программ не обнаружено)

Зараженные модули в памяти:
(Вредоносных программ не обнаружено)

Зараженные ключи в реестре:
(Вредоносных программ не обнаружено)

Зараженные параметры в реестре:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftoption_1 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftoption_2 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftoption_3 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes128.111.48.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes128.130.56.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes128.130.60.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes139.91.222.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes141.202.248.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes149.101.225.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes150.70.93.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes155.35.248.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes162.40.10.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes165.160.15.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes166.70.98.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.120.184.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.120.185.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.120.186.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.133.38.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes18.85.2.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes188.40.74.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes188.93.8.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes192.150.94.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.0.6.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.1.193.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.110.109.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.17.85.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.193.194.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.24.237.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.66.251.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.69.114.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.71.68.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.0.200.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.109.142.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.112.106.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.206.126.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.33.180.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.137.160.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.146.235.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.2.240.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.210.42.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.55.72.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.64.225.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.70.37.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes198.6.49.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes199.203.243.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes203.160.188.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes204.14.90.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes205.178.145.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes205.227.136.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes206.204.52.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.44.154.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.44.254.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.46.18.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.46.20.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.46.232.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.66.0.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes208.43.44.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes208.43.71.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes208.79.250.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.124.55.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.157.69.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.160.22.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.216.46.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.51.167.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.62.112.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.62.68.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.87.209.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.47.219.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.67.88.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.72.62.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.8.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.133.34.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.171.218.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.198.89.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.220.100.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.31.172.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.10.192.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.12.145.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.239.122.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.246.90.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.49.88.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.49.94.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.55.183.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.99.133.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.106.234.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.16.16.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.170.21.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.174.103.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes38.113.1.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.14.249.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.146.210.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.146.66.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.189.194.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.213.110.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.75.163.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.75.216.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes63.85.36.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.128.133.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.13.134.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.202.189.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.246.4.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.41.142.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.41.151.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.66.190.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.78.182.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes65.175.38.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes65.55.184.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes65.55.240.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes66.223.50.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes66.249.17.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes66.77.70.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.134.208.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.15.103.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.15.231.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.19.34.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.192.135.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.225.206.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.227.172.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes68.177.102.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.162.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.18.148.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.20.104.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.57.142.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.93.226.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes70.84.211.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.232.246.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.3.254.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.32.125.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.32.149.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.32.70.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.125.77.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.208.158.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.208.20.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.50.0.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.52.233.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.53.201.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.53.70.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.54.130.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.54.139.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.54.46.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.55.40.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.55.74.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.86.125.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.86.232.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.185.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.189.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.212.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.29.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.43.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.82.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes78.108.86.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes78.137.164.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes78.47.87.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes79.125.5.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.153.193.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.190.130.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.190.154.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.237.132.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.86.107.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.176.66.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.176.67.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.177.31.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.24.35.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.117.238.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.151.107.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.165.103.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.98.86.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.102.130.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.202.175.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.222.23.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.222.31.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.223.117.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes84.40.30.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.12.57.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.17.210.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.214.106.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.255.19.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.31.222.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.106.242.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.106.254.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.230.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.238.48.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.72.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.74.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.75.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes88.221.119.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.108.66.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.111.176.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.202.149.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.202.157.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes90.156.159.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes90.183.101.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes91.121.97.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes91.199.212.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes91.209.196.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes92.123.155.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes92.53.106.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes93.184.71.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes93.191.13.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes94.23.206.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes94.236.0.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes95.140.225.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.

Объекты реестра заражены:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterAntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterUpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Зараженные папки:
(Вредоносных программ не обнаружено)

Зараженные файлы:
C:WINDOWSsystem32oobeAntiWPA_Crypt.dll (Hacktool) -> Quarantined and deleted successfully.
D:Program FilesMalwarebytes.Anti-Malware.1.46_rusMalwarebytes.Anti-Malware.1.46 ruskeygenFFF-MBAM145.exe (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
C:Program FilesCommon Fileskeylog.txt (Malware.Trace) -> Quarantined and deleted successfully.

[Автор]

Сообщения