Премини към съдържанието
insiper

Съмнение за заразена конфигурация - супер бавен е!

    Препоръчан отговор


    Здравейте!

     

    С конфигурацията от подписа се мъчим от скоро с вируси и червеи и така нататък... Работи много бавно , също и в браузъра там е ултра бавно с реклами и някаква търсачка outsurfing ми зарежда.. Излизат ми теглят се някакви китайски програми с китайски букви за някакви рам и cpu боостове и глупости ... Някакви китайски антивирусни немога да ги изтегля....

    Моля помогнете да отстраним всичките тези проблеми! Благодаря предварително!

    Addition.txt

    FRST.txt

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    modedit: Моля, да прочетете правилата на този подраздел и да се съобразявате с тях. Благодаря..!

     

    Правила на форум: Премахване на зловреден софтуер - HiJackThis логове

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    По-лоши логове скоро не бях срещал...направо сте за ГИНЕС. :)

     

    Изтеглете KKdS6sj.pngfixlist.txt и го запазете в папката от която стартирахте FRST.exe.
    Стартирайте FRST.exe и натиснете бутона Fix веднъж!
    След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.
     
    Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

     

    Поздрави!

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Здравейте:

     

    Ето лога:Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015

    Ran by ДенисДавидов (2015-09-21 12:53:34) Run:1
    Running from C:\Users\ДенисДавидов\Desktop\New folder
    Loaded Profiles: ДенисДавидов (Available Profiles: ДенисДавидов)
    Boot Mode: Normal
    ==============================================
     
