Скрытый майнер

[thyrex 1 468]

Выполните скрипт в AVZ из папки Autologger

begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
 then
  begin
   SearchRootkit(true, true);
   SetAVZGuardStatus(True);
  end;
QuarantineFile('C:\WINDOWS\Fonts\MultiHack.exe','');
 QuarantineFile('C:\Programdata\RealtekHD\taskhostw.exe','');
 QuarantineFile('C:\Users\HYPERPC\AppData\Roaming\WindowsApps\taskhost.exe','');
 QuarantineFile('C:\Programdata\WindowsTask\winlogon.exe','');
 QuarantineFile('C:\ProgramData\UuBdWvPhYJRUMoVB\YHkxGJi.wsf','');
 QuarantineFile('C:\Program Files (x86)\FIOIhwxDgWeVC\ZDLVMZo.dll','');
 QuarantineFile('C:\Program Files (x86)\nckTEZzRemtVffbHobR\IjbkxdW.dll','');
 QuarantineFile('C:\Program Files (x86)\rpqKkZxEWouU2\tfpjAvquyCxED.dll','');
 QuarantineFile('C:\Program Files (x86)\BDaKbhYEU\fjvuCE.dll','');
 DelBHO('{10921475-03CE-4E04-90CE-E2E7EF20C814}');
 DelBHO('{BD8F5962-662E-40B7-B0ED-3822C5459682}');
 QuarantineFile('C:\Program Files (x86)\aliyBIkXlIE\kpEKLG6zR.dll','');
 QuarantineFile('C:\ProgramData\RealtekHD\taskhostw.exe','');
 QuarantineFile('C:\Program Files\RDP Wrapper\rdpwrap.dll','');
 DeleteFile('C:\Program Files\RDP Wrapper\rdpwrap.dll','64');
 RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\TermService\Parameters','ServiceDll','x64');
 DeleteFile('C:\ProgramData\RealtekHD\taskhostw.exe','32');
 RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Realtek HD Audio','x32');
 DeleteFile('C:\Program Files (x86)\aliyBIkXlIE\kpEKLG6zR.dll','32');
 DeleteFile('C:\Program Files (x86)\BDaKbhYEU\fjvuCE.dll','64');
 DeleteFile('C:\Program Files (x86)\rpqKkZxEWouU2\tfpjAvquyCxED.dll','64');
 DeleteSchedulerTask('augsijBPpDWbmS');
 DeleteSchedulerTask('AnVDoMYPdlSYoXw2');
 DeleteFile('C:\Program Files (x86)\nckTEZzRemtVffbHobR\IjbkxdW.dll','64');
 DeleteFile('C:\Program Files (x86)\FIOIhwxDgWeVC\ZDLVMZo.dll','64');
 DeleteSchedulerTask('esgLguAvYAzBucUaRbN2');
 DeleteSchedulerTask('dudWmRhRoqsSawPzq2');
 DeleteSchedulerTask('kQPOAcCRavYRc2');
 DeleteFile('C:\ProgramData\UuBdWvPhYJRUMoVB\YHkxGJi.wsf','64');
 DeleteSchedulerTask('Microsoft\Windows\SMB\UninstallSMB1ClientTask');
 DeleteSchedulerTask('Microsoft\Windows\SMB\UninstallSMB1ServerTask');
 DeleteFile('C:\Programdata\WindowsTask\winlogon.exe','64');
 DeleteFile('C:\Users\HYPERPC\AppData\Roaming\WindowsApps\taskhost.exe','64');
 DeleteFile('C:\Programdata\RealtekHD\taskhostw.exe','64');
 DeleteSchedulerTask('MicrosoftUpdaters');
 DeleteSchedulerTask('Microsoft\Windows\Wininet\SystemC');
 DeleteSchedulerTask('Microsoft\Windows\Wininet\Cleaner');
 DeleteSchedulerTask('{B7CB193F-0A1B-A76F-9D90-9AE5E389687A}');
 DeleteSchedulerTask('{ED1C2A25-C92A-4CE5-9F31-5E4D781B2797}');
 DeleteFile('C:\WINDOWS\Fonts\MultiHack.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.

• Обратите внимание: будет выполнена перезагрузка компьютера.

Выполните скрипт в AVZ

begin
CreateQurantineArchive('c:\quarantine.zip');
end.

c:\quarantine.zip загрузите по ссылке https://virusinfo.info/upload_virus.php?tid=37678

Полученный после загрузки ответ сообщите здесь.

 

Пожалуйста, ЕЩЕ РАЗ запустите Autologger в ОБЫЧНОМ, а не безопасном, режиме; прикрепите к следующему сообщению НОВЫЕ логи.

[araama 0]

В безопасном режиме можно выполнять?

[thyrex 1 468]

Да, выполнять скрипт лечения в безопасном режиме, а собирать новые логи в обычном.

[araama 0]

Да, выполнять скрипт лечения в безопасном режиме, а собирать новые логи в обычном.

оба скрипта в безопасном, а логи в обычном?

[thyrex 1 468]

Уже и скрипт создания архива карантина можно пробовать в обычном режиме выполнять.

[araama 0]

При запуске скрипта пишет: Ошибка: Too many actual parameters в позиции 25:15

 

Сообщение от модератора Mark D. Pearlstone

Не нужно цитировать полностью сообщения.

[thyrex 1 468]

Выполнять скрипт нужно в AVZ из папки Autologger!

[araama 0]

Выполнять скрипт нужно в AVZ из папки Autologger!

Так я запустил, там начал на запуск скрипта, скопировал ваш и ошибка

Выполнять скрипт нужно в AVZ из папки Autologger!

Перепутал папки с авз. Все норм, запускаю скрипт

Выполнять скрипт нужно в AVZ из папки Autologger!

все сделал. отослал зип карантин. Результат загрузки просто ничего нету, не видно, пусто

Выполнять скрипт нужно в AVZ из папки Autologger!

При загрузке карантин.зип результат загрузки - там ничего тупо нету, пусто

Вот новые логи: 

Выполнять скрипт нужно в AVZ из папки Autologger!

Очистился майнер?

CollectionLog-2019.03.24-19.55.zip

[thyrex 1 468]

Скачайте Farbar Recovery Scan Tool и сохраните на Рабочем столе.

• Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.

1. Запустите программу двойным щелчком. Когда программа запустится, нажмите Yes для соглашения с предупреждением.

2. Убедитесь, что в окне Optional Scan отмечены List BCD, Driver MD5 и 90 Days Files.

3. Нажмите кнопку Scan.

4. После окончания сканирования будет создан отчет (FRST.txt) в той же папке, откуда была запущена программа.

5. Если программа была запущена в первый раз, также будет создан отчет (Addition.txt).

