"regedit" при запуске выдает ошибку "0xc0000017" также и при "Сброс сети"

[Rex-fdf654]

[Mark D. Pearlstone]

Порядок оформления запроса о помощи

[Rex-fdf654]

CollectionLog-2025.08.21-22.19.zip

Правильно ли я понимаю, что вы имеете в виду этот файл?

 

После установки программы для обхода ограничений Рунета у меня возникли такие проблемы.

Изменено 23 часа назад пользователем Rex-fdf654

[thyrex]

Здравствуйте.

 

Запустите AVZ из папки Autologger от имени Администратора по правой кнопке мыши.

 

Выполните скрипт в AVZ (Файл – Выполнить скрипт – вставить текст скрипта из окна Код)

begin
if not IsWOW64
 then
  begin
   SearchRootkit(true, true);
   SetAVZGuardStatus(True);
  end;
QuarantineFile('C:\Users\Админ\AppData\Roaming\utorrent\UtorrentWeb.exe','');
 DeleteSchedulerTask('0add7f10-198f-43c1-8899-86b24e1357eb');
 DeleteSchedulerTask('2bae4a21-abe8-40c4-a120-e746f54abee2');
 DeleteSchedulerTask('EdgeUpdate');
 DeleteSchedulerTask('RunGame');
 DeleteSchedulerTask('UtorrentUpdate');
 DeleteSchedulerTask('UtorrentWebUpdate');
 DeleteFile('C:\Users\Админ\AppData\Roaming\utorrent\UtorrentWeb.exe','64');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.

• Обратите внимание: будет выполнена перезагрузка компьютера.

 

Выполните скрипт в AVZ

begin
DeleteFile(GetAVZDirectory+'quarantine.7z');
ExecuteFile(GetAVZDirectory+'7za.exe', 'a -mx9 -pmalware quarantine ./Quarantine/', 1, 0, true);
end.

Отправьте quarantine.7z из папки с распакованной утилитой AVZ с помощью формы отправки карантина или на этот почтовый ящик: quarantine <at> safezone.cc (замените <at> на @) с указанием ссылки на тему в теме (заголовке) сообщения и с указанием пароля: malware в теле письма.

 

Пожалуйста, ЕЩЕ РАЗ запустите Autologger; прикрепите к следующему сообщению НОВЫЕ логи.
 

[Rex-fdf654]

CollectionLog-2025.08.22-00.16.zip

[thyrex]

Цитата

Client Helper 6.1.6
PowerPoint, версия 2.0
Кнопки сервисов Яндекса на панели задач

удалите через Панель управления – Программы и компоненты или принудительно с помощью Geek Uninstaller

 

Скачайте Farbar Recovery Scan Tool (или с зеркала) и сохраните на Рабочем столе.

• Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.

1. Запустите программу двойным щелчком. Когда программа запустится, нажмите Yes для соглашения с предупреждением.
2. Убедитесь, что в окне Optional Scan (Дополнительные опции) отмечены List BCD и 90 Days Files.
3. Нажмите кнопку Scan (Сканировать).
4. После окончания сканирования будет создан отчет (FRST.txt) в той же папке, откуда была запущена программа.
5. Если программа была запущена в первый раз, также будет создан отчет (Addition.txt).
6. Файлы FRST.txt и Addition.txt заархивируйте (в один общий архив) и прикрепите к сообщению.
 

[Rex-fdf654]

FRST_Addition.rar

[thyrex]

1. Выделите следующий код и скопируйте в буфер обмена (правая кнопка мыши – Копировать)

