Перейти к содержанию
Правила раздела

Троян минер ген

Kolhoznik

Автор Kolhoznik
в Помощь в удалении вирусов

 Поделиться

Рекомендуемые сообщения

Kolhoznik

Kolhoznik

Опубликовано
Опубликовано

Здравствуйте Начал вылезать троян минер.ген Програм дата флок..Постоянно просить вылечить,перезагружается и все по новой...Помогите.

 

Сообщение от модератора thyrex
Перенесено из темы https://forum.kasperskyclub.ru/topic/79943-ne-mogu-udalit-virus-miner/

 

  • thyrex изменил название на Начал вылезать троян минер.ген
mike 1

mike 1

Опубликовано
Опубликовано (изменено)

Здравствуйте.

 

Пофиксите следующие строчки в HiJackThis (используйте версию из папки Автологгера).

  

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://find-it.pro/?utm_source=distr_m
R0 - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://find-it.pro/?utm_source=distr_m
R3 - HKCU\..\URLSearchHooks: (no name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - (no file)
R3 - HKCU\..\URLSearchHooks: (no name) - {C9423817-5DA7-494E-87E4-111F1B49A1FD} - (no file)
O1 - Hosts: is empty
O17 - DHCP DNS 2: 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DD11F9A-255C-482D-8DB7-5D94218C2817}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A66C001-8E2F-4CCA-840F-98CE240E0155}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{229E4703-FB80-40DC-9705-3B8982A6F4DB}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B41123A-65E8-4F94-954D-EAE258048182}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{3796F68B-C865-4044-9B57-A043D7BBCC58}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{54A49661-6DCD-416F-8B5D-AAE95BDD2A93}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F99B373-9E0D-4CAE-B3C6-4A88F6022BC4}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6369160A-6BB6-4DB1-AAC4-AEED9456B583}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{70377FAC-ED7E-4881-B1E3-5B4238919D8D}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{7940CA87-2DB1-4517-9372-3A8A04D9FA30}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BE1764E-D81F-48F7-9AFB-BA33222BCFD5}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C6BE9FB-34B7-4B31-9E98-964DB26C8BAF}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{951593CF-5749-4711-8758-047D7C808EB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{AEED9BE5-B286-4FD3-BC96-9425B27CE5D8}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{B06BF534-1E89-413D-8075-4FDF63EDC382}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD466CE3-CAFC-47D4-85A4-DF964AEF5606}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF00BA59-A0FF-4C22-83CD-DC869507E39F}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{E587688B-E605-4A80-B3C8-AADEFAAF5DB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5AEE394-5D3A-4694-8974-2FD4660A109F}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{1A66C001-8E2F-4CCA-840F-98CE240E0155}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{229E4703-FB80-40DC-9705-3B8982A6F4DB}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{2B41123A-65E8-4F94-954D-EAE258048182}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{3796F68B-C865-4044-9B57-A043D7BBCC58}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{54A49661-6DCD-416F-8B5D-AAE95BDD2A93}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{5F99B373-9E0D-4CAE-B3C6-4A88F6022BC4}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{6369160A-6BB6-4DB1-AAC4-AEED9456B583}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{70377FAC-ED7E-4881-B1E3-5B4238919D8D}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{7940CA87-2DB1-4517-9372-3A8A04D9FA30}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8BE1764E-D81F-48F7-9AFB-BA33222BCFD5}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8C6BE9FB-34B7-4B31-9E98-964DB26C8BAF}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{951593CF-5749-4711-8758-047D7C808EB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{AEED9BE5-B286-4FD3-BC96-9425B27CE5D8}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B06BF534-1E89-413D-8075-4FDF63EDC382}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{BD466CE3-CAFC-47D4-85A4-DF964AEF5606}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{BF00BA59-A0FF-4C22-83CD-DC869507E39F}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{E587688B-E605-4A80-B3C8-AADEFAAF5DB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{F5AEE394-5D3A-4694-8974-2FD4660A109F}: [NameServer] = 37.59.58.122
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - BITS Job: (download) {0500F94E-9E95-4AB2-B038-67814D45FFDF} - http://redirector.gvt1.com/edgedl/release2/chrome_component/G4m99DanXpdX7lhn6ec8FQ_6422/AJDGbZBp29rxIfdU-A6jb9U -> C:\Users\CD86~1\AppData\Local\Temp\chrome_BITS_2184_844234021\AJDGbZBp29rxIfdU-A6jb9U
O22 - BITS Job: (download) {7FA2611F-7D28-4487-AFA2-4B28EBB55709} - https://download.cdn.yandex.net/browser/crx3/suggest_catboost_model_tag_model_19_7_3_14/19_07_03_14.crx -> C:\Users\CD86~1\AppData\Local\Temp\chrome_BITS_3748_1579179698\19_07_03_14.crx
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{011E7E61-C903-460D-9B3C-E70FD2E70BA6} - \{902C79F4-0114-472B-BAE8-5738F4FCCD03} (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F2B1365-8DBF-4FA5-9155-CD61007C9D8E} - \AVG\PC Tuneup 2011\Integrator\Scan and Repair (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FA97CB2-7987-4360-83BE-36243832C81A} - \QPFSiptsQiUmyMj2 (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DA4EE75-AA42-4D66-A18B-E742731A7D45} - \Алексей (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{372BC032-ADD5-44F6-A9E0-A0F90B371345} - \vsbCsjNTZvxfEP (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BF84CDE-3DBE-4925-A060-7D9B156BC77D} - \EgDnnxLDdmkTyvIEL2 (no xml)

 

Скачайте Farbar Recovery Scan Tool  NAAC5Ba.png и сохраните на Рабочем столе.

Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.

  1. Запустите программу двойным щелчком. Когда программа запустится, нажмите Yes для соглашения с предупреждением.
  2. Убедитесь, что под окном Optional Scan отмечены "List BCD" и "90 Days Files".
  3. Нажмите кнопку Scan.
  4. После окончания сканирования будет создан отчет (FRST.txt) в той же папке, откуда была запущена программа. Пожалуйста, прикрепите отчет в следующем сообщении.
  5. Если программа была запущена в первый раз, будет создан отчет (Addition.txt). Пожалуйста, прикрепите его в следующем сообщении.


3munStB.png Изменено пользователем mike 1
Kolhoznik

Kolhoznik

Опубликовано
  • Автор
Опубликовано

Addition.txt FRST.txt

 

5 часов назад, mike 1 сказал:

Здравствуйте.