6. Файлы FRST.txt и Addition.txt заархивируйте (в один общий архив) и прикрепите к сообщению.

[araama 0]

Скачайте Farbar Recovery Scan Tool и сохраните на Рабочем столе.

• Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.

1. Запустите программу двойным щелчком. Когда программа запустится, нажмите Yes для соглашения с предупреждением.

2. Убедитесь, что в окне Optional Scan отмечены List BCD, Driver MD5 и 90 Days Files.

3. Нажмите кнопку Scan.

4. После окончания сканирования будет создан отчет (FRST.txt) в той же папке, откуда была запущена программа.

5. Если программа была запущена в первый раз, также будет создан отчет (Addition.txt).

6. Файлы FRST.txt и Addition.txt заархивируйте (в один общий архив) и прикрепите к сообщению.

 

Выполнять скрипт нужно в AVZ из папки Autologger!

Ну что

farbarscantool.rar

[thyrex 1 468]

YoutubeAdBlock

Игровой центр

Кнопка "Яндекс" на панели задач

Менеджер браузеров

удалите через Установку программ.

 

1. Выделите следующий код:

Start::
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [1] eav_trial_rus.exe
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [2] avast_free_antivirus_setup_online.exe
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [3] eis_trial_rus.exe
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [4] essf_trial_rus.exe
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [5] hitmanpro_x64.exe
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [6] ESETOnlineScanner_UKR.exe
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [7] ESETOnlineScanner_RUS.exe
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [8] HitmanPro.exe
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [9] 360TS_Setup_Mini.exe
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [10] Cezurity_Scanner_Pro_Free.exe
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\Policies\Explorer\DisallowRun: [11] Cube.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
OPR Extension: (Adblocker for Youtube™) - C:\Users\HYPERPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\beablbkeolnmmgfdbpccjbnheidinhbk [2019-03-19]
CHR HKLM-x32\...\Chrome\Extension: [bejnpnkhfgfkcpgikiinojlmdcjimobi] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [djgdgdcfmdkficbifbnaacknblbkhhoc] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3844265437-2012621594-884485659-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
S2 RManService; C:\Programdata\Windows\rutserv.exe [X]
S2 SpyHunter 4 Service; C:\Program Files\SpyHunter\SH4Service.exe [X]
2019-03-24 09:52 - 2019-03-24 09:52 - 000000000 ___DC C:\Users\HYPERPC\AppData\LocalLow\GEhHGYpyxLTaL
2019-03-19 21:49 - 2019-03-24 19:44 - 000000000 ____D C:\ProgramData\UuBdWvPhYJRUMoVB
2019-03-19 21:49 - 2019-03-24 19:44 - 000000000 ____D C:\Program Files (x86)\rpqKkZxEWouU2
2019-03-19 21:49 - 2019-03-24 19:44 - 000000000 ____D C:\Program Files (x86)\nckTEZzRemtVffbHobR
2019-03-19 21:49 - 2019-03-24 19:44 - 000000000 ____D C:\Program Files (x86)\FIOIhwxDgWeVC
2019-03-19 21:49 - 2019-03-24 19:44 - 000000000 ____D C:\Program Files (x86)\BDaKbhYEU
2019-03-19 21:49 - 2019-03-19 21:49 - 000000000 ___DC C:\Users\HYPERPC\AppData\Roaming\WinNc
2019-03-19 21:49 - 2019-03-19 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinNc
2019-03-19 21:49 - 2019-03-19 21:49 - 000000000 ____D C:\Program Files (x86)\mhShVMQuuTUn
2019-03-19 21:49 - 2019-03-19 21:49 - 000000000 ____D C:\Program Files (x86)\aliyBIkXlIE
2018-04-12 02:34 - 2018-04-12 02:34 - 000060416 ____N (Microsoft Corporation) C:\Program Files (x86)\iHFUuMexaCIa.exe
2017-09-29 16:42 - 2017-09-29 16:42 - 000174592 _____ (Microsoft Corporation) C:\Program Files (x86)\ISbOsijD.exe
2017-12-24 17:00 - 2017-09-29 16:42 - 000174592 _____ (Microsoft Corporation) C:\Program Files (x86)\iyOgTOAYeEauq.exe
2017-12-24 17:00 - 2017-09-29 16:42 - 000000066 _____ () C:\Program Files (x86)\Common Files\uoIq
2017-12-24 17:00 - 2017-09-29 16:42 - 000001138 ____C () C:\Users\HYPERPC\AppData\Roaming\IIxVAYwUfYyRi
2018-04-12 02:34 - 2018-04-12 02:34 - 000178688 ____C (Microsoft Corporation) C:\Users\HYPERPC\AppData\Roaming\OfUdoRImKeyE.exe
2019-01-08 16:15 - 2019-03-18 20:19 - 006387208 ____C () C:\Users\HYPERPC\AppData\Local\dump007.dat
2017-08-28 12:24 - 2017-08-28 12:28 - 000000303 ____C () C:\Users\HYPERPC\AppData\Local\expand.ini
2017-11-11 18:11 - 2017-11-11 18:23 - 000000081 ____C () C:\Users\HYPERPC\AppData\Local\FILM_AE_LogFile.txt
2018-12-17 14:48 - 2018-12-17 14:48 - 000000002 ____C () C:\Users\HYPERPC\AppData\Local\imw.ini
2019-03-19 21:49 - 2019-03-19 21:49 - 000000315 ____C () C:\Users\HYPERPC\AppData\Local\Temp\1006.exe
2019-03-24 09:06 - 2019-03-24 09:06 - 000187712 ____C () C:\Users\HYPERPC\AppData\Local\Temp\downloader.exe
2019-01-31 16:12 - 2019-03-24 19:20 - 000000000 ___DC () C:\Users\HYPERPC\AppData\Local\Temp\Steam64.dll
2019-03-19 21:49 - 2019-03-19 21:49 - 012717120 ____C (Dunes MultiMedia ) C:\Users\HYPERPC\AppData\Local\Temp\WinNc.exe
2019-03-19 21:48 - 2019-03-19 21:48 - 000451721 ____C (ZRFXRD ) C:\Users\HYPERPC\AppData\Local\Temp\xelPi.exe
ContextMenuHandlers1-x32: [duba_32bit] -> {D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4} => d:\ksafe\ksoft\kingsoft antivirus\kavmenu.dll -> No File
ContextMenuHandlers1: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => d:\ksafe\ksoft\kingsoft antivirus\kavmenu64.dll -> No File
ContextMenuHandlers2-x32: [duba_32bit] -> {D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4} => d:\ksafe\ksoft\kingsoft antivirus\kavmenu.dll -> No File
ContextMenuHandlers2: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => d:\ksafe\ksoft\kingsoft antivirus\kavmenu64.dll -> No File
