+
FRST:
Поставщик ИТ-решений PRO32 сообщает вам, что после 17 лет сотрудничества мы более не являемся эксклюзивным дистрибьютором программных продуктов словацкого разработчика ESET в России, Республике Беларусь, Казахстане, Азербайджане, Узбекистане, Кыргызстане, Таджикистане, Туркменистане, Молдове, Грузии и Армении.
Купить и продлить лицензии ESET на нашем сайте больше нельзя.
Предлагаем вам попробовать новый антивирус от компании PRO32.
Продукты PRO32 — это технологичные решения, надежная защита от киберугроз и максимальная производительность устройств на Windows / Android.
Для действующих клиентов ESET мы предлагаем промокод на скидку в размере 15% — ESET15. Скопируйте его и после добавления товара в корзину, не забудьте его применить в корзине.
Цитата |
---|
RP55 RP55 написал: Создайте образ автозапуска в uVS + FRST: |
Код |
---|
;uVS v4.11 [http://dsrt.dyndns.org:8888] ;Target OS: NTv10.0 v400c OFFSGNSAVE deltmp regt 26 regt 38 restart ;---------command-block--------- delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DAEGNOPEGBBHJEEIGANIAJFFNALHLKKJB%26INSTALLSOURCE%3DONDEMAND%26UC delall %SystemDrive%\PROGRAMDATA\REALTEKHD\TASKHOST.EXE delall %SystemDrive%\PROGRAMDATA\REALTEKHD\TASKHOSTW.EXE delref {E984D939-0E00-4DD9-AC3A-7ACA04745521}\[CLSID] delref %SystemRoot%\SYSWOW64\MAPSTOASTTASK.DLL delref %SystemRoot%\SYSWOW64\MAPSUPDATETASK.DLL delref %SystemRoot%\SYSWOW64\GPSVC.DLL delref %SystemRoot%\SYSWOW64\VID.DLL delref %SystemRoot%\SYSWOW64\WEVTSVC.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\TCPIP.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\MRXSMB.SYS delref %SystemRoot%\SYSWOW64\W32TIME.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\USBXHCI.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\SRV2.SYS delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\DXGMMS2.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\HTTP.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\WINNAT.SYS delref %SystemRoot%\SYSWOW64\UMPOEXT.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\VMBUSR.SYS delref %SystemRoot%\SYSWOW64\BTHSERV.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\DMVSC.SYS delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\VMBKMCL.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\REFS.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\SPACEPORT.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\FVEVOL.SYS delref %SystemRoot%\SYSWOW64\DRIVERS\AFD.SYS delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS delref %SystemRoot%\SYSWOW64\HVHOSTSVC.DLL delref %SystemRoot%\SYSWOW64\LSM.DLL delref %SystemRoot%\SYSWOW64\DRIVERS\SYNTH3DVSC.SYS delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID] delref {166B1BCA-3F9C-11CF-8075-444553540000}\[CLSID] delref {233C1507-6A77-46A4-9443-F871F945D258}\[CLSID] delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID] delref {88D969C0-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C1-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C2-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C3-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C4-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C5-F192-11D4-A65F-0040963251E5}\[CLSID] delref {8AD9C840-044E-11D1-B3E9-00805F499D93}\[CLSID] delref {CA8A9780-280D-11CF-A24D-444553540000}\[CLSID] delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID] delref %SystemRoot%\SYSWOW64\IE4USHOWIE.EXE delref %SystemRoot%\SYSWOW64\IE4UINIT.EXE delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID] delref {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}\[CLSID] delref %SystemRoot%\SYSWOW64\BLANK.HTM delref {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}\[CLSID] delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID] delref %Sys32%\DRIVERS\VMBUSR.SYS delref %Sys32%\DRIVERS\UMDF\USBCCIDDRIVER.DLL delref %Sys32%\BLANK.HTM delref APPMGMT\[SERVICE] delref %Sys32%\DRIVERS\HDAUDADDSERVICE.SYS delref HELPSVC\[SERVICE] delref SACSVR\[SERVICE] delref SWPRV\[SERVICE] delref TBS\[SERVICE] delref VMMS\[SERVICE] delref MESSENGER\[SERVICE] delref RDSESSMGR\[SERVICE] delref IRENUM\[SERVICE] delref %SystemDrive%\PROGRAM FILES (X86)\MICROSOFT\EDGEUPDATE\1.3.135.41\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\MICROSOFT\EDGEUPDATE\1.3.133.5\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\MICROSOFT\EDGEUPDATE\1.3.135.29\PSMACHINE_64.DLL delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.452\PSMACHINE_64.DLL delref %Sys32%\TETHERINGSETTINGHANDLER.DLL delref %Sys32%\QUICKACTIONSPS.DLL delref %SystemDrive%\PROGRAM FILES\AMD\ATI.ACE\CORE-IMPLEMENTATION\64\WBOCX.OCX delref %SystemDrive%\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\DAO\DAO360.DLL delref %SystemDrive%\PROGRAM FILES (X86)\MICROSOFT\EDGEUPDATE\1.3.135.41\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\SPEECH_ONECORE\COMMON\SPEECHRUNTIME.EXE