 

Пофиксите следующие строчки в HiJackThis (используйте версию из папки Автологгера).

  



R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://find-it.pro/?utm_source=distr_m
R0 - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://find-it.pro/?utm_source=distr_m
R3 - HKCU\..\URLSearchHooks: (no name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - (no file)
R3 - HKCU\..\URLSearchHooks: (no name) - {C9423817-5DA7-494E-87E4-111F1B49A1FD} - (no file)
O1 - Hosts: is empty
O17 - DHCP DNS 2: 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DD11F9A-255C-482D-8DB7-5D94218C2817}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A66C001-8E2F-4CCA-840F-98CE240E0155}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{229E4703-FB80-40DC-9705-3B8982A6F4DB}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B41123A-65E8-4F94-954D-EAE258048182}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{3796F68B-C865-4044-9B57-A043D7BBCC58}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{54A49661-6DCD-416F-8B5D-AAE95BDD2A93}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F99B373-9E0D-4CAE-B3C6-4A88F6022BC4}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6369160A-6BB6-4DB1-AAC4-AEED9456B583}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{70377FAC-ED7E-4881-B1E3-5B4238919D8D}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{7940CA87-2DB1-4517-9372-3A8A04D9FA30}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BE1764E-D81F-48F7-9AFB-BA33222BCFD5}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C6BE9FB-34B7-4B31-9E98-964DB26C8BAF}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{951593CF-5749-4711-8758-047D7C808EB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{AEED9BE5-B286-4FD3-BC96-9425B27CE5D8}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{B06BF534-1E89-413D-8075-4FDF63EDC382}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD466CE3-CAFC-47D4-85A4-DF964AEF5606}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF00BA59-A0FF-4C22-83CD-DC869507E39F}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{E587688B-E605-4A80-B3C8-AADEFAAF5DB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5AEE394-5D3A-4694-8974-2FD4660A109F}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{1A66C001-8E2F-4CCA-840F-98CE240E0155}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{229E4703-FB80-40DC-9705-3B8982A6F4DB}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{2B41123A-65E8-4F94-954D-EAE258048182}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{3796F68B-C865-4044-9B57-A043D7BBCC58}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{54A49661-6DCD-416F-8B5D-AAE95BDD2A93}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{5F99B373-9E0D-4CAE-B3C6-4A88F6022BC4}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{6369160A-6BB6-4DB1-AAC4-AEED9456B583}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{70377FAC-ED7E-4881-B1E3-5B4238919D8D}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{7940CA87-2DB1-4517-9372-3A8A04D9FA30}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8BE1764E-D81F-48F7-9AFB-BA33222BCFD5}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8C6BE9FB-34B7-4B31-9E98-964DB26C8BAF}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{951593CF-5749-4711-8758-047D7C808EB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{AEED9BE5-B286-4FD3-BC96-9425B27CE5D8}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B06BF534-1E89-413D-8075-4FDF63EDC382}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{BD466CE3-CAFC-47D4-85A4-DF964AEF5606}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{BF00BA59-A0FF-4C22-83CD-DC869507E39F}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{E587688B-E605-4A80-B3C8-AADEFAAF5DB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{F5AEE394-5D3A-4694-8974-2FD4660A109F}: [NameServer] = 37.59.58.122
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - BITS Job: (download) {0500F94E-9E95-4AB2-B038-67814D45FFDF} - http://redirector.gvt1.com/edgedl/release2/chrome_component/G4m99DanXpdX7lhn6ec8FQ_6422/AJDGbZBp29rxIfdU-A6jb9U -> C:\Users\CD86~1\AppData\Local\Temp\chrome_BITS_2184_844234021\AJDGbZBp29rxIfdU-A6jb9U
O22 - BITS Job: (download) {7FA2611F-7D28-4487-AFA2-4B28EBB55709} - https://download.cdn.yandex.net/browser/crx3/suggest_catboost_model_tag_model_19_7_3_14/19_07_03_14.crx -> C:\Users\CD86~1\AppData\Local\Temp\chrome_BITS_3748_1579179698\19_07_03_14.crx
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{011E7E61-C903-460D-9B3C-E70FD2E70BA6} - \{902C79F4-0114-472B-BAE8-5738F4FCCD03} (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F2B1365-8DBF-4FA5-9155-CD61007C9D8E} - \AVG\PC Tuneup 2011\Integrator\Scan and Repair (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FA97CB2-7987-4360-83BE-36243832C81A} - \QPFSiptsQiUmyMj2 (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DA4EE75-AA42-4D66-A18B-E742731A7D45} - \Алексей (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{372BC032-ADD5-44F6-A9E0-A0F90B371345} - \vsbCsjNTZvxfEP (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BF84CDE-3DBE-4925-A060-7D9B156BC77D} - \EgDnnxLDdmkTyvIEL2 (no xml)

 

Скачайте Farbar Recovery Scan Tool  NAAC5Ba.png и сохраните на Рабочем столе.

Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.

  1. Запустите программу двойным щелчком. Когда программа запустится, нажмите Yes для соглашения с предупреждением.
  2. Убедитесь, что под окном Optional Scan отмечены "List BCD" и "90 Days Files".
  3. Нажмите кнопку Scan.
  4. После окончания сканирования будет создан отчет (FRST.txt) в той же папке, откуда была запущена программа. Пожалуйста, прикрепите отчет в следующем сообщении.
  5. Если программа была запущена в первый раз, будет создан отчет (Addition.txt). Пожалуйста, прикрепите его в следующем сообщении.

 


3munStB.png

Addition.txtFRST.txt

mike 1

mike 1

Опубликовано
Опубликовано

Деинсталлируйте:

  

AVG PC Tuneup 2011
Кнопка "Яндекс" на панели задач
Служба автоматического обновления программ

 

 

ВНИМАНИЕ! Данный скрипт написан специально для этого пользователя, использование его на другом компьютере может привести к неработоспособности Windows!