ContextMenuHandlers4-x32: [duba_32bit] -> {D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4} => d:\ksafe\ksoft\kingsoft antivirus\kavmenu.dll -> No File
ContextMenuHandlers4: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => d:\ksafe\ksoft\kingsoft antivirus\kavmenu64.dll -> No File
Task: {DE83D3E4-EEB5-46B9-9FD4-A98CA69F81BD} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`bfjhinhqhifh [0]
AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\Все пользователи\Reprise:jhqduwvxlctbqqijsf`usjbm`bfjhinhqhifh [0]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\21523399.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\78977897.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\21523399.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\78977897.sys => ""="Driver"
HKLM\...\StartupApproved\Run32: => "kxesc"
HKLM\...\StartupApproved\Run32: => "Realtek HD Audio"
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\StartupApproved\Run: => "FUQCAITOTK.exe"
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\StartupApproved\Run: => "lf1ZZFyBCndG.exe"
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\StartupApproved\Run: => "93vnOEMX33.exe"
HKU\S-1-5-21-3844265437-2012621594-884485659-1001\...\StartupApproved\Run: => "ZSHmw31rtx.exe"
FirewallRules: [UDP Query User{8697362F-F2C6-421A-B6F8-689057B4C1ED}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44494.exe No File
FirewallRules: [TCP Query User{767F0243-266B-4D2B-BA33-937B7BB572F9}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44494.exe No File
FirewallRules: [{D4E3164C-E722-44E1-B294-B87F88EF1318}] => (Allow) C:\Users\HYPERPC\AppData\Local\Programs\Opera\53.0.2907.68\opera.exe No File
FirewallRules: [UDP Query User{E70CE5EB-AAF2-496D-95E4-DCCD7C7F5736}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44494.exe No File
FirewallRules: [TCP Query User{CCDA21C4-F84C-46EE-A3A7-1FC5FABF6854}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44494.exe No File
FirewallRules: [{9FC9DEAE-1AEF-4351-BCD3-0641EDFD4E79}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{F45A83B3-A4EE-4C9E-8251-DF8C6A345C85}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [UDP Query User{F87CA035-5445-49E2-A7FB-4A0700951C8F}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe No File
FirewallRules: [TCP Query User{141FA0B9-6A61-4536-A2A4-7CBA7FCCF4E4}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe No File
FirewallRules: [UDP Query User{A66B51E8-F783-47D3-BCE3-A56B44B09FB4}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44396.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44396.exe No File
FirewallRules: [TCP Query User{0D83592C-19DF-4FB5-8D8E-E18AED6FE686}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44396.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44396.exe No File
FirewallRules: [{136CE4C2-D48E-4ABF-AB4A-186610C7B3F3}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{55890CE2-E05E-4171-A430-35B28A412FD3}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [UDP Query User{70BBC6BE-3CC2-4CC3-8ABA-BF66C1AA3DE2}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44396.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44396.exe No File
FirewallRules: [TCP Query User{2023D5CD-AC50-47AD-828B-236B30147935}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44396.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44396.exe No File
FirewallRules: [UDP Query User{D251489C-696E-468B-A320-7242790C2A54}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44358.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44358.exe No File
FirewallRules: [TCP Query User{5270ECC7-3B65-4A8D-A944-675FD7800A12}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44358.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.3_44358.exe No File
FirewallRules: [{7BFCE38B-A686-40B6-A88F-3337221ABACE}] => (Allow) C:\Users\HYPERPC\AppData\Local\Programs\Opera\51.0.2830.59\opera.exe No File
FirewallRules: [UDP Query User{A22D7F8B-191F-4F87-B3B2-548D75709AD0}D:\vegas pro 14\vegas140.exe] => (Allow) D:\vegas pro 14\vegas140.exe No File
FirewallRules: [TCP Query User{FCECED14-418B-40E1-B468-0B8D7108ABDD}D:\vegas pro 14\vegas140.exe] => (Allow) D:\vegas pro 14\vegas140.exe No File
FirewallRules: [UDP Query User{EC5FE05E-D2EB-45C2-9E5D-0E9D34FA63CB}D:\с+++++\common7\ide\devenv.exe] => (Allow) D:\с+++++\common7\ide\devenv.exe No File
FirewallRules: [TCP Query User{4B4A448D-5A75-47E2-8E0F-92AB92DAD6F9}D:\с+++++\common7\ide\devenv.exe] => (Allow) D:\с+++++\common7\ide\devenv.exe No File
FirewallRules: [{E885CB41-CF92-40AF-8767-4C5D1CF07F69}] => (Allow) D:\1\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{0B788970-D3A9-4872-96B4-532DA2F29F68}] => (Allow) D:\1\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{1DBBB2DE-6CAD-42B4-8536-793D46DC6161}] => (Allow) D:\1\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{F67B6CAE-0D99-42EA-85E7-BAE4F3FEBABC}] => (Allow) D:\1\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{83A371A7-E9BD-4562-A1D3-62A99F5A47D4}] => (Allow) D:\1\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [{5BBF703B-6FBF-4CEB-AA47-BC57B6C15B99}] => (Allow) D:\1\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [{4B93B94F-35C4-4514-AE92-1C9BAA488D18}] => (Allow) D:\1\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{CA7EFE85-BDA2-4324-9722-ACB96039016A}] => (Allow) D:\1\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{5C3C8C0E-9B2C-4FCA-A43B-92AE6E5AB9F8}] => (Allow) D:\1\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe No File
FirewallRules: [{42EA2DEA-C51A-4B0D-8674-B65AA905A5CC}] => (Allow) D:\1\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe No File
FirewallRules: [{F634EDDB-F24A-4409-9383-53141FEE548A}] => (Allow) D:\1\steamapps\common\Magicka\Magicka.exe No File