    fixlist content:
    *****************
    start
    CreateRestorePoint:
    CloseProcesses:
    AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
    AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
    globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
    Task: {14F77490-EFB5-46C5-9682-0656B1A24B81} - System32\Tasks\qzfof3im => C:\Program Files\Common Files\teu1xcx0\02650bh1pvh3s.exe [2015-08-18] ()
    Task: {23CCF6BD-DC2B-42B8-945B-2B70FD5F18E9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {4EF36967-0EED-4C01-82CB-F90A009B94FB} - System32\Tasks\{BEBAEE16-FA71-4151-BC59-63F5FB6EE568} => pcalua.exe -a "C:\Program Files (x86)\MKJogo\MK IM\Bin\uInst.exe"
    Task: {403481A1-8E3C-426C-8CA8-938FCE00DF2F} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\PROGRAM FILES (X86)\RISING\RAV\rsdelaylauncher.exe
    Task: {7B45AE23-ABF2-484F-A847-9506AC6CB936} - System32\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6 => C:\Program Files (x86)\CinemaP-1.9cV06.09\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6.exe <==== ATTENTION
    Task: {7D8CF7CA-ACF9-49AB-A4E5-91666DBCA0C8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {7F715144-CCA3-477A-B0DD-CCDA67AA8F10} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {8A94AD18-6D89-4AB4-AC02-96D0CA54186F} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-09-06] (globalUpdate) <==== ATTENTION
    Task: {8F4C3A2F-D807-437E-BAA4-10DF9721ED47} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
    Task: {97D92253-3409-4361-B9B8-61ED2C5CAF5E} - System32\Tasks\prodqcn => C:\WINDOWS\system32\config\systemprofile\AppData\Local\Donfix
    Task: {9D46C0F1-E156-4496-92E7-2C26284399F7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {9D7DFACD-D5CA-451B-9D95-19E61EDACCFE} - System32\Tasks\AmiUpdXp => C:\Users\ДенисДавидов\AppData\Local\26138\Updater.exe <==== ATTENTION
    Task: {B20777AF-57C8-4697-830F-61A906ED82C5} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-09-06] (globalUpdate) <==== ATTENTION
    Task: {BEB8F1C3-964E-480F-B4E8-B8408F12BDDD} - System32\Tasks\ft11q0mv => C:\Program Files\Common Files\vlbrdbdg\389f655jpah3s.exe [2015-08-18] ()
    Task: {DFE36482-8BA6-43A9-AA72-84FE284B0276} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {E89080B3-A601-4692-B44C-9492E859D208} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6.job => C:\Program Files (x86)\CinemaP-1.9cV06.09\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV06.09\611b5c8d-ea15-4c6c-b329-4e6764043f12-5.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\5=8A4284>2\AppData\Local\26138\Updater.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\bhfdwCxkFq.job => C:\Users\эяэяэяэяэяэяэяэяэяэяэяэя\AppData\Roaming\bhfdwCxkFq.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\NndPHMayIr.job => C:\Users\\AppData\Roaming\NndPHMayIr.exe <==== ATTENTION
    Task: C:\WINDOWS\Tasks\usryNB4MsHrbi9ntLekk.job => C:\Users\\AppData\Roaming\usryNB4MsHrbi9ntLekk.exe <==== ATTENTION
    AlternateDataStreams: C:\Users\ДенисДавидов\Downloads\Clash+of+Clans__15386_il3733313.exe:typelib
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
    FirewallRules: [{8BBA8B5E-6826-4E9F-AFF8-4D7F81581BF5}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
    FirewallRules: [{4FCF6070-019D-4A25-A05E-C2FD4933122A}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
    FirewallRules: [{0EF32172-7B44-4B39-AA4C-022065F41334}] => (Allow) C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
    FirewallRules: [{9C6B49D9-C46C-4DDF-893D-18D5BD7B20EA}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
    FirewallRules: [{4F8A37C6-D853-4497-8E36-84635B4BC6AB}] => (Allow) C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
    FirewallRules: [{9B4FA2B3-2F49-4DDF-80D8-30FED222B113}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
    FirewallRules: [{43AEA45E-717E-40BD-86EC-6468D93ADD65}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
    FirewallRules: [{D845BD5B-FAA9-4A5D-9375-CD01CFD92819}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
    FirewallRules: [{4C30E60D-BC10-443F-9212-246433737B4B}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
    FirewallRules: [{8239AE2D-916A-4E06-B8FE-468DCC1EE91B}] => (Allow) C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
    FirewallRules: [{D7317891-BA25-4C78-A471-570735EBF924}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
    FirewallRules: [{16A2FF4C-ADFC-40DD-A6C1-10711A31DFB0}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
    FirewallRules: [{F2E61E34-5657-408E-A5AC-5D50039D898C}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
    FirewallRules: [{A40F9754-0233-4140-BF8D-D6F237A80326}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
