А в режиме чистой загрузке работает быстрее?
А в режиме чистой загрузке работает быстрее?
CCNA, CCNP, CCNA Security, CCDA, CCDP
MCP, Microsoft Specialist: Srv Virtualization with WinSrv Hyper-V and System Center
Нет, всё также.
Сделайте лог полного сканирования МВАМ
CCNA, CCNP, CCNA Security, CCDA, CCDP
MCP, Microsoft Specialist: Srv Virtualization with WinSrv Hyper-V and System Center
Примерно 6 часов назад выключил компьютер, и только сейчас включил, и кажется появился та же проблема, только с 3 раза запустил windows. А МВАМ не могу установить, вылазить такая ошибка: https://cloud.mail.ru/public/4Ygf/3YvxKSJec даже от имени администратора открывал, не помогает.
Последний раз редактировалось erik51711; 08.07.2019 в 20:22.
Приложите новые логи утилиты FRST.
CCNA, CCNP, CCNA Security, CCDA, CCDP
MCP, Microsoft Specialist: Srv Virtualization with WinSrv Hyper-V and System Center
Готово. Кстати, сейчас компьютер опять загрузился только со второго раза, была та же проблема.
И на этот раз компьютер тоже примерно 6-8 часов стоял выключенным.
Похоже, когда вы выбираете последнюю удачную загрузку восстанавливаются и все связанное с вредоносным ПО.
- Закройте и сохраните все открытые приложения.
- Скопируйте приведенный ниже текст в Блокнот и сохраните файл как fixlist.txt с поддержкой Unicode в ту же папку откуда была запущена утилита Farbar Recovery Scan Tool:
Код:Start:: CMD: wmic /Namespace:\\root\default Path SystemRestore Call Enable "%SystemDrive%" CreateRestorePoint: CloseProcesses: HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [2578432 2018-05-23] (Microsoft Corporation) [File not signed] AlternateShell: GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] S2 HCloverService; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S2 HCloverService; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 TermService; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 TermService; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S2 OkayFreedom VPN Starter Service; "C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe" [X] S3 OpenVPNService; "C:\Program Files\OpenVPN\bin\openvpnserv2.exe" [X] S2 OpenVPNServiceInteractive; "C:\Program Files\OpenVPN\bin\openvpnserv.exe" [X] S3 OpenVPNServiceLegacy; "C:\Program Files\OpenVPN\bin\openvpnserv.exe" [X] 2018-05-31 16:38 C:\disk 2018-05-31 16:38 C:\Logs 2018-05-31 16:38 C:\Windowsdata 2018-05-31 16:38 C:\Program Files\AVG 2018-05-31 16:38 C:\Program Files\Cezurity 2018-05-31 16:38 C:\Program Files\ESET 2018-05-31 16:38 C:\Program Files\Kaspersky Lab 2018-05-31 16:38 C:\Program Files\McAfee 2018-05-31 16:38 C:\Program Files\McAfee.com 2018-05-31 16:38 C:\Program Files (x86)\AVG 2018-05-31 16:38 C:\Program Files (x86)\Cezurity 2018-05-31 16:38 C:\Program Files (x86)\Kaspersky Lab 2017-02-26 18:02 C:\Windows\CSC 2018-05-31 16:38 C:\Windows\hs_module 2017-10-14 22:57 C:\Windows\Microsoft 2018-05-31 16:38 C:\Windows\min 2018-05-31 16:38 C:\Windows\WindowsDefender 2018-05-31 16:38 C:\Windows\SysWOW64\hhsm 2018-05-31 16:38 C:\Windows\SysWOW64\hs 2018-05-31 16:38 C:\Windows\SysWOW64\xmr64 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\app 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\AudioHDriver 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\bvhost 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\GoogleSoftware 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\intel 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\kryptex 2017-03-14 08:14 C:\Users\Admin\AppData\Roaming\Macromedia 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\NSCPUCNMINER 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\performance 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\subdir 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\Svcms 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\syscore 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\system 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\systemcare 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\systemprocess 