FirewallRules: [{18BD0DB9-F63C-4EFF-B9CD-BB9E3D1C9361}] => (Allow) D:\1\steamapps\common\Magicka\Magicka.exe No File
FirewallRules: [{FB5158D7-C86B-43B6-8EBB-4F3763079D9D}] => (Allow) C:\Users\HYPERPC\AppData\Local\Recovery\msiexec64.exe No File
FirewallRules: [{B5F10DC6-4F4F-49D6-85AC-83FDC89C99D2}] => (Allow) C:\Users\HYPERPC\AppData\Local\pBLBnmNd.exe No File
FirewallRules: [UDP Query User{D80471DD-075D-4B5D-AFE0-527658993845}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe No File
FirewallRules: [TCP Query User{41A96E0A-4F84-4536-AFED-F82184155F80}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe No File
FirewallRules: [{DED28667-916F-4A2C-A500-6516FFE33B47}] => (Allow) D:\1\steamapps\common\GarrysMod\hl2.exe No File
FirewallRules: [{51A75695-8181-4F8E-B7E5-5DD11361DC49}] => (Allow) D:\1\steamapps\common\GarrysMod\hl2.exe No File
FirewallRules: [UDP Query User{BB6BD743-0F53-4A38-BA62-20CB7436815A}D:\titanfall 2\titanfall2.exe] => (Allow) D:\titanfall 2\titanfall2.exe No File
FirewallRules: [TCP Query User{99216F6A-1CA9-4786-A6A3-75F47EB150D8}D:\titanfall 2\titanfall2.exe] => (Allow) D:\titanfall 2\titanfall2.exe No File
FirewallRules: [{0DEF8DE3-4981-45B7-B2CF-EC30CF811820}] => (Allow) C:\Users\HYPERPC\AppData\Local\Recovery\msiexec64.exe No File
FirewallRules: [{E0613B6B-248A-4990-8CCF-B4D05D4C0B60}] => (Allow) C:\Users\HYPERPC\AppData\Local\Recovery\msiexec64.exe No File
FirewallRules: [{451C1FC7-8F96-44A9-BD43-D7A83DE6D351}] => (Allow) C:\Users\HYPERPC\AppData\Local\Recovery\msiexec64.exe No File
FirewallRules: [{CDD975E4-525B-47AA-A506-7109C35FC0BB}] => (Allow) D:\1\steamapps\common\F13Game\EAC_Launcher.exe No File
FirewallRules: [{AE4E72EA-71BF-464A-8F99-B1ED2BAFF828}] => (Allow) D:\1\steamapps\common\F13Game\EAC_Launcher.exe No File
FirewallRules: [{297FE609-00D0-4236-9028-1D3CDCD036DC}] => (Allow) D:\1\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{FE96D74B-F731-4FA1-B2E4-3F2039F98CE1}] => (Allow) D:\1\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{2C5BA716-5865-4800-885C-8345270A62E4}] => (Allow) C:\Users\HYPERPC\AppData\Local\Recovery\msiexec64.exe No File
FirewallRules: [{647A7C2F-7234-4735-8A6C-DD73BD0A6B1E}] => (Allow) D:\1\steamapps\common\Magicka 2\engine\Magicka2.exe No File
FirewallRules: [{C25EF139-2AEA-4B15-85AF-46BCE08738BA}] => (Allow) D:\1\steamapps\common\Magicka 2\engine\Magicka2.exe No File
FirewallRules: [UDP Query User{8B572157-4E2E-4CE7-8B5A-BF3FC27F70B3}D:\1\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\1\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe No File
FirewallRules: [TCP Query User{7AF4CC2F-7845-4263-B41A-B5F31991B56F}D:\1\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\1\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe No File
FirewallRules: [{BEB6FBF2-7D14-4886-968C-2100C4458FFF}] => (Allow) D:\1\steamapps\common\Dead by Daylight\DeadByDaylight.exe No File
FirewallRules: [{D62C0152-9487-4E5C-88DC-10FEFADB1DD6}] => (Allow) D:\1\steamapps\common\Dead by Daylight\DeadByDaylight.exe No File
FirewallRules: [{85D00BDF-FA35-4A1B-AFA1-CEC7B3DE6E29}] => (Allow) D:\1\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{25BB04C1-27AE-4913-8569-18B289EF6794}] => (Allow) D:\1\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{2BDB484D-62C2-44AF-B4E8-EC4C17351556}] => (Allow) D:\1\Steam.exe No File
FirewallRules: [{F59D42C7-C150-43B9-9782-3E41152DCEBF}] => (Allow) D:\1\Steam.exe No File
FirewallRules: [{4201EF81-E8EE-4B01-A02C-D1BD8B640D90}] => (Allow) C:\Users\HYPERPC\AppData\Local\Recovery\msiexec64.exe No File
FirewallRules: [{D3C3228E-57AD-446C-BFED-FAD0C3546082}] => (Allow) C:\Users\HYPERPC\AppData\Local\Recovery\msiexec64.exe No File
FirewallRules: [UDP Query User{1646F08A-1E3A-4EB0-B108-A9B1AE710FAA}D:\games\battlecarnival\live\bin\release\bc.exe] => (Allow) D:\games\battlecarnival\live\bin\release\bc.exe No File
FirewallRules: [TCP Query User{7E1CC7A6-264E-46B5-B017-3B4A1CC5303F}D:\games\battlecarnival\live\bin\release\bc.exe] => (Allow) D:\games\battlecarnival\live\bin\release\bc.exe No File
FirewallRules: [UDP Query User{1C5D8C7C-7AFC-4D28-AAE9-4D618F04A71F}C:\program files (x86)\tencent\qqlive\qqliveservice.exe] => (Block) C:\program files (x86)\tencent\qqlive\qqliveservice.exe No File
FirewallRules: [TCP Query User{AE87EF4E-659D-4719-8F55-2841453C545A}C:\program files (x86)\tencent\qqlive\qqliveservice.exe] => (Block) C:\program files (x86)\tencent\qqlive\qqliveservice.exe No File
FirewallRules: [{8FE81668-7C0F-4C3D-AAFB-0C68ACB2BEDA}] => (Allow) D:\steam\steamapps\common\Modern Combat Versus\Game\ModernCombatVersus.exe No File
FirewallRules: [{D0D42C73-C5F5-4773-BEFA-A4A388CAF31C}] => (Allow) D:\steam\steamapps\common\Modern Combat Versus\Game\ModernCombatVersus.exe No File
FirewallRules: [UDP Query User{C6AB27C9-D6EE-4183-A3C0-FA9410753F08}C:\program files (x86)\tencent\qqlive\qqlive.exe] => (Block) C:\program files (x86)\tencent\qqlive\qqlive.exe No File
FirewallRules: [TCP Query User{4780D502-810B-4D26-A844-08A8D42C24F5}C:\program files (x86)\tencent\qqlive\qqlive.exe] => (Block) C:\program files (x86)\tencent\qqlive\qqlive.exe No File
FirewallRules: [{E81E703F-3675-415B-9E15-ECD954E959DD}] => (Allow) C:\Users\HYPERPC\AppData\Local\Temp\Statistics.exe No File
FirewallRules: [{F2E41078-2344-4AD0-B190-B2337FB7678E}] => (Allow) C:\Users\HYPERPC\AppData\Local\Temp\Statistics.exe No File
FirewallRules: [UDP Query User{F2F86A69-7CB3-413B-A96A-04471048A995}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe No File
FirewallRules: [TCP Query User{5211EE00-5434-4C29-88D7-DB862FAF6727}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe No File
FirewallRules: [{36C36774-98E7-47FB-9681-A3B90A0A9448}] => (Allow) D:\steam\steamapps\common\Team Fortress 2\hl2.exe No File
