Премини към съдържанието
insiper

Съмнение за заразена конфигурация - супер бавен е!

Препоръчан отговор


Здравейте!

 

С конфигурацията от подписа се мъчим от скоро с вируси и червеи и така нататък... Работи много бавно , също и в браузъра там е ултра бавно с реклами и някаква търсачка outsurfing ми зарежда.. Излизат ми теглят се някакви китайски програми с китайски букви за някакви рам и cpu боостове и глупости ... Някакви китайски антивирусни немога да ги изтегля....

Моля помогнете да отстраним всичките тези проблеми! Благодаря предварително!

Addition.txt

FRST.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

modedit: Моля, да прочетете правилата на този подраздел и да се съобразявате с тях. Благодаря..!

 

Правила на форум: Премахване на зловреден софтуер - HiJackThis логове

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

Системата е сериозно заразена...В момента пиша скрипт, но може да отнеме време.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

По-лоши логове скоро не бях срещал...направо сте за ГИНЕС. :)

 

Изтеглете KKdS6sj.pngfixlist.txt и го запазете в папката от която стартирахте FRST.exe.
Стартирайте FRST.exe и натиснете бутона Fix веднъж!
След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.
 
Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

 

Поздрави!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте:

 

Ето лога:Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015

Ran by ДенисДавидов (2015-09-21 12:53:34) Run:1
Running from C:\Users\ДенисДавидов\Desktop\New folder
Loaded Profiles: ДенисДавидов (Available Profiles: ДенисДавидов)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Task: {14F77490-EFB5-46C5-9682-0656B1A24B81} - System32\Tasks\qzfof3im => C:\Program Files\Common Files\teu1xcx0\02650bh1pvh3s.exe [2015-08-18] ()
Task: {23CCF6BD-DC2B-42B8-945B-2B70FD5F18E9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4EF36967-0EED-4C01-82CB-F90A009B94FB} - System32\Tasks\{BEBAEE16-FA71-4151-BC59-63F5FB6EE568} => pcalua.exe -a "C:\Program Files (x86)\MKJogo\MK IM\Bin\uInst.exe"
Task: {403481A1-8E3C-426C-8CA8-938FCE00DF2F} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\PROGRAM FILES (X86)\RISING\RAV\rsdelaylauncher.exe
Task: {7B45AE23-ABF2-484F-A847-9506AC6CB936} - System32\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6 => C:\Program Files (x86)\CinemaP-1.9cV06.09\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6.exe <==== ATTENTION
Task: {7D8CF7CA-ACF9-49AB-A4E5-91666DBCA0C8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7F715144-CCA3-477A-B0DD-CCDA67AA8F10} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8A94AD18-6D89-4AB4-AC02-96D0CA54186F} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-09-06] (globalUpdate) <==== ATTENTION
Task: {8F4C3A2F-D807-437E-BAA4-10DF9721ED47} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {97D92253-3409-4361-B9B8-61ED2C5CAF5E} - System32\Tasks\prodqcn => C:\WINDOWS\system32\config\systemprofile\AppData\Local\Donfix
Task: {9D46C0F1-E156-4496-92E7-2C26284399F7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9D7DFACD-D5CA-451B-9D95-19E61EDACCFE} - System32\Tasks\AmiUpdXp => C:\Users\ДенисДавидов\AppData\Local\26138\Updater.exe <==== ATTENTION
Task: {B20777AF-57C8-4697-830F-61A906ED82C5} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-09-06] (globalUpdate) <==== ATTENTION
Task: {BEB8F1C3-964E-480F-B4E8-B8408F12BDDD} - System32\Tasks\ft11q0mv => C:\Program Files\Common Files\vlbrdbdg\389f655jpah3s.exe [2015-08-18] ()
Task: {DFE36482-8BA6-43A9-AA72-84FE284B0276} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E89080B3-A601-4692-B44C-9492E859D208} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6.job => C:\Program Files (x86)\CinemaP-1.9cV06.09\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV06.09\611b5c8d-ea15-4c6c-b329-4e6764043f12-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\5=8A4284>2\AppData\Local\26138\Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\bhfdwCxkFq.job => C:\Users\эяэяэяэяэяэяэяэяэяэяэяэя\AppData\Roaming\bhfdwCxkFq.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\NndPHMayIr.job => C:\Users\\AppData\Roaming\NndPHMayIr.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\usryNB4MsHrbi9ntLekk.job => C:\Users\\AppData\Roaming\usryNB4MsHrbi9ntLekk.exe <==== ATTENTION
