RP55 RP55 (Все сообщения пользователя) - Форум технической поддержки ESET NOD32

Eset Mobile Security на Android, Настройка, использование Eset Mobile Security на Android

Сообщений: 6239

Баллов: 4991

Регистрация: 25.05.2010

Размещено 24.11.2020 13:01:09

Roman Khudyntsev

Вы привели ссылку на справку для версии: 3.5
https://help.eset.com/

Перейти

поговорить о uVS, Carberp, планете Земля

Сообщений: 6239

Баллов: 4991

Регистрация: 25.05.2010

Размещено 23.11.2020 22:19:29

Юбилей Windows :)
Ровно 35 лет.
https://www.comss.ru/page.php?id=8264
Здоровья и долгих лет :)

Перейти

Проблема с установкой, При установке продукта ESET на ваше устройство возникла проблема.

Сообщений: 6239

Баллов: 4991

Регистрация: 25.05.2010

Размещено 22.11.2020 17:18:07

Хорошо :)
Успехов.

Перейти

Проблема с установкой, При установке продукта ESET на ваше устройство возникла проблема.

Сообщений: 6239

Баллов: 4991

Регистрация: 25.05.2010

Размещено 22.11.2020 14:54:55

Скопируйте приведенный ниже текст в Блокнот и сохраните файл как fixlist.txt в ту же папку откуда была запущена утилита Farbar Recovery Scan Tool:
...
Запустите FRST и нажмите один раз на кнопку Fix и подождите.

Код
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File FirewallRules: [{4EDD521D-2E06-4722-A2F5-4C763B60D57E}] => (Allow) LPort=50248 FirewallRules: [{2679733B-70FA-4B3F-B112-CFEE1B2BDD21}] => (Allow) C:\Users\eugen\AppData\Local\Programs\Opera\60.0.3255.151\opera.exe => No File FirewallRules: [{8C02CABD-3823-4569-9374-08B3FD6C5FC8}] => (Allow) LPort=50248 FirewallRules: [{CEE3CB19-875C-4E27-A49E-B88BBE810B9A}] => (Allow) C:\ProgramData\Windows\rutserv.exe => No File FirewallRules: [{5A9E5F4C-85F3-4E6F-8B0B-9356FFFE1885}] => (Block) LPort=445 FirewallRules: [{B6408552-4A43-44B0-9082-B0929ECB6B40}] => (Block) LPort=445 FirewallRules: [{411F1A99-C48A-4713-A9D7-AE148F25B12D}] => (Block) LPort=139 FirewallRules: [{23A33B83-5BF7-449F-B368-3AE437A6D8E3}] => (Block) LPort=139 FirewallRules: [{E489DBAC-8490-4766-98E1-1F0DE2EA6C96}] => (Allow) LPort=3389 FirewallRules: [{0E8AAEBA-9AB7-44B3-A508-577EC10F20AF}] => (Allow) LPort=3389 FirewallRules: [{7DE4F665-E9EA-442E-9F90-BA2565B5EEE8}] => (Allow) C:\Users\eugen\AppData\Local\Programs\Opera\70.0.3728.165\opera.exe => No File HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-1746922213-3879629762-2739902823-1001\...\Policies\Explorer: [] HKU\S-1-5-21-1746922213-3879629762-2739902823-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-1746922213-3879629762-2739902823-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1746922213-3879629762-2739902823-1001\...\Policies\Explorer\DisallowRun: [10] Cezurity_Scanner_Pro_Free.exe HKU\S-1-5-21-1746922213-3879629762-2739902823-1001\...\Policies\Explorer\DisallowRun: [11] Cube.exe GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION Task: {BE93E16B-6407-413F-A625-D4D2A9F5B1B3} - System32\Tasks\Microsoft\Windows\Wininet\Taskhostw => C:\Programdata\RealtekHD\taskhostw.exe <==== ATTENTION Task: {CA0A88E9-9FB3-4890-83F1-AD819061570E} - System32\Tasks\Microsoft\Windows\Wininet\RealtekHDStartUP Task: {DEED6A6E-6A1F-4671-B827-964901C6298C} - System32\Tasks\Microsoft\Windows\Wininet\RealtekHDControl => C:\Programdata\RealtekHD\taskhost.exe <==== ATTENTION Task: {EC53AA9E-EF5C-4241-A465-B5CFEAE7D7A8} - System32\Tasks\Microsoft\Windows\Wininet\Taskhost => C:\Programdata\RealtekHD\taskhostw.exe <==== ATTENTION CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] S3 esihdrv; \??\C:\Users\eugen\AppData\Local\Temp\esihdrv.sys [X] <==== ATTENTION 2020-10-23 16:20 - 2020-10-23 16:20 - 000000000 ____D C:\Users\Все пользователи\Malwarebytes 2020-10-23 16:20 - 2020-10-23 16:20 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-10-30 14:57 - 2019-06-23 23:06 - 000000000 ____D C:\Users\eugen\Doctor Web 2020-10-16 14:49 C:\AdwCleaner 2020-10-16 14:49 C:\KVRT_Data 2020-10-16 14:49 C:\Program Files\AVAST Software 2020-10-16 14:49 C:\Program Files\AVG 2020-10-16 14:49 C:\Program Files\Cezurity 2020-10-16 14:49 C:\Program Files\COMODO 2020-10-16 14:49 C:\Program Files\Enigma Software Group 2020-10-16 14:49 C:\Program Files\ESET 2020-10-16 14:49 C:\Program Files\Kaspersky Lab 2020-10-16 14:49 C:\Program Files\Malwarebytes 2020-10-16 14:49 C:\Program Files\SpyHunter 2020-10-16 14:49 C:\Program Files (x86)\360 2020-10-16 14:49 C:\Program Files (x86)\AVAST Software 2020-10-16 14:49 C:\Program Files (x86)\AVG 2020-10-16 14:49 C:\Program Files (x86)\Cezurity 2020-10-16 14:49 C:\Program Files (x86)\GRIZZLY Antivirus 2020-10-16 14:49 C:\Program Files (x86)\Kaspersky Lab 2020-10-16 14:49 C:\Program Files (x86)\Microsoft JDX 2020-10-16 14:49 C:\Program Files (x86)\Panda Security 2020-10-16 14:49 C:\Program Files (x86)\SpyHunter 2020-10-16 14:49 C:\WINDOWS\speechstracing 2020-10-16 14:49 C:\Program Files\Common Files\McAfee 2020-10-16 14:49 C:\ProgramData\AVAST Software 2020-10-20 17:50 C:\ProgramData\Doctor Web 2020-10-16 14:49 C:\ProgramData\ESET 2020-10-16 14:49 C:\ProgramData\grizzly 2020-10-16 14:49 C:\ProgramData\Indus 2020-10-16 14:49 C:\ProgramData\Kaspersky Lab 2020-10-16 14:49 C:\ProgramData\Kaspersky Lab Setup Files 2020-10-16 14:49 C:\ProgramData\McAfee 2020-10-16 14:49 C:\ProgramData\Norton 2020-10-16 14:49 C:\Users\Все пользователи\AVAST Software 2020-10-20 17:50 C:\Users\Все пользователи\Doctor Web 2020-10-16 14:49 C:\Users\Все пользователи\ESET 2020-10-16 14:49 C:\Users\Все пользователи\grizzly 2020-10-16 14:49 C:\Users\Все пользователи\Indus 2020-10-16 14:49 C:\Users\Все пользователи\Kaspersky Lab 2020-10-16 14:49 C:\Users\Все пользователи\Kaspersky Lab Setup Files 2020-10-16 14:49 C:\Users\Все пользователи\McAfee 2020-10-16 14:49 C:\Users\Все пользователи\Norton EmptyTemp: Reboot:

Код

  
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
FirewallRules: [{4EDD521D-2E06-4722-A2F5-4C763B60D57E}] => (Allow) LPort=50248
FirewallRules: [{2679733B-70FA-4B3F-B112-CFEE1B2BDD21}] => (Allow) C:\Users\eugen\AppData\Local\Programs\Opera\60.0.3255.151\opera.exe => No File
FirewallRules: [{8C02CABD-3823-4569-9374-08B3FD6C5FC8}] => (Allow) LPort=50248
FirewallRules: [{CEE3CB19-875C-4E27-A49E-B88BBE810B9A}] => (Allow) C:\ProgramData\Windows\rutserv.exe => No File
FirewallRules: [{5A9E5F4C-85F3-4E6F-8B0B-9356FFFE1885}] => (Block) LPort=445
FirewallRules: [{B6408552-4A43-44B0-9082-B0929ECB6B40}] => (Block) LPort=445
FirewallRules: [{411F1A99-C48A-4713-A9D7-AE148F25B12D}] => (Block) LPort=139
FirewallRules: [{23A33B83-5BF7-449F-B368-3AE437A6D8E3}] => (Block) LPort=139
FirewallRules: [{E489DBAC-8490-4766-98E1-1F0DE2EA6C96}] => (Allow) LPort=3389
FirewallRules: [{0E8AAEBA-9AB7-44B3-A508-577EC10F20AF}] => (Allow) LPort=3389
FirewallRules: [{7DE4F665-E9EA-442E-9F90-BA2565B5EEE8}] => (Allow) C:\Users\eugen\AppData\Local\Programs\Opera\70.0.3728.165\opera.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1746922213-3879629762-2739902823-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-1746922213-3879629762-2739902823-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1746922213-3879629762-2739902823-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1746922213-3879629762-2739902823-1001\...\Policies\Explorer\DisallowRun: [10] Cezurity_Scanner_Pro_Free.exe
HKU\S-1-5-21-1746922213-3879629762-2739902823-1001\...\Policies\Explorer\DisallowRun: [11] Cube.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Task: {BE93E16B-6407-413F-A625-D4D2A9F5B1B3} - System32\Tasks\Microsoft\Windows\Wininet\Taskhostw => C:\Programdata\RealtekHD\taskhostw.exe <==== ATTENTION
Task: {CA0A88E9-9FB3-4890-83F1-AD819061570E} - System32\Tasks\Microsoft\Windows\Wininet\RealtekHDStartUP
Task: {DEED6A6E-6A1F-4671-B827-964901C6298C} - System32\Tasks\Microsoft\Windows\Wininet\RealtekHDControl => C:\Programdata\RealtekHD\taskhost.exe <==== ATTENTION
Task: {EC53AA9E-EF5C-4241-A465-B5CFEAE7D7A8} - System32\Tasks\Microsoft\Windows\Wininet\Taskhost => C:\Programdata\RealtekHD\taskhostw.exe <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
S3 esihdrv; \??\C:\Users\eugen\AppData\Local\Temp\esihdrv.sys [X] <==== ATTENTION
2020-10-23 16:20 - 2020-10-23 16:20 - 000000000 ____D C:\Users\Все пользователи\Malwarebytes
2020-10-23 16:20 - 2020-10-23 16:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-10-30 14:57 - 2019-06-23 23:06 - 000000000 ____D C:\Users\eugen\Doctor Web
2020-10-16 14:49 C:\AdwCleaner
2020-10-16 14:49 C:\KVRT_Data
2020-10-16 14:49 C:\Program Files\AVAST Software
2020-10-16 14:49 C:\Program Files\AVG
2020-10-16 14:49 C:\Program Files\Cezurity
2020-10-16 14:49 C:\Program Files\COMODO
2020-10-16 14:49 C:\Program Files\Enigma Software Group
2020-10-16 14:49 C:\Program Files\ESET
2020-10-16 14:49 C:\Program Files\Kaspersky Lab
2020-10-16 14:49 C:\Program Files\Malwarebytes
2020-10-16 14:49 C:\Program Files\SpyHunter
2020-10-16 14:49 C:\Program Files (x86)\360
2020-10-16 14:49 C:\Program Files (x86)\AVAST Software