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\WindowsApps 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\windowscore 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\windowshelper 2018-05-31 16:38 C:\Users\Admin\AppData\Roaming\Windows_x64_nheqminer-5c 2018-05-31 16:38 C:\Users\Admin\AppData\Local\AMD 2018-05-31 16:38 C:\Users\Admin\AppData\Local\Canon 2018-05-31 16:38 C:\Users\Admin\AppData\Local\comdev 2018-05-31 16:38 C:\Users\Admin\AppData\Local\geckof 2018-05-31 16:38 C:\Users\Admin\AppData\Local\initwin 2018-05-31 16:38 C:\Users\Admin\AppData\Local\InstallShield 2018-05-31 16:38 C:\Users\Admin\AppData\Local\kara 2018-05-31 16:38 C:\Users\Admin\AppData\Local\LocalService 2018-05-31 16:38 C:\Users\Admin\AppData\Local\Microsoft.Net 2018-05-31 16:38 C:\Users\Admin\AppData\Local\monotype 2018-05-31 16:38 C:\Users\Admin\AppData\Local\packagest 2018-05-31 16:38 C:\Users\Admin\AppData\Local\syslog 2018-05-31 16:38 C:\Users\Admin\AppData\Local\TeamViewer 2018-05-31 16:38 C:\Users\Admin\AppData\Local\windows 2018-05-31 16:38 C:\Users\Admin\AppData\Local\wmipr 2018-05-31 16:38 C:\Users\Admin\AppData\Local\xmarin 2018-05-31 16:38 C:\Users\Admin\AppData\Local\xpon 2018-05-23 16:09 C:\ProgramData\360safe 2017-04-20 00:36 C:\ProgramData\360TotalSecurity 2018-05-31 16:38 C:\ProgramData\AudioHDriver 2019-06-23 10:52 C:\ProgramData\AVAST Software 2018-05-31 16:38 C:\ProgramData\Avg 2018-05-31 16:38 C:\ProgramData\Avira 2018-05-31 16:38 C:\ProgramData\Cefunpacked 2018-05-31 16:38 C:\ProgramData\Cezurity 2018-05-31 16:38 C:\ProgramData\DirectX11b 2018-05-31 16:38 C:\ProgramData\Doctor Web 2018-05-31 16:38 C:\ProgramData\DriversI 2018-05-31 16:38 C:\ProgramData\ESET 2018-05-31 16:38 C:\ProgramData\Framework 2018-05-31 16:38 C:\ProgramData\GOOGLE 2018-05-31 16:38 C:\ProgramData\grizzly 2018-05-31 16:38 C:\ProgramData\Kaspersky Lab 2018-05-31 16:38 C:\ProgramData\Kaspersky Lab Setup Files 2018-05-31 16:38 C:\ProgramData\McAfee 2018-05-31 16:38 C:\ProgramData\Norton 2017-06-19 18:08 C:\ProgramData\Oracle 2018-05-16 11:32 C:\ProgramData\Package Cache 2018-05-31 16:38 C:\ProgramData\System32 2018-05-31 16:38 C:\ProgramData\taskbarwindows 2018-05-31 16:38 C:\ProgramData\Windowsdata 2018-05-31 16:38 C:\ProgramData\windowsdriver 2018-05-31 16:38 C:\ProgramData\WindowsSQL 2018-05-31 16:38 C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAABF70B8} 2018-05-23 16:09 C:\Users\Все пользователи\360safe 2017-04-20 00:36 C:\Users\Все пользователи\360TotalSecurity 2018-05-31 16:38 C:\Users\Все пользователи\AudioHDriver 2019-06-23 10:52 C:\Users\Все пользователи\AVAST Software 2018-05-31 16:38 C:\Users\Все пользователи\Avg 2018-05-31 16:38 C:\Users\Все пользователи\Avira 2018-05-31 16:38 C:\Users\Все пользователи\Cefunpacked 2018-05-31 16:38 C:\Users\Все пользователи\Cezurity 2018-05-31 16:38 C:\Users\Все пользователи\DirectX11b 2018-05-31 16:38 C:\Users\Все пользователи\Doctor Web 2018-05-31 16:38 C:\Users\Все пользователи\DriversI 2018-05-31 16:38 C:\Users\Все пользователи\ESET 2018-05-31 16:38 C:\Users\Все пользователи\Framework 2018-05-31 16:38 C:\Users\Все пользователи\GOOGLE 2018-05-31 16:38 C:\Users\Все пользователи\grizzly 2018-05-31 16:38 C:\Users\Все пользователи\Kaspersky Lab 2018-05-31 16:38 C:\Users\Все пользователи\Kaspersky Lab Setup Files 2018-05-31 16:38 C:\Users\Все пользователи\McAfee 2018-05-31 16:38 C:\Users\Все пользователи\Norton 2017-06-19 18:08 C:\Users\Все пользователи\Oracle 2018-05-16 11:32 C:\Users\Все пользователи\Package Cache 2018-05-31 16:38 C:\Users\Все пользователи\System32 2018-05-31 16:38 C:\Users\Все пользователи\taskbarwindows 2018-05-31 16:38 C:\Users\Все пользователи\Windowsdata 2018-05-31 16:38 C:\Users\Все пользователи\windowsdriver 2018-05-31 16:38 C:\Users\Все пользователи\WindowsSQL 2018-05-31 16:38 C:\Users\Все пользователи\{CB28D9D3-6B5D-4AFA-BA37-B4AFAABF70B8} HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60159119.