    FirewallRules: [{55E1EC23-4A40-49C9-8CF7-4DF8255FC552}] => (Allow) C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video\GeePlayer\GpUpdate.exe
    FirewallRules: [{392CC677-4A8B-4307-83D5-C0F16F70D6B3}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe
    FirewallRules: [{575324A7-07E7-4D12-9918-9F91EBFCE5CD}] => (Allow) C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
    FirewallRules: [{354B83EC-BE81-4CC2-9A63-32F2CCE3F035}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
    FirewallRules: [{5F4B85BA-145F-47E5-95D3-9C291CCF21F5}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
    FirewallRules: [{AE4B458F-E769-4CEB-AF6B-B7319F47CA3E}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
    FirewallRules: [{1FBF5615-CA85-4613-9CEF-82B72A8A4A00}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
    FirewallRules: [{E2F84458-A399-4FA9-B8A7-DDB3EFFE385A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCmgrInstallGuide.exe
    FirewallRules: [{29C27F95-64F3-4D26-B282-B8CABE138343}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCTray.exe
    FirewallRules: [{51E700DD-C002-4B82-97B9-446C8745DB1B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCMgr.exe
    FirewallRules: [{80003E58-1136-4350-9F80-5771B49DFB14}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRTP.exe
    FirewallRules: [{E3D10577-5754-423B-9ED0-6C6C035A22A2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMDL.exe
    FirewallRules: [{06A57071-6E6C-4F2C-8636-8FE00C5ABFFD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\bugreport.exe
    FirewallRules: [{39C28B96-AB2C-46E1-AC4D-9AE5DDFB0A86}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCFileOpen.exe
    FirewallRules: [{C1D43A15-875B-4F51-B075-8FF814EA5AB4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCLeakScan.exe
    FirewallRules: [{EC230CD7-2A10-4C16-ADD4-61040BF10CF0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPConfig.exe
    FirewallRules: [{16AD2D03-5D41-49CE-AD25-250BA2B8AFD1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCSoftMgr.exe
    FirewallRules: [{885A764A-A322-4267-8261-32E6B5668388}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\plugins\QMNetMon\QQPCNetFlow.exe
    FirewallRules: [{E8CE43C4-15B5-480F-A630-95B0829B34CB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCBTU.exe
    FirewallRules: [{4C0ACF72-6A64-4ED0-9750-9A540840F6A4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCClinic.exe
    FirewallRules: [{A27C5709-457E-48AF-9DA5-5B2A6CFCADBD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCLaunch.exe
    FirewallRules: [{9E11E11A-6371-4F45-AF1F-1B3A607E465B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMUpdate\QQPCMgrUpdate.exe
    FirewallRules: [{B7050CE5-2204-493C-949E-E6F4504061AB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCSoftGame.exe
    FirewallRules: [{CC90958A-BB98-46E4-B4EE-A6CABEFC58D7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCSysOptimize.exe
    FirewallRules: [{ED254723-B09C-418F-ADA2-BC742CB4D5F6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCUpdateAVLib.exe
    FirewallRules: [{4C2C928A-840D-4120-A341-E6B9C64E4F4D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQRepair.exe
    FirewallRules: [{7D9198A2-2B9C-445D-9233-CC656E0D398A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\Uninst.exe
    FirewallRules: [{4BB4D620-9EAC-4706-AC4E-2BE9C9FBB2BA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCPatch.exe
    FirewallRules: [{6BAAFFDA-9F36-4769-9BAC-044F0CCA4A93}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TpkUpdate.exe
    FirewallRules: [{A3EE1D8D-59F6-4614-B54B-0430A782B957}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMRouterMgr.exe
    FirewallRules: [{84E946C4-C852-48C6-BFAF-35E0C1D888C0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMAccountProtection.exe
    FirewallRules: [{2B1E2AB9-9B5D-43C9-9D29-2A8886C32C93}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMAdBlock.exe
    FirewallRules: [{3B06703B-9027-4F9B-BB74-B09BA643E806}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
    FirewallRules: [{E13069C7-048C-4C70-B1E9-AF91ACAA42AE}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
    (Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRTP.exe
    (Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\popwndexe.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCTray.exe
    (Open Source) C:\Users\ДенисДавидов\AppData\Roaming\cpuminer\sgminer\sgm.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\plugins\QMNetMon\QQPCNetFlow.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRealTimeSpeedup.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMDL.exe