AlternateDataStreams: C:\Users\ДенисДавидов\Downloads\Clash+of+Clans__15386_il3733313.exe:typelib
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
FirewallRules: [{8BBA8B5E-6826-4E9F-AFF8-4D7F81581BF5}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{4FCF6070-019D-4A25-A05E-C2FD4933122A}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{0EF32172-7B44-4B39-AA4C-022065F41334}] => (Allow) C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
FirewallRules: [{9C6B49D9-C46C-4DDF-893D-18D5BD7B20EA}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{4F8A37C6-D853-4497-8E36-84635B4BC6AB}] => (Allow) C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{9B4FA2B3-2F49-4DDF-80D8-30FED222B113}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{43AEA45E-717E-40BD-86EC-6468D93ADD65}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{D845BD5B-FAA9-4A5D-9375-CD01CFD92819}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{4C30E60D-BC10-443F-9212-246433737B4B}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{8239AE2D-916A-4E06-B8FE-468DCC1EE91B}] => (Allow) C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{D7317891-BA25-4C78-A471-570735EBF924}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{16A2FF4C-ADFC-40DD-A6C1-10711A31DFB0}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{F2E61E34-5657-408E-A5AC-5D50039D898C}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{A40F9754-0233-4140-BF8D-D6F237A80326}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{55E1EC23-4A40-49C9-8CF7-4DF8255FC552}] => (Allow) C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video\GeePlayer\GpUpdate.exe
FirewallRules: [{392CC677-4A8B-4307-83D5-C0F16F70D6B3}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe
FirewallRules: [{575324A7-07E7-4D12-9918-9F91EBFCE5CD}] => (Allow) C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{354B83EC-BE81-4CC2-9A63-32F2CCE3F035}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{5F4B85BA-145F-47E5-95D3-9C291CCF21F5}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{AE4B458F-E769-4CEB-AF6B-B7319F47CA3E}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{1FBF5615-CA85-4613-9CEF-82B72A8A4A00}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{E2F84458-A399-4FA9-B8A7-DDB3EFFE385A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCmgrInstallGuide.exe
FirewallRules: [{29C27F95-64F3-4D26-B282-B8CABE138343}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCTray.exe
FirewallRules: [{51E700DD-C002-4B82-97B9-446C8745DB1B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCMgr.exe
FirewallRules: [{80003E58-1136-4350-9F80-5771B49DFB14}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRTP.exe
FirewallRules: [{E3D10577-5754-423B-9ED0-6C6C035A22A2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMDL.exe
FirewallRules: [{06A57071-6E6C-4F2C-8636-8FE00C5ABFFD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\bugreport.exe
FirewallRules: [{39C28B96-AB2C-46E1-AC4D-9AE5DDFB0A86}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCFileOpen.exe
FirewallRules: [{C1D43A15-875B-4F51-B075-8FF814EA5AB4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCLeakScan.exe
FirewallRules: [{EC230CD7-2A10-4C16-ADD4-61040BF10CF0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPConfig.exe
FirewallRules: [{16AD2D03-5D41-49CE-AD25-250BA2B8AFD1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCSoftMgr.exe
FirewallRules: [{885A764A-A322-4267-8261-32E6B5668388}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{E8CE43C4-15B5-480F-A630-95B0829B34CB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCBTU.exe
FirewallRules: [{4C0ACF72-6A64-4ED0-9750-9A540840F6A4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCClinic.exe
FirewallRules: [{A27C5709-457E-48AF-9DA5-5B2A6CFCADBD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCLaunch.exe
FirewallRules: [{9E11E11A-6371-4F45-AF1F-1B3A607E465B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{B7050CE5-2204-493C-949E-E6F4504061AB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCSoftGame.exe