  1. Временно выгрузите антивирус, файрволл и прочее защитное ПО.
  2. Скопируйте приведенный ниже текст в Блокнот и сохраните файл как fixlist.txt в кодировке Юникод в ту же папку откуда была запущена утилита Farbar Recovery Scan Tool:
    CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-253331017-3484317970-3833979646-1000\...\Run: [MailRuUpdater] => C:\Users\Алексей\AppData\Local\Mail.Ru\MailRuUpdater.exe [3255480 2020-05-18] (LLC Mail.Ru -> Mail.Ru) <==== ATTENTION
HKU\S-1-5-21-253331017-3484317970-3833979646-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-253331017-3484317970-3833979646-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-253331017-3484317970-3833979646-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-253331017-3484317970-3833979646-1000\...\MountPoints2: {1e402fb1-6a6b-11ea-8388-0291dd5178e7} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-253331017-3484317970-3833979646-1000\...\MountPoints2: {2b84a326-88ee-11e7-9e29-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-253331017-3484317970-3833979646-1000\...\MountPoints2: {7a9024a4-7d96-11e8-bfd6-c685c4ba626e} - H:\iLinker.exe
HKU\S-1-5-21-253331017-3484317970-3833979646-1000\...\MountPoints2: {b4714af6-e435-11ea-a575-9e56e5bbec13} - F:\HiSuiteDownLoader.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Алексей\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Все пользователи\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - \Microsoft\Windows\Time Synchronization\SynchronizeTime -> No File <==== ATTENTION
Task: {0460B2EB-2287-4A23-A762-9CCA06DE730C} - \{D16A5BE7-5A39-44A4-8622-B1902FFE67B2} -> No File <==== ATTENTION
Task: {05A8435F-C525-4060-A1C6-279E7488B582} - \{E03CBA31-F2CE-48BF-B601-F37602ACCAF7} -> No File <==== ATTENTION
Task: {074E4F32-F65A-4600-9D65-BDC393E873C3} - \WPD\SqmUpload_S-1-5-21-253331017-3484317970-3833979646-1000 -> No File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION
Task: {0B1D1F1F-A9CA-41E1-8E13-ACD65D6F469F} - \{96BA39E1-3D9F-4FBA-A0B9-C84AD271D8C1} -> No File <==== ATTENTION
Task: {0BDBFB78-B4FE-4A9D-A52B-2D42B1B14AE6} - \{7838CAAC-7C67-4B11-9793-BACB3ABB201B} -> No File <==== ATTENTION
Task: {0FD4D116-C2B1-4004-9E35-3AF77BD943FA} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION
Task: {113ED8F1-67B0-4B55-ADA3-B5F93AA1C6AF} - \{261BB171-D2F1-4248-B496-32C7B0687392} -> No File <==== ATTENTION
Task: {11BD16CE-4871-4075-A7F7-629F0137AB2A} - \{C6EE5B35-2220-471F-9C35-2E958ED5DE17} -> No File <==== ATTENTION
Task: {127C22E8-1033-4A05-8F0A-8785D5428899} - \{C821BC5E-DB5A-4316-947F-CF16F3571296} -> No File <==== ATTENTION
Task: {13DADD1C-7F73-490D-BF63-3D6A38839550} - \{A3DBC975-DEC5-4E31-AEE0-DC3496154C94} -> No File <==== ATTENTION
Task: {16F6764C-25D2-4DCA-85CE-C18317BE8FAC} - \Opera scheduled Autoupdate 1557333188 -> No File <==== ATTENTION
Task: {197CD0B7-82A7-4AD4-9BFC-F39DB7DE9AA5} - \{97D15AD8-BECE-4E3F-8519-D34B9E8238DD} -> No File <==== ATTENTION
Task: {199C84CE-16ED-439C-8E65-0495EBE7DE2F} - \{BF5FCD74-9893-4C75-A50B-03A6139B28AE} -> No File <==== ATTENTION
Task: {1A310320-1654-4064-8067-EEFF92D12F4B} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION
Task: {1B255142-7F52-4FB7-92D6-06E2606AB07F} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION
Task: {1F64042B-1A20-4DD8-B196-B0B2CCA10FD4} - \{8D66C405-3039-40CA-80EC-0991011950B7} -> No File <==== ATTENTION
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - \Microsoft\Windows\Task Manager\Interactive -> No File <==== ATTENTION
Task: {1FB9FC8E-5767-4561-85BB-2BF14A8267D3} - \{67029690-87FB-45D3-B4F6-838DB65F7143} -> No File <==== ATTENTION
Task: {213A1642-C8D7-4F36-96FE-9DB473AD9747} - \{6C3F5B16-B070-4F81-8907-17CF8FDAA7AF} -> No File <==== ATTENTION
Task: {223D74EE-EDB7-439A-9248-42F0D5E9E73F} - \{897BA2D2-6CFF-4FBC-BEBB-E68CD95EAFDF} -> No File <==== ATTENTION
Task: {22EB0A97-B7EC-4F0E-B184-1F060029A214} - \{D1744379-2B2B-4B1C-AF68-67F93B78E59A} -> No File <==== ATTENTION
Task: {2470470F-2634-478E-B181-571E98A789BB} - \Microsoft\Windows\Multimedia\SystemSoundsService -> No File <==== ATTENTION
Task: {27F1D2AB-C996-4F47-8514-93966B87C6B0} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> No File <==== ATTENTION
Task: {2A1DBB64-C01C-4528-968C-6478891F39BE} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {2CBA3676-712B-483B-A1B4-E4842380AAE9} - \{F435B50E-9045-4340-9D9E-C9B1CE95E392} -> No File <==== ATTENTION
Task: {2CC4C2CC-060A-4316-9305-560AAD7589C8} - \{1757699A-9BA5-4FB2-AA90-0D77B3FE09C3} -> No File <==== ATTENTION
Task: {2F3E58C3-D0A0-46D3-AA36-FEA916444343} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {3073E240-D503-46A1-8AE2-FB40FB09C1A0} - \{16CCBE29-DAD9-4804-8DB6-305277A54B05} -> No File <==== ATTENTION
Task: {33C498DA-B021-45F3-948A-845B50DC8E3B} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION
Task: {33E7FA4B-C880-4E0E-8E72-FF19C28F4E53} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION
Task: {356E2419-E8FD-46DB-87C1-587AF28BD09B} - \{BBFC7924-AEB6-4FBB-BFC3-D65383B7C051} -> No File <==== ATTENTION
Task: {3AC07ADA-2630-425F-B436-024DFFB93C83} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {3BCEBDDA-029B-40BB-AFBB-EB25A5D13A22} - \{5E730E35-F225-492F-9977-FF0CED12699F} -> No File <==== ATTENTION
Task: {3DD6B2C6-090E-471F-BC65-0FF4E193B1BA} - \NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {40EBB9DB-5148-4E2D-9A26-76264AF728B6} - \Microsoft\Windows\Wininet\CacheTask -> No File <==== ATTENTION
Task: {40FA0734-719C-4970-9FAA-18E3E86AD255} - \{28683C38-D280-4C3C-A95C-8D6F42271634} -> No File <==== ATTENTION
Task: {41EBCC17-9659-41A8-B16F-C0D114F6B0BE} - \{54C4269E-25DD-4D93-8D63-BEB7406EBAB6} -> No File <==== ATTENTION
Task: {42A366AF-CAEA-415E-BCCF-29FBF5DA4302} - \{EFEEA6A0-FFE9-4A9D-96E8-A4AEEE2CDD92} -> No File <==== ATTENTION
Task: {45657F62-7616-4F4D-B74D-3AE56F9C81C3} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION
Task: {4569750F-3B39-4A06-8CEF-EA2139E11683} - \Opera scheduled assistant Autoupdate 1557333191 -> No File <==== ATTENTION
Task: {4576DB63-5785-4708-ADC2-99FA06600456} - \{ECA4DDF9-CCFC-4183-9F82-C60070434537} -> No File <==== ATTENTION
Task: {473D75A8-9EA8-49EB-BECD-AAE6E6302186} - \{E5ADF26B-B4DB-4500-A07B-C6EECB2E4122} -> No File <==== ATTENTION
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> No File <==== ATTENTION
Task: {482ACBE5-7EC9-4B6E-ABA8-DA39552E297A} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration -> No File <==== ATTENTION
Task: {4B9ECB18-DAEF-4CA4-9D8F-D19C55FEAC4A} - \Обновление Браузера Яндекс -> No File <==== ATTENTION
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor -> No File <==== ATTENTION
Task: {4CA615A8-0385-4735-867F-6B5C1E79B73E} - \{CE657D19-E3CA-4AA1-B96C-373ACAB53723} -> No File <==== ATTENTION
Task: {4D6A241E-FB8E-4DE5-BFFC-5576B6AA8DBF} - \Browserupdphenix -> No File <==== ATTENTION
Task: {4EECB043-1985-4066-8C66-4C1948460572} - \{5D09836B-8EF0-4483-8F4A-A25A8B297AC4} -> No File <==== ATTENTION
Task: {4F17C94D-5BFE-4ABB-821C-3EAC0FFD4769} - \{629E89E1-40D9-4596-BCFF-03335E8BAAE3} -> No File <==== ATTENTION
Task: {51812601-47C2-40E6-971E-5D24645E4079} - \{CEF95E7A-FCB1-47C1-A14E-03C16C4CF6AD} -> No File <==== ATTENTION
Task: {5374CDA2-3651-41BC-A308-3912B56CA726} - \{7FD0FD1E-A814-4FB1-A4B9-CD397DC23D89} -> No File <==== ATTENTION
Task: {55EFB1B1-66AC-4F5D-A10E-15F3913DBF55} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION
Task: {584CB58E-4908-42C5-A374-BA53024483AA} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - \Microsoft\Windows\UPnP\UPnPHostConfig -> No File <==== ATTENTION
Task: {5A4C82CC-4649-4C87-B1AE-B3E1964A49A6} - \{702AD945-266A-472B-9C36-388589E93760} -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION
Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - \Microsoft\Windows\Defrag\ScheduledDefrag -> No File <==== ATTENTION
Task: {5E789054-0ADC-484A-95AA-2207C1DAB692} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - \Microsoft\Windows\CertificateServicesClient\SystemTask -> No File <==== ATTENTION
Task: {602431E6-8ABE-4E51-8ACC-4932B02228FA} - \{84C8A0FA-9067-4C23-9DAD-7CD467B6E477} -> No File <==== ATTENTION
Task: {6130EA80-DE8F-4AEC-B519-3371A8BCDD5F} - \{E27C30AA-3C3B-422E-A2E9-1CE66E9F2D51} -> No File <==== ATTENTION
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) -> No File <==== ATTENTION
Task: {61823E11-D3BC-4549-AD33-DBF6BFBB6674} - \{0F530A34-9145-48D6-B894-A68326103183} -> No File <==== ATTENTION
Task: {62AA6109-2B52-4486-AAE0-1E9D077CBCBB} - \{6F9A5B65-A840-45E7-B754-7E3D36A5464E} -> No File <==== ATTENTION
Task: {62E8790A-26EB-4310-9F1B-C81B00153263} - \{CBD15180-5637-4EB3-AB3D-DF23F63A5FB6} -> No File <==== ATTENTION
Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - \Microsoft\Windows\User Profile Service\HiveUploadTask -> No File <==== ATTENTION
Task: {68C081EA-DEF4-4A3F-AF5B-D202D2C093AD} - \{0D6E197F-45E5-4E11-802D-A4CAE7A4BC7C} -> No File <==== ATTENTION
Task: {6DA70590-BF2F-4B8C-B418-9AF19F2DE43A} - \{230FDE1A-86C4-47FD-AB0F-AA040BA6C4F4} -> No File <==== ATTENTION
Task: {703E03D0-1B5A-4421-A08E-39B25E025531} - \Pupdbrowser -> No File <==== ATTENTION
Task: {7054CAAB-F9A0-4F48-80F4-51859CC9D227} - \Games\UpdateCheck_S-1-5-21-253331017-3484317970-3833979646-1000 -> No File <==== ATTENTION
Task: {716B18A8-651A-4A99-AF58-063FF4A77A5C} - \{5F0F84A3-7BFF-4DBA-B669-1BEBFF2FE275} -> No File <==== ATTENTION
Task: {71F2E533-A6CE-44DC-9CC4-DD4F792017B9} - \{F49E4578-9D8F-4662-BE65-41B4B4C7C3CB} -> No File <==== ATTENTION
Task: {725DB9E9-CD8F-4FDD-85C4-355E8A09BF6C} - \{024B7520-78F0-4AA8-9153-1961BB606C95} -> No File <==== ATTENTION
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck -> No File <==== ATTENTION
Task: {74A5BB57-D3F5-4487-A3D8-19210A1EF76A} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> No File <==== ATTENTION
Task: {75D45EBF-CF6D-4FD7-8334-D11A18B987D6} - \{DD83F292-C9EA-46A4-AC0F-11A76BF5EB64} -> No File <==== ATTENTION
Task: {7763AD09-11BD-4398-B23A-169AE8D87760} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION
Task: {77D7AD91-BE98-40EB-A6F5-0E8428AC865E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {7916D7BA-8462-412B-A3A5-3FC5FC398B0E} - \{3D0F747C-166D-4419-8BE9-FDC5AE75556F} -> No File <==== ATTENTION
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - \Microsoft\Windows\CertificateServicesClient\UserTask -> No File <==== ATTENTION
Task: {7C3F7758-ABA4-415A-9D0F-41E81754AD80} - \{B99CE328-6942-468C-8941-8D17F8629622} -> No File <==== ATTENTION
Task: {7D3BD6CC-75E7-4319-A35B-58CF4556BCC1} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION
Task: {7D638363-1DE3-4CF3-8682-1FEC1CCAD45D} - \NetShield Kit scheduled Autoupdate -> No File <==== ATTENTION
Task: {7D80C612-64A4-432A-92DF-0239B893DA59} - \{E49699EA-3918-44CC-B78F-E693B8D03A48} -> No File <==== ATTENTION
Task: {7E951125-C359-4D6D-98C7-C4532BCBD4DA} - \{000A4548-0B95-435A-B739-A27F958F4CE8} -> No File <==== ATTENTION
Task: {7EF48A38-5747-4538-9873-5C2C20765E7C} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION
Task: {7F0DE906-932C-4672-AC06-A4DBDB64EEAD} - \MailRuUpdater -> No File <==== ATTENTION
Task: {80196A61-E8F8-4DA7-8F54-2CAD3F8A5A3A} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION
Task: {808B6A80-3D1E-4B16-B972-6B89D7BD02E6} - \AVG\PC Tuneup 2011\Integrator\Start On Windows Logon -> No File <==== ATTENTION
Task: {80CDA6C9-3AC1-4594-8906-7681307A0B7C} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - \Microsoft\Windows\NetTrace\GatherNetworkInfo -> No File <==== ATTENTION
Task: {81B0183D-CFB2-4804-A3C7-DFBCE8383EAE} - \{46F2886C-714B-4882-B438-D3F08938809E} -> No File <==== ATTENTION
Task: {82B2D76B-9AB3-4DF5-B4FF-DADE1F531793} - \{B9F16601-577E-4EFF-83D9-4A6D7C114CB1} -> No File <==== ATTENTION
