SPYWARE-RU.COM

28 ноября, 2016 в 2:01 пп #55728

Participant

Темы:1
Сообщений:4

☆

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-11-2016
Ran by CorJlaceH (28-11-2016 22:43:36) Run:1
Running from D:\Other\Программы
Loaded Profiles: CorJlaceH (Available Profiles: CorJlaceH)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe"  /regrun
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1679360 2012-02-28] (Wondershare)
HKU\S-1-5-21-2608073043-2279228004-2253963994-1000\...\Run: [MyDesktop] => C:\Users\CorJlaceH\AppData\Roaming\MyDesktop\linkme0704.exe  /killme_30