Start::
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ограничение <==== ВНИМАНИЕ
HKLM\SOFTWARE\Policies\Microsoft\MRT: Ограничение <==== ВНИМАНИЕ
HKU\S-1-5-21-4261127955-29950400-2069094022-1001\...\Run: [MediaGet2] => "C:\Users\Админ\MediaGet2\mediaget.exe" --minimized (Нет файла)
HKU\S-1-5-21-4261127955-29950400-2069094022-1001\...\Run: [YandexBrowserAutoLaunch_FAC5EADC4667999F9B8C97EF1CB81C74] => "C:\Users\Админ\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --shutdown-if-not-closed-by-system-restart (Нет файла)
IFEO\a2service.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\acnamagent.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\acnamlogonagent.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\AnVir.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\anvir64.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\anvirlauncher.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\aswidsagent.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\autoruns.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\autorunsc.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\AvastSvc.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\AvastUI.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\AvastUI.p.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\avgnt.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\avgsvc.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\avguard.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\AVKService.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\avp.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\avpui.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\bcdedit.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\bdagent.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\bdservicehost.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\BullGuardSvc.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\ccSvcHst.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\clientcommunicationservice.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\cmdagent.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\CybereasonRansomFreeService.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\DeepInstinctService.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\dism.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\dwservice.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\egui.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\ekrn.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\EPConsole.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\F-Secure.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\FRST64.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\GDataAVK.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\GlassWire.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\GlassWireSetup.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\HeimdalClientHost.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\kldw.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\klwtblfs.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\KVRT.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\mbamagent.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\mbamservice.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\mbamtray.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\mcshield.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\MediaCreationTool22H2.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\mfeesp.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\mfetp.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\mmc.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\mstsc.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\n360.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\nortonsecurity.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\ntrtscan.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\OpenHardwareMonitor.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\panda_url_filtering.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\pavfnsvr.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\pavsrv.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\pccntmon.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\PowerTool.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\PowerTool64.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\PSANHost.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\PSUAService.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\ReAgentc.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\recoverydrive.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\regedit.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\rstrui.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\SAVAdminService.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\SAVService.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\SBAMSvc.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\SecureAPlus.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\shstat.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\Smc.