    (Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
    (Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMChExt.exe
    C:\Program Files (x86)\Rising
    C:\Program Files (x86)\Tencent
    C:\Program Files (x86)\Common Files\Tencent
    C:\Users\ДенисДавидов\AppData\Roaming\cpuminer
    HKLM\...\Run: [gpuminer] => C:\Users\ДенисДавидов\AppData\Roaming\cpuminer\sgminer\start.cmd [214 2015-08-21] ()
    HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCTRAY.EXE [355296 2015-09-06] (Tencent)
    HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
    HKU\S-1-5-21-4258114876-4100814973-150160403-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
    ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX64.dll No File
    ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX64.dll No File
    ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX64.dll No File
    ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMGCShellExt64.dll [2015-09-06] (Tencent)
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX32.dll No File
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX32.dll No File
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\ДенисДавидов\AppData\Local\MEGAsync\ShellExtX32.dll No File
    C:\Users\ДенисДавидов\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
    C:\Program Files (x86)\Crossbrowse
    HKU\S-1-5-21-4258114876-4100814973-150160403-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KMLjVsdNb4MuCSY6YdEUctfFD9S9GVanSyULxeFV4FlkvjlqF1qo0KGGUid5pcy9COnNPEOpk4yA,,&q={searchTerms}
    HKU\S-1-5-21-4258114876-4100814973-150160403-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KMLjVsdNb4MuCSY6YdEUctfFD9S9GVanSyULxeFV4FlkvjlqF1qo0KGGUid5pcy9COnNPEOpk4yA,,&q={searchTerms}
    HKU\S-1-5-21-4258114876-4100814973-150160403-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KMLjVsdNb4MuCSY6YdEUctfFD9S9GVanSyULxeFV4FlkvjlqF1qo0KGGUid5pcy9COnNPEOpk4yA,,&q={searchTerms}
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KMLjVsdNb4MuCSY6YdEUctfFD9S9GVanSyULxeFV4FlkvjlqF1qo0KGGUid5pcy9COnNPEOpk4yA,,&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4258114876-4100814973-150160403-1000 -> DefaultScope {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=96010190_dg
    SearchScopes: HKU\S-1-5-21-4258114876-4100814973-150160403-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5224&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4258114876-4100814973-150160403-1000 -> {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=96010190_dg
    SearchScopes: HKU\S-1-5-21-4258114876-4100814973-150160403-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KMLjVsdNb4MuCSY6YdEUctfFD9S9GVanSyULxeFV4FlkvjlqF1qo0KGGUid5pcy9COnNPEOpk4yA,,&q={searchTerms}
    BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TSWebMon64.dat [2015-09-06] (Tencent)
    FF NewTab: C:\\ProgramData\\Zonelams\\ff.NT
    FF DefaultSearchEngine: findit
    FF SelectedSearchEngine: oursurfing
    FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
    FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
    FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\npQMExtensionsMozilla.dll [2015-09-06] (Tencent Technology (Shenzhen) Company Limited)
    FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-09-06] (globalUpdate)
    FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-09-06] (globalUpdate)
    FF Plugin HKU\S-1-5-21-4258114876-4100814973-150160403-1000: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File
    FF SearchPlugin: C:\Users\ДенисДавидов\AppData\Roaming\Mozilla\Firefox\Profiles\uyjpjbbe.default\searchplugins\findit.xml [2015-09-06]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2015-09-06]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystarttb.xml [2015-09-04]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\oursurfing.xml [2015-09-04]
    FF Extension: CinemaPlus-3.3c - C:\Users\ДенисДавидов\AppData\Roaming\Mozilla\Firefox\Profiles\uyjpjbbe.default\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-09-20]
    FF Extension: No Name - C:\Users\ДенисДавидов\AppData\Roaming\Mozilla\Firefox\Profiles\uyjpjbbe.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]
    StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.oursurfing.com/?type=sc&ts=1441373951&z=4f72513d036092b200e4615g3zdz9g8cbmdc8tdzfb&from=amt&uid=WDCXWD10EZEX-00BN5A0_WD-WCC3F2VDYZ15DYZ15
    CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqVNYj9yqqb719Qje5pE1z4XM93FQDDUTT9VoyNfju8DyF_5WFnlu-B8Z7cx_kgnS5KXo0PbF7ryn3RNj3opDgBBgWUKLCDFgEZGaPMOCiPmAhrfminjwJLvPLFt6wwVtc9DAc7IQUrEaw,,
    CHR StartupUrls: Default -> "hxxp://google.bg/","hxxp://www.google.com","hxxp://www.oursurfing.com/?type=hp&ts=1441373951&z=4f72513d036092b200e4615g3zdz9g8cbmdc8tdzfb&from=amt&uid=WDCXWD10EZEX-00BN5A0_WD-WCC3F2VDYZ15DYZ15"
    CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqeVBuxgrc8GREqf0nHnNu30sChZfTMgBjGMPpyi21JSrZI_QCXi7DQPwtf-jp74MPWxVOMHp8tBFOdnUhWOJyecK2qqh_TxhH3lbYUy3MtfqdON0aE5YrStpkxcA-7V3E70xlfZ5xVVKuUHkJB_EF6JCYQ,,&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
    CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
    CHR Extension: (Bleaner) - C:\Users\ДенисДавидов\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-09-04]
    CHR Extension: (电脑管家上网防护) - C:\Users\ДенисДавидов\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2015-09-06]
    S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-09-06] (globalUpdate) [File not signed] <==== ATTENTION
    S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-09-06] (globalUpdate) [File not signed] <==== ATTENTION
    R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRTP.exe [301728 2015-09-06] (Tencent)
    R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-09-06] (Beijing Rising Information Technology Co., Ltd.)
    S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TAOFrame.exe [293856 2015-09-06] (Tencent)
    S2 Application Hosting; no ImagePath
    S2 cohci1394; no ImagePath
    S2 Saophase; no ImagePath
    S2 SSFK; no ImagePath
    S2 WdsManPro; no ImagePath
    S2 yesojwnloaupdgteeece; no ImagePath
    R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMUdisk64.sys [80184 2015-09-14] (Tencent)
    R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQSysMonX64.sys [138040 2015-09-06] (电脑管家)
    R2 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [74040 2015-09-06] (Tencent)
    C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
    R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [274232 2015-09-06] (Tencent Technology(Shenzhen) Company Limited)
    C:\Windows\System32\Drivers\TAOKernel64.sys
    R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-09-06] (电脑管家)
    C:\Windows\System32\Drivers\TFsFltX64.sys
    R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TS888x64.sys [28984 2015-09-19] (Tencent)
    S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TSDefenseBT64.sys [28472 2015-09-06] (Tencent)
    R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\TSSysKit64.sys [87352 2015-09-06] (电脑管家)
    2015-09-08 06:12 - 2015-09-08 06:12 - 00003208 _____ C:\WINDOWS\System32\Tasks\ft11q0mv
    2015-09-08 06:12 - 2015-09-08 06:12 - 00000000 ____D C:\Program Files\Common Files\vlbrdbdg
    2015-09-08 06:10 - 2015-09-19 18:49 - 00028984 _____ (Tencent) C:\WINDOWS\SysWOW64\Drivers\TS888x64.sys
    2015-09-07 11:53 - 2015-09-07 11:53 - 00003324 _____ C:\WINDOWS\System32\Tasks\prodqcn
    Folder: C:\Users\ДенисДавидов\AppData\Local\26138
    2015-09-06 22:26 - 2015-09-08 06:10 - 00000000 ____D C:\ProgramData\Saophase
    2015-09-06 22:26 - 2015-09-06 22:26 - 05224982 _____ (Bycatch) C:\Program Files\Common Files\fivx5fkx.exe
    2015-09-06 22:22 - 2015-09-06 22:22 - 00000000 ____D C:\Users\袛械薪懈褋袛邪胁懈写芯胁\AppData\Roaming\Tencent
    2015-09-06 22:11 - 2015-09-06 22:11 - 00003208 _____ C:\WINDOWS\System32\Tasks\qzfof3im
    2015-09-06 22:11 - 2015-09-06 22:11 - 00000000 ____D C:\Program Files\Common Files\teu1xcx0
    2015-09-06 22:06 - 2015-09-06 22:06 - 00000000 ____D C:\Users\袛械薪懈褋袛邪胁懈写芯胁
    2015-09-06 21:49 - 2015-09-06 21:49 - 00000000 ____D C:\ProgramData\TXQMPC
    2015-09-06 21:45 - 2015-09-19 18:25 - 00000000 ___RD C:\RavBin
    2015-09-06 21:45 - 2014-07-30 05:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\SysWOW64\vpatch.dll
    2015-09-06 21:44 - 2015-09-19 18:49 - 00000000 ____D C:\ProgramData\Rising
    2015-09-06 21:44 - 2015-09-19 18:49 - 00000000 ____D C:\Program Files (x86)\Rising
    2015-09-06 21:44 - 2015-09-06 21:44 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel64.sys
    2015-09-06 21:44 - 2015-09-06 21:44 - 00087864 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
    2015-09-06 21:44 - 2015-09-06 21:44 - 00074040 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
    2015-09-06 21:44 - 2015-09-06 21:44 - 00000000 ____D C:\Users\腻龛衲噔桎钼\AppData\Roaming\Tencent
    2015-09-06 21:44 - 2015-09-06 21:44 - 00000000 ____D C:\Users\腻龛衲噔桎钼
    2015-09-06 21:44 - 2015-09-06 21:44 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2015-09-06 21:44 - 2015-09-06 21:44 - 00000000 ____D C:\Program Files\Common Files\Tencent
    2015-09-06 21:43 - 2015-09-06 22:10 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\Tencent
    2015-09-06 21:43 - 2015-09-06 21:59 - 00000000 ____D C:\ProgramData\Tencent
    2015-09-06 21:43 - 2015-09-06 21:43 - 00000000 ____D C:\Program Files (x86)\Tencent