FirewallRules: [{02876E8D-9428-4BA5-8098-C7442738557B}] => (Allow) D:\steam\steamapps\common\Team Fortress 2\hl2.exe No File
FirewallRules: [{5AFA0338-4118-4A2C-983D-955A635A7019}] => (Allow) D:\steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe No File
FirewallRules: [{E9423D54-04E9-4806-ADEB-4B8AD558D9FA}] => (Allow) D:\steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe No File
FirewallRules: [{DD95A42E-AB3A-4386-8E6B-3FA938D2271B}] => (Allow) C:\Users\HYPERPC\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\PlayCombatarms.exe No File
FirewallRules: [{1DF0D3F9-825C-4F67-8D39-FC322A5D30E2}] => (Allow) C:\Users\HYPERPC\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\PlayCombatarms.exe No File
FirewallRules: [{D495B2E0-97ED-4173-8D0D-0C745FF26343}] => (Allow) D:\Games\CombatArms\live\NMService.exe No File
FirewallRules: [{DBE66C0B-CC73-4A9E-8B27-9E96E4099243}] => (Allow) D:\Games\CombatArms\live\NMService.exe No File
FirewallRules: [UDP Query User{C9614EB8-F9BB-4E24-AC60-E97534E12AA5}C:\users\hyperpc\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Allow) C:\users\hyperpc\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe No File
FirewallRules: [TCP Query User{02DB5E6D-2973-4063-A9CD-E8469C1A8B5C}C:\users\hyperpc\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Allow) C:\users\hyperpc\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe No File
FirewallRules: [{01E3412C-BB37-4B04-B0CD-B4FE28185FD0}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{D28A6DD4-F688-41C6-832B-1227461E761D}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{61221963-C9B2-4B74-A91D-CAE9F803F670}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
FirewallRules: [{E7F38C3A-C239-423C-BCDE-598EFE6ED6F6}] => (Allow) D:\Steam\steamapps\common\MultiplayerFPSTutorialDemo\MultiplayerFPSDemo_OpenWorld.exe No File
FirewallRules: [{40E7CA54-928A-401F-9056-1BA9670B4F15}] => (Allow) D:\Steam\steamapps\common\MultiplayerFPSTutorialDemo\MultiplayerFPSDemo_OpenWorld.exe No File
FirewallRules: [{EF749CE4-0BB7-4AF5-A43D-7A71D889624E}] => (Allow) D:\Steam\steamapps\common\MultiplayerFPSTutorialDemo\MultiplayerFPSDemo_KinoDerTotenMap.exe No File
FirewallRules: [{8AFF8793-08F2-4B98-AF02-CF2400B4B626}] => (Allow) D:\Steam\steamapps\common\MultiplayerFPSTutorialDemo\MultiplayerFPSDemo_KinoDerTotenMap.exe No File
FirewallRules: [{538AEF97-9F16-4C9C-9A31-ED0ED7474C4B}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe No File
FirewallRules: [{BA774569-B2B1-4933-92EC-86B50DB0810D}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe No File
FirewallRules: [{8065A2DF-E6F0-49FD-ADB5-8289DF4CD9C2}] => (Allow) D:\Steam\steamapps\common\Portal\hl2.exe No File
FirewallRules: [{9C3FEE2E-0232-4DC5-97C6-0FB67C99B1DB}] => (Allow) D:\Steam\steamapps\common\Portal\hl2.exe No File
FirewallRules: [{0EA14765-9D8F-4AE3-B43B-FF38EAA7C6CF}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File
FirewallRules: [{5672CC56-1725-46A1-8A92-5017428EDE16}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File
FirewallRules: [UDP Query User{CB87EF38-46FB-4653-89D7-3858BE417285}C:\program files (x86)\java\jre1.8.0_144\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\java.exe No File
FirewallRules: [TCP Query User{6C5A1129-7847-4FE9-B92D-45FFF9B290C0}C:\program files (x86)\java\jre1.8.0_144\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\java.exe No File
FirewallRules: [{248B36F6-2793-4400-AE79-933FDBDA3DC8}] => (Allow) D:\PlayCombatarms.exe No File
FirewallRules: [{B45FFD7E-1B54-4AE1-B2A9-2AD1084BF9DC}] => (Allow) D:\PlayCombatarms.exe No File
FirewallRules: [{48EE5868-66D9-40A5-96C6-FBEE396B5C2F}] => (Allow) D:\Steam\steamapps\common\Mad Muzzles\win64\nw.exe No File
FirewallRules: [{0069387F-979A-4906-9547-6DF2A0CCE6D5}] => (Allow) D:\Steam\steamapps\common\Mad Muzzles\win64\nw.exe No File
FirewallRules: [UDP Query User{8759596D-2A27-4066-BE78-450B979E2DA2}C:\users\hyperpc\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Allow) C:\users\hyperpc\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe No File
FirewallRules: [TCP Query User{412BC273-CF76-49AF-9D44-0DA6A234114D}C:\users\hyperpc\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Allow) C:\users\hyperpc\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe No File
FirewallRules: [UDP Query User{CFC3A6AA-C2B9-4A4E-AB13-2FE40F38CC37}C:\users\hyperpc\appdata\local\orbitum\application\orbitumupdater\orbitumupdater.exe] => (Block) C:\users\hyperpc\appdata\local\orbitum\application\orbitumupdater\orbitumupdater.exe No File
FirewallRules: [TCP Query User{B370AB6C-347E-4362-B967-07706E0DCB4E}C:\users\hyperpc\appdata\local\orbitum\application\orbitumupdater\orbitumupdater.exe] => (Block) C:\users\hyperpc\appdata\local\orbitum\application\orbitumupdater\orbitumupdater.exe No File
FirewallRules: [UDP Query User{DB104139-D35D-45F8-AEED-8394DEA461A5}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe No File
FirewallRules: [TCP Query User{1E183A9C-328A-4076-A4BB-B29976946416}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe No File
FirewallRules: [{327598D5-DE68-4D57-8553-E09B5FF3B4B6}] => (Allow) D:\survarium\Survarium\game\binaries\x86\survarium-2.exe No File
FirewallRules: [{9FBB924D-C1AC-4520-A34F-A4C4DC141A78}] => (Allow) D:\survarium\Survarium\game\binaries\x86\survarium-2.exe No File
FirewallRules: [{211D6DD1-FF00-4FD6-BA44-73776117AE93}] => (Allow) D:\survarium\Survarium\game\binaries\x86\survarium.exe No File
FirewallRules: [{BF4B64EA-CE05-4FBB-A022-730D2082B60D}] => (Allow) D:\survarium\Survarium\game\binaries\x86\survarium.exe No File
FirewallRules: [{6FE866CC-4E3B-46F5-A849-D6DF8008E098}] => (Allow) D:\survarium\Survarium\temp\survarium_updater.exe No File