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\sophosav.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\sophosclean.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\sophoshealth.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\sophossps.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\sophosui.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\systemreset.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\SystemSettingsAdminFlows.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\tcpview.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\tcpview64.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\TMASOAgent.exe.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\TrustwaveService.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\V3Svc.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\VirusTotalUpload.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\vssadmin.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\vsserv.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\Wireshark.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\WRSA.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\wuapihost.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\wuauclt.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\x32dbg.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\x64dbg.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\xcopy.exe: [MinimumStackCommitInBytes] 1099466887
IFEO\ZAPrivacyService.exe: [MinimumStackCommitInBytes] 1099466887
HKLM\SOFTWARE\Policies\Google: Ограничение <==== ВНИМАНИЕ
Task: {554203D5-6317-471A-A782-59E95EDD2D3E} - System32\Tasks\OperaUpdate => C:\WINDOWS\system32\cmd.exe [289792 2024-11-02] (Microsoft Windows -> Microsoft Corporation) -> /c auditpol /set /category:"Система" /success:enable && auditpol /set /category:"Подробное отслеживание" /subcategory:"Создание процесса" /success:enable <==== ВНИМАНИЕ
Task: {C7EF8047-30E0-4976-9AA7-CDF7801AD971} - System32\Tasks\MyNode => C:\Windows\System32\wscript.exe [181760 2025-05-14] (Microsoft Windows -> Microsoft Corporation) -> //nologo //B "C:\Program Files (x86)\nodejs\nodeupdate.vbs" <==== ВНИМАНИЕ
File: C:\Program Files (x86)\nodejs\nodeupdate.vbs
C:\Program Files (x86)\nodejs\nodeupdate.vbs
C:\Users\Админ\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhnocgekaoafcepohclohlbcbbghginh
C:\Users\Админ\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gkjbhcingaeihflgplakddgkebkgnpld
C:\Users\Админ\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iliobgillmpkilpinkefboklmbmkbhkb
C:\Users\Админ\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pmjdjajedmboigjadknbjkplpceiepkc
CHR HKLM-x32\...\Chrome\Extension: [kadaohckdkghfaclhjmkmplebcdcnfnp] - <отсутствует Path/update_url>
C:\Users\Админ\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\focmfgokcnddgpeikgngkaedbngkooof
C:\Users\Админ\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\hgobadpdfkmhhfimfngfgicloobcgbke
C:\Users\Админ\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\lllbpbjmjfmlfaligmpjmkgmjhnhgblh
C:\Users\Админ\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\mkibmfbbpfihmmenfakkbnllfpegljep
C:\Users\Админ\AppData\Local\Yandex\YandexBrowser\User Data\Profile 1\Extensions\bafoombccdigibjnfimafkpnfkapagih
C:\Users\Админ\AppData\Local\Yandex\YandexBrowser\User Data\Profile 1\Extensions\nacdnccpgodoidcjijfpnoadpmdhkoak
2025-08-17 22:09 - 2025-08-21 20:00 - 000000000 __SHD C:\ProgramData\493e9efd-5818-4a2f-a6fc-125a6bc8d45c
2025-08-17 22:09 - 2025-08-18 15:14 - 000000000 __SHD C:\ProgramData\uFilerjll
File: C:\Users\Админ\DiscordFix.exe
File: C:\Users\Админ\elevator.exe
File: C:\Users\Админ\start.cmd
C:\Users\Public\Libraries
2025-01-03 13:47 - 2025-01-03 13:47 - 000000304 _____ () C:\Users\Админ\node.dat
2025-06-23 17:04 - 2025-06-23 17:04 - 000000364 _____ () C:\Users\Админ\setup.dat
StartPowershell:
Remove-MpPreference -ExclusionExtension ".exe"
Remove-MpPreference -ExclusionPath "C:\ProgramData"
Remove-MpPreference -ExclusionPath "C:\Users\Public"
EndPowerShell:
FirewallRules: [TCP Query User{150E81FC-6898-4E12-819D-8D5722DE568D}E:\igra\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) E:\igra\steamapps\common\counter-strike global offensive\csgo.exe => Нет файла
FirewallRules: [UDP Query User{27242A4C-75FC-4E61-9D72-479745B1F5DE}E:\igra\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) E:\igra\steamapps\common\counter-strike global offensive\csgo.exe => Нет файла
FirewallRules: [TCP Query User{B47A5053-641B-477E-9991-8DE444FB2CAF}C:\users\админ\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\админ\appdata\local\discord\app-1.0.9008\discord.exe => Нет файла
FirewallRules: [UDP Query User{78F95841-0120-40FD-A64C-80645318FFFA}C:\users\админ\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\админ\appdata\local\discord\app-1.0.9008\discord.exe => Нет файла
FirewallRules: [{63040D5D-89F7-4413-ACD4-8F121DF422E4}] => (Allow) E:\igra\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Нет файла