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60159119.sys => ""="Driver" 127.0.0.1 publisher.hmdiadmingate.xyz 127.0.0.1 distribution.hmdiadmingate.xyz 127.0.0.1 hmdicrewtracksystem.xyz 127.0.0.1 linkmate.space 127.0.0.1 space1.adminpressure.space 127.0.0.1 trackpressure.website 127.0.0.1 doctorlink.space 127.0.0.1 plugpackdownload.net 127.0.0.1 dscdn.pw 127.0.0.1 beautifllink.xyz 127.0.0.1 oscount.techsmith.com 127.0.0.1 activation.cloud.techsmith.com 127.0.0.1 tscactivation.cloudapp.net FirewallRules: [TCP Query User{3EC63BA9-34E9-49EC-87BF-A482BB9E6783}D:\r.g. mechanics\grand theft auto v\gta5.exe] => (Allow) D:\r.g. mechanics\grand theft auto v\gta5.exe No File FirewallRules: [UDP Query User{6A6308C4-A06A-4864-A3C2-66A4164999DC}D:\r.g. mechanics\grand theft auto v\gta5.exe] => (Allow) D:\r.g. mechanics\grand theft auto v\gta5.exe No File FirewallRules: [TCP Query User{947728F0-5828-4F6C-B3A0-EF38D1331311}D:\игры\gta v\grand theft auto v\gta5.exe] => (Allow) D:\игры\gta v\grand theft auto v\gta5.exe No File FirewallRules: [UDP Query User{7FB52D38-2025-414F-8B85-D9ED721C34FC}D:\игры\gta v\grand theft auto v\gta5.exe] => (Allow) D:\игры\gta v\grand theft auto v\gta5.exe No File FirewallRules: [TCP Query User{FB9B0628-3170-4A17-A59E-252ABCCBB86F}D:\игры\counter-strike global offensive\csgo.exe] => (Allow) D:\игры\counter-strike global offensive\csgo.exe No File FirewallRules: [UDP Query User{DD6B88BD-AE3C-4FEA-B791-88CAC2DE4EBC}D:\игры\counter-strike global offensive\csgo.exe] => (Allow) D:\игры\counter-strike global offensive\csgo.exe No File FirewallRules: [TCP Query User{0F7E690B-B5A7-4114-87F0-D7DBCA24730F}C:\program files (x86)\bluestacks\hd-agent.exe] => (Allow) C:\program files (x86)\bluestacks\hd-agent.exe No File FirewallRules: [UDP Query User{D246259C-2A4E-44BB-9CF0-D252787FE69D}C:\program files (x86)\bluestacks\hd-agent.exe] => (Allow) C:\program files (x86)\bluestacks\hd-agent.exe No File FirewallRules: [TCP Query User{304770DE-4DA3-46E8-B5EC-B6D4653530CA}C:\program files (x86)\potplayer\dtdrop.exe] => (Allow) C:\program files (x86)\potplayer\dtdrop.exe (Kakao corp. -> Daum Kakao) [File not signed] FirewallRules: [UDP Query User{0637558C-D28D-40C0-82E4-9416052BFF87}C:\program files (x86)\potplayer\dtdrop.exe] => (Allow) C:\program files (x86)\potplayer\dtdrop.exe (Kakao corp. -> Daum Kakao) [File not signed] FirewallRules: [TCP Query User{F77FE3DB-4F8E-4909-8079-825D766E1CB1}C:\program files (x86)\skillbrains\lightshot\5.4.0.1\lightshot.exe] => (Allow) C:\program files (x86)\skillbrains\lightshot\5.4.0.1\lightshot.exe No File FirewallRules: [UDP Query User{094F9E59-4F22-4E92-A48F-1DC02E81EBB3}C:\program files (x86)\skillbrains\lightshot\5.4.0.1\lightshot.exe] => (Allow) C:\program files (x86)\skillbrains\lightshot\5.4.0.1\lightshot.exe No File FirewallRules: [TCP Query User{5330E29E-E1AF-45E5-9B58-EF5CB6D4E008}D:\игры\сталкер 1,04\трейнеры сталкер\s_t_a_l_k_e_r_pripat_trainer_17v1\stalker1.62-promo-cheathog.com.exe] => (Allow) D:\игры\сталкер 1,04\трейнеры сталкер\s_t_a_l_k_e_r_pripat_trainer_17v1\stalker1.62-promo-cheathog.com.exe No File FirewallRules: [UDP Query User{427114A9-5381-4A9D-A237-9D05CB24DD70}D:\игры\сталкер 1,04\трейнеры сталкер\s_t_a_l_k_e_r_pripat_trainer_17v1\stalker1.62-promo-cheathog.com.exe] => (Allow) D:\игры\сталкер 1,04\трейнеры сталкер\s_t_a_l_k_e_r_pripat_trainer_17v1\stalker1.62-promo-cheathog.com.exe No File FirewallRules: [TCP Query User{B78C4F3D-71E9-4D50-953F-FD0C2A2C62C1}D:\загрузки\bioshock collection - remastered by xatab\bioshock remastered\setup.exe] => (Allow) D:\загрузки\bioshock collection - remastered by xatab\bioshock remastered\setup.exe No File FirewallRules: [UDP Query User{468C1D2F-2860-4446-BE54-910DF1C1079C}D:\загрузки\bioshock collection - remastered by xatab\bioshock remastered\setup.exe] => (Allow) D:\загрузки\bioshock collection - remastered by xatab\bioshock remastered\setup.exe No File FirewallRules: [TCP Query User{7ACF38FE-6DC7-48B8-BF42-3BE18D741906}C:\program files (x86)\driverpack