FirewallRules: [{CC90958A-BB98-46E4-B4EE-A6CABEFC58D7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCSysOptimize.exe
FirewallRules: [{ED254723-B09C-418F-ADA2-BC742CB4D5F6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCUpdateAVLib.exe
FirewallRules: [{4C2C928A-840D-4120-A341-E6B9C64E4F4D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQRepair.exe
FirewallRules: [{7D9198A2-2B9C-445D-9233-CC656E0D398A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\Uninst.exe
FirewallRules: [{4BB4D620-9EAC-4706-AC4E-2BE9C9FBB2BA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCPatch.exe
FirewallRules: [{6BAAFFDA-9F36-4769-9BAC-044F0CCA4A93}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TpkUpdate.exe
FirewallRules: [{A3EE1D8D-59F6-4614-B54B-0430A782B957}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMRouterMgr.exe
FirewallRules: [{84E946C4-C852-48C6-BFAF-35E0C1D888C0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMAccountProtection.exe
FirewallRules: [{2B1E2AB9-9B5D-43C9-9D29-2A8886C32C93}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMAdBlock.exe
FirewallRules: [{3B06703B-9027-4F9B-BB74-B09BA643E806}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{E13069C7-048C-4C70-B1E9-AF91ACAA42AE}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRTP.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\popwndexe.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCTray.exe
(Open Source) C:\Users\ДенисДавидов\AppData\Roaming\cpuminer\sgminer\sgm.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\plugins\QMNetMon\QQPCNetFlow.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRealTimeSpeedup.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMDL.exe
(Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMChExt.exe
C:\Program Files (x86)\Rising
C:\Program Files (x86)\Tencent
C:\Program Files (x86)\Common Files\Tencent
C:\Users\ДенисДавидов\AppData\Roaming\cpuminer
HKLM\...\Run: [gpuminer] => C:\Users\ДенисДавидов\AppData\Roaming\cpuminer\sgminer\start.cmd [214 2015-08-21] ()
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCTRAY.EXE [355296 2015-09-06] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKU\S-1-5-21-4258114876-4100814973-150160403-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMGCShellExt64.dll [2015-09-06] (Tencent)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX32.dll No File
C:\Users\ДенисДавидов\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
C:\Program Files (x86)\Crossbrowse
HKU\S-1-5-21-4258114876-4100814973-150160403-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KMLjVsdNb4MuCSY6YdEUctfFD9S9GVanSyULxeFV4FlkvjlqF1qo0KGGUid5pcy9COnNPEOpk4yA,,&q={searchTerms}
HKU\S-1-5-21-4258114876-4100814973-150160403-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KMLjVsdNb4MuCSY6YdEUctfFD9S9GVanSyULxeFV4FlkvjlqF1qo0KGGUid5pcy9COnNPEOpk4yA,,&q={searchTerms}
HKU\S-1-5-21-4258114876-4100814973-150160403-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KMLjVsdNb4MuCSY6YdEUctfFD9S9GVanSyULxeFV4FlkvjlqF1qo0KGGUid5pcy9COnNPEOpk4yA,,&q={searchTerms}
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KMLjVsdNb4MuCSY6YdEUctfFD9S9GVanSyULxeFV4FlkvjlqF1qo0KGGUid5pcy9COnNPEOpk4yA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4258114876-4100814973-150160403-1000 -> DefaultScope {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=96010190_dg
SearchScopes: HKU\S-1-5-21-4258114876-4100814973-150160403-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5224&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4258114876-4100814973-150160403-1000 -> {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=96010190_dg
SearchScopes: HKU\S-1-5-21-4258114876-4100814973-150160403-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KMLjVsdNb4MuCSY6YdEUctfFD9S9GVanSyULxeFV4FlkvjlqF1qo0KGGUid5pcy9COnNPEOpk4yA,,&q={searchTerms}
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TSWebMon64.dat [2015-09-06] (Tencent)
FF NewTab: C:\\ProgramData\\Zonelams\\ff.NT
FF DefaultSearchEngine: findit
FF SelectedSearchEngine: oursurfing