FirewallRules: [{A32E5EB8-6B64-42B3-AB71-D9D6B03F53E9}] => (Allow) E:\igra\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Нет файла
FirewallRules: [{DD64BC67-7BDF-4012-A8DB-DE3D6356DAFC}] => (Allow) C:\Users\Админ\AppData\Roaming\uTorrent\uTorrent.exe => Нет файла
FirewallRules: [{1A88712B-2DC3-418C-8851-9FFE3C3E4306}] => (Allow) C:\Users\Админ\AppData\Roaming\uTorrent\uTorrent.exe => Нет файла
FirewallRules: [TCP Query User{93061B12-9926-492A-B3F6-C6BBC28366BB}E:\games\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) E:\games\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe => Нет файла
FirewallRules: [UDP Query User{71740CB3-7D6E-43FE-8B67-D1591EC063A6}E:\games\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) E:\games\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe => Нет файла
FirewallRules: [TCP Query User{620EAB48-2183-4453-BBE4-66D7098F2577}E:\games\resident evil 4\re4.exe] => (Block) E:\games\resident evil 4\re4.exe => Нет файла
FirewallRules: [UDP Query User{0B3CFC4C-CF69-4D30-9992-CA004518D8B1}E:\games\resident evil 4\re4.exe] => (Block) E:\games\resident evil 4\re4.exe => Нет файла
FirewallRules: [TCP Query User{8A48060F-A52A-4BEB-B3F5-3D066E845C27}C:\games\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe] => (Block) C:\games\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe => Нет файла
FirewallRules: [UDP Query User{E85F484B-8A4D-46D0-A5FB-37AF8337BC8F}C:\games\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe] => (Block) C:\games\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe => Нет файла
FirewallRules: [TCP Query User{758D6880-F314-4714-99B2-83A81E786248}C:\games\crysis 2  maximum edition\bin32\crysis2.exe] => (Block) C:\games\crysis 2  maximum edition\bin32\crysis2.exe => Нет файла
FirewallRules: [UDP Query User{CC225EBD-FAB8-41EB-B8E1-CCB73F1F66BC}C:\games\crysis 2  maximum edition\bin32\crysis2.exe] => (Block) C:\games\crysis 2  maximum edition\bin32\crysis2.exe => Нет файла
FirewallRules: [{A021BB39-FCDA-45AD-8B14-6375A749B28D}] => (Allow) E:\Games\Red Dead Redemption 2\RDR2.exe => Нет файла
FirewallRules: [{446802ED-1ED3-486A-99F3-6151C4D9CB94}] => (Allow) E:\Games\Red Dead Redemption 2\RDR2.exe => Нет файла
FirewallRules: [TCP Query User{2B573111-56C4-4A4F-B09D-9FD233C99E19}C:\games\assassins creed ii\assassinscreediigame.exe] => (Block) C:\games\assassins creed ii\assassinscreediigame.exe => Нет файла
FirewallRules: [UDP Query User{F6CAEDF1-6658-4D3D-A99D-369410547398}C:\games\assassins creed ii\assassinscreediigame.exe] => (Block) C:\games\assassins creed ii\assassinscreediigame.exe => Нет файла
FirewallRules: [{D95CFC85-A503-4F67-826F-C1D14E8083CC}] => (Allow) C:\Users\Админ\MediaGet2\mediaget.exe => Нет файла
FirewallRules: [{D1CD9E76-5A37-4A57-B168-2326DD0FB7C7}] => (Allow) C:\Users\Админ\MediaGet2\mediaget.exe => Нет файла
FirewallRules: [{936A0FDF-9269-4548-A100-B54B3732EF8B}] => (Allow) C:\Users\Админ\MediaGet2\QtWebEngineProcess.exe => Нет файла
FirewallRules: [{15FA723E-E711-4C1F-A93F-92B131FEB968}] => (Allow) C:\Users\Админ\MediaGet2\QtWebEngineProcess.exe => Нет файла
FirewallRules: [TCP Query User{0BD51674-A9BF-4914-92F1-1CD0F5CECDA2}C:\games\assassins creed ii\assassinscreediigame.exe] => (Block) C:\games\assassins creed ii\assassinscreediigame.exe => Нет файла
FirewallRules: [UDP Query User{7B605FDF-7F0B-4AD9-8B53-D1080E360343}C:\games\assassins creed ii\assassinscreediigame.exe] => (Block) C:\games\assassins creed ii\assassinscreediigame.exe => Нет файла
FirewallRules: [TCP Query User{5565AA18-B103-427A-9F76-80E5BDF33F9E}E:\games\dishonored definitive edition\binaries\win32\dishonored.exe] => (Block) E:\games\dishonored definitive edition\binaries\win32\dishonored.exe => Нет файла
FirewallRules: [UDP Query User{9AFCE958-B0F6-4F1F-8069-4457E362EAD3}E:\games\dishonored definitive edition\binaries\win32\dishonored.exe] => (Block) E:\games\dishonored definitive edition\binaries\win32\dishonored.exe => Нет файла
FirewallRules: [TCP Query User{9C53D43B-36A9-4897-BCF3-6CB9BFD27797}E:\папка\assassins creed mirage\scimitar_engine_win64_vs2019_dx12_qx.exe] => (Block) E:\папка\assassins creed mirage\scimitar_engine_win64_vs2019_dx12_qx.exe => Нет файла
FirewallRules: [UDP Query User{93E47909-44F1-46F3-AD81-FAE1CC1E84F0}E:\папка\assassins creed mirage\scimitar_engine_win64_vs2019_dx12_qx.exe] => (Block) E:\папка\assassins creed mirage\scimitar_engine_win64_vs2019_dx12_qx.exe => Нет файла
FirewallRules: [TCP Query User{4860AFE2-976C-4A05-9B2C-FFFFE114BD38}E:\games\grand theft auto. san andreas - the definitive edition (2005-2021)\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) E:\games\grand theft auto. san andreas - the definitive edition (2005-2021)\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe => Нет файла
FirewallRules: [UDP Query User{AF05A596-8AFE-4A38-920A-8D3E7B71262F}E:\games\grand theft auto. san andreas - the definitive edition (2005-2021)\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) E:\games\grand theft auto. san andreas - the definitive edition (2005-2021)\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe => Нет файла