notifier\driverpacknotifier.exe] => (Block) C:\program files (x86)\driverpack notifier\driverpacknotifier.exe No File FirewallRules: [UDP Query User{88F7D833-9F48-498A-ABD4-BF6A1C1B3F60}C:\program files (x86)\driverpack notifier\driverpacknotifier.exe] => (Block) C:\program files (x86)\driverpack notifier\driverpacknotifier.exe No File FirewallRules: [TCP Query User{63C400E8-5BC5-4318-A55B-D4DFC96E741B}C:\users\admin\appdata\roaming\driverpack notifier\driverpacknotifier.exe] => (Allow) C:\users\admin\appdata\roaming\driverpack notifier\driverpacknotifier.exe No File FirewallRules: [UDP Query User{3BA6FA68-4663-4B26-A205-CAD1C499A855}C:\users\admin\appdata\roaming\driverpack notifier\driverpacknotifier.exe] => (Allow) C:\users\admin\appdata\roaming\driverpack notifier\driverpacknotifier.exe No File FirewallRules: [TCP Query User{EB86D36F-9F48-4686-BA7B-CA87336F1284}C:\windows\syswow64\mshta.exe] => (Allow) C:\windows\syswow64\mshta.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [UDP Query User{D0A7DC8D-3993-4825-9712-7C76EA706B4F}C:\windows\syswow64\mshta.exe] => (Allow) C:\windows\syswow64\mshta.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{14AABCB9-C09C-4C1E-A66D-657301FDA23A}D:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) D:\games\mortal kombat xl\binaries\retail\mk10.exe No File FirewallRules: [UDP Query User{4E4BA686-51DE-43AF-B989-5226C55155B5}D:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) D:\games\mortal kombat xl\binaries\retail\mk10.exe No File FirewallRules: [TCP Query User{C90C1E98-AFF5-4564-837E-6C84B41B5EB0}C:\program files (x86)\skillbrains\lightshot\5.4.0.5\lightshot.exe] => (Block) C:\program files (x86)\skillbrains\lightshot\5.4.0.5\lightshot.exe No File FirewallRules: [UDP Query User{A63DCC09-D781-4821-808C-C1A990074054}C:\program files (x86)\skillbrains\lightshot\5.4.0.5\lightshot.exe] => (Block) C:\program files (x86)\skillbrains\lightshot\5.4.0.5\lightshot.exe No File FirewallRules: [TCP Query User{F4F34344-8C2A-4A9A-B6C4-22C0DB918FF5}C:\program files (x86)\mozilla firefox\uninstall\helper.exe] => (Allow) C:\program files (x86)\mozilla firefox\uninstall\helper.exe No File FirewallRules: [UDP Query User{9263AE71-B640-484A-A8F7-497A3818F219}C:\program files (x86)\mozilla firefox\uninstall\helper.exe] => (Allow) C:\program files (x86)\mozilla firefox\uninstall\helper.exe No File FirewallRules: [{8C3022F9-B750-45A6-B4EF-5C122ADA3197}] => (Allow) LPort=8318 FirewallRules: [TCP Query User{B413ACE9-4D84-4925-9D95-F1D7509E52E2}C:\program files\sony\vegas pro 13.0\x86\fileiosurrogate.exe] => (Block) C:\program files\sony\vegas pro 13.0\x86\fileiosurrogate.exe (Sony Creative Software Inc.) [File not signed] FirewallRules: [UDP Query User{1A752931-61F5-4437-A8D6-2549122EBC48}C:\program files\sony\vegas pro 13.0\x86\fileiosurrogate.exe] => (Block) C:\program files\sony\vegas pro 13.0\x86\fileiosurrogate.exe (Sony Creative Software Inc.) [File not signed] FirewallRules: [TCP Query User{FC50C337-B5B4-45BD-97FA-FF9913990E70}D:\games\battlefield 1\bf1.exe] => (Allow) D:\games\battlefield 1\bf1.exe No File FirewallRules: [UDP Query User{B5179ECD-1514-4778-B8E2-DCE63D53DCDC}D:\games\battlefield 1\bf1.exe] => (Allow) D:\games\battlefield 1\bf1.exe No File FirewallRules: [TCP Query User{31B78D1A-EF51-42EA-BBDC-60F682BC3A8E}C:\program files (x86)\nvidia corporation\nvnode\nvidia web helper.exe] => (Block) C:\program files (x86)\nvidia corporation\nvnode\nvidia web helper.exe No File FirewallRules: [UDP Query User{21733F3E-6902-47F5-8545-8D67100310F0}C:\program files (x86)\nvidia corporation\nvnode\nvidia web helper.exe] => (Block) C:\program files (x86)\nvidia corporation\nvnode\nvidia web helper.exe No File FirewallRules: [TCP Query User{9DDE0140-F011-48B5-916A-CCEACC081094}C:\program files (x86)\nvidia corporation\nvcontainer\nvcontainer.exe] => (Allow) C:\program files (x86)\nvidia corporation\nvcontainer\nvcontainer.exe No File FirewallRules: [UDP Query User{2A473157-1363-4A81-9DB3-3F96C3AB4424}C:\program files (x86)\nvidia