Task: {835855E4-94B2-4565-A268-A3C40F8C7DD0} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION
Task: {83F03B5B-6EC0-48C8-A1C1-68AB9ED74C7B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {8628197D-2A48-4B88-9D1D-BEC139E9566D} - \{E5D2E426-EA56-44CA-AE4C-DC0016754382} -> No File <==== ATTENTION
Task: {88A618D7-B3C1-42E5-9524-F67A59EE4257} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION
Task: {8A1CEF19-212C-4B41-B936-B1CE0445E206} - \MsFlQfpgFqdvv2 -> No File <==== ATTENTION
Task: {8A5ED229-D6A3-481D-91F9-ABD87CD48CA9} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION
Task: {8C255715-B150-4BDE-A1DD-5F09691A2A48} - \{0BBAF4F0-48FB-42A5-A3A8-21087BFC9E22} -> No File <==== ATTENTION
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - \Microsoft\Windows\WDI\ResolutionHost -> No File <==== ATTENTION
Task: {94E4F69F-9027-434A-988C-9E4BA861814A} - \{000E1BDB-364E-4F59-985D-71DA93215EAE} -> No File <==== ATTENTION
Task: {95A3F06C-6EBB-46AE-94F9-4031E1D7E70D} - \{AE718785-358E-4024-8DF1-18295ACA1841} -> No File <==== ATTENTION
Task: {96A97817-F225-4696-8639-83202914FDF6} - \EdMyiUwGJuXYpwQNJtM2 -> No File <==== ATTENTION
Task: {9726994C-0FB5-4CF2-B61A-D800507C3323} - \{64B24340-197A-44B1-BF3E-9CE8931282C6} -> No File <==== ATTENTION
Task: {97904973-2160-497B-B35A-1694DBCA2DD3} - \{1211CDC1-8037-457A-8C87-A70FE27A0BBF} -> No File <==== ATTENTION
Task: {97F1AE7C-5E58-48E3-B2D2-116DE67BA074} - \{1B42C190-0570-487D-BA20-D95D225D9406} -> No File <==== ATTENTION
Task: {98980E3F-F685-43FE-8297-2E252D50E318} - \{1770A1EC-C260-4038-B185-B8945111121B} -> No File <==== ATTENTION
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - \Microsoft\Windows\SystemRestore\SR -> No File <==== ATTENTION
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam -> No File <==== ATTENTION
Task: {99E26481-9958-4BB7-8169-5587B344C933} - \{1BDE5BA4-6499-4AB4-8451-9523544785A9} -> No File <==== ATTENTION
Task: {9E47A789-ED90-463D-956D-40F6B074F5C3} - \gUpKfBzty -> No File <==== ATTENTION
Task: {9FDB3945-0AD2-4A99-954D-51D71B273C0B} - \NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A1D7D5CA-346E-43D7-9170-3484BCA318E2} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {A34CCC68-DB88-4CD7-95CD-3B352AD02557} - \{CEA63330-0B80-46D9-B77D-3702EF2C6FA9} -> No File <==== ATTENTION
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader -> No File <==== ATTENTION
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - \Microsoft\Windows\AppID\PolicyConverter -> No File <==== ATTENTION
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - \Microsoft\Windows\Location\Notifications -> No File <==== ATTENTION
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - \Microsoft\Windows\Application Experience\ProgramDataUpdater -> No File <==== ATTENTION
Task: {A7D8E8C4-9CCF-4C94-B6D7-853C1581380D} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION
Task: {A8219CF2-AC20-4BFF-8E7D-172A63B057E3} - \{608E668C-BA74-4EF5-9226-1B3FD32C788C} -> No File <==== ATTENTION
Task: {AA9BECD6-90EE-4596-8FB0-084AA32FD256} - \{8DDBDC83-1C43-4346-A89F-F0C8833BF2C3} -> No File <==== ATTENTION
Task: {ABC84A49-DB12-44A8-9F42-852FC20E69A2} - \Microsoft\Windows\Offline Files\Background Synchronization -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - \Microsoft\Windows\Ras\MobilityManager -> No File <==== ATTENTION
Task: {AFC5A9DE-50C0-4DC1-A1C2-1A01B1674DCE} - \{A01FA4E3-F8DE-4275-81E0-F66D98C8A242} -> No File <==== ATTENTION
Task: {B0B67112-E689-4D01-92E0-E3908C606404} - \{6611F3CA-1DA5-44D2-83C0-99FFD1B4927D} -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {B1243281-9402-4EEB-AE2F-1145F585272D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {B29F6307-26E6-4C57-8010-E092B829822E} - \{D21BE30F-0953-455F-9F89-90EE636784F9} -> No File <==== ATTENTION
Task: {B390650C-7636-4D2D-AAC8-4EAC8B6B7867} - \{10457C1E-82DB-4440-A2E9-7F64978D57EC} -> No File <==== ATTENTION
Task: {B8DA0369-1010-4245-884F-C12306B83DC0} - \NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {BB001CB6-DC24-4AC7-8E7C-F0A06F802DC5} - \{F93C1CA0-6579-4796-A066-06D604BB40AA} -> No File <==== ATTENTION
Task: {BB2893A7-75A1-4EC8-A39E-CD1AF58A3A8F} - \VKDJ -> No File <==== ATTENTION
Task: {BE669978-1A07-48AB-B2A3-3DA0BCD364FC} - \NetShield Kit Self Repair -> No File <==== ATTENTION
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - \Microsoft\Windows\Diagnosis\Scheduled -> No File <==== ATTENTION
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator -> No File <==== ATTENTION
Task: {C1DF2274-9CF9-40D7-8474-B9528AC6F046} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTION
Task: {C342BF24-E80E-48AE-A2A1-845F71B864DD} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION
Task: {C3554FA0-2368-410B-9205-6939905A6585} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION
Task: {C3A1FB6A-F433-4D9E-8BD2-F746BC8A975F} - \{16DB94DA-1C0C-4E70-8A5D-1D8CE9CAA0FD} -> No File <==== ATTENTION
Task: {C571EE05-74C6-42F6-8D3E-26A8F9452C47} - \{A50DF651-7260-4933-AA3A-76C9E73AB427} -> No File <==== ATTENTION
Task: {C691A4A0-1B47-4C90-B4B7-EAB2F8EA0F16} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - \Microsoft\Windows\Registry\RegIdleBackup -> No File <==== ATTENTION
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask -> No File <==== ATTENTION
Task: {CBD11947-D178-46A8-8543-56E334B8C8D5} - \{E4948356-2640-4518-873A-1B7A0BC35A3B} -> No File <==== ATTENTION
Task: {CCEF411B-50DB-4E69-8F26-2445AEA1CFCF} - \{8122D593-9A1E-4B73-ACDA-736937E86BDE} -> No File <==== ATTENTION
Task: {CE2BD262-2F30-4019-8814-97371B7E5AF2} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {CEFBDE5A-D18C-4F97-9EBF-E1CBD893B574} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION
Task: {CF2A4FBD-7FDD-4875-8C9D-1E275313C2B8} - \NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - \Microsoft\Windows\Windows Error Reporting\QueueReporting -> No File <==== ATTENTION