FirewallRules: [{0B5B3F4A-411C-4962-99B8-5F5F1DE3BE92}] => (Allow) D:\survarium\Survarium\temp\survarium_updater.exe No File
FirewallRules: [{208F5A6A-CA6E-476F-BEF6-0E39407EB3DC}] => (Allow) D:\survarium\Survarium\temp\survarium_updater.exe No File
FirewallRules: [{6CE2FCC6-20D8-4298-ABBC-1623FFE89A01}] => (Allow) D:\survarium\Survarium\temp\survarium_updater.exe No File
FirewallRules: [{EA17C663-217C-4F38-906D-439AF8A8D5E6}] => (Allow) D:\survarium\Survarium\temp\survarium_launcher.exe No File
FirewallRules: [{B58A9776-AA37-4227-A9EA-41055953FA35}] => (Allow) C:\Users\HYPERPC\Desktop\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5D1DA1A9-3C47-4D0B-83B8-6D2FC78D1C4C}] => (Allow) C:\Users\HYPERPC\Desktop\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{9B2D7C02-CE1A-47C1-8C81-CEBBE1164743}] => (Allow) C:\Users\HYPERPC\Desktop\Steam.exe No File
FirewallRules: [{123CCC40-1551-4670-A9FB-199B9B141083}] => (Allow) C:\Users\HYPERPC\Desktop\Steam.exe No File
FirewallRules: [UDP Query User{151F7066-8481-497D-824F-12F99844A00D}D:\ste\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\ste\steam\steamapps\common\counter-strike global offensive\csgo.exe No File
FirewallRules: [TCP Query User{A7827FAE-26C6-4D61-95DA-AA5DE336452C}D:\ste\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\ste\steam\steamapps\common\counter-strike global offensive\csgo.exe No File
FirewallRules: [{D635CFC8-FE3D-45D2-99C0-ADB77C1B4806}] => (Allow) D:\STE\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{BFD07B00-7F21-4970-8134-11AB76D9BA63}] => (Allow) D:\STE\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A9385603-865C-4E09-9D6D-057D96306753}] => (Allow) D:\STE\Steam\Steam.exe No File
FirewallRules: [{45F33AF4-83E8-4C3E-804F-C4497C17D2A2}] => (Allow) D:\STE\Steam\Steam.exe No File
FirewallRules: [UDP Query User{9BA6A77A-5F3C-4436-AE5A-A5A43259BD57}D:\ste\steam\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\ste\steam\steamapps\common\garrysmod\hl2.exe No File
FirewallRules: [TCP Query User{4F195B05-7C84-4828-88AD-44D7FE924B1B}D:\ste\steam\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\ste\steam\steamapps\common\garrysmod\hl2.exe No File
FirewallRules: [{6ECB5438-9B95-41D4-9B9B-A476C7F46A78}] => (Allow) D:\Steam1\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe No File
FirewallRules: [{B7E6EF3C-6FB7-4807-A6CC-A560A693C70E}] => (Allow) D:\Steam1\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe No File
FirewallRules: [{9913F57A-3F27-444D-8D77-F87B7280BD30}] => (Allow) D:\Steam1\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe No File
FirewallRules: [{53F40591-5052-46DE-A639-E4C987D56144}] => (Allow) D:\Steam1\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe No File
FirewallRules: [{FC7C7978-0599-4B24-8AEA-FB0D02672C37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TAP TOUCH RUN\win64\nw.exe No File
FirewallRules: [{4C684F56-2978-45E7-8371-CAD40E12FF40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TAP TOUCH RUN\win64\nw.exe No File
FirewallRules: [{EC89D36D-1D0C-4884-85C0-2F1D2F39E5D0}] => (Allow) D:\Program Files (x86)\GSC World Publishing\С.Т.А.Л.К.Е.Р. - Чистое Небо\bin\xrEngine.exe No File
FirewallRules: [{8347316C-C56C-4BF4-8F21-078E4D3C6E37}] => (Allow) D:\Program Files (x86)\GSC World Publishing\С.Т.А.Л.К.Е.Р. - Чистое Небо\bin\xrEngine.exe No File
FirewallRules: [{0B8F4352-1EBE-4F04-8042-BC0BD51FC513}] => (Allow) D:\Program Files (x86)\GSC World Publishing\С.Т.А.Л.К.Е.Р. - Чистое Небо\bin\dedicated\xrEngine.exe No File
FirewallRules: [{14717008-ADBB-42BF-A236-E5E163F7E03A}] => (Allow) D:\Program Files (x86)\GSC World Publishing\С.Т.А.Л.К.Е.Р. - Чистое Небо\bin\dedicated\xrEngine.exe No File
FirewallRules: [{C908E73A-8574-499E-8780-B3411BC32ED4}] => (Allow) C:\Users\HYPERPC\Downloads\PlayCombatarms.exe No File
FirewallRules: [{77EB1BA2-4A93-419D-BE04-38DDEDB67632}] => (Allow) C:\Users\HYPERPC\Downloads\PlayCombatarms.exe No File
FirewallRules: [{94E6EE64-7279-4968-9787-193BD5D98964}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{4E9A3B71-A55E-4498-86EF-8CDA7333A563}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{8D05495E-875B-41B2-99E5-D961087910AA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0764B92F-4498-43C2-BADD-2ED0638DDDDE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0E5F6DD8-9601-4F33-9507-2E0BE8DE2BD3}] => (Allow) D:\Games\CombatArms\live\NMService.exe No File
FirewallRules: [{6A419DD0-B943-4F70-9A60-62D4054327FF}] => (Allow) D:\Games\CombatArms\live\NMService.exe No File
FirewallRules: [{B8C9AFE6-486D-4A72-A110-974381E694E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File
FirewallRules: [{63F55866-A780-49CB-BA0D-25F246ECD6A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File
FirewallRules: [{830CB601-B5CA-4A6C-83A8-93BBA9B13BBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe No File
FirewallRules: [{D94157FA-D8AE-4F93-8814-5C1AE03CAEC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe No File
FirewallRules: [{6D85635C-78B5-4E49-97FF-59CB1DB07139}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe No File
FirewallRules: [{C23C62DF-E3AF-4FF9-BBAA-510A225E9796}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe No File
FirewallRules: [{C24ED725-5F02-4921-BCF0-E6EFFB96E0C1}] => (Allow) C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Зов Припяти\bin\xrEngine.exe No File
FirewallRules: [{BAFC75B4-C8B7-42EA-9EAC-761680D3AE24}] => (Allow) C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Зов Припяти\bin\xrEngine.exe No File
FirewallRules: [{85206555-EA2A-4CA0-BA16-26B29566DEEF}] => (Allow) C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Зов Припяти\bin\dedicated\xrEngine.exe No File