corporation\nvcontainer\nvcontainer.exe] => (Allow) C:\program files (x86)\nvidia corporation\nvcontainer\nvcontainer.exe No File FirewallRules: [TCP Query User{95592D04-BA1F-424F-A9E3-D273B3161D56}C:\program files (x86)\skillbrains\lightshot\5.4.0.10\lightshot.exe] => (Block) C:\program files (x86)\skillbrains\lightshot\5.4.0.10\lightshot.exe (OOO Lightshot -> Skillbrains) FirewallRules: [UDP Query User{B203B82D-F4F6-49E4-9C2C-2F3C9C0AF1C5}C:\program files (x86)\skillbrains\lightshot\5.4.0.10\lightshot.exe] => (Block) C:\program files (x86)\skillbrains\lightshot\5.4.0.10\lightshot.exe (OOO Lightshot -> Skillbrains) FirewallRules: [TCP Query User{D6A591AC-0D13-411C-9295-D6AFDFCAE971}C:\program files (x86)\4kdownload\4kvideodownloader\4kvideodownloader.exe] => (Allow) C:\program files (x86)\4kdownload\4kvideodownloader\4kvideodownloader.exe No File FirewallRules: [UDP Query User{B50FFB02-6BA0-4FB1-B16E-5FC6F80BABA8}C:\program files (x86)\4kdownload\4kvideodownloader\4kvideodownloader.exe] => (Allow) C:\program files (x86)\4kdownload\4kvideodownloader\4kvideodownloader.exe No File FirewallRules: [TCP Query User{8C4D8700-F99D-4F14-B7F9-0771B8782985}C:\program files (x86)\common files\java\java update\jusched.exe] => (Block) C:\program files (x86)\common files\java\java update\jusched.exe (Oracle Corporation) [File not signed] FirewallRules: [UDP Query User{AF286C68-863E-4204-BED8-C3367A62485B}C:\program files (x86)\common files\java\java update\jusched.exe] => (Block) C:\program files (x86)\common files\java\java update\jusched.exe (Oracle Corporation) [File not signed] FirewallRules: [TCP Query User{AA16C779-412D-469D-98F3-F34DD6FD4173}D:\games\homefront - the revolution\bin64\homefront2_release.exe] => (Block) D:\games\homefront - the revolution\bin64\homefront2_release.exe No File FirewallRules: [UDP Query User{29C4E1D3-F688-41D7-B1B0-9DD75AC963D2}D:\games\homefront - the revolution\bin64\homefront2_release.exe] => (Block) D:\games\homefront - the revolution\bin64\homefront2_release.exe No File FirewallRules: [TCP Query User{8EFA6475-CB2E-42B2-B827-F6A1C3B3E578}C:\users\admin\appdata\local\programs\bluestacksfriends\uninstall bluestacksfriends.exe] => (Allow) C:\users\admin\appdata\local\programs\bluestacksfriends\uninstall bluestacksfriends.exe No File FirewallRules: [UDP Query User{70BC7905-3AFE-4728-B8F6-E93809F158E9}C:\users\admin\appdata\local\programs\bluestacksfriends\uninstall bluestacksfriends.exe] => (Allow) C:\users\admin\appdata\local\programs\bluestacksfriends\uninstall bluestacksfriends.exe No File FirewallRules: [TCP Query User{186F2838-C005-4511-B66B-8423C9174152}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe No File FirewallRules: [UDP Query User{4D33576C-BDCE-4A92-8191-1C326892B088}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe No File FirewallRules: [{D79606C3-F41F-4ED0-A51F-1662CAEB0C45}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File FirewallRules: [{458B12A3-3DDE-4757-9D0A-9E0BA3C4BD34}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File FirewallRules: [{4485B904-EE85-41FF-9FB5-646ED47E97D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{ECF72D92-6D0D-463F-A578-5807A357058A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [TCP Query User{FBF4654A-51F9-4A4B-81A5-AE761E7FC0EA}C:\program files (x86)\steam\uninstall.exe] => (Allow) C:\program files (x86)\steam\uninstall.exe No File FirewallRules: [UDP Query User{BD977290-5B88-41A1-9799-46B451335F9D}C:\program files (x86)\steam\uninstall.exe] => (Allow) C:\program files (x86)\steam\uninstall.exe No File FirewallRules: [TCP Query User{4DD42D57-B359-4820-82CF-BD5F78FE5D2A}D:\кино 2017\wolfenstein ii the new colossus by xatab\setup.exe] => (Allow) D:\кино 2017\wolfenstein ii the new colossus by xatab\setup.exe No File FirewallRules: [UDP Query User{562ED17F-1EBB-4FCC-BABB-8DB9B0C3F32F}D:\кино 2017\wolfenstein ii the new colossus by xatab\setup.exe] => (Allow) D:\кино 2017\wolfenstein ii the new colossus by xatab\setup.exe No