FirewallRules: [TCP Query User{05D00FE2-142F-46FE-A279-F20DF92D2050}E:\games\garrys mod\hl2.exe] => (Block) E:\games\garrys mod\hl2.exe => Нет файла
FirewallRules: [UDP Query User{2BBBCAC1-3704-40DE-A244-DF3D38DD0FCE}E:\games\garrys mod\hl2.exe] => (Block) E:\games\garrys mod\hl2.exe => Нет файла
FirewallRules: [TCP Query User{1495768B-D8BE-4822-8372-0B2426FB3A99}E:\games\grand theft auto. san andreas - the definitive edition (2005-2021)\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) E:\games\grand theft auto. san andreas - the definitive edition (2005-2021)\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe => Нет файла
FirewallRules: [UDP Query User{8DEEDDB0-4D7E-455D-8A5E-42987A17AC74}E:\games\grand theft auto. san andreas - the definitive edition (2005-2021)\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) E:\games\grand theft auto. san andreas - the definitive edition (2005-2021)\gta san andreas - the definitive edition\gameface\binaries\win64\sanandreas.exe => Нет файла
FirewallRules: [TCP Query User{9F7FC133-7159-4E5F-9813-CC6D485C269A}E:\games\assassins creed iii remastered\aciii.exe] => (Block) E:\games\assassins creed iii remastered\aciii.exe => Нет файла
FirewallRules: [UDP Query User{9AECF3F5-5BE8-49E0-92F6-53583A6FE80F}E:\games\assassins creed iii remastered\aciii.exe] => (Block) E:\games\assassins creed iii remastered\aciii.exe => Нет файла
FirewallRules: [{2EA6B51F-4373-4184-A329-723544E16FA0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe => Нет файла
FirewallRules: [{7EE48382-5F5E-434C-B592-E0BB272005C6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe => Нет файла
FirewallRules: [TCP Query User{FA52CAFC-7058-44EA-BFCC-944D8BAC981B}E:\games\far cry 6\bin\farcry6.exe] => (Block) E:\games\far cry 6\bin\farcry6.exe => Нет файла
FirewallRules: [UDP Query User{EE1559F6-F891-4F21-996C-6B3C65D829A0}E:\games\far cry 6\bin\farcry6.exe] => (Block) E:\games\far cry 6\bin\farcry6.exe => Нет файла
FirewallRules: [TCP Query User{27E09286-48DE-4A9B-B97F-7575277CAE35}E:\games\doom\doomx64.exe] => (Block) E:\games\doom\doomx64.exe => Нет файла
FirewallRules: [UDP Query User{9C8EE0CB-960A-4EC9-A1C4-5312C2A43432}E:\games\doom\doomx64.exe] => (Block) E:\games\doom\doomx64.exe => Нет файла
FirewallRules: [TCP Query User{0CAE4082-6110-46FE-A818-4372D63F0A97}E:\games\dying light\dyinglightgame.exe] => (Block) E:\games\dying light\dyinglightgame.exe => Нет файла
FirewallRules: [UDP Query User{D3244AAC-8718-4367-9A74-248330DA0955}E:\games\dying light\dyinglightgame.exe] => (Block) E:\games\dying light\dyinglightgame.exe => Нет файла
FirewallRules: [TCP Query User{92B911D2-4AD0-407A-A123-DF2EE92C22D8}C:\program files\windowsapps\freevpnplanet.planetvpn_2.10.9.0_x64__b2qrq2z57ppd2\bin\xray\xray.exe] => (Block) C:\program files\windowsapps\freevpnplanet.planetvpn_2.10.9.0_x64__b2qrq2z57ppd2\bin\xray\xray.exe => Нет файла
FirewallRules: [UDP Query User{F3199760-9292-45E8-84B9-D785D7ACEF8C}C:\program files\windowsapps\freevpnplanet.planetvpn_2.10.9.0_x64__b2qrq2z57ppd2\bin\xray\xray.exe] => (Block) C:\program files\windowsapps\freevpnplanet.planetvpn_2.10.9.0_x64__b2qrq2z57ppd2\bin\xray\xray.exe => Нет файла
FirewallRules: [TCP Query User{9003F5D9-C114-4DEF-97A1-58174F1AB5BF}C:\users\админ\desktop\новая папка\people playground.exe] => (Block) C:\users\админ\desktop\новая папка\people playground.exe => Нет файла
FirewallRules: [UDP Query User{A4F01EE3-F149-4C48-8739-A0895E3EC790}C:\users\админ\desktop\новая папка\people playground.exe] => (Block) C:\users\админ\desktop\новая папка\people playground.exe => Нет файла
FirewallRules: [TCP Query User{0AF8A8FA-C22D-483E-80E2-E61DCFB1E345}E:\games\grand theft auto san andreas the definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) E:\games\grand theft auto san andreas the definitive edition\gameface\binaries\win64\sanandreas.exe => Нет файла
FirewallRules: [UDP Query User{5A8215BD-0830-48F3-94E2-1D5B994B3803}E:\games\grand theft auto san andreas the definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) E:\games\grand theft auto san andreas the definitive edition\gameface\binaries\win64\sanandreas.exe => Нет файла
FirewallRules: [TCP Query User{12F3AD3B-E554-4E9A-9375-0FB1FB9F73A1}E:\games\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Block) E:\games\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe => Нет файла
FirewallRules: [UDP Query User{A4C30963-3412-49C0-B5BA-C86F290592C9}E:\games\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Block) E:\games\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe => Нет файла
FirewallRules: [TCP Query User{EBEAEC0B-9FAC-494C-862C-A0A06B900597}E:\games\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Block) E:\games\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => Нет файла
FirewallRules: [UDP Query User{B0AF5A64-5CA5-485D-ADB2-5B681724CE12}E:\games\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Block) E:\games\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => Нет файла