FirewallRules: [{0490BF61-AB7C-484C-AAEF-952ABC9EB29B}] => (Allow) C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Зов Припяти\bin\dedicated\xrEngine.exe No File
FirewallRules: [TCP Query User{ADAA2EB1-D8A4-4473-9EE6-2814D0978451}D:\world ntanks\wotlauncher.exe] => (Allow) D:\world ntanks\wotlauncher.exe No File
FirewallRules: [UDP Query User{E2A29311-0E2E-4506-A564-8D36E8961D72}D:\world ntanks\wotlauncher.exe] => (Allow) D:\world ntanks\wotlauncher.exe No File
FirewallRules: [{15DD6BBA-9CE9-4E53-9D9E-8E409A520FC3}] => (Allow) D:\Steam\steamapps\common\Monaco\MONACO.exe No File
FirewallRules: [{434DECFB-F902-4FC1-800F-2B3478CC2D2E}] => (Allow) D:\Steam\steamapps\common\Monaco\MONACO.exe No File
FirewallRules: [TCP Query User{337980F5-E575-408A-A88A-15B072B5597F}D:\world ntanks\worldoftanks.exe] => (Allow) D:\world ntanks\worldoftanks.exe No File
FirewallRules: [UDP Query User{C320D47A-E129-4896-A0BF-41A53260AB57}D:\world ntanks\worldoftanks.exe] => (Allow) D:\world ntanks\worldoftanks.exe No File
FirewallRules: [{DAA42A75-802F-462E-BE36-E2E4F5184D02}] => (Allow) D:\FlashIntegro\VideoEditor\VideoEditor.exe No File
FirewallRules: [{9082675C-04D4-47F8-8997-0D672FEB06E2}] => (Allow) D:\FlashIntegro\VideoEditor\VideoEditor.exe No File
FirewallRules: [{4E55D0E3-9512-4219-8394-6078177E2022}] => (Allow) D:\FlashIntegro\VideoEditor\Activation.exe No File
FirewallRules: [{5626EE18-D873-422E-891C-AA730DCD5E0A}] => (Allow) D:\FlashIntegro\VideoEditor\Activation.exe No File
FirewallRules: [{4A8E0648-4E43-4494-970F-72F67C5A3C73}] => (Allow) D:\FlashIntegro\VideoEditor\Updater.exe No File
FirewallRules: [{53D1F63C-E6B8-4DAB-8A42-D2623849BA9F}] => (Allow) D:\FlashIntegro\VideoEditor\Updater.exe No File
FirewallRules: [TCP Query User{432E2A8E-6151-422F-81E2-02187EBCAA26}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe No File
FirewallRules: [UDP Query User{0A57C42D-5017-4975-92DE-11331984DA43}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe No File
FirewallRules: [{144E05E1-A8DC-4502-891C-75C873F967E6}] => (Allow) D:\Steam\steamapps\common\MultiplayerFPSTutorialDemo\MultiplayerFPSDemo.exe No File
FirewallRules: [{B09636E8-3891-4638-AFD4-61C72A80CAF4}] => (Allow) D:\Steam\steamapps\common\MultiplayerFPSTutorialDemo\MultiplayerFPSDemo.exe No File
FirewallRules: [{0381ACEB-F981-42F9-8AEC-D602ABDF9C56}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe No File
FirewallRules: [{3FD32115-4148-41CD-B8B2-3741A750C4F5}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe No File
FirewallRules: [{FCE763D0-6CB7-47EE-BE91-242B934E8D39}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe No File
FirewallRules: [{41198C10-BF56-4B7C-868B-B4A4A77CA5CB}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe No File
FirewallRules: [{6A4756B8-607C-47DA-AB47-8AD091D84019}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe No File
FirewallRules: [{E42B2A89-5D94-4CB5-840B-63AE90DD0183}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe No File
FirewallRules: [TCP Query User{8C46AEF4-14C7-4513-9B6F-481C53440B10}D:\dead island definitive edition\deadislandgame.exe] => (Block) D:\dead island definitive edition\deadislandgame.exe No File
FirewallRules: [UDP Query User{6E0E4CEA-5116-44CA-BC60-93111516312C}D:\dead island definitive edition\deadislandgame.exe] => (Block) D:\dead island definitive edition\deadislandgame.exe No File
FirewallRules: [TCP Query User{FF0F51B1-4C91-43A1-B8BB-00A07C0EAF16}D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe] => (Allow) D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe No File
FirewallRules: [UDP Query User{177B3DF7-7C2C-4610-9C53-7749B9CA69E0}D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe] => (Allow) D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe No File
FirewallRules: [TCP Query User{CEF65A1D-4C52-4535-A85B-DF82E68030DC}D:\games\dead island - definitive collection\dead island de\deadislandgame.exe] => (Allow) D:\games\dead island - definitive collection\dead island de\deadislandgame.exe No File
FirewallRules: [UDP Query User{21990E81-7021-4B74-ABCC-5E22271B2864}D:\games\dead island - definitive collection\dead island de\deadislandgame.exe] => (Allow) D:\games\dead island - definitive collection\dead island de\deadislandgame.exe No File
FirewallRules: [TCP Query User{E197C6E4-C933-463C-A944-C9725CB98F17}D:\games\dead island - definitive collection\dead island riptide de\deadislandgame_x86_rwdi.exe] => (Allow) D:\games\dead island - definitive collection\dead island riptide de\deadislandgame_x86_rwdi.exe No File
FirewallRules: [UDP Query User{044A795F-0C25-4CFE-AE8E-6BD2908B4D6C}D:\games\dead island - definitive collection\dead island riptide de\deadislandgame_x86_rwdi.exe] => (Allow) D:\games\dead island - definitive collection\dead island riptide de\deadislandgame_x86_rwdi.exe No File
FirewallRules: [TCP Query User{1CFB5ADA-74C2-4D5B-9E23-3A4BC46CE52C}D:\dying light the following enhanced edition\dyinglightgame.exe] => (Allow) D:\dying light the following enhanced edition\dyinglightgame.exe No File
FirewallRules: [UDP Query User{FC09700B-82B8-42DB-84D9-5D3FE3B4E9F0}D:\dying light the following enhanced edition\dyinglightgame.exe] => (Allow) D:\dying light the following enhanced edition\dyinglightgame.exe No File
FirewallRules: [TCP Query User{F9A96A75-BC61-49FC-90FE-A65936363DB6}D:\call of duty black ops iii\blackops3.exe] => (Allow) D:\call of duty black ops iii\blackops3.exe No File
FirewallRules: [UDP Query User{9B2318A1-286D-48EA-BFF1-C68E1BC1D2CA}D:\call of duty black ops iii\blackops3.exe] => (Allow) D:\call of duty black ops iii\blackops3.exe No File
FirewallRules: [TCP Query User{A246309F-FC26-4653-BD1B-E0C134EC738B}D:\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe No File