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\npQMExtensionsMozilla.dll [2015-09-06] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-09-06] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-09-06] (globalUpdate)
FF Plugin HKU\S-1-5-21-4258114876-4100814973-150160403-1000: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF SearchPlugin: C:\Users\ДенисДавидов\AppData\Roaming\Mozilla\Firefox\Profiles\uyjpjbbe.default\searchplugins\findit.xml [2015-09-06]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2015-09-06]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystarttb.xml [2015-09-04]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\oursurfing.xml [2015-09-04]
FF Extension: CinemaPlus-3.3c - C:\Users\ДенисДавидов\AppData\Roaming\Mozilla\Firefox\Profiles\uyjpjbbe.default\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-09-20]
FF Extension: No Name - C:\Users\ДенисДавидов\AppData\Roaming\Mozilla\Firefox\Profiles\uyjpjbbe.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.oursurfing.com/?type=sc&ts=1441373951&z=4f72513d036092b200e4615g3zdz9g8cbmdc8tdzfb&from=amt&uid=WDCXWD10EZEX-00BN5A0_WD-WCC3F2VDYZ15DYZ15
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KXo0PbF7ryn3RNj3opDgBBgWUKLCDFgEZGaPMOCiPmAhrfminjwJLvPLFt6wwVtc9DAc7IQUrEaw,,
CHR StartupUrls: Default -> "hxxp://google.bg/","hxxp://www.google.com","hxxp://www.oursurfing.com/?type=hp&ts=1441373951&z=4f72513d036092b200e4615g3zdz9g8cbmdc8tdzfb&from=amt&uid=WDCXWD10EZEX-00BN5A0_WD-WCC3F2VDYZ15DYZ15"
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqf0nHnNu30sChZfTMgBjGMPpyi21JSrZI_QCXi7DQPwtf-jp74MPWxVOMHp8tBFOdnUhWOJyecK2qqh_TxhH3lbYUy3MtfqdON0aE5YrStpkxcA-7V3E70xlfZ5xVVKuUHkJB_EF6JCYQ,,&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Extension: (Bleaner) - C:\Users\ДенисДавидов\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-09-04]
CHR Extension: (电脑管家上网防护) - C:\Users\ДенисДавидов\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2015-09-06]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-09-06] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-09-06] (globalUpdate) [File not signed] <==== ATTENTION
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRTP.exe [301728 2015-09-06] (Tencent)
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-09-06] (Beijing Rising Information Technology Co., Ltd.)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TAOFrame.exe [293856 2015-09-06] (Tencent)
S2 Application Hosting; no ImagePath
S2 cohci1394; no ImagePath
S2 Saophase; no ImagePath
S2 SSFK; no ImagePath
S2 WdsManPro; no ImagePath
S2 yesojwnloaupdgteeece; no ImagePath
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMUdisk64.sys [80184 2015-09-14] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQSysMonX64.sys [138040 2015-09-06] (电脑管家)
R2 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [74040 2015-09-06] (Tencent)
C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [274232 2015-09-06] (Tencent Technology(Shenzhen) Company Limited)
C:\Windows\System32\Drivers\TAOKernel64.sys
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-09-06] (电脑管家)
C:\Windows\System32\Drivers\TFsFltX64.sys
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TS888x64.sys [28984 2015-09-19] (Tencent)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TSDefenseBT64.sys [28472 2015-09-06] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TSSysKit64.sys [87352 2015-09-06] (电脑管家)
2015-09-08 06:12 - 2015-09-08 06:12 - 00003208 _____ C:\WINDOWS\System32\Tasks\ft11q0mv
2015-09-08 06:12 - 2015-09-08 06:12 - 00000000 ____D C:\Program Files\Common Files\vlbrdbdg
2015-09-08 06:10 - 2015-09-19 18:49 - 00028984 _____ (Tencent) C:\WINDOWS\SysWOW64\Drivers\TS888x64.sys
2015-09-07 11:53 - 2015-09-07 11:53 - 00003324 _____ C:\WINDOWS\System32\Tasks\prodqcn
Folder: C:\Users\ДенисДавидов\AppData\Local\26138
2015-09-06 22:26 - 2015-09-08 06:10 - 00000000 ____D C:\ProgramData\Saophase
2015-09-06 22:26 - 2015-09-06 22:26 - 05224982 _____ (Bycatch) C:\Program Files\Common Files\fivx5fkx.exe
2015-09-06 22:22 - 2015-09-06 22:22 - 00000000 ____D C:\Users\袛械薪懈褋袛邪胁懈写芯胁\AppData\Roaming\Tencent
2015-09-06 22:11 - 2015-09-06 22:11 - 00003208 _____ C:\WINDOWS\System32\Tasks\qzfof3im