    2015-09-06 21:32 - 2015-09-20 20:39 - 00000406 _____ C:\WINDOWS\Tasks\AmiUpdXp.job
    2015-09-06 21:32 - 2015-09-06 21:32 - 00003500 _____ C:\WINDOWS\System32\Tasks\AmiUpdXp
    2015-09-06 21:15 - 2015-09-20 21:15 - 00001102 _____ C:\WINDOWS\Tasks\Crossbrowse.job
    2015-09-06 21:15 - 2015-09-06 21:15 - 00004222 _____ C:\WINDOWS\System32\Tasks\Crossbrowse
    2015-09-06 21:14 - 2015-09-20 21:14 - 00003178 _____ C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6.job
    2015-09-06 21:14 - 2015-09-06 21:14 - 00006298 _____ C:\WINDOWS\System32\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6
    2015-09-06 21:14 - 2015-09-06 21:14 - 00002486 _____ C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-5_user.job
    2015-09-06 21:14 - 2015-09-06 21:14 - 00001052 _____ C:\WINDOWS\Tasks\bhfdwCxkFq.job
    2015-09-06 21:13 - 2015-09-19 18:31 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV06.09
    2015-09-06 21:13 - 2015-09-07 00:49 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\ppslog
    2015-09-06 21:13 - 2015-09-06 21:13 - 00004090 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
    2015-09-06 21:13 - 2015-09-06 21:13 - 00003858 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
    2015-09-06 21:13 - 2015-09-06 21:13 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Local\SysassistByHotWheel
    2015-09-06 21:13 - 2015-09-06 21:13 - 00000000 ____D C:\Users\§Ґ§Ц§Я§Ъ§г§Ґ§С§У§Ъ§Х§а§У\AppData\Roaming\IQIYI Video
    2015-09-06 21:13 - 2015-09-06 21:13 - 00000000 ____D C:\Users\§Ґ§Ц§Я§Ъ§г§Ґ§С§У§Ъ§Х§а§У
    2015-09-06 21:13 - 2015-09-06 21:13 - 00000000 ____D C:\Program Files (x86)\14ad988d-d2c9-4811-a52d-380f89b6ed52
    2015-09-06 21:12 - 2015-09-19 18:49 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\IQIYI Video
    2015-09-06 21:12 - 2015-09-06 21:29 - 00000000 ____D C:\IQIYI Video
    2015-09-06 21:12 - 2015-09-06 21:28 - 00000000 ____D C:\ProgramData\IQIYI Video
    2015-09-06 21:12 - 2015-09-06 21:12 - 00000000 ____D C:\Users\Public\QiYi
    2015-09-06 21:11 - 2015-09-08 06:16 - 00000000 ____D C:\ProgramData\Application Hosting
    2015-09-06 21:11 - 2015-09-08 06:10 - 00000000 ____D C:\Program Files (x86)\baidu
    2015-09-06 21:11 - 2015-09-06 21:11 - 00000000 ____D C:\ProgramData\Zonelams
    2015-09-06 21:10 - 2015-09-08 06:16 - 00000000 ____D C:\Program Files\Controller
    2015-09-06 16:15 - 2015-09-06 16:15 - 00000000 ____D C:\Users\Public\Documents\Baidu
    2015-09-06 16:15 - 2015-09-06 16:15 - 00000000 ____D C:\ProgramData\Baidu
    2015-09-05 16:49 - 2015-09-05 16:49 - 00000000 ____D C:\ProgramData\APN
    Folder: C:\Users\ДенисДавидов\AppData\Local\31140
    2015-09-04 16:40 - 2015-09-04 16:40 - 00001040 _____ C:\WINDOWS\Tasks\usryNB4MsHrbi9ntLekk.job
    2015-09-04 16:40 - 2015-09-04 16:40 - 00001020 _____ C:\WINDOWS\Tasks\NndPHMayIr.job
    2015-09-04 16:39 - 2015-09-08 06:08 - 00000000 ____D C:\ProgramData\UWdsManProU
    2015-09-04 16:39 - 2015-09-08 06:08 - 00000000 ____D C:\Program Files (x86)\SFK
    2015-09-04 16:39 - 2015-09-06 21:13 - 00000000 ____D C:\Program Files (x86)\globalUpdate
    2015-09-04 16:39 - 2015-09-04 17:11 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\cpuminer
    2015-09-04 16:39 - 2015-09-04 17:08 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Roaming\oursurfing
    2015-09-04 16:39 - 2015-09-04 16:39 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    2015-09-04 16:39 - 2015-09-04 16:39 - 00000000 ____D C:\Users\ДенисДавидов\AppData\Local\globalUpdate
    2015-09-06 22:26 - 2015-09-06 22:26 - 5224982 _____ (Bycatch) C:\Program Files\Common Files\fivx5fkx.exe
    2015-04-14 19:28 - 2015-04-14 19:28 - 0004387 _____ () C:\Users\ДенисДавидов\AppData\Roaming\bhfdwCxkFq
    2015-04-20 17:05 - 2015-04-20 17:05 - 1246720 _____ () C:\Users\ДенисДавидов\AppData\Roaming\bhfdwCxkFq.exe
    2015-04-19 15:20 - 2015-04-19 15:20 - 0005872 _____ () C:\Users\ДенисДавидов\AppData\Roaming\NndPHMayIr
    2015-04-20 17:05 - 2015-04-20 17:05 - 1579520 _____ () C:\Users\ДенисДавидов\AppData\Roaming\NndPHMayIr.exe
    2015-04-14 19:28 - 2015-04-14 19:28 - 0004387 _____ () C:\Users\ДенисДавидов\AppData\Roaming\usryNB4MsHrbi9ntLekk
    2015-04-20 17:05 - 2015-04-20 17:05 - 1246720 _____ () C:\Users\ДенисДавидов\AppData\Roaming\usryNB4MsHrbi9ntLekk.exe
    2015-09-04 16:39 - 2015-09-04 16:39 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    C:\Users\ДенисДавидов\AppData\Local\Temp
    C:\Users\袛械薪懈褋袛邪胁懈写芯胁\AppData\Local\Temp
    Folder: C:\Users\袛械薪懈褋袛邪胁懈写芯胁
    cmd: bitsadmin /reset /allusers
    cmd: netsh winsock reset catalog
    cmd: ipconfig /flushdns
    RemoveProxy:
    Hosts:
    EmptyTemp:
    End
    *****************
     