FirewallRules: [UDP Query User{28DC0700-9872-46E9-A1B5-CF5A98C7DBD5}D:\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe No File
FirewallRules: [{29E155F9-606D-4D60-A38D-0C2E5123675C}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe No File
FirewallRules: [{F9C3B041-4751-43B3-9099-B5611C817F75}] => (Allow) D:\Steam\steamapps\common\Half-Life 2\hl2.exe No File
FirewallRules: [{B6FDC7AF-9063-4CD4-AB9F-D24AC6E381E7}] => (Allow) D:\Steam\steamapps\common\Half-Life 2\hl2.exe No File
FirewallRules: [TCP Query User{CD9EACAA-A04D-4335-9620-B225D3E1CD25}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe No File
FirewallRules: [UDP Query User{78EBFFD6-3588-4F50-AF44-D345B9ACFE7D}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe No File
FirewallRules: [{21BCC664-4D41-44C2-89B6-57718B124F51}] => (Allow) D:\steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe No File
FirewallRules: [{8AA57674-2BCF-45E9-850F-6BFC7B08D26E}] => (Allow) D:\steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe No File
FirewallRules: [{3CA692BE-5B95-4EFD-B500-653DEAF0A492}] => (Allow) D:\steam\steamapps\common\Stickman Wars\StickmanWars.exe No File
FirewallRules: [{012A5873-1D72-4F30-A7F6-D33CF07290D0}] => (Allow) D:\steam\steamapps\common\Stickman Wars\StickmanWars.exe No File
FirewallRules: [TCP Query User{AB6B7392-B7CC-4CF0-901F-0FC9A9BD8D93}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe No File
FirewallRules: [UDP Query User{0167DEC5-E420-42DD-AFCA-90EC5C4B1B27}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe No File
FirewallRules: [TCP Query User{5952EF2C-BE69-4587-B3DF-E0CB5BD7E630}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe No File
FirewallRules: [UDP Query User{276A5414-458B-40DE-9F42-6AA4D5FEDD86}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe No File
FirewallRules: [TCP Query User{A632DC2D-473E-4D9C-8669-E14E5C1C4819}D:\games\phantomers\live\bin32\mazer.exe] => (Allow) D:\games\phantomers\live\bin32\mazer.exe No File
FirewallRules: [UDP Query User{D7AAE03E-8692-4B04-B18A-96382A4068E2}D:\games\phantomers\live\bin32\mazer.exe] => (Allow) D:\games\phantomers\live\bin32\mazer.exe No File
FirewallRules: [TCP Query User{FD9D3E07-FCF9-4F73-9475-E648B95DCB85}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.4_44520.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.4_44520.exe No File
FirewallRules: [UDP Query User{73E065D8-FC6B-4A1B-9C40-EFAA03DBBD7A}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.4_44520.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.4_44520.exe No File
FirewallRules: [TCP Query User{A3745E2B-570F-414D-8D0E-49AD1E14AD7D}D:\s.t.a.l.k.e.r. narodnaya solyanka 2016\bin\xr_3da.exe] => (Allow) D:\s.t.a.l.k.e.r. narodnaya solyanka 2016\bin\xr_3da.exe No File
FirewallRules: [UDP Query User{051B35E8-873B-4828-80BF-613F6870A534}D:\s.t.a.l.k.e.r. narodnaya solyanka 2016\bin\xr_3da.exe] => (Allow) D:\s.t.a.l.k.e.r. narodnaya solyanka 2016\bin\xr_3da.exe No File
FirewallRules: [TCP Query User{68E4BDBA-CB5A-4A21-B700-2E99298DCB14}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{B66AC941-2E88-430C-B412-A26AB79D2ED6}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{47A3DC0E-D25D-4217-8DFA-E1395BE94794}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{E0F6D221-7392-4E1C-A405-D67CBA2A7DA8}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{063CB95A-BB4F-40BC-B83C-6F40A5DE29E3}D:\.minecraft\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\.minecraft\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{A55909D4-99E7-43E3-8EB0-7CF67FF45148}D:\.minecraft\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\.minecraft\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{0E696EB2-2DC0-4787-80F8-629DB078C4D0}D:\dayz standalone\dayz.exe] => (Allow) D:\dayz standalone\dayz.exe No File
FirewallRules: [UDP Query User{0B9BF3F7-408C-479A-92ED-133E217F77F8}D:\dayz standalone\dayz.exe] => (Allow) D:\dayz standalone\dayz.exe No File
FirewallRules: [TCP Query User{CFCB2764-D327-482D-B004-40454424575D}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.4_44632.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.4_44632.exe No File
FirewallRules: [UDP Query User{73F5A53A-C322-4FB2-9FBD-F1FFB6098F89}C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.4_44632.exe] => (Block) C:\users\yaroslav\appdata\roaming\utorrent\updates\3.5.4_44632.exe No File
FirewallRules: [TCP Query User{BF1843AA-4405-479A-8745-084B304CFBB0}D:\killing floor 2\binaries\win64\kfgame.exe] => (Allow) D:\killing floor 2\binaries\win64\kfgame.exe No File
FirewallRules: [UDP Query User{3F16E8B3-79BF-453C-BE9C-4CF4958A602D}D:\killing floor 2\binaries\win64\kfgame.exe] => (Allow) D:\killing floor 2\binaries\win64\kfgame.exe No File
Folder: C:\Users\HYPERPC\AppData\Roaming\WidModule
Reboot:
End::

2. Скопируйте выделенный текст (правая кнопка мыши – Копировать).

3. Запустите Farbar Recovery Scan Tool.

4. Нажмите один раз на кнопку Fix и подождите. Программа создаст лог-файл (Fixlog.txt). Пожалуйста, прикрепите его в следующем сообщении.

• Обратите внимание: будет выполнена перезагрузка компьютера.

[araama 0]

при удалении через установщика программ я не вижу что пишет менеджер браузеров

 

Строгое предупреждение от модератора "Mark D. Pearlstone"

Ещё раз, не цитируйте полностью сообщения.

 

Помогите, когда я птыюась удалить мендежер там ничего не видно, все пусто. 50-70% всего тектса на компе не видно

 

менеджеру браузеров мешает что-то и он не может удалиться

 

Выполнил в командной строке sac scannow. Текст появился.

[thyrex 1 468]

Остальное выполняйте

[araama 0]

Остальное выполняйте

вот новые логи

FRST.txt

[thyrex 1 468]

Простите, у Вас с чтением совсем беда? Какой лог я просил прикрепить после выполнения сообщения №27? Вот его и прикрепите.