2015-09-06 22:11 - 2015-09-06 22:11 - 00000000 ____D C:\Program Files\Common Files\teu1xcx0
2015-09-06 22:06 - 2015-09-06 22:06 - 00000000 ____D C:\Users\袛械薪懈褋袛邪胁懈写芯胁
2015-09-06 21:49 - 2015-09-06 21:49 - 00000000 ____D C:\ProgramData\TXQMPC
2015-09-06 21:45 - 2015-09-19 18:25 - 00000000 ___RD C:\RavBin
2015-09-06 21:45 - 2014-07-30 05:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\SysWOW64\vpatch.dll
2015-09-06 21:44 - 2015-09-19 18:49 - 00000000 ____D C:\ProgramData\Rising
2015-09-06 21:44 - 2015-09-19 18:49 - 00000000 ____D C:\Program Files (x86)\Rising
2015-09-06 21:44 - 2015-09-06 21:44 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel64.sys
2015-09-06 21:44 - 2015-09-06 21:44 - 00087864 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2015-09-06 21:44 - 2015-09-06 21:44 - 00074040 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2015-09-06 21:44 - 2015-09-06 21:44 - 00000000 ____D C:\Users\腻龛衲噔桎钼\AppData\Roaming\Tencent
2015-09-06 21:44 - 2015-09-06 21:44 - 00000000 ____D C:\Users\腻龛衲噔桎钼
2015-09-06 21:44 - 2015-09-06 21:44 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-09-06 21:44 - 2015-09-06 21:44 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-09-06 21:43 - 2015-09-06 22:10 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\Tencent
2015-09-06 21:43 - 2015-09-06 21:59 - 00000000 ____D C:\ProgramData\Tencent
2015-09-06 21:43 - 2015-09-06 21:43 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-09-06 21:32 - 2015-09-20 20:39 - 00000406 _____ C:\WINDOWS\Tasks\AmiUpdXp.job
2015-09-06 21:32 - 2015-09-06 21:32 - 00003500 _____ C:\WINDOWS\System32\Tasks\AmiUpdXp
2015-09-06 21:15 - 2015-09-20 21:15 - 00001102 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2015-09-06 21:15 - 2015-09-06 21:15 - 00004222 _____ C:\WINDOWS\System32\Tasks\Crossbrowse
2015-09-06 21:14 - 2015-09-20 21:14 - 00003178 _____ C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6.job
2015-09-06 21:14 - 2015-09-06 21:14 - 00006298 _____ C:\WINDOWS\System32\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6
2015-09-06 21:14 - 2015-09-06 21:14 - 00002486 _____ C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-5_user.job
2015-09-06 21:14 - 2015-09-06 21:14 - 00001052 _____ C:\WINDOWS\Tasks\bhfdwCxkFq.job
2015-09-06 21:13 - 2015-09-19 18:31 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV06.09
2015-09-06 21:13 - 2015-09-07 00:49 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\ppslog
2015-09-06 21:13 - 2015-09-06 21:13 - 00004090 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-09-06 21:13 - 2015-09-06 21:13 - 00003858 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-09-06 21:13 - 2015-09-06 21:13 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Local\SysassistByHotWheel
2015-09-06 21:13 - 2015-09-06 21:13 - 00000000 ____D C:\Users\§Ґ§Ц§Я§Ъ§г§Ґ§С§У§Ъ§Х§а§У\AppData\Roaming\IQIYI Video
2015-09-06 21:13 - 2015-09-06 21:13 - 00000000 ____D C:\Users\§Ґ§Ц§Я§Ъ§г§Ґ§С§У§Ъ§Х§а§У
2015-09-06 21:13 - 2015-09-06 21:13 - 00000000 ____D C:\Program Files (x86)\14ad988d-d2c9-4811-a52d-380f89b6ed52
2015-09-06 21:12 - 2015-09-19 18:49 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video
2015-09-06 21:12 - 2015-09-06 21:29 - 00000000 ____D C:\IQIYI Video
2015-09-06 21:12 - 2015-09-06 21:28 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-09-06 21:12 - 2015-09-06 21:12 - 00000000 ____D C:\Users\Public\QiYi
2015-09-06 21:11 - 2015-09-08 06:16 - 00000000 ____D C:\ProgramData\Application Hosting
2015-09-06 21:11 - 2015-09-08 06:10 - 00000000 ____D C:\Program Files (x86)\baidu
2015-09-06 21:11 - 2015-09-06 21:11 - 00000000 ____D C:\ProgramData\Zonelams
2015-09-06 21:10 - 2015-09-08 06:16 - 00000000 ____D C:\Program Files\Controller
2015-09-06 16:15 - 2015-09-06 16:15 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-09-06 16:15 - 2015-09-06 16:15 - 00000000 ____D C:\ProgramData\Baidu
2015-09-05 16:49 - 2015-09-05 16:49 - 00000000 ____D C:\ProgramData\APN
Folder: C:\Users\ДенисДавидов\AppData\Local\31140
2015-09-04 16:40 - 2015-09-04 16:40 - 00001040 _____ C:\WINDOWS\Tasks\usryNB4MsHrbi9ntLekk.job
2015-09-04 16:40 - 2015-09-04 16:40 - 00001020 _____ C:\WINDOWS\Tasks\NndPHMayIr.job