File FirewallRules: [TCP Query User{D980C1B5-6125-4B71-8A2C-4E9A845A0A95}C:\program files (x86)\nvidia corporation\nvnode\nvnodejslauncher.exe] => (Allow) C:\program files (x86)\nvidia corporation\nvnode\nvnodejslauncher.exe No File FirewallRules: [UDP Query User{9EFC2B92-B784-47CC-9334-4FD094F4D4D0}C:\program files (x86)\nvidia corporation\nvnode\nvnodejslauncher.exe] => (Allow) C:\program files (x86)\nvidia corporation\nvnode\nvnodejslauncher.exe No File FirewallRules: [TCP Query User{44160D00-DD6E-4293-8BFD-006A8D31710D}C:\users\admin\appdata\roaming\fvd downloader module\fvd_downloader_module.exe] => (Block) C:\users\admin\appdata\roaming\fvd downloader module\fvd_downloader_module.exe (FVD Media Inc -> ) [File not signed] FirewallRules: [UDP Query User{0EDC47F5-C82E-40AA-9E8B-23CE9A68B4B9}C:\users\admin\appdata\roaming\fvd downloader module\fvd_downloader_module.exe] => (Block) C:\users\admin\appdata\roaming\fvd downloader module\fvd_downloader_module.exe (FVD Media Inc -> ) [File not signed] FirewallRules: [TCP Query User{23566EA1-A82C-49C2-A2AB-E73DE3E16547}D:\games\call of duty black ops iii\blackops3.exe] => (Allow) D:\games\call of duty black ops iii\blackops3.exe No File FirewallRules: [UDP Query User{9F2F7EE0-BA06-4823-9E39-A2F98EBF69AB}D:\games\call of duty black ops iii\blackops3.exe] => (Allow) D:\games\call of duty black ops iii\blackops3.exe No File FirewallRules: [{3C788DF2-4DA3-48DE-B694-638B19227D88}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe No File FirewallRules: [{178E69C0-5515-457C-8EB7-5A03856243F9}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe No File FirewallRules: [{4BDB98CB-544D-4B74-AF22-1205CBF7C78D}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe No File FirewallRules: [{82544DC3-946F-4862-9C3A-B6FA9F8F20B4}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe No File FirewallRules: [{1AEC5D4D-FE65-42A3-8C47-5CBA68FA1C3C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe No File FirewallRules: [{3CFE171B-3F38-4E2B-B371-618A57FD1516}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe No File FirewallRules: [TCP Query User{1502AC62-C38F-43D0-B932-D0B2D34D029A}C:\program files (x86)\4g hostless modem\4g hostless modem\checkndisport_df.exe] => (Block) C:\program files (x86)\4g hostless modem\4g hostless modem\checkndisport_df.exe No File FirewallRules: [UDP Query User{021C6F84-50DD-4A0A-867D-B70304B7116A}C:\program files (x86)\4g hostless modem\4g hostless modem\checkndisport_df.exe] => (Block) C:\program files (x86)\4g hostless modem\4g hostless modem\checkndisport_df.exe No File FirewallRules: [TCP Query User{98720192-5773-4E79-B2D5-C04E8C37BAD7}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe No File FirewallRules: [UDP Query User{A5B992E6-9AE9-4CBB-BCA7-EAD400D4A282}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe No File FirewallRules: [TCP Query User{3EC4E905-8A9B-49DC-83D0-35EADAB3F919}C:\program files (x86)\4g hostless modem\4g hostless modem\cancelautoplay_df.exe] => (Allow) C:\program files (x86)\4g hostless modem\4g hostless modem\cancelautoplay_df.exe No File FirewallRules: [UDP Query User{84E6F893-73D5-4434-8BF4-28DEEDA1F0A0}C:\program files (x86)\4g hostless modem\4g hostless modem\cancelautoplay_df.exe] => (Allow) C:\program files (x86)\4g hostless modem\4g hostless modem\cancelautoplay_df.exe No File FirewallRules: [TCP Query User{B2F411A8-B1B6-4C81-9B4B-26B7BF3381D2}D:\загрузки\wolfenstein ii the new colossus by xatab\setup.exe] => (Allow) D:\загрузки\wolfenstein ii the new colossus by xatab\setup.exe No File FirewallRules: [UDP Query User{6365AB3F-7169-40EB-81A1-33947E219381}D:\загрузки\wolfenstein ii the new colossus by xatab\setup.exe] => (Allow) D:\загрузки\wolfenstein ii the new colossus by xatab\setup.exe No File FirewallRules: [{D04A5C52-10E0-45D5-AFE0-6CF88B422225}] => (Allow) C:\Programdata\Windows\rutserv.exe No File FirewallRules: [{51390BCC-7606-4A3D-B251-BCFB3DB7051B}] => (Allow) LPort=3389 FirewallRules: [{7F4FB1F4-FD1F-4747-9AFE-A8EDAE3C56A3}] => (Allow) LPort=3389 FirewallRules: [TCP Query User{E60B9300-C0D4-4CD7-B03C-1DE9BC6FEED2}D:\программы\adobe after effects cc 2018 15.1.1.12 repack by kpojiuk.exe] => (Block) D:\программы\adobe after effects cc 2018 15.1.1.12 repack by kpojiuk.exe No File FirewallRules: [UDP Query User{79BE4191-35B4-4BA9-A9DA-4D1695FA3AD2}D:\программы\adobe after effects cc 2018 15.1.1.12 repack by kpojiuk.exe] => (Block) D:\программы\adobe after effects cc 2018 15.1.1.12 repack by kpojiuk.exe No File FirewallRules: [TCP Query User{EB2BD42E-0913-4477-9DD8-FC2779EA295F}C:\program files (x86)\internet download manager\iemonitor.exe] => (Allow) C:\program files (x86)\internet download manager\iemonitor.exe No File FirewallRules: [UDP Query User{A864FCBD-96EA-428B-92A2-C7FE72BEC66C}C:\program files (x86)\internet download manager\iemonitor.exe] => (Allow) C:\program files (x86)\internet download manager\iemonitor.exe No File FirewallRules: [TCP Query User{0B7D86C5-1F8C-40C0-8512-7C8747D8B73B}C:\program files (x86)\internet download manager\idman.exe] => (Allow) C:\program files (x86)\internet download manager\idman.exe No File FirewallRules: [UDP Query User{6886F9CB-8A09-4DDE-A689-5229EA07C27A}C:\program files (x86)\internet download manager\idman.exe] => (Allow) C:\program files (x86)\internet download manager\idman.exe No File FirewallRules: [TCP Query User{CC524B1F-D59B-4B8A-9059-A6DFDA91E87E}C:\users\admin\appdata\local\temp\nvidia\gfe\setup.exe] => (Allow) C:\users\admin\appdata\local\temp\nvidia\gfe\setup.exe No File FirewallRules: [UDP Query User{3CEDFE28-7779-4CD2-B954-C1E9FCBABCFA}C:\users\admin\appdata\local\temp\nvidia\gfe\setup.exe] => (Allow) C:\users\admin\appdata\local\temp\nvidia\gfe\setup.exe No File FirewallRules: [{4905D4D8-1CCB-4506-9E5F-25EEFE502EAE}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe No File FirewallRules: [TCP Query User{22797D30-A897-4782-B3DA-503EECB45404}C:\program files (x86)\pc remote receiver\pcremotereceiver.exe] => (Allow) C:\program files (x86)\pc remote receiver\pcremotereceiver.exe No File FirewallRules: [UDP Query User{0883D155-C15D-4E52-A1CA-E3695613BA3C}C:\program files (x86)\pc remote receiver\pcremotereceiver.exe] => (Allow) C:\program files (x86)\pc remote receiver\pcremotereceiver.exe No File FirewallRules: [{393BC2BB-1A92-4581-8FA5-11498B20C9F2}] => (Allow) C:\Program Files (x86)\PC Remote Receiver\PCRemoteReceiver.exe No File FirewallRules: [{729A7A02-E891-458A-B6E4-4ED46BBDBBDB}] => (Allow) C:\Program Files (x86)\PC Remote Receiver\MonectMediaCenter.exe No File FirewallRules: [TCP Query User{0AC7EA67-9B13-4552-83C1-4CFA17E53E20}D:\загрузки\1\6483 торговая система эйнштейн\start.exe] => (Allow) D:\загрузки\1\6483 торговая система эйнштейн\start.exe No File FirewallRules: [UDP Query User{A242BAE4-5B26-48DC-83C1-FF76FD847B56}D:\загрузки\1\6483 торговая система эйнштейн\start.exe] => (Allow) D:\загрузки\1\6483 торговая система эйнштейн\start.exe No File FirewallRules: [{F294E682-553B-4FC8-ABE0-3BCC50D48B60}] => (Allow) C:\Users\Admin\AppData\Local\Orbitum\Application\orbitum.exe No File FirewallRules: [TCP Query User{3D5EAC73-6AD3-497F-A3A5-1A2C496AEDC5}C:\users\admin\appdata\local\orbitum\application\orbitumupdater\orbitumupdater.exe] => (Block) C:\users\admin\appdata\local\orbitum\application\orbitumupdater\orbitumupdater.exe No File FirewallRules: [UDP Query User{A9FF440B-F72F-449B-A128-5370AA6CDBA3}C:\users\admin\appdata\local\orbitum\application\orbitumupdater\orbitumupdater.exe] => (Block) C:\users\admin\appdata\local\orbitum\application\orbitumupdater\orbitumupdater.exe No File FirewallRules: [TCP Query User{73D3D43C-35BF-4308-AB92-5C9263193508}D:\games\red alert 2\ra2md.exe] => (Block) D:\games\red alert 2\ra2md.exe No File FirewallRules: [UDP Query User{B02D68E3-8335-4A07-A261-B2E62AEEF7D6}D:\games\red alert 2\ra2md.exe] => (Block) D:\games\red alert 2\ra2md.exe No File C:\Windows\SysWOW64\explorer.exe Reboot: End::- Запустите FRST и нажмите один раз на кнопку Fix и подождите.
