Скопируйте код ниже в буфер обмена.
Закройте все браузеры.
Запустите UVS под текущим пользователем.
В меню: Скрипты----Выполнить из буфера обмена
Код:
;uVS v4.0.10 [http://dsrt.dyndns.org]
;Target OS: NTv6.1
v400c
zoo %SystemDrive%\USERS\DDD\DESKTOP\РФ\RFLОGIN.EXE
zoo %SystemDrive%\PROGRAMDATA\DAGLSERVICE\DAGLSERVICE.EXE
zoo %SystemDrive%\PROGRAM FILES (X86)\HPMAMMOTH\MAMMOTHSTARTER.EXE
delall %SystemDrive%\USERS\DDD\APPDATA\ROAMING\MP3TAGAPP2\MP3TAGAPP.EXE
delall %SystemDrive%\USERS\DDD\APPDATA\LOCAL\OPTIMIZER\OPTIMIZER.EXE
delall %SystemDrive%\USERS\DDD\DESKTOP\РФ\RFLОGIN.EXE
delall %SystemDrive%\USERS\DDD\APPDATA\LOCAL\TEMP\{F31DF7CB-BA7A-4EA1-9D9A-D3522635E685}-60.0.3112.113_CHROME_INSTALLER.EXE
delref %SystemDrive%\USERS\DDD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PKEDCJKDEFGPDELPBCMBMEOMCJBEEMFM\6217.911.0.5_0\CHROME MEDIA ROUTER
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\51.0.2704.103\RESOURCES\NETWORK_SPEECH_SYNTHESIS\GOOGLE NETWORK SPEECH
delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DCNCGOHEPIHCEKKLOKHBHIBLHFCMIPBDH%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DGEHNGEIFMELPHPLLNCOBKMIMPHFKCKNE%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DMDELDJOLAMFBCGNNDJMJJIINNHBNBNLA%26INSTALLSOURCE%3DONDEMAND%26UC
delref KERNCAP.VBS
delall %SystemDrive%\PROGRAMDATA\DAGLSERVICE\DAGLSERVICE.EXE
delall %SystemDrive%\PROGRAM FILES (X86)\HPMAMMOTH\MAMMOTHSTARTER.EXE
regt 27
deltmp
delnfr
restart
После перезагрузки выполните
сканирование в Malwarebytes