2015-09-04 16:39 - 2015-09-08 06:08 - 00000000 ____D C:\ProgramData\UWdsManProU
2015-09-04 16:39 - 2015-09-08 06:08 - 00000000 ____D C:\Program Files (x86)\SFK
2015-09-04 16:39 - 2015-09-06 21:13 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-09-04 16:39 - 2015-09-04 17:11 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\cpuminer
2015-09-04 16:39 - 2015-09-04 17:08 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\oursurfing
2015-09-04 16:39 - 2015-09-04 16:39 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-09-04 16:39 - 2015-09-04 16:39 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Local\globalUpdate
2015-09-06 22:26 - 2015-09-06 22:26 - 5224982 _____ (Bycatch) C:\Program Files\Common Files\fivx5fkx.exe
2015-04-14 19:28 - 2015-04-14 19:28 - 0004387 _____ () C:\Users\ДенисДавидов\AppData\Roaming\bhfdwCxkFq
2015-04-20 17:05 - 2015-04-20 17:05 - 1246720 _____ () C:\Users\ДенисДавидов\AppData\Roaming\bhfdwCxkFq.exe
2015-04-19 15:20 - 2015-04-19 15:20 - 0005872 _____ () C:\Users\ДенисДавидов\AppData\Roaming\NndPHMayIr
2015-04-20 17:05 - 2015-04-20 17:05 - 1579520 _____ () C:\Users\ДенисДавидов\AppData\Roaming\NndPHMayIr.exe
2015-04-14 19:28 - 2015-04-14 19:28 - 0004387 _____ () C:\Users\ДенисДавидов\AppData\Roaming\usryNB4MsHrbi9ntLekk
2015-04-20 17:05 - 2015-04-20 17:05 - 1246720 _____ () C:\Users\ДенисДавидов\AppData\Roaming\usryNB4MsHrbi9ntLekk.exe
2015-09-04 16:39 - 2015-09-04 16:39 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\ДенисДавидов\AppData\Local\Temp
C:\Users\袛械薪懈褋袛邪胁懈写芯胁\AppData\Local\Temp
Folder: C:\Users\袛械薪懈褋袛邪胁懈写芯胁
cmd: bitsadmin /reset /allusers
cmd: netsh winsock reset catalog
cmd: ipconfig /flushdns
RemoveProxy:
Hosts:
EmptyTemp:
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} => removed successfully
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14F77490-EFB5-46C5-9682-0656B1A24B81}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14F77490-EFB5-46C5-9682-0656B1A24B81}" => key removed successfully
C:\WINDOWS\System32\Tasks\qzfof3im => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\qzfof3im" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23CCF6BD-DC2B-42B8-945B-2B70FD5F18E9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23CCF6BD-DC2B-42B8-945B-2B70FD5F18E9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EF36967-0EED-4C01-82CB-F90A009B94FB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EF36967-0EED-4C01-82CB-F90A009B94FB}" => key removed successfully
C:\WINDOWS\System32\Tasks\{BEBAEE16-FA71-4151-BC59-63F5FB6EE568} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BEBAEE16-FA71-4151-BC59-63F5FB6EE568}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{403481A1-8E3C-426C-8CA8-938FCE00DF2F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{403481A1-8E3C-426C-8CA8-938FCE00DF2F}" => key removed successfully
C:\WINDOWS\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B45AE23-ABF2-484F-A847-9506AC6CB936}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B45AE23-ABF2-484F-A847-9506AC6CB936}" => key removed successfully
C:\WINDOWS\System32\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7D8CF7CA-ACF9-49AB-A4E5-91666DBCA0C8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D8CF7CA-ACF9-49AB-A4E5-91666DBCA0C8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F715144-CCA3-477A-B0DD-CCDA67AA8F10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F715144-CCA3-477A-B0DD-CCDA67AA8F10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A94AD18-6D89-4AB4-AC02-96D0CA54186F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A94AD18-6D89-4AB4-AC02-96D0CA54186F}" => key removed successfully
C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F4C3A2F-D807-437E-BAA4-10DF9721ED47}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F4C3A2F-D807-437E-BAA4-10DF9721ED47}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{97D92253-3409-4361-B9B8-61ED2C5CAF5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97D92253-3409-4361-B9B8-61ED2C5CAF5E}" => key removed successfully
