Start::
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ограничение <==== ВНИМАНИЕ
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Ограничение <==== ВНИМАНИЕ
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Run: [Nexus] => [X]
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [1] eav_trial_rus.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [2] avast_free_antivirus_setup_online.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [3] eis_trial_rus.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [4] essf_trial_rus.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [5] hitmanpro_x64.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [6] ESETOnlineScanner_UKR.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [7] ESETOnlineScanner_RUS.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [8] HitmanPro.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [9] 360TS_Setup_Mini.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [10] Cezurity_Scanner_Pro_Free.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [11] Cube.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [12] AVbr.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [13] AV_br.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [14] KVRT.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [15] cureit.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [17] eset_internet_security_live_installer.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [18] esetonlinescanner.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [19] eset_nod32_antivirus_live_installer.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [20] MBSetup.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [21] PANDAFREEAV.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [22] bitdefender_avfree.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [23] drweb-12.0-ss-win.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [24] cureit.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [25] TDSSKiller.exe
HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\...\Policies\Explorer\DisallowRun: [26] eset_smart_security_premium_live_installer.exe
File: C:\ProgramData\Microsoft\MapData\P121IUJ5Jxaf277GZx\DataBaseN.bat
Zip: C:\ProgramData\Microsoft\MapData\P121IUJ5Jxaf277GZx\DataBaseN.bat
File: D:\Program FIles\Winstep\WsxService.exe
File: C:\WINDOWS\SysWOW64\MSIService.exe
Task: {26FEA667-F996-41B3-A3DC-A5F1DF1037D5} - System32\Tasks\Microsoft\Windows\MapInfoL\RecoveryHosts => C:\ProgramData\Microsoft\Windows\2BV7BTbOSE0D\MapInfoL.bat (Нет файла) <==== ВНИМАНИЕ
CHR HKU\S-1-5-21-2354719666-4247491742-2213387494-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Unlock C:\FRST
2024-08-15 11:43 C:\Program Files\AVAST Software
2024-08-15 11:43 C:\Program Files\AVG
2024-08-15 11:43 C:\Program Files\Bitdefender Agent
2024-08-15 11:43 C:\Program Files\ByteFence
2024-08-15 11:43 C:\Program Files\Cezurity
2024-08-15 11:43 C:\Program Files\COMODO
2024-08-15 11:43 C:\Program Files\DrWeb
2024-08-15 11:43 C:\Program Files\Enigma Software Group
2024-08-15 11:43 C:\Program Files\EnigmaSoft
2024-08-15 11:43 C:\Program Files\ESET
2024-08-15 11:43 C:\Program Files\HitmanPro
2024-08-15 11:43 C:\Program Files\Kaspersky Lab
2024-08-15 11:43 C:\Program Files\Loaris Trojan Remover
2024-08-15 11:43 C:\Program Files\Malwarebytes
2024-08-15 11:43 C:\Program Files\NETGATE
2024-08-15 11:43 C:\Program Files\Process Hacker 2
2024-08-15 11:43 C:\Program Files\Process Lasso
2024-08-15 11:43 C:\Program Files\QuickCPU
2024-08-15 11:43 C:\Program Files\Rainmeter
2024-08-15 11:43 C:\Program Files\Ravantivirus
2024-08-15 11:43 C:\Program Files\ReasonLabs
2024-08-15 11:43 C:\Program Files\RogueKiller
2024-08-15 11:43 C:\Program Files\SpyHunter
2024-08-15 11:43 C:\Program Files\SUPERAntiSpyware
2024-08-15 11:43 C:\Program Files\Transmission
2024-08-15 11:43 C:\Program Files (x86)\360
2024-08-15 11:43 C:\Program Files (x86)\AVAST Software
2024-08-15 11:43 C:\Program Files (x86)\AVG
2024-08-15 11:43 C:\Program Files (x86)\Cezurity
2024-08-15 11:43 C:\Program Files (x86)\GPU Temp
2024-08-15 11:43 C:\Program Files (x86)\GRIZZLY Antivirus
2024-08-15 11:43 C:\Program Files (x86)\Kaspersky Lab
2024-08-15 11:43 C:\Program Files (x86)\Microsoft JDX
2024-08-15 11:43 C:\Program Files (x86)\Moo0
2024-08-15 11:43 C:\Program Files (x86)\Panda Security
2024-08-15 11:43 C:\Program Files (x86)\SpeedFan
2024-08-15 11:43 C:\Program Files (x86)\SpyHunter
2024-08-15 11:43 C:\Program Files (x86)\Transmission
2024-08-15 11:43 C:\Program Files (x86)\Wise
2024-08-15 11:43 C:\Program Files\Common Files\AV
2024-08-15 11:43 C:\Program Files\Common Files\Doctor Web
2024-08-15 11:43 C:\Program Files\Common Files\McAfee
2024-08-15 11:43 C:\ProgramData\360safe
2024-08-15 11:43 C:\ProgramData\AVAST Software
2024-08-15 11:43 C:\ProgramData\Avira
2024-08-15 11:43 C:\ProgramData\BookManager
2024-08-15 11:43 C:\ProgramData\Doctor Web
2024-08-15 11:43 C:\ProgramData\ESET
2024-08-15 11:43 C:\ProgramData\Evernote
2024-08-15 11:43 C:\ProgramData\FingerPrint
2024-08-15 11:43 C:\ProgramData\grizzly
2024-08-15 11:43 C:\ProgramData\Kaspersky Lab
2024-08-15 11:43 C:\ProgramData\Kaspersky Lab Setup Files
2024-08-15 11:43 C:\ProgramData\McAfee
2024-08-15 11:43 C:\ProgramData\Norton
2024-08-15 11:43 C:\ProgramData\princeton-produce
2024-08-15 11:43 C:\ProgramData\PuzzleMedia
2024-08-15 11:43 C:\ProgramData\RobotDemo
2024-08-15 11:43 C:\ProgramData\WavePad
2024-08-15 11:43 C:\Users\tubor\Downloads\AutoLogger
2024-08-15 11:43 C:\Users\tubor\Downloads\AV_block_remover
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
Reboot:
End::