    Restore point was successfully created.
    Processes closed successfully.
    AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} => removed successfully
    AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} => removed successfully
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => value removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14F77490-EFB5-46C5-9682-0656B1A24B81}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14F77490-EFB5-46C5-9682-0656B1A24B81}" => key removed successfully
    C:\WINDOWS\System32\Tasks\qzfof3im => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\qzfof3im" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23CCF6BD-DC2B-42B8-945B-2B70FD5F18E9}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23CCF6BD-DC2B-42B8-945B-2B70FD5F18E9}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EF36967-0EED-4C01-82CB-F90A009B94FB}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EF36967-0EED-4C01-82CB-F90A009B94FB}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{BEBAEE16-FA71-4151-BC59-63F5FB6EE568} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BEBAEE16-FA71-4151-BC59-63F5FB6EE568}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{403481A1-8E3C-426C-8CA8-938FCE00DF2F}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{403481A1-8E3C-426C-8CA8-938FCE00DF2F}" => key removed successfully
    C:\WINDOWS\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B45AE23-ABF2-484F-A847-9506AC6CB936}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B45AE23-ABF2-484F-A847-9506AC6CB936}" => key removed successfully
    C:\WINDOWS\System32\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6 => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7D8CF7CA-ACF9-49AB-A4E5-91666DBCA0C8}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D8CF7CA-ACF9-49AB-A4E5-91666DBCA0C8}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F715144-CCA3-477A-B0DD-CCDA67AA8F10}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F715144-CCA3-477A-B0DD-CCDA67AA8F10}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A94AD18-6D89-4AB4-AC02-96D0CA54186F}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A94AD18-6D89-4AB4-AC02-96D0CA54186F}" => key removed successfully
    C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F4C3A2F-D807-437E-BAA4-10DF9721ED47}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F4C3A2F-D807-437E-BAA4-10DF9721ED47}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{97D92253-3409-4361-B9B8-61ED2C5CAF5E}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97D92253-3409-4361-B9B8-61ED2C5CAF5E}" => key removed successfully
    C:\WINDOWS\System32\Tasks\prodqcn => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\prodqcn" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D46C0F1-E156-4496-92E7-2C26284399F7}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D46C0F1-E156-4496-92E7-2C26284399F7}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D7DFACD-D5CA-451B-9D95-19E61EDACCFE}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D7DFACD-D5CA-451B-9D95-19E61EDACCFE}" => key removed successfully
    C:\WINDOWS\System32\Tasks\AmiUpdXp => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B20777AF-57C8-4697-830F-61A906ED82C5}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B20777AF-57C8-4697-830F-61A906ED82C5}" => key removed successfully
    C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEB8F1C3-964E-480F-B4E8-B8408F12BDDD}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEB8F1C3-964E-480F-B4E8-B8408F12BDDD}" => key removed successfully
    C:\WINDOWS\System32\Tasks\ft11q0mv => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ft11q0mv" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFE36482-8BA6-43A9-AA72-84FE284B0276}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFE36482-8BA6-43A9-AA72-84FE284B0276}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E89080B3-A601-4692-B44C-9492E859D208}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E89080B3-A601-4692-B44C-9492E859D208}" => key removed successfully
    C:\WINDOWS\System32\Tasks\Crossbrowse => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse" => key removed successfully
    C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-1-6.job => moved successfully
    C:\WINDOWS\Tasks\611b5c8d-ea15-4c6c-b329-4e6764043f12-5_user.job => moved successfully
    C:\WINDOWS\Tasks\AmiUpdXp.job => moved successfully
    C:\WINDOWS\Tasks\bhfdwCxkFq.job => moved successfully
    C:\WINDOWS\Tasks\Crossbrowse.job => moved successfully
    C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => moved successfully
    C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => moved successfully
    C:\WINDOWS\Tasks\NndPHMayIr.job => moved successfully
    C:\WINDOWS\Tasks\usryNB4MsHrbi9ntLekk.job => moved successfully
    C:\Users\ДенисДавидов\Downloads\Clash+of+Clans__15386_il3733313.exe => ":typelib" ADS removed successfully.
    "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP" => key removed successfully
    "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP" => key removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8BBA8B5E-6826-4E9F-AFF8-4D7F81581BF5} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FCF6070-019D-4A25-A05E-C2FD4933122A} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0EF32172-7B44-4B39-AA4C-022065F41334} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C6B49D9-C46C-4DDF-893D-18D5BD7B20EA} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F8A37C6-D853-4497-8E36-84635B4BC6AB} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B4FA2B3-2F49-4DDF-80D8-30FED222B113} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43AEA45E-717E-40BD-86EC-6468D93ADD65} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D845BD5B-FAA9-4A5D-9375-CD01CFD92819} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C30E60D-BC10-443F-9212-246433737B4B} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8239AE2D-916A-4E06-B8FE-468DCC1EE91B} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7317891-BA25-4C78-A471-570735EBF924} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16A2FF4C-ADFC-40DD-A6C1-10711A31DFB0} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F2E61E34-5657-408E-A5AC-5D50039D898C} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A40F9754-0233-4140-BF8D-D6F237A80326} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{55E1EC23-4A40-49C9-8CF7-4DF8255FC552} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{392CC677-4A8B-4307-83D5-C0F16F70D6B3} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{575324A7-07E7-4D12-9918-9F91EBFCE5CD} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{354B83EC-BE81-4CC2-9A63-32F2CCE3F035} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F4B85BA-145F-47E5-95D3-9C291CCF21F5} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AE4B458F-E769-4CEB-AF6B-B7319F47CA3E} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1FBF5615-CA85-4613-9CEF-82B72A8A4A00} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2F84458-A399-4FA9-B8A7-DDB3EFFE385A} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29C27F95-64F3-4D26-B282-B8CABE138343} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51E700DD-C002-4B82-97B9-446C8745DB1B} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{80003E58-1136-4350-9F80-5771B49DFB14} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3D10577-5754-423B-9ED0-6C6C035A22A2} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{06A57071-6E6C-4F2C-8636-8FE00C5ABFFD} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{39C28B96-AB2C-46E1-AC4D-9AE5DDFB0A86} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1D43A15-875B-4F51-B075-8FF814EA5AB4} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC230CD7-2A10-4C16-ADD4-61040BF10CF0} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16AD2D03-5D41-49CE-AD25-250BA2B8AFD1} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{885A764A-A322-4267-8261-32E6B5668388} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8CE43C4-15B5-480F-A630-95B0829B34CB} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C0ACF72-6A64-4ED0-9750-9A540840F6A4} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A27C5709-457E-48AF-9DA5-5B2A6CFCADBD} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E11E11A-6371-4F45-AF1F-1B3A607E465B} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B7050CE5-2204-493C-949E-E6F4504061AB} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CC90958A-BB98-46E4-B4EE-A6CABEFC58D7} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED254723-B09C-418F-ADA2-BC742CB4D5F6} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C2C928A-840D-4120-A341-E6B9C64E4F4D} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D9198A2-2B9C-445D-9233-CC656E0D398A} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BB4D620-9EAC-4706-AC4E-2BE9C9FBB2BA} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6BAAFFDA-9F36-4769-9BAC-044F0CCA4A93} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3EE1D8D-59F6-4614-B54B-0430A782B957} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{84E946C4-C852-48C6-BFAF-35E0C1D888C0} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B1E2AB9-9B5D-43C9-9D29-2A8886C32C93} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B06703B-9027-4F9B-BB74-B09BA643E806} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E13069C7-048C-4C70-B1E9-AF91ACAA42AE} => value removed successfully
    [13860] C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe => process closed successfully.
    C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRTP.exe => Could not close process
    C:\Program Files (x86)\Rising\RSD\popwndexe.exe => No running process found
    C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCTray.exe => Could not close process
    C:\Users\ДенисДавидов\AppData\Roaming\cpuminer\sgminer\sgm.exe => No running process found
    C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\plugins\QMNetMon\QQPCNetFlow.exe => Could not close process
    C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QQPCRealTimeSpeedup.exe => Could not close process
    C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMDL.exe => No running process found
    C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe => No running process found
    C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16575.227\QMChExt.exe => No running process found
    C:\Program Files (x86)\Rising => moved successfully
     
     
    Мерси заради това ,че се занимавате с мен: :) 

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Това не е целия лог файл. Ако е прекалено дълъг тогава го качете на Dox.bg и публикувайте линка за теглене в следващия си коментар.

     

    Пишете и дали има подобрение след изпълнението на скрипта. ;)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Сега видях и забелязах ,докато се fix-ва и изписва ,че програма е спряла да работи.

    Редактирано от Vocaloid (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Т.е. това е целия създаден лог? Ако да повторете фикса в Safe Mode и вижте дали ще се изпълни успешно там и ако да, публикувайте лог файла.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Здравейте!

     

    Поради причини ,трябваше направо да се преинсталира компютъра. Мерси за цялата помощ.Извинете ,че ви загубих времето!

     

    Поздрави!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ами щом така сте решили, това си е ваш избор. Положението бе трагично, но поправимо. Както и да е.

    Поздрави и хубава седмица.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Регистрирайте се или влезете в профила си за да коментирате

    Трябва да имате регистрация за да може да коментирате това

    Регистрирайте се

    Създайте нова регистрация в нашия форум. Лесно е!

    Нова регистрация

    Вход

    Имате регистрация? Влезте от тук.

    Вход


    ×

    Информация

    Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.