- Программа создаст лог-файл (Fixlog.txt). Пожалуйста, прикрепите его в следующем сообщении!
- Обратите внимание, что компьютер будет перезагружен.
CCNA, CCNP, CCNA Security, CCDA, CCDP
MCP, Microsoft Specialist: Srv Virtualization with WinSrv Hyper-V and System Center
Сделал все так, как вы сказали. Перезагрузился компьютер, ввел пароль, и когда открывался рабочий стол, вылез черный экран, и запустить FRST, я нажал запустить, открылся программа, была "Fixing" и открылся текстовой файл Fixlog и рабочий стол открылся. Прикрепляю логи.
Прикрепите пожалуйста новые логи FRST.
CCNA, CCNP, CCNA Security, CCDA, CCDP
MCP, Microsoft Specialist: Srv Virtualization with WinSrv Hyper-V and System Center
Готово
Удалите остатки от антивируса Avast утилитой Avast Remover.
- Закройте и сохраните все открытые приложения.
- Скопируйте приведенный ниже текст в Блокнот и сохраните файл как fixlist.txt с поддержкой Unicode в ту же папку откуда была запущена утилита Farbar Recovery Scan Tool:
Код:Start:: CMD: wmic /Namespace:\\root\default Path SystemRestore Call Enable "%SystemDrive%" CreateRestorePoint: CloseProcesses: 2019-06-23 10:51 - 2019-06-23 10:51 - 000000000 ____D C:\Program Files\Common Files\AVAST Software End::- Запустите FRST и нажмите один раз на кнопку Fix и подождите.
- Программа создаст лог-файл (Fixlog.txt). Пожалуйста, прикрепите его в следующем сообщении!
- Обратите внимание, что компьютер будет перезагружен.
CCNA, CCNP, CCNA Security, CCDA, CCDP
MCP, Microsoft Specialist: Srv Virtualization with WinSrv Hyper-V and System Center
Появился папка FRST-OlderVersion, внутри FRST64.
Логи прикрепил.
Могли бы выполнить проверку системных файлов, для этого в командной строке (cmd.exe) выполните следующее:
P.S. Обратите внимание, что если у Вас ОС не лицензионная, то может потребоваться повторна активация.Код:sfc /scannow
CCNA, CCNP, CCNA Security, CCDA, CCDP
MCP, Microsoft Specialist: Srv Virtualization with WinSrv Hyper-V and System Center
Похоже, что проблема системная.
Скачайте сторонную утилиту SFCFix.exe (by niemiro) и поместите на рабочей стол.
- Запустите программу.
- При запросах, нажмите "enter" (в общем должно получиться три раза).
- подождите завершения.
- по окончанию нажмите "enter", на рабочем столе сформируется файл SFCFix.txt приложите его к следующем сообщение.
CCNA, CCNP, CCNA Security, CCDA, CCDP
MCP, Microsoft Specialist: Srv Virtualization with WinSrv Hyper-V and System Center
Сообшите пожалуйста редакцию и язык ОС и покажите результат следующей команды в командной строке (cmd.exe):
Код:winver
CCNA, CCNP, CCNA Security, CCDA, CCDP
MCP, Microsoft Specialist: Srv Virtualization with WinSrv Hyper-V and System Center
Уважаемый(ая) erik51711, наши специалисты оказали Вам всю возможную помощь по вашему обращению.
В целях поддержания безопасности вашего компьютера настоятельно рекомендуем:
Чтобы всегда быть в курсе актуальных угроз в области информационной безопасности и сохранять свой компьютер защищенным, рекомендуем следить за последними новостями ИТ-сферы портала Anti-Malware.ru:
Надеемся больше никогда не увидеть ваш компьютер зараженным!
Если Вас не затруднит, пополните пожалуйста нашу базу безопасных файлов.