C:\WINDOWS\System32\Tasks\prodqcn => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\prodqcn" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D46C0F1-E156-4496-92E7-2C26284399F7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D46C0F1-E156-4496-92E7-2C26284399F7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D7DFACD-D5CA-451B-9D95-19E61EDACCFE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D7DFACD-D5CA-451B-9D95-19E61EDACCFE}" => key removed successfully
C:\WINDOWS\System32\Tasks\AmiUpdXp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B20777AF-57C8-4697-830F-61A906ED82C5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B20777AF-57C8-4697-830F-61A906ED82C5}" => key removed successfully
C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEB8F1C3-964E-480F-B4E8-B8408F12BDDD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEB8F1C3-964E-480F-B4E8-B8408F12BDDD}" => key removed successfully
C:\WINDOWS\System32\Tasks\ft11q0mv => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ft11q0mv" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFE36482-8BA6-43A9-AA72-84FE284B0276}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFE36482-8BA6-43A9-AA72-84FE284B0276}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E89080B3-A601-4692-B44C-9492E859D208}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E89080B3-A601-4692-B44C-9492E859D208}" => key removed successfully
C:\WINDOWS\System32\Tasks\Crossbrowse => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse" => key removed successfully
C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6.job => moved successfully
C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-5_user.job => moved successfully
C:\WINDOWS\Tasks\AmiUpdXp.job => moved successfully
C:\WINDOWS\Tasks\bhfdwCxkFq.job => moved successfully
C:\WINDOWS\Tasks\Crossbrowse.job => moved successfully
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\NndPHMayIr.job => moved successfully
C:\WINDOWS\Tasks\usryNB4MsHrbi9ntLekk.job => moved successfully
C:\Users\ДенисДавидов\Downloads\Clash+of+Clans__15386_il3733313.exe => ":typelib" ADS removed successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8BBA8B5E-6826-4E9F-AFF8-4D7F81581BF5} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FCF6070-019D-4A25-A05E-C2FD4933122A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0EF32172-7B44-4B39-AA4C-022065F41334} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C6B49D9-C46C-4DDF-893D-18D5BD7B20EA} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F8A37C6-D853-4497-8E36-84635B4BC6AB} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B4FA2B3-2F49-4DDF-80D8-30FED222B113} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43AEA45E-717E-40BD-86EC-6468D93ADD65} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D845BD5B-FAA9-4A5D-9375-CD01CFD92819} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C30E60D-BC10-443F-9212-246433737B4B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8239AE2D-916A-4E06-B8FE-468DCC1EE91B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7317891-BA25-4C78-A471-570735EBF924} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16A2FF4C-ADFC-40DD-A6C1-10711A31DFB0} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F2E61E34-5657-408E-A5AC-5D50039D898C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A40F9754-0233-4140-BF8D-D6F237A80326} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{55E1EC23-4A40-49C9-8CF7-4DF8255FC552} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{392CC677-4A8B-4307-83D5-C0F16F70D6B3} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{575324A7-07E7-4D12-9918-9F91EBFCE5CD} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{354B83EC-BE81-4CC2-9A63-32F2CCE3F035} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F4B85BA-145F-47E5-95D3-9C291CCF21F5} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AE4B458F-E769-4CEB-AF6B-B7319F47CA3E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1FBF5615-CA85-4613-9CEF-82B72A8A4A00} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2F84458-A399-4FA9-B8A7-DDB3EFFE385A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29C27F95-64F3-4D26-B282-B8CABE138343} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51E700DD-C002-4B82-97B9-446C8745DB1B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{80003E58