2020-10-16 14:49 C:\Program Files (x86)\AVG
2020-10-16 14:49 C:\Program Files (x86)\Cezurity
2020-10-16 14:49 C:\Program Files (x86)\GRIZZLY Antivirus
2020-10-16 14:49 C:\Program Files (x86)\Kaspersky Lab
2020-10-16 14:49 C:\Program Files (x86)\Microsoft JDX
2020-10-16 14:49 C:\Program Files (x86)\Panda Security
2020-10-16 14:49 C:\Program Files (x86)\SpyHunter
2020-10-16 14:49 C:\WINDOWS\speechstracing
2020-10-16 14:49 C:\Program Files\Common Files\McAfee
2020-10-16 14:49 C:\ProgramData\AVAST Software
2020-10-20 17:50 C:\ProgramData\Doctor Web
2020-10-16 14:49 C:\ProgramData\ESET
2020-10-16 14:49 C:\ProgramData\grizzly
2020-10-16 14:49 C:\ProgramData\Indus
2020-10-16 14:49 C:\ProgramData\Kaspersky Lab
2020-10-16 14:49 C:\ProgramData\Kaspersky Lab Setup Files
2020-10-16 14:49 C:\ProgramData\McAfee
2020-10-16 14:49 C:\ProgramData\Norton
2020-10-16 14:49 C:\Users\Все пользователи\AVAST Software
2020-10-20 17:50 C:\Users\Все пользователи\Doctor Web
2020-10-16 14:49 C:\Users\Все пользователи\ESET
2020-10-16 14:49 C:\Users\Все пользователи\grizzly
2020-10-16 14:49 C:\Users\Все пользователи\Indus
2020-10-16 14:49 C:\Users\Все пользователи\Kaspersky Lab
2020-10-16 14:49 C:\Users\Все пользователи\Kaspersky Lab Setup Files
2020-10-16 14:49 C:\Users\Все пользователи\McAfee
2020-10-16 14:49 C:\Users\Все пользователи\Norton


EmptyTemp:
Reboot:

+

Выполните лог в AdwCleaner
http://forum.esetnod32.ru/forum9/topic7084/

после завершения сканирования:
Записи относящиеся к Mail.Ru и Yandex можете не удалять ( если пользуетесь программой )
На вкладке:
Папки (Folders) для Mail.Ru и Yandex снимите [V]

Удалите найденное в AdwCleaner по кнопке Очистить (Clean), подтвердите действие
с автоперезагрузкой

Проверяем, как работает система...
и
Пишем по _общему результату лечения.

Перейти

проблемы с установкой после удаления для обновления

Сообщений: 6239

Баллов: 4991

Регистрация: 25.05.2010

Размещено 21.11.2020 13:52:21

Цитата
андрей толстых написал: скачиваю установщик открываю начинается загрузка

1) Удалите антивирус стандартным способном и по инструкции:
http://www.esetnod32.ru/support/knowledge_base/solution/?ELEMENT_ID=852896&sphrase_id=25964

2) Если вы не помните какая у вас версия продукта: Можно применить Восстановление лицензий - тогда на почту придут данные с указанием типа продукта.
https://www.esetnod32.ru/activation/restore_password/

* ESET Smart Security сейчас _переименован и продаётся с наименованием = ( ESET Internet Security )
** ESET NOD32 Smart Security Family _переименован и продаётся с наименованием = ( ESET Internet Security )

3) Установите: Оффлайн версию.
----------
Если и после этого антивирус не установиться - Вам нужно обратиться в службу технической поддержки ESET по адресу: [email protected]
Пусть проверят лицензию.

Изменено: RP55 RP55 - 21.11.2020 13:55:22

Перейти

Постоянно виснет ПК именно от NOD32 для Linux Desktop, Bug in Linux Desktop version - It is Crash computer on Linux

Сообщений: 6239

Баллов: 4991

Регистрация: 25.05.2010

Размещено 21.11.2020 13:39:13

Служба технической поддержки ESET по адресу: [email protected]
* На форуме подобного рода вопросы не решаются.