FirewallRules: [TCP Query User{F1524FB8-53CA-4E34-BD65-43F2B105BFAA}E:\games\batman arkham city goty\binaries\win32\batmanac.exe] => (Block) E:\games\batman arkham city goty\binaries\win32\batmanac.exe => Нет файла
FirewallRules: [UDP Query User{8A98211E-940F-49A1-88EA-A0CC83EEF562}E:\games\batman arkham city goty\binaries\win32\batmanac.exe] => (Block) E:\games\batman arkham city goty\binaries\win32\batmanac.exe => Нет файла
FirewallRules: [TCP Query User{4117BC95-8B2E-4097-A6E2-2C194AB651CB}E:\games\marvels spiderman remastered\spider-man.exe] => (Block) E:\games\marvels spiderman remastered\spider-man.exe => Нет файла
FirewallRules: [UDP Query User{BD7F2BD8-E172-474F-A5B2-A61293807B89}E:\games\marvels spiderman remastered\spider-man.exe] => (Block) E:\games\marvels spiderman remastered\spider-man.exe => Нет файла
FirewallRules: [{586FA00A-4F43-4E4B-9BE2-FB7A8C1C94A9}] => (Allow) E:\Games\Red Dead Redemption 2\RDR2.exe => Нет файла
FirewallRules: [{2B8D9ED4-9112-43D4-AFFD-121511538280}] => (Allow) E:\Games\Red Dead Redemption 2\RDR2.exe => Нет файла
FirewallRules: [TCP Query User{2F355C55-656E-4723-8F72-EC51519E62AF}E:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) E:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => Нет файла
FirewallRules: [UDP Query User{276CFC84-1024-421D-8EAF-D5A9A0152813}E:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) E:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => Нет файла
FirewallRules: [TCP Query User{75AFC0FD-F268-4971-B9A0-2B3FE931D1D5}E:\games\the witcher 2\bin\witcher2.exe] => (Block) E:\games\the witcher 2\bin\witcher2.exe => Нет файла
FirewallRules: [UDP Query User{67122AD0-F715-428A-BF88-384C091A015A}E:\games\the witcher 2\bin\witcher2.exe] => (Block) E:\games\the witcher 2\bin\witcher2.exe => Нет файла
FirewallRules: [TCP Query User{ADD1E304-BD11-4665-9B03-D072A4E44862}E:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Block) E:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe => Нет файла
FirewallRules: [UDP Query User{E0BB9A0B-E31F-49F2-9AD7-5930314615DA}E:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Block) E:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe => Нет файла
FirewallRules: [TCP Query User{45829EA7-FAA4-41A8-A5D3-A1F58DC0781A}E:\games\dishonored\binaries\win32\dishonored.exe] => (Block) E:\games\dishonored\binaries\win32\dishonored.exe => Нет файла
FirewallRules: [UDP Query User{2EDA259F-1D92-4ED9-9E16-F7158898F190}E:\games\dishonored\binaries\win32\dishonored.exe] => (Block) E:\games\dishonored\binaries\win32\dishonored.exe => Нет файла
FirewallRules: [TCP Query User{45562505-9A09-49C8-B931-769239E4617C}C:\users\админ\appdata\local\programs\com.itorrent.torrent-client\itorrent - torrent client.exe] => (Block) C:\users\админ\appdata\local\programs\com.itorrent.torrent-client\itorrent - torrent client.exe => Нет файла
FirewallRules: [UDP Query User{FC879D11-0D58-4637-B138-370E705365E9}C:\users\админ\appdata\local\programs\com.itorrent.torrent-client\itorrent - torrent client.exe] => (Block) C:\users\админ\appdata\local\programs\com.itorrent.torrent-client\itorrent - torrent client.exe => Нет файла
FirewallRules: [TCP Query User{631B6BC2-2DEC-4915-818B-F5A902A44AAF}E:\games\dishonored definintive edition\binaries\win32\dishonored.exe] => (Block) E:\games\dishonored definintive edition\binaries\win32\dishonored.exe => Нет файла
FirewallRules: [UDP Query User{31DECECC-9EC6-4520-8B2A-14624E1FE2FE}E:\games\dishonored definintive edition\binaries\win32\dishonored.exe] => (Block) E:\games\dishonored definintive edition\binaries\win32\dishonored.exe => Нет файла
FirewallRules: [TCP Query User{A42081E3-C005-4C2B-BA0D-E92F2DAC77E6}E:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) E:\games\wolfenstein the new order\wolfneworder_x64.exe => Нет файла
FirewallRules: [UDP Query User{A84535BE-24DA-4767-ABCA-15B161D36C44}E:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) E:\games\wolfenstein the new order\wolfneworder_x64.exe => Нет файла
FirewallRules: [TCP Query User{5280F9D8-993B-4799-AF2A-7077701946C5}E:\games\call of duty modern warfare 3\iw5sp.exe] => (Block) E:\games\call of duty modern warfare 3\iw5sp.exe => Нет файла
FirewallRules: [UDP Query User{8FC16D9F-DB63-4821-97E1-EE1EF9CB40E3}E:\games\call of duty modern warfare 3\iw5sp.exe] => (Block) E:\games\call of duty modern warfare 3\iw5sp.exe => Нет файла
FirewallRules: [TCP Query User{5D7AF5B5-1698-44C0-9E97-DEB2A81EC68B}E:\games\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) E:\games\call of duty modern warfare remastered\h1_sp64_ship.exe => Нет файла
FirewallRules: [UDP Query User{8D50F9CD-4AF0-45BA-A418-AF45DF1B82E9}E:\games\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) E:\games\call of duty modern warfare remastered\h1_sp64_ship.exe => Нет файла
FirewallRules: [TCP Query User{C37C1002-0500-4B0C-AA0E-55C534E2C76D}E:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe] => (Block) E:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe => Нет файла
FirewallRules: [UDP Query User{4A81BF1C-4A8E-488D-9283-66501C5024D2}E:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe] => (Block) E:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe => Нет файла