delref %SystemRoot%\SYSWOW64\TAPILUA.DLL delref %SystemRoot%\SYSWOW64\DRIVERSTORE\FILEREPOSITORY\U0358826.INF_AMD64_A733916259FFCCED\B358802\AMDHWDECODER_32.DLL delref %SystemRoot%\SYSWOW64\LOCATIONFRAMEWORK.DLL delref %SystemRoot%\SYSWOW64\MAPSBTSVCPROXY.DLL delref %SystemRoot%\SYSWOW64\PERCEPTIONSIMULATIONEXTENSIONS.DLL delref %SystemRoot%\SYSWOW64\COMPPKGSRV.EXE delref %SystemRoot%\SYSWOW64\EAPPCFGUI.DLL delref %SystemRoot%\SYSWOW64\MAPSCSP.DLL delref %SystemDrive%\PROGRAM FILES (X86)\MICROSOFT\EDGEUPDATE\1.3.133.5\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\LISTSVC.DLL delref %SystemDrive%\PROGRAM FILES (X86)\MICROSOFT\EDGEUPDATE\1.3.135.29\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\AUTHHOSTPROXY.DLL delref %SystemRoot%\SYSWOW64\DRIVERSTORE\FILEREPOSITORY\U0358826.INF_AMD64_A733916259FFCCED\B358802\AMDH265ENC32.DLL delref %SystemRoot%\SYSWOW64\WPCREFRESHTASK.DLL delref %SystemRoot%\SYSWOW64\DRIVERSTORE\FILEREPOSITORY\U0358826.INF_AMD64_A733916259FFCCED\B358802\AMF-MFT-MJPEG-DECODER32.DLL delref %SystemRoot%\SYSWOW64\WBEM\NLMCIM.DLL delref %SystemRoot%\SYSWOW64\RMSROAMINGSECURITY.DLL delref %SystemRoot%\SYSWOW64\SYSTEMSETTINGSBROKER.EXE delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.452\PSMACHINE.DLL delref %SystemRoot%\SYSWOW64\SPEECH_ONECORE\COMMON\SAPI_EXTENSIONS.DLL delref %SystemRoot%\SYSWOW64\SMARTSCREEN.EXE delref %SystemRoot%\SYSWOW64\DRIVERSTORE\FILEREPOSITORY\U0358826.INF_AMD64_A733916259FFCCED\B358802\AMDH264ENC32.DLL delref %SystemRoot%\SYSWOW64\IDLISTEN.DLL delref %SystemRoot%\SYSWOW64\WIFICONFIGSP.DLL delref %SystemDrive%\PROGRAM FILES\COMMON FILES\SYSTEM\OLE DB\MSDAORA.DLL delref %SystemRoot%\SYSWOW64\WIREDNETWORKCSP.DLL delref D:\HISUITEDOWNLOADER.EXE apply |
Код |
---|
AlternateDataStreams: C:\Windows\system32\Drivers\ojhmpybn.sys:changelist [594] AlternateDataStreams: C:\Windows\system32\Drivers\qdhpxavh.sys:changelist [296] IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\webcompanion.com -> hxxp://webcompanion.com FirewallRules: [TCP Query User{540BA929-AA5B-4F80-B91C-7F8239C53902}C:\program files\epic games\theescapists2\theescapists2.exe] => (Allow) C:\program files\epic games\theescapists2\theescapists2.exe => No File FirewallRules: [UDP Query User{AE603D35-275E-442B-A4BF-D320E07B24EC}C:\program files\epic games\theescapists2\theescapists2.exe] => (Allow) C:\program files\epic games\theescapists2\theescapists2.exe => No File FirewallRules: [TCP Query User{FADADED2-1722-4FA9-B389-8E9213E373A5}C:\program files\epic games\theescapists2\theescapists2.exe] => (Allow) C:\program files\epic games\theescapists2\theescapists2.exe => No File FirewallRules: [UDP Query User{13ED22E0-7958-438A-A6D0-69B71182E34C}C:\program files\epic games\theescapists2\theescapists2.exe] => (Allow) C:\program files\epic games\theescapists2\theescapists2.exe => No File FirewallRules: [{912B8820-8EBE-47E7-8550-365FAB016A73}] => (Allow) C:\Program Files\AMD\CNext\CNext\amddvr.exe => No File FirewallRules: [{B4F3C4E9-003B-473A-82D2-4E501AA4BFFA}] => (Block) LPort=445 FirewallRules: [{804EF7A9-6FF5-4EE4-895C-19ADD45805EF}] => (Block) LPort=139 FirewallRules: [{2A51C460-5E94-44D9-B4B6-9249D152B42C}] => (Block) LPort=139 FirewallRules: [{B9A61BF2-6A80-4226-B3BA-F83EBEF8F2DC}] => (Block) LPort=445 FirewallRules: [{3AEBD31C-F55C-486D-9A6B-A9044C45942C}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [1] eav_trial_rus.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [2] avast_free_antivirus_setup_online.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [3] eis_trial_rus.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [4] essf_trial_rus.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [5] hitmanpro_x64.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [6] ESETOnlineScanner_UKR.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [7] ESETOnlineScanner_RUS.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [8] HitmanPro.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [9] 360TS_Setup_Mini.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [10] Cezurity_Scanner_Pro_Free.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\Policies\Explorer\DisallowRun: [11] Cube.exe HKU\S-1-5-21-3403137772-3839487115-1276996199-1001\...