Перейти

Жалобы на работу сотрудников технической поддержки

Сообщений: 6239

Баллов: 4991

Регистрация: 25.05.2010

Размещено 19.11.2020 19:43:28

[QUOTE]купил вчера 3 лицензии продления на 2 года на 3 компа. одна лицензия не активируется[/QUOTE]
Давайте уточним - вы купили _три разные лицензии. ( т.е лицензии с разными данными активации )
Или _одну лицензию на три компа.

Изменено: RP55 RP55 - 19.11.2020 19:43:44

Перейти

поговорить о uVS, Carberp, планете Земля

Сообщений: 6239

Баллов: 4991

Регистрация: 25.05.2010

Размещено 17.11.2020 18:38:40

[QUOTE]santy написал:
вопрос к разработчикам FRST:[/QUOTE]
Сейчас разработчики ответят :)

В справке только: В разделе перечислены заблокированные файлы и папки в стандартных каталогах.

Перейти

поговорить о uVS, Carberp, планете Земля

Сообщений: 6239

Баллов: 4991

Регистрация: 25.05.2010

Размещено 17.11.2020 17:37:25

[QUOTE]santy написал:
RP55, что то сомнительная ссылка на анализ вредоносных программ. лучше скачать файл, проверить, и выложить на известный ресурс[/QUOTE]
Сам файл чистый - проверял на V.T.

Перейти

Проблема с установкой, При установке продукта ESET на ваше устройство возникла проблема.