FirewallRules: [TCP Query User{01662C6E-6827-48C7-9E80-CCAD354ECF47}E:\games\dead space\dead space.exe] => (Block) E:\games\dead space\dead space.exe => Нет файла
FirewallRules: [UDP Query User{0E3DBAFA-3991-47BF-9478-9C1ECBC936E7}E:\games\dead space\dead space.exe] => (Block) E:\games\dead space\dead space.exe => Нет файла
FirewallRules: [TCP Query User{8A242E63-9532-40E3-B576-0AFB65B3D83E}E:\games\quantum break\dx11\quantumbreak.exe] => (Block) E:\games\quantum break\dx11\quantumbreak.exe => Нет файла
FirewallRules: [UDP Query User{13615E43-D900-4E90-A3DA-1A5DF32FE0D0}E:\games\quantum break\dx11\quantumbreak.exe] => (Block) E:\games\quantum break\dx11\quantumbreak.exe => Нет файла
FirewallRules: [TCP Query User{1340C337-8CCC-4123-8D65-41A1CBEAE5DF}E:\games\crysis remastered\bin64\crysisremastered.exe] => (Block) E:\games\crysis remastered\bin64\crysisremastered.exe => Нет файла
FirewallRules: [UDP Query User{A1D200EA-5F7C-4D91-B9E4-5C036DEE271D}E:\games\crysis remastered\bin64\crysisremastered.exe] => (Block) E:\games\crysis remastered\bin64\crysisremastered.exe => Нет файла
FirewallRules: [TCP Query User{80205842-1FA6-42DA-930A-3D84A63B5423}E:\games\crysis 2  maximum edition\bin32\crysis2.exe] => (Block) E:\games\crysis 2  maximum edition\bin32\crysis2.exe => Нет файла
FirewallRules: [UDP Query User{C5CD5C83-DBEE-4312-B84A-B7B63797A26C}E:\games\crysis 2  maximum edition\bin32\crysis2.exe] => (Block) E:\games\crysis 2  maximum edition\bin32\crysis2.exe => Нет файла
FirewallRules: [TCP Query User{E673376E-56E3-418D-9FCC-4AC22212F451}E:\games\warhammer 40k space marine\spacemarine.exe] => (Block) E:\games\warhammer 40k space marine\spacemarine.exe => Нет файла
FirewallRules: [UDP Query User{FBB29AF1-4F16-4902-A797-1D3D74561681}E:\games\warhammer 40k space marine\spacemarine.exe] => (Block) E:\games\warhammer 40k space marine\spacemarine.exe => Нет файла
FirewallRules: [TCP Query User{F598192D-324F-4CA5-89BD-C9E7B12ED9FA}E:\games\halo the master chief collection halo combat evolved anniversary\mcc\binaries\win64\mcc-win64-shipping.exe] => (Block) E:\games\halo the master chief collection halo combat evolved anniversary\mcc\binaries\win64\mcc-win64-shipping.exe => Нет файла
FirewallRules: [UDP Query User{753B1E08-08B5-48B0-92B4-539B5CF941A8}E:\games\halo the master chief collection halo combat evolved anniversary\mcc\binaries\win64\mcc-win64-shipping.exe] => (Block) E:\games\halo the master chief collection halo combat evolved anniversary\mcc\binaries\win64\mcc-win64-shipping.exe => Нет файла
FirewallRules: [TCP Query User{44252A4B-2F2F-429F-88FC-47C8D35C537F}E:\games\left 4 dead 2\left4dead2.exe] => (Block) E:\games\left 4 dead 2\left4dead2.exe => Нет файла
FirewallRules: [UDP Query User{585CA298-4858-4880-935D-ECF876787036}E:\games\left 4 dead 2\left4dead2.exe] => (Block) E:\games\left 4 dead 2\left4dead2.exe => Нет файла
FirewallRules: [TCP Query User{35329294-BBE2-4A87-AA8A-2815BF8A6CCD}E:\games\garrys mod\gmod.exe] => (Block) E:\games\garrys mod\gmod.exe => Нет файла
FirewallRules: [UDP Query User{E0C511BE-38F7-4671-A3A8-73B77C5121E0}E:\games\garrys mod\gmod.exe] => (Block) E:\games\garrys mod\gmod.exe => Нет файла
FirewallRules: [TCP Query User{82BB0EAD-4969-461F-9FA8-D6EEF4FDB718}C:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Block) C:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe => Нет файла
FirewallRules: [UDP Query User{1DA60AC7-E7A6-4E28-90FF-02F8D6FB0BFA}C:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Block) C:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe => Нет файла
FirewallRules: [TCP Query User{17A524A3-2310-4E40-9EEC-DE2AB7C47882}E:\папка\fallout.76.tricentennial.edition\games\fallout76\fallout76.exe] => (Block) E:\папка\fallout.76.tricentennial.edition\games\fallout76\fallout76.exe => Нет файла
FirewallRules: [UDP Query User{3DA235F7-B644-4F81-BA78-454DCDFA65E3}E:\папка\fallout.76.tricentennial.edition\games\fallout76\fallout76.exe] => (Block) E:\папка\fallout.76.tricentennial.edition\games\fallout76\fallout76.exe => Нет файла
FirewallRules: [TCP Query User{B80D645A-EFB5-4E78-BCCB-34668501BE13}E:\games\assassin`s creed iii\ac3sp.exe] => (Block) E:\games\assassin`s creed iii\ac3sp.exe => Нет файла
FirewallRules: [UDP Query User{A2D95A3D-DBF6-4C20-9580-75FEDC56F6DB}E:\games\assassin`s creed iii\ac3sp.exe] => (Block) E:\games\assassin`s creed iii\ac3sp.exe => Нет файла
FirewallRules: [TCP Query User{78A7D42E-9C46-4879-B324-E14818B673FE}E:\папка\ready or not (2023)\ready or not\readyornot\binaries\win64\readyornotsteam-win64-shipping.exe] => (Block) E:\папка\ready or not (2023)\ready or not\readyornot\binaries\win64\readyornotsteam-win64-shipping.exe => Нет файла
FirewallRules: [UDP Query User{B46BC0EE-3573-4F66-8EA3-CE5468875037}E:\папка\ready or not (2023)\ready or not\readyornot\binaries\win64\readyornotsteam-win64-shipping.exe] => (Block) E:\папка\ready or not (2023)\ready or not\readyornot\binaries\win64\readyornotsteam-win64-shipping.exe => Нет файла
Reboot:
End::

