Comment
Author: Admin | 2025-04-28
/ 420 Регистрация: 04.04.2012 Сообщений: 8,599 30.04.2019, 19:07 8 Отключите до перезагрузки антивирус.Выделите следующий код:CodeStart::CreateRestorePoint:ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\ExclusionsHKLM\...\Policies\Explorer: [NoPublishingWizard] 1HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction ATTENTIONHKU\S-1-5-21-665939957-777476426-4155319558-1001\...\Run: [AdobeBridge] => [X]HKU\S-1-5-21-665939957-777476426-4155319558-1001\...\Run: [CloudNet] => "C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" 31337 ATTENTIONC:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\AppInit_DLLs: C:\ProgramData\Tolnix\Zathtom.dll => No FileAppInit_DLLs-x32: C:\ProgramData\Tolnix\Hotlab.dll => No FileGroupPolicy: Restriction - Chrome ATTENTIONFF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction ATTENTIONCHR HKLM\SOFTWARE\Policies\Google: Restriction ATTENTIONHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction ATTENTIONHKU\S-1-5-21-665939957-777476426-4155319558-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBD8Dduob2KUI4N-jvGYJcYzihE2pKaCSNCshm8E6p7Gj6TVjCUsoaV4eZUForL0WxhZvEqbwNBHgNKJuX7wFEza_AFbuwrBJfFal96epq6Hn-tuBU3s1Vv3JYjvm2RENQ7ucQovufeeMYWLzIPKWj5aAZDyKclMHEJB-yKAA,,&q={searchTerms}HKU\S-1-5-21-665939957-777476426-4155319558-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBD8Dduob2KUI4N-jvGYJcYzihE2pKaCSNCshm8E6p7Gj6TVjCUsoaV4eZUForL0WxhZvEqbwNBHgNKJuX7wFEzZ7pRZ0HUkgX1flrPszEBHiNj0BlJws96iqSXoRPVu33kWUQJ09P94NwKm9xqyvqoGon7-hqegpE1QbI_Dg,,SearchScopes: HKLM-x32 -> DefaultScope value is missingCHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBD8Dduob2KUI4N-jvGYJcYzihE2pKaCSNCshm8E6p7Gj6TVjCUsoaV4eZUForL0WxhZvEqbwNBHgNKJuX7wFEza-t37Qe5YZ01WRjvFVOWhPc9bAFPEQq7lW8hx9z15YYrTBvs81wcJM3F2kyCPvr9JZJcoPUH-n6t4Bw2Iw,,CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=811009"U4 FrameServer; no ImagePathU4 lfsvc; no ImagePath2019-04-30 12:21 - 2019-04-30 12:21 - 000000000 ____D C:\Users\EsricFinn\AppData\Roaming\EpicNet Incbl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hiddenph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) HiddenShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No FileShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No FileShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No FileShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No FileShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No FileAlternateDataStreams: C:\Users\EsricFinn\Local Settings:UQiKXQg8thkrrIEff4ZWtG6 [2398]AlternateDataStreams: C:\Users\EsricFinn\AppData\Local:UQiKXQg8thkrrIEff4ZWtG6 [2398]AlternateDataStreams: C:\Users\EsricFinn\AppData\Local\Application Data:UQiKXQg8thkrrIEff4ZWtG6 [2398]AlternateDataStreams: C:\Users\EsricFinn\AppData\Local\Temp:I55g9exlwmUxD27eImMDnLc [2338]AlternateDataStreams: C:\Users\EsricFinn\AppData\Local\Temp:Wt5OXJhX6bxcb5h7v7Zsga [2318]MSCONFIG\Services: Tolnix => 2FirewallRules: [{CFFBE7B4-3CE7-4FAD-AFA1-27928CCA7B3D}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{ABEE6408-0CF1-41A1-981B-4B689EE1ED81}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{1EC88DE6-0898-49B8-ADB3-492934A19EBD}] => (Allow) C:\ProgramData\WindowsMenu\westat.exe No FileFirewallRules: [{F135C1C5-C9A3-492A-B867-B77F5FC9E0A5}] => (Allow) C:\ProgramData\WindowsMenu\westat.exe No FileFirewallRules: [{19A6DA73-9BA8-4BAD-8045-1D2157EF47C6}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{365B0F0C-1D10-44E9-A45C-253273456C84}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{2FB3CEED-56C6-4F3C-8ADE-A0E6EED20243}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{9E49E0D5-89B3-4499-AB13-51020363A091}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{80056D07-8FAE-4259-9688-6896323AC15D}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{6CC70228-BBB2-46D2-97F2-25BCD40F601D}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{C9CC0BA8-496A-4CFE-954F-FB6A0A75D518}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{9CF74A05-1DB0-4CE6-89C7-F3676944415A}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{6532AAC0-CAD0-4720-AFD3-A8C1967959DF}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{719AB080-2BC3-4388-AA6B-69D7B2C1C0EB}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{C9103B05-E51B-4508-B93C-E2FBEC57443B}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{13AE8505-A54C-4CC7-99A0-42EB70FA23A4}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{8F25A65F-FA20-410C-980A-233F13CF83D8}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{F2F5D12C-58B6-4252-8151-E820F426A476}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{6DA2EBC8-A4DA-4E6A-AF3A-4B01D449757B}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{8271DCC9-7A94-4675-B932-855FA4487098}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{03A1015D-F74C-4AB5-BA4A-F8C8DA6AEDEC}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{5106EC1B-76DE-4E1C-A615-9E2E4B58961C}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{49A2CDA3-153C-4819-BD3C-FFDFB8D9C102}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{CCC6C8A3-8C3E-4BBC-8E87-FE8B54174FB8}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileFirewallRules: [{6064FAEB-D074-41E5-B787-F21050DBB580}] => (Allow) C:\Windows\rss\csrss.exe No FileFirewallRules: [{9DD94F4F-C840-4C70-B612-7B1D41378668}] => (Allow) C:\Users\EsricFinn\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No FileCMD: ipconfig /flushdnsEmptyTemp:Reboot:End::Скопируйте выделенный текст (правой кнопкой - Копировать).Запустите FRST (FRST64) от имени администратора.Нажмите Fix один раз (!) и подождите. Программа создаст
Add Comment