\MountPoints2: {f5016bf3-ef54-11ea-b3eb-90324b5f5e66} - "D:\HiSuiteDownLoader.exe" Task: {9EE50A85-8A89-4437-AB39-8AEFC57DFAE9} - System32\Tasks\Microsoft\Windows\Wininet\Taskhost => C:\Programdata\RealtekHD\taskhostw.exe <==== ATTENTION Task: {E57FB7AF-8F5F-4FE7-BDF9-510C4CECD847} - System32\Tasks\Microsoft\Windows\Wininet\RealtekHDStartUP => C:\Programdata\RealtekHD\taskhost.exe <==== ATTENTION 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Users\Все пользователи\Norton 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Users\Все пользователи\McAfee 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Users\Все пользователи\Kaspersky Lab Setup Files 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Users\Все пользователи\Kaspersky Lab 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Users\Все пользователи\grizzly 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Users\Все пользователи\ESET 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Users\Все пользователи\Doctor Web 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Users\Все пользователи\AVAST Software 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Users\Все пользователи\360safe 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\ProgramData\Norton 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\ProgramData\McAfee 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\ProgramData\Kaspersky Lab Setup Files 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\ProgramData\Kaspersky Lab 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\ProgramData\grizzly 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\ProgramData\ESET 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\ProgramData\Doctor Web 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\ProgramData\AVAST Software 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\ProgramData\360safe 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\SpyHunter 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\Malwarebytes 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\Kaspersky Lab 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\ESET 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\Enigma Software Group 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\COMODO 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\Common Files\McAfee 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\Cezurity 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\ByteFence 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\AVG 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files\AVAST Software 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files (x86)\SpyHunter 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files (x86)\Panda Security 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files (x86)\Microsoft JDX 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files (x86)\Kaspersky Lab 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files (x86)\GRIZZLY Antivirus 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files (x86)\Cezurity 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files (x86)\AVG 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files (x86)\AVAST Software 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\Program Files (x86)\360 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\KVRT_Data 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 __SHD C:\AdwCleaner 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 ____D C:\Windows\speechstracing 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 ____D C:\Users\Все пользователи\MB3Install 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 ____D C:\Users\Все пользователи\Malwarebytes 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 ____D C:\Users\Все пользователи\Indus 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 ____D C:\Users\Все пользователи\Avira 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 ____D C:\ProgramData\MB3Install 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 ____D C:\ProgramData\Indus 2020-10-15 18:20 - 2020-10-15 18:20 - 000000000 ____D C:\ProgramData\Avira 2020-10-15 18:19 - 2020-10-15 18:22 - 000000000 __SHD C:\Users\Все пользователи\Windows 2020-10-15 18:19 - 2020-10-15 18:22 - 000000000 __SHD C:\ProgramData\Windows 2020-10-15 18:19 - 2020-10-15 18:22 - 000000000 ____D C:\Users\Все пользователи\install 2020-10-15 18:19 - 2020-10-15 18:22 - 000000000 ____D C:\ProgramData\install 2020-10-15 18:19 - 2020-10-15 18:21 - 000000000 __SHD C:\Users\Все пользователи\Setup 2020-10-15 18:19 - 2020-10-15 18:21 - 000000000 __SHD C:\ProgramData\Setup 2020-10-15 18:19 - 2020-10-15 18:19 - 000000000 __SHD C:\Users\Все пользователи\WindowsTask 2020-10-15 18:19 - 2020-10-15 18:19 - 000000000 __SHD C:\Users\Все пользователи\RunDLL 2020-10-15 18:19 - 2020-10-15 18:19 - 000000000 __SHD C:\Users\Все пользователи\RealtekHD 2020-10-15 18:19 - 2020-10-15 18:19 - 000000000 __SHD C:\ProgramData\WindowsTask 2020-10-15 18:19 - 2020-10-15 18:19 - 000000000 __SHD C:\ProgramData\RunDLL 2020-10-15 18:19 - 2020-10-15 18:19 - 000000000 __SHD C:\ProgramData\RealtekHD 2020-10-15 18:19 - 2020-10-15 18:19 - 000000000 ____D C:\Users\Все пользователи\System32 2020-10-15 18:19 - 2020-10-15 18:19 - 000000000 ____D C:\ProgramData\System32 EmptyTemp: Reboot: |