2. Запустите Farbar Recovery Scan Tool от имени Администратора по правой кнопке мыши.
3. Нажмите один раз на кнопку Fix (Исправить) и подождите. Программа создаст лог-файл (Fixlog.txt). Пожалуйста, прикрепите его в следующем сообщении.

• Обратите внимание: будет выполнена перезагрузка компьютера.
  

 

[Rex-fdf654]

Fixlog.txt

[thyrex]

C:\Users\Админ\DiscordFix.exe https://www.virustotal.com/gui/file/b5efb88e2e6c154215b208e8d23092a0bdcffa93f98cdcdc1b16540dd4ab5c76

C:\Users\Админ\elevator.exe https://www.virustotal.com/gui/file/ee56928e8e1c7178c1cf6b688cc8dcbcae2692e96654cea5e179a70420520aee

 

Эти файлы удалите вручную. Смените все пароли.

 

Проблема решена?

[Rex-fdf654]

Проблема решена, благодарю.

[thyrex]

Загрузите SecurityCheck by glax24 & Severnyj и сохраните архив на Рабочем столе.

• Разархивируйте, запустите двойным щелчком мыши (если Вы используете Windows XP) или из меню по щелчку правой кнопки мыши Запустить от имени администратора (если Вы используете Windows Vista/7/8/10/11);
• Если увидите предупреждение от вашего фаервола относительно программы SecurityCheck, не блокируйте ее работу;
• Дождитесь окончания сканирования, откроется лог в Блокноте с именем SecurityCheck.txt;
• Если Вы закрыли Блокнот, то найти этот файл можно в корне системного диска в папке с именем SecurityCheck, например C:\SecurityCheck\SecurityCheck.txt;
• Прикрепите этот файл в своем следующем сообщении.

 

[Rex-fdf654]

  У меня возникли проблемы с загрузкой страницы. Дополнение:Я исправил эту проблему

 

Изменено 1 час назад пользователем Rex-fdf654

[Rex-fdf654]

SecurityCheck.txt