-1136-4350-9F80-5771B49DFB14} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3D10577-5754-423B-9ED0-6C6C035A22A2} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{06A57071-6E6C-4F2C-8636-8FE00C5ABFFD} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{39C28B96-AB2C-46E1-AC4D-9AE5DDFB0A86} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1D43A15-875B-4F51-B075-8FF814EA5AB4} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC230CD7-2A10-4C16-ADD4-61040BF10CF0} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16AD2D03-5D41-49CE-AD25-250BA2B8AFD1} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{885A764A-A322-4267-8261-32E6B5668388} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8CE43C4-15B5-480F-A630-95B0829B34CB} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C0ACF72-6A64-4ED0-9750-9A540840F6A4} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A27C5709-457E-48AF-9DA5-5B2A6CFCADBD} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E11E11A-6371-4F45-AF1F-1B3A607E465B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B7050CE5-2204-493C-949E-E6F4504061AB} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CC90958A-BB98-46E4-B4EE-A6CABEFC58D7} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED254723-B09C-418F-ADA2-BC742CB4D5F6} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C2C928A-840D-4120-A341-E6B9C64E4F4D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D9198A2-2B9C-445D-9233-CC656E0D398A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BB4D620-9EAC-4706-AC4E-2BE9C9FBB2BA} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6BAAFFDA-9F36-4769-9BAC-044F0CCA4A93} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3EE1D8D-59F6-4614-B54B-0430A782B957} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{84E946C4-C852-48C6-BFAF-35E0C1D888C0} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B1E2AB9-9B5D-43C9-9D29-2A8886C32C93} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B06703B-9027-4F9B-BB74-B09BA643E806} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E13069C7-048C-4C70-B1E9-AF91ACAA42AE} => value removed successfully
[13860] C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe => process closed successfully.
C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRTP.exe => Could not close process
C:\Program Files (x86)\Rising\RSD\popwndexe.exe => No running process found
C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCTray.exe => Could not close process
C:\Users\ДенисДавидов\AppData\Roaming\cpuminer\sgminer\sgm.exe => No running process found
C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\plugins\QMNetMon\QQPCNetFlow.exe => Could not close process
C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRealTimeSpeedup.exe => Could not close process
C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMDL.exe => No running process found
C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe => No running process found
C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMChExt.exe => No running process found
C:\Program Files (x86)\Rising => moved successfully
 
 
Мерси заради това ,че се занимавате с мен: :) 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Това не е целия лог файл. Ако е прекалено дълъг тогава го качете на Dox.bg и публикувайте линка за теглене в следващия си коментар.

 

Пишете и дали има подобрение след изпълнението на скрипта. ;)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Сега видях и забелязах ,докато се fix-ва и изписва ,че програма е спряла да работи.

Редактирано от Vocaloid (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Т.е. това е целия създаден лог? Ако да повторете фикса в Safe Mode и вижте дали ще се изпълни успешно там и ако да, публикувайте лог файла.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте!

 

Поради причини ,трябваше направо да се преинсталира компютъра. Мерси за цялата помощ.Извинете ,че ви загубих времето!

 

Поздрави!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ами щом така сте решили, това си е ваш избор. Положението бе трагично, но поправимо. Както и да е.

Поздрави и хубава седмица.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.