Task: {D02BEC4E-F2D7-443F-8A9A-E90A24297ED3} - \{1B1E978F-ED9F-4BFB-9EAD-70CD84CA3C60} -> No File <==== ATTENTION
Task: {D333D1E5-0D8A-43C1-98D6-84EED2A4A3BF} - \{0E78FE8F-215F-4F1E-BA64-513B7DC99935} -> No File <==== ATTENTION
Task: {D3E2401D-71CC-4E55-9064-474EEE9A2557} - \{6CE00C69-3CDE-45E2-BECB-2CE9EB9F8B11} -> No File <==== ATTENTION
Task: {D6DB006B-677E-49ED-8ED5-D41450C77EC0} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION
Task: {D74333AF-0C0F-4FFC-B36E-889055BB7763} - \{FFDAFCF6-3559-478C-8112-9B2BBD0A42FD} -> No File <==== ATTENTION
Task: {D7984694-3830-4337-8AF8-8D9A739AC65A} - \{BFEC2EEC-AA3A-456D-8DC0-143931AE0C81} -> No File <==== ATTENTION
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - \Microsoft\Windows\Autochk\Proxy -> No File <==== ATTENTION
Task: {D9FCA921-6359-43A6-91D6-CC17E3E25619} - \{0943CE8A-9B30-4AEB-9CE9-289765CBE0F2} -> No File <==== ATTENTION
Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - \Microsoft\Windows\Maintenance\WinSAT -> No File <==== ATTENTION
Task: {DAB9AE4C-E4B8-4E16-9636-CFC7EDD1771F} - \{96F3DCF1-2966-47D6-9DAF-BC9E2454BA8E} -> No File <==== ATTENTION
Task: {DC9C5814-EB26-4D66-8834-A42CB94153C0} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION
Task: {DCF8A666-3C52-4860-BC8E-42D4D7A67134} - \NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {DDB0B241-BD5F-4AA7-ACE8-A8C4FE022ED9} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> No File <==== ATTENTION
Task: {DF0BF798-C82E-4D60-887E-5F04DA849C6A} - \{DBF645E0-22CB-4DE4-BD7C-4EF95CB51225} -> No File <==== ATTENTION
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange -> No File <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask -> No File <==== ATTENTION
Task: {E4398BF0-2786-4B19-B648-19A91362953A} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {E5BD6463-A71A-4087-87DE-8C8785B29316} - \{421617A8-BC2D-4A18-A07E-A561B8CF6AFC} -> No File <==== ATTENTION
Task: {E6FF3989-4EBE-4480-A392-19474639E47F} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> No File <==== ATTENTION
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask -> No File <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {EBD00135-4272-4DDE-8D81-5ED29FE7A467} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION
Task: {F01A9983-55B3-4479-BCE6-8EB219F1F31B} - \Pbrowserupd -> No File <==== ATTENTION
Task: {F17E8239-18E0-46F5-9EA7-03A67C3DE373} - \{46CEBAF1-6C7A-4956-B4FA-630A52CC0B2D} -> No File <==== ATTENTION
Task: {F279C4C1-CA28-4DFF-BEB4-D0ACD43D2A71} - \{86A70F50-1DAB-4D2C-BB99-174A2AD2F38F} -> No File <==== ATTENTION
Task: {F38F6619-8559-4AA9-ADAE-4E33C6868F3C} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {F4F53D51-1791-47B0-8142-61FA0FA0A059} - \{7AAE95D5-4088-4A2F-A36E-05863BD80706} -> No File <==== ATTENTION
Task: {F631116B-F5BA-4F49-AC38-FDBC8A562CED} - \{798552C1-A9A8-400D-8BF4-298ECBBEFF5F} -> No File <==== ATTENTION
Task: {F8FABFCE-C51B-408D-A440-4F9F5F0B599B} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION
Task: {FA077DF2-891D-4CD3-B28D-BA3F8D65AAAA} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FACEE3A0-FFB0-4581-A528-3890AA7323D8} - \{0998DABE-513B-420D-A45A-BB7F7991901A} -> No File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem -> No File <==== ATTENTION
Task: {FDC58516-3037-4DEF-BC6B-E79F8705E825} - \{DA19B2AC-C7B2-4410-91BC-CEA63FAACCF5} -> No File <==== ATTENTION
Task: {FDCBA0BD-E1B4-4AC4-B771-3E7E6EE1F6D9} - \Microsoft\Windows\Offline Files\Logon Synchronization -> No File <==== ATTENTION
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> No File <==== ATTENTION
Task: {FF9A49AF-2228-4A8F-BBBC-9A9BCE41306D} - \{C2574D9B-FEFF-4210-80A6-4497097C2968} -> No File <==== ATTENTION
Tcpip\..\Interfaces\{0DD11F9A-255C-482D-8DB7-5D94218C2817}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{1A66C001-8E2F-4CCA-840F-98CE240E0155}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{229E4703-FB80-40DC-9705-3B8982A6F4DB}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{2B41123A-65E8-4F94-954D-EAE258048182}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{3796F68B-C865-4044-9B57-A043D7BBCC58}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{54A49661-6DCD-416F-8B5D-AAE95BDD2A93}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{5F99B373-9E0D-4CAE-B3C6-4A88F6022BC4}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{6369160A-6BB6-4DB1-AAC4-AEED9456B583}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{70377FAC-ED7E-4881-B1E3-5B4238919D8D}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{7940CA87-2DB1-4517-9372-3A8A04D9FA30}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{8BE1764E-D81F-48F7-9AFB-BA33222BCFD5}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{8C6BE9FB-34B7-4B31-9E98-964DB26C8BAF}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{951593CF-5749-4711-8758-047D7C808EB2}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{AEED9BE5-B286-4FD3-BC96-9425B27CE5D8}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{B06BF534-1E89-413D-8075-4FDF63EDC382}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{BD466CE3-CAFC-47D4-85A4-DF964AEF5606}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{BF00BA59-A0FF-4C22-83CD-DC869507E39F}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{E587688B-E605-4A80-B3C8-AADEFAAF5DB2}: [NameServer] 185.192.111.210
Tcpip\..\Interfaces\{F5AEE394-5D3A-4694-8974-2FD4660A109F}: [NameServer] 185.192.111.210
S2 McAfee WebAdvisor; no ImagePath
  3. Запустите FRST и нажмите один раз на кнопку Fix и подождите. Программа создаст лог-файл (Fixlog.txt). Пожалуйста, прикрепите его в следующем сообщении!
  4. Обратите внимание, что компьютер будет перезагружен.
  5. Внимание! Если на рабочем столе будет создан архив Дата_время.zip, то загрузите этот архив через данную форму