Сообщений: 6239

Баллов: 4991

Регистрация: 25.05.2010

Размещено 17.11.2020 16:50:06

Код
MediaGet (HKU\S-1-5-21-1616146017-2463400075-1735324224-1000\...\MediaGet) (Version: - MediaGet) Shortcut: C:\Users\Андрей\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2\Удалить MediaGet.lnk -> C:\Users\Андрей\MediaGet2\mediaget-uninstaller.exe () <==== Cyrillic 2020-11-17 10:20 - 2020-11-17 10:20 - 009400320 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opencv_core320.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 000186880 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opencv_img_hash320.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 002482688 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opencv_imgcodecs320.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 019027456 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opencv_imgproc320.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 000252416 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opencv_videoio320.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 029560320 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opengl32.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 000244224 _____ () [File not signed] C:\Users\Андрей\MediaGet2\sentry_crashpad.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 001184768 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Андрей\MediaGet2\LIBEAY32.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 000273408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Андрей\MediaGet2\SSLEAY32.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 002507264 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Андрей\MediaGet2\libcrypto-1_1.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 000530432 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Андрей\MediaGet2\libssl-1_1.dll 2020-11-17 10:20 - 2020-11-17 10:20 - 005139576 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\Андрей\MediaGet2\Qt5Core.dll MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupreg: Realtek HD Audio => C:\ProgramData\RealtekHD\taskhostw.exe FirewallRules: [{AD91B086-1D92-4700-94CE-1E02FECE50B9}] => (Allow) C:\Program Files (x86)\DriverPack Cloud\cloud.exe => No File FirewallRules: [TCP Query User{A43C1D46-3567-4E86-913E-5B9DEA892941}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe => No File FirewallRules: [UDP Query User{6B4FCB31-0925-47BF-BA57-EE686174166B}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe => No File FirewallRules: [{7072619A-54EA-41CA-85DB-45F6736A4792}] => (Allow) C:\Users\Андрей\AppData\Local\Temp\DriverPack-20190607221332\tools\aria2c.exe => No File FirewallRules: [{97832B50-D208-489C-810C-596092DD0F8E}] => (Allow) C:\Users\Андрей\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{D55F1A1A-076D-4A5A-8770-8B074BE9DA24}] => (Allow) C:\Users\Андрей\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{00B61250-1F75-4956-BFFB-A064EB039BB9}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File FirewallRules: [TCP Query User{3FCC79CB-B4A9-4C51-B305-8796B34A0137}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File FirewallRules: [UDP Query User{83FC0BF4-6FAA-4263-AECE-6E3D341DBD81}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File FirewallRules: [TCP Query User{EA3AA71E-75D5-4CB6-9BEC-27E38B3E272A}C:\program files (x86)\ufiler\ufiler.exe] => (Block) C:\program files (x86)\ufiler\ufiler.exe => No File FirewallRules: [UDP Query User{FC7C7420-82AA-4C26-A265-DDE9A956CEC5}C:\program files (x86)\ufiler\ufiler.exe] => (Block) C:\program files (x86)\ufiler\ufiler.exe => No File FirewallRules: [TCP Query User{DB334645-96F1-4E3A-8568-6679ADAB4E99}C:\program files (x86)\ufiler\ufiler.exe] => (Block) C:\program files (x86)\ufiler\ufiler.exe => No File FirewallRules: [UDP Query User{13CD7B14-15C5-4737-A568-B680ADD1340E}C:\program files (x86)\ufiler\ufiler.exe] => (Block) C:\program files (x86)\ufiler\ufiler.exe => No File FirewallRules: [{FEB84469-C209-4E91-AF85-710DD90FE5A0}] => (Allow) C:\Users\Андрей\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe => No File FirewallRules: [{BD182744-B0A8-4C86-B012-269F65674038}] => (Allow) C:\Users\Андрей\AppData\Local\Programs\Opera\68.0.3618.173\opera.exe => No File FirewallRules: [{E0ADA174-6B68-49C1-BAE6-5647180BC46B}] => (Allow) C:\ProgramData\Windows\rutserv.exe => No File FirewallRules: [{81BEA15C-BA08-4B80-A356-BCF8287E2248}] => (Block) LPort=139 FirewallRules: [{E36A30B6-ED0B-43CE-AC8B-D17A5807A71A}] => (Block) LPort=445 FirewallRules: [{5734A3A9-BA66-4A26-A563-D9444BC5CCD6}] => (Block) LPort=139 FirewallRules: [{CF27A452-2C54-4DCC-A6E0-257DB7E65B2F}] => (Block) LPort=445 FirewallRules: [{32A6B77C-0470-4C13-9CE7-D65A9A045195}] => (Allow) LPort=3389 FirewallRules: [{CE1F52EE-7A9F-4FCB-8E63-0E0BEBC663F7}] => (Allow) LPort=3389 FirewallRules: [{C9D974C7-21A6-4D5F-8F63-CB3A39479BFB}] => (Allow) C:\Users\Андрей\MediaGet2\mediaget.exe (Global Microtrading PTE. LTD -> MediaGet) FirewallRules: [{D8011CBA-A110-4BD6-BAC8-006E694FAB94}] => (Allow) C:\Users\Андрей\MediaGet2\mediaget.exe (Global Microtrading PTE. LTD -> MediaGet) (Global Microtrading PTE. LTD -> MediaGet) C:\Users\Андрей\MediaGet2\mediaget.exe (GLOBAL MICROTRADING PTE. LTD. -> ) C:\Users\Андрей\MediaGet2\mediaget_crashpad_handler.exe HKLM\...\Policies\Explorer: [DisallowRun] 0 HKLM\...\Policies\Explorer: [RestrictRun] 0 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-19\...