Kolhoznik

Kolhoznik

Опубликовано
  • Автор
Опубликовано

Fixlog.txt

5 часов назад, mike 1 сказал:

Здравствуйте.

 

Пофиксите следующие строчки в HiJackThis (используйте версию из папки Автологгера).

  











R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://find-it.pro/?utm_source=distr_m
R0 - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://find-it.pro/?utm_source=distr_m
R3 - HKCU\..\URLSearchHooks: (no name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - (no file)
R3 - HKCU\..\URLSearchHooks: (no name) - {C9423817-5DA7-494E-87E4-111F1B49A1FD} - (no file)
O1 - Hosts: is empty
O17 - DHCP DNS 2: 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DD11F9A-255C-482D-8DB7-5D94218C2817}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A66C001-8E2F-4CCA-840F-98CE240E0155}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{229E4703-FB80-40DC-9705-3B8982A6F4DB}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B41123A-65E8-4F94-954D-EAE258048182}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{3796F68B-C865-4044-9B57-A043D7BBCC58}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{54A49661-6DCD-416F-8B5D-AAE95BDD2A93}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F99B373-9E0D-4CAE-B3C6-4A88F6022BC4}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{6369160A-6BB6-4DB1-AAC4-AEED9456B583}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{70377FAC-ED7E-4881-B1E3-5B4238919D8D}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{7940CA87-2DB1-4517-9372-3A8A04D9FA30}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BE1764E-D81F-48F7-9AFB-BA33222BCFD5}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C6BE9FB-34B7-4B31-9E98-964DB26C8BAF}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{951593CF-5749-4711-8758-047D7C808EB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{AEED9BE5-B286-4FD3-BC96-9425B27CE5D8}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{B06BF534-1E89-413D-8075-4FDF63EDC382}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD466CE3-CAFC-47D4-85A4-DF964AEF5606}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF00BA59-A0FF-4C22-83CD-DC869507E39F}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{E587688B-E605-4A80-B3C8-AADEFAAF5DB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5AEE394-5D3A-4694-8974-2FD4660A109F}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{1A66C001-8E2F-4CCA-840F-98CE240E0155}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{229E4703-FB80-40DC-9705-3B8982A6F4DB}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{2B41123A-65E8-4F94-954D-EAE258048182}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{3796F68B-C865-4044-9B57-A043D7BBCC58}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{54A49661-6DCD-416F-8B5D-AAE95BDD2A93}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{5F99B373-9E0D-4CAE-B3C6-4A88F6022BC4}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{6369160A-6BB6-4DB1-AAC4-AEED9456B583}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{70377FAC-ED7E-4881-B1E3-5B4238919D8D}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{7940CA87-2DB1-4517-9372-3A8A04D9FA30}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8BE1764E-D81F-48F7-9AFB-BA33222BCFD5}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8C6BE9FB-34B7-4B31-9E98-964DB26C8BAF}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{951593CF-5749-4711-8758-047D7C808EB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{AEED9BE5-B286-4FD3-BC96-9425B27CE5D8}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B06BF534-1E89-413D-8075-4FDF63EDC382}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{BD466CE3-CAFC-47D4-85A4-DF964AEF5606}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{BF00BA59-A0FF-4C22-83CD-DC869507E39F}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{E587688B-E605-4A80-B3C8-AADEFAAF5DB2}: [NameServer] = 37.59.58.122
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{F5AEE394-5D3A-4694-8974-2FD4660A109F}: [NameServer] = 37.59.58.122
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - BITS Job: (download) {0500F94E-9E95-4AB2-B038-67814D45FFDF} - http://redirector.gvt1.com/edgedl/release2/chrome_component/G4m99DanXpdX7lhn6ec8FQ_6422/AJDGbZBp29rxIfdU-A6jb9U -> C:\Users\CD86~1\AppData\Local\Temp\chrome_BITS_2184_844234021\AJDGbZBp29rxIfdU-A6jb9U
O22 - BITS Job: (download) {7FA2611F-7D28-4487-AFA2-4B28EBB55709} - https://download.cdn.yandex.net/browser/crx3/suggest_catboost_model_tag_model_19_7_3_14/19_07_03_14.crx -> C:\Users\CD86~1\AppData\Local\Temp\chrome_BITS_3748_1579179698\19_07_03_14.crx
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{011E7E61-C903-460D-9B3C-E70FD2E70BA6} - \{902C79F4-0114-472B-BAE8-5738F4FCCD03} (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F2B1365-8DBF-4FA5-9155-CD61007C9D8E} - \AVG\PC Tuneup 2011\Integrator\Scan and Repair (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FA97CB2-7987-4360-83BE-36243832C81A} - \QPFSiptsQiUmyMj2 (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DA4EE75-AA42-4D66-A18B-E742731A7D45} - \Алексей (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{372BC032-ADD5-44F6-A9E0-A0F90B371345} - \vsbCsjNTZvxfEP (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BF84CDE-3DBE-4925-A060-7D9B156BC77D} - \EgDnnxLDdmkTyvIEL2 (no xml)

 

Скачайте Farbar Recovery Scan Tool  NAAC5Ba.png и сохраните на Рабочем столе.

Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.

  1. Запустите программу двойным щелчком. Когда программа запустится, нажмите Yes для соглашения с предупреждением.
  2. Убедитесь, что под окном Optional Scan отмечены "List BCD" и "90 Days Files".
  3. Нажмите кнопку Scan.
  4. После окончания сканирования будет создан отчет (FRST.txt) в той же папке, откуда была запущена программа. Пожалуйста, прикрепите отчет в следующем сообщении.
  5. Если программа была запущена в первый раз, будет создан отчет (Addition.txt). Пожалуйста, прикрепите его в следующем сообщении.

 


3munStB.png

Addition.txtFRST.txt

 

Fixlog.txt

 

Хакер из меня тот еще))

mike 1

mike 1

Опубликовано
Опубликовано
Цитата

Скопируйте приведенный ниже текст в Блокнот и сохраните файл как fixlist.txt в кодировке Юникод в ту же папку откуда была запущена утилита Farbar Recovery Scan Tool

Переделайте. 

Kolhoznik

Kolhoznik

Опубликовано
  • Автор
Опубликовано

В смысле? Я наверное что то не так делаю,но сейчас запустил касперского, сразу обнаружен HEUR;Trojan.Win64.Miner.gen

C:\ProgramData\Flok\Flok.exe

 

может всю процедуру с начала пройти?

 

thyrex

thyrex

Опубликовано
Опубликовано

1. Выделите следующий код: 

Start::
CreateRestorePoint:
NetShield Kit 1.3.28.0
Folder: C:\ProgramData\Flock
Reboot:
End::


2. Скопируйте выделенный текст (правая кнопка мышиКопировать).
3. Запустите Farbar Recovery Scan Tool.
4. Нажмите один раз на кнопку Fix и подождите. Программа создаст лог-файл (Fixlog.txt). Пожалуйста, прикрепите его в следующем сообщении.

 

  • Обратите внимание: будет выполнена перезагрузка компьютера.

 

После выполнения скрипта NetShield Kit 1.3.28.0 удалите через Установку программ.

  • thyrex изменил название на Троян минер ген
mike 1

mike 1

Опубликовано
Опубликовано
4 часа назад, Kolhoznik сказал:

может всю процедуру с начала пройти?

Сделайте новые логи FRST.txt, Addition.txt после выполнения рекомендаций из сообщения thyrex

mike 1

mike 1

Опубликовано
Опубликовано

Читайте пожалуйста внимательно

 

Цитата

Сделайте новые логи FRST.txt, Addition.txt после выполнения рекомендаций из сообщения thyrex

 

Пожалуйста, войдите, чтобы комментировать

Вы сможете оставить комментарий после входа в



Войти
 Поделиться
Перейти к списку тем

  • Похожий контент

    • Belvol
      [РЕШЕНО] Не удаляется вирус Win32/Trojan.Generic.HgLATxcA
      Автор Belvol
      Здравствуйте. Поймал троян-майнер. Чищу антивирусом и после перезагрузки появляется снова. Помогите разобраться, пожалуйста
      CollectionLog-2025.07.01-00.20.zip
    • Cardi
      Подскажите, пожалуйста, как удалить вирус heur:Trojan.Win32.Miner.gen?
      Автор Cardi
      Подскажите, пожалуйста, как удалить вирус HEUR:Trojan.Win32.Miner.gen?
      При запуске KVRT или dr web Curlet, обнаруживается вирус, но после перезагрузки все возвращается обратно. Также пробовал загружать из безопасного режима, ничего не меняется. 

    • Ваня113
      Вирусы в разрешенных угрозах\исключениях
      Автор Ваня113
      Собственно в Защитник Windows (Windows Defender) прописались на ПМЖ толпа вирусов - в разрешенные угрозы и в исключения. Удалить\очистить список не получается, хотя самих вирусов уже нету, но это не точно.
         

    • ProstoPrince
      [РЕШЕНО] Помогите очистить разрешенные угрозы!!
      Автор ProstoPrince
      В попытках расправится с вирусами на компьютере уже голову сломал, поэтому обращаюсь к знающим людям. Надеюсь на вашу помощь уважаемые, был бы очень благодарен за помощь! 

      FRST.txt Addition.txt
×
×
  • Создать...