\Policies\Explorer: [DisallowRun] 0 HKU\S-1-5-19\...\Policies\Explorer: [RestrictRun] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisallowRun] 0 HKU\S-1-5-20\...\Policies\Explorer: [RestrictRun] 0 HKU\S-1-5-21-1616146017-2463400075-1735324224-1000\...\Run: [MediaGet2] => C:\Users\Андрей\MediaGet2\mediaget.exe [12673416 2020-11-17] (Global Microtrading PTE. LTD -> MediaGet) HKU\S-1-5-21-1616146017-2463400075-1735324224-1000\...\Policies\Explorer: [DisallowRun] 0 HKU\S-1-5-21-1616146017-2463400075-1735324224-1000\...\Policies\Explorer: [RestrictRun] 0 HKU\S-1-5-18\...\Policies\Explorer: [DisallowRun] 0 HKU\S-1-5-18\...\Policies\Explorer: [RestrictRun] 0 HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION FF NewTab: Mozilla\Firefox\Profiles\v54txsyj.default-1566917317778 -> hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2020-09-17 10:23:25&bName= FF Notifications: Mozilla\Firefox\Profiles\v54txsyj.default-1566917317778 -> hxxps://www.lenkino.net; hxxps://r.fapality.com FF Extension: (Avast Online Security) - C:\Users\Андрей\AppData\Roaming\Mozilla\Firefox\Profiles\v54txsyj.default-1566917317778\Extensions\[email protected] [2020-06-17] FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] CHR HKU\S-1-5-21-1616146017-2463400075-1735324224-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhkbfkkohcdgpckffakhbllifkakihmh] OPR Notifications: hxxps:\/\/chapchap.su 2020-11-17 10:20 - 2020-11-17 10:20 - 000000889 _____ C:\Users\Андрей\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet.lnk 2020-11-17 10:20 - 2020-11-17 10:20 - 000000859 _____ C:\Users\Андрей\Desktop\MediaGet.lnk 2020-11-17 10:18 - 2020-11-17 10:24 - 000000000 ____D C:\Users\Андрей\MediaGet2 2020-11-17 10:18 - 2020-11-17 10:20 - 000000000 ____D C:\Users\Андрей\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2 2020-11-17 10:14 - 2020-11-17 10:14 - 002705808 _____ () C:\Users\Андрей\Desktop\utorrent_id571645ids1s.exe 2020-11-17 09:00 - 2020-09-20 17:21 - 000000000 __SHD C:\AdwCleaner 2020-11-16 20:13 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\WindowsTask 2020-11-16 20:13 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\Windows 2020-11-16 20:13 - 2020-09-20 17:21 - 000000000 __SHD C:\rdp 2020-11-16 20:13 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\WindowsTask 2020-11-16 20:13 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\Windows 2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\Setup 2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\RunDLL 2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\RealtekHD 2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\Setup 2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\RunDLL 2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\RealtekHD 2020-11-16 20:12 - 2015-06-22 21:46 - 000000000 __SHD C:\DrWeb Quarantine 2020-11-16 20:11 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\install 2020-11-16 20:11 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\install 2020-11-16 20:01 - 2020-09-20 17:22 - 000000000 __SHD C:\Program Files\RDP Wrapper 2020-11-16 20:12 C:\DrWeb Quarantine 2020-09-20 17:21 C:\KVRT_Data 2020-09-20 17:21 C:\Program Files\AVAST Software 2020-09-20 17:21 C:\Program Files\AVG 2020-09-17 18:18 C:\Program Files\ByteFence 2020-09-20 17:21 C:\Program Files\Cezurity 2020-09-20 17:21 C:\Program Files\COMODO 2020-09-20 17:21 C:\Program Files\Enigma Software Group 2020-09-20 17:21 C:\Program Files\ESET 2020-09-20 17:21 C:\Program Files\Kaspersky Lab 2020-09-20 17:21 C:\Program Files\Malwarebytes 2020-09-20 17:21 C:\Program Files\SpyHunter 2020-09-05 18:55 C:\Program Files (x86)\360 2020-09-20 17:21 C:\Program Files (x86)\AVAST Software 2020-09-20 17:21 C:\Program Files (x86)\AVG 2020-09-20 17:21 C:\Program Files (x86)\Cezurity 2020-09-20 17:21 C:\Program Files (x86)\GRIZZLY Antivirus 2020-09-20 17:21 C:\Program Files (x86)\Kaspersky Lab 2020-09-20 17:21 C:\Program Files (x86)\Microsoft JDX 2020-09-20 17:21 C:\Program Files (x86)\Panda Security 2020-09-20 17:21 C:\Program Files (x86)\SpyHunter 2020-09-20 17:21 C:\Windows\speechstracing 2019-11-17 11:14 C:\Program Files\Common Files\McAfee 2020-09-20 17:21 C:\ProgramData\360safe 2020-09-05 18:54 C:\ProgramData\AVAST Software 2020-09-20 17:21 C:\ProgramData\Avira 2020-09-20 17:21 C:\ProgramData\Doctor Web 2020-09-20 17:21 C:\ProgramData\ESET 2020-09-20 17:21 C:\ProgramData\grizzly 2020-09-20 17:21 C:\ProgramData\Indus 2020-09-20 17:21 C:\ProgramData\Kaspersky Lab 2020-09-20 17:21 C:\ProgramData\Kaspersky Lab Setup Files 2020-09-20 17:21 C:\ProgramData\Malwarebytes 2020-09-20 17:21 C:\ProgramData\MB3Install 2020-08-20 13:27 C:\ProgramData\McAfee 2020-09-20 17:21 C:\ProgramData\Norton 2020-09-20 17:21 C:\Users\Все пользователи\360safe 2020-09-05 18:54 C:\Users\Все пользователи\AVAST Software 2020-09-20 17:21 C:\Users\Все пользователи\Avira 2020-09-20 17:21 C:\Users\Все пользователи\Doctor Web 2020-09-20 17:21 C:\Users\Все пользователи\ESET 2020-09-20 17:21 C:\Users\Все пользователи\grizzly 2020-09-20 17:21 C:\Users\Все пользователи\Indus 2020-09-20 17:21 C:\Users\Все пользователи\Kaspersky Lab 2020-09-20 17:21 C:\Users\Все пользователи\Kaspersky Lab Setup Files 2020-09-20 17:21 C:\Users\Все пользователи\Malwarebytes 2020-09-20 17:21 C:\Users\Все пользователи\MB3Install 2020-08-20 13:27 C:\Users\Все пользователи\McAfee 2020-09-20 17:21 C:\Users\Все пользователи\Norton EmptyTemp: Reboot:

Код

  
MediaGet (HKU\S-1-5-21-1616146017-2463400075-1735324224-1000\...\MediaGet) (Version:  - MediaGet)
Shortcut: C:\Users\Андрей\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2\Удалить MediaGet.lnk -> C:\Users\Андрей\MediaGet2\mediaget-uninstaller.exe () <==== Cyrillic
2020-11-17 10:20 - 2020-11-17 10:20 - 009400320 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opencv_core320.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 000186880 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opencv_img_hash320.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 002482688 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opencv_imgcodecs320.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 019027456 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opencv_imgproc320.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 000252416 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opencv_videoio320.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 029560320 _____ () [File not signed] C:\Users\Андрей\MediaGet2\opengl32.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 000244224 _____ () [File not signed] C:\Users\Андрей\MediaGet2\sentry_crashpad.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 001184768 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Андрей\MediaGet2\LIBEAY32.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 000273408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Андрей\MediaGet2\SSLEAY32.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 002507264 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Андрей\MediaGet2\libcrypto-1_1.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 000530432 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Андрей\MediaGet2\libssl-1_1.dll
2020-11-17 10:20 - 2020-11-17 10:20 - 005139576 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\Андрей\MediaGet2\Qt5Core.dll
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Realtek HD Audio => C:\ProgramData\RealtekHD\taskhostw.exe
FirewallRules: [{AD91B086-1D92-4700-94CE-1E02FECE50B9}] => (Allow) C:\Program Files (x86)\DriverPack Cloud\cloud.exe => No File
FirewallRules: [TCP Query User{A43C1D46-3567-4E86-913E-5B9DEA892941}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6B4FCB31-0925-47BF-BA57-EE686174166B}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe => No File
FirewallRules: [{7072619A-54EA-41CA-85DB-45F6736A4792}] => (Allow) C:\Users\Андрей\AppData\Local\Temp\DriverPack-20190607221332\tools\aria2c.exe => No File
FirewallRules: [{97832B50-D208-489C-810C-596092DD0F8E}] => (Allow) C:\Users\Андрей\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{D55F1A1A-076D-4A5A-8770-8B074BE9DA24}] => (Allow) C:\Users\Андрей\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{00B61250-1F75-4956-BFFB-A064EB039BB9}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [TCP Query User{3FCC79CB-B4A9-4C51-B305-8796B34A0137}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{83FC0BF4-6FAA-4263-AECE-6E3D341DBD81}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{EA3AA71E-75D5-4CB6-9BEC-27E38B3E272A}C:\program files (x86)\ufiler\ufiler.exe] => (Block) C:\program files (x86)\ufiler\ufiler.exe => No File
FirewallRules: [UDP Query User{FC7C7420-82AA-4C26-A265-DDE9A956CEC5}C:\program files (x86)\ufiler\ufiler.exe] => (Block) C:\program files (x86)\ufiler\ufiler.exe => No File
FirewallRules: [TCP Query User{DB334645-96F1-4E3A-8568-6679ADAB4E99}C:\program files (x86)\ufiler\ufiler.exe] => (Block) C:\program files (x86)\ufiler\ufiler.exe => No File
FirewallRules: [UDP Query User{13CD7B14-15C5-4737-A568-B680ADD1340E}C:\program files (x86)\ufiler\ufiler.exe] => (Block) C:\program files (x86)\ufiler\ufiler.exe => No File
FirewallRules: [{FEB84469-C209-4E91-AF85-710DD90FE5A0}] => (Allow) C:\Users\Андрей\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe => No File
FirewallRules: [{BD182744-B0A8-4C86-B012-269F65674038}] => (Allow) C:\Users\Андрей\AppData\Local\Programs\Opera\68.0.3618.173\opera.exe => No File
FirewallRules: [{E0ADA174-6B68-49C1-BAE6-5647180BC46B}] => (Allow) C:\ProgramData\Windows\rutserv.exe => No File
FirewallRules: [{81BEA15C-BA08-4B80-A356-BCF8287E2248}] => (Block) LPort=139
FirewallRules: [{E36A30B6-ED0B-43CE-AC8B-D17A5807A71A}] => (Block) LPort=445
FirewallRules: [{5734A3A9-BA66-4A26-A563-D9444BC5CCD6}] => (Block) LPort=139
FirewallRules: [{CF27A452-2C54-4DCC-A6E0-257DB7E65B2F}] => (Block) LPort=445
FirewallRules: [{32A6B77C-0470-4C13-9CE7-D65A9A045195}] => (Allow) LPort=3389
FirewallRules: [{CE1F52EE-7A9F-4FCB-8E63-0E0BEBC663F7}] => (Allow) LPort=3389
FirewallRules: [{C9D974C7-21A6-4D5F-8F63-CB3A39479BFB}] => (Allow) C:\Users\Андрей\MediaGet2\mediaget.exe (Global Microtrading PTE. LTD -> MediaGet)
FirewallRules: [{D8011CBA-A110-4BD6-BAC8-006E694FAB94}] => (Allow) C:\Users\Андрей\MediaGet2\mediaget.exe (Global Microtrading PTE. LTD -> MediaGet)
(Global Microtrading PTE. LTD -> MediaGet) C:\Users\Андрей\MediaGet2\mediaget.exe
(GLOBAL MICROTRADING PTE. LTD. -> ) C:\Users\Андрей\MediaGet2\mediaget_crashpad_handler.exe
HKLM\...\Policies\Explorer: [DisallowRun] 0
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Policies\Explorer: [DisallowRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisallowRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-1616146017-2463400075-1735324224-1000\...\Run: [MediaGet2] => C:\Users\Андрей\MediaGet2\mediaget.exe [12673416 2020-11-17] (Global Microtrading PTE. LTD -> MediaGet)
HKU\S-1-5-21-1616146017-2463400075-1735324224-1000\...\Policies\Explorer: [DisallowRun] 0
HKU\S-1-5-21-1616146017-2463400075-1735324224-1000\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisallowRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [RestrictRun] 0
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF NewTab: Mozilla\Firefox\Profiles\v54txsyj.default-1566917317778 -> hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2020-09-17 10:23:25&bName=
FF Notifications: Mozilla\Firefox\Profiles\v54txsyj.default-1566917317778 -> hxxps://www.lenkino.net; hxxps://r.fapality.com
FF Extension: (Avast Online Security) - C:\Users\Андрей\AppData\Roaming\Mozilla\Firefox\Profiles\v54txsyj.default-1566917317778\Extensions\[email protected] [2020-06-17]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKU\S-1-5-21-1616146017-2463400075-1735324224-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhkbfkkohcdgpckffakhbllifkakihmh]
OPR Notifications: hxxps:\/\/chapchap.su
2020-11-17 10:20 - 2020-11-17 10:20 - 000000889 _____ C:\Users\Андрей\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet.lnk
2020-11-17 10:20 - 2020-11-17 10:20 - 000000859 _____ C:\Users\Андрей\Desktop\MediaGet.lnk
2020-11-17 10:18 - 2020-11-17 10:24 - 000000000 ____D C:\Users\Андрей\MediaGet2
2020-11-17 10:18 - 2020-11-17 10:20 - 000000000 ____D C:\Users\Андрей\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2
2020-11-17 10:14 - 2020-11-17 10:14 - 002705808 _____ () C:\Users\Андрей\Desktop\utorrent_id571645ids1s.exe
2020-11-17 09:00 - 2020-09-20 17:21 - 000000000 __SHD C:\AdwCleaner
2020-11-16 20:13 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\WindowsTask
2020-11-16 20:13 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\Windows
2020-11-16 20:13 - 2020-09-20 17:21 - 000000000 __SHD C:\rdp
2020-11-16 20:13 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\WindowsTask
2020-11-16 20:13 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\Windows
2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\Setup
2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\RunDLL
2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\RealtekHD
2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\Setup
2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\RunDLL
2020-11-16 20:12 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\RealtekHD
2020-11-16 20:12 - 2015-06-22 21:46 - 000000000 __SHD C:\DrWeb Quarantine
2020-11-16 20:11 - 2020-09-20 17:21 - 000000000 __SHD C:\Users\Все пользователи\install
2020-11-16 20:11 - 2020-09-20 17:21 - 000000000 __SHD C:\ProgramData\install
2020-11-16 20:01 - 2020-09-20 17:22 - 000000000 __SHD C:\Program Files\RDP Wrapper
2020-11-16 20:12 C:\DrWeb Quarantine
2020-09-20 17:21 C:\KVRT_Data
2020-09-20 17:21 C:\Program Files\AVAST Software
2020-09-20 17:21 C:\Program Files\AVG
2020-09-17 18:18 C:\Program Files\ByteFence
2020-09-20 17:21 C:\Program Files\Cezurity
2020-09-20 17:21 C:\Program Files\COMODO
2020-09-20 17:21 C:\Program Files\Enigma Software Group
2020-09-20 17:21 C:\Program Files\ESET
2020-09-20 17:21 C:\Program Files\Kaspersky Lab
2020-09-20 17:21 C:\Program Files\Malwarebytes
2020-09-20 17:21 C:\Program Files\SpyHunter
2020-09-05 18:55 C:\Program Files (x86)\360
2020-09-20 17:21 C:\Program Files (x86)\AVAST Software
2020-09-20 17:21 C:\Program Files (x86)\AVG
2020-09-20 17:21 C:\Program Files (x86)\Cezurity
2020-09-20 17:21 C:\Program Files (x86)\GRIZZLY Antivirus
2020-09-20 17:21 C:\Program Files (x86)\Kaspersky Lab
2020-09-20 17:21 C:\Program Files (x86)\Microsoft JDX
2020-09-20 17:21 C:\Program Files (x86)\Panda Security
2020-09-20 17:21 C:\Program Files (x86)\SpyHunter
2020-09-20 17:21 C:\Windows\speechstracing
2019-11-17 11:14 C:\Program Files\Common Files\McAfee
2020-09-20 17:21 C:\ProgramData\360safe
2020-09-05 18:54 C:\ProgramData\AVAST Software
2020-09-20 17:21 C:\ProgramData\Avira
2020-09-20 17:21 C:\ProgramData\Doctor Web
2020-09-20 17:21 C:\ProgramData\ESET
2020-09-20 17:21 C:\ProgramData\grizzly
2020-09-20 17:21 C:\ProgramData\Indus
2020-09-20 17:21 C:\ProgramData\Kaspersky Lab
2020-09-20 17:21 C:\ProgramData\Kaspersky Lab Setup Files
2020-09-20 17:21 C:\ProgramData\Malwarebytes
2020-09-20 17:21 C:\ProgramData\MB3Install
2020-08-20 13:27 C:\ProgramData\McAfee
2020-09-20 17:21 C:\ProgramData\Norton
2020-09-20 17:21 C:\Users\Все пользователи\360safe
2020-09-05 18:54 C:\Users\Все пользователи\AVAST Software
2020-09-20 17:21 C:\Users\Все пользователи\Avira
2020-09-20 17:21 C:\Users\Все пользователи\Doctor Web
2020-09-20 17:21 C:\Users\Все пользователи\ESET
2020-09-20 17:21 C:\Users\Все пользователи\grizzly
2020-09-20 17:21 C:\Users\Все пользователи\Indus
2020-09-20 17:21 C:\Users\Все пользователи\Kaspersky Lab
2020-09-20 17:21 C:\Users\Все пользователи\Kaspersky Lab Setup Files
2020-09-20 17:21 C:\Users\Все пользователи\Malwarebytes
2020-09-20 17:21 C:\Users\Все пользователи\MB3Install
2020-08-20 13:27 C:\Users\Все пользователи\McAfee
2020-09-20 17:21 C:\Users\Все пользователи\Norton


EmptyTemp:
Reboot:

Программа FRST создаст лог-файл (Fixlog.txt). Пожалуйста, прикрепите его в следующем сообщении!

+
Выполните лог в AdwCleaner
http://forum.esetnod32.ru/forum9/topic7084/

после завершения сканирования:
Записи относящиеся к Mail.Ru и Yandex можете не удалять ( если пользуетесь программой )
На вкладке:
Папки (Folders) для Mail.Ru и Yandex снимите [V]

Удалите найденное в AdwCleaner по кнопке Очистить (Clean), подтвердите действие
с автоперезагрузкой

Проверяем, как работает система...
и
Пишем по _общему результату лечения.

Изменено: RP55 RP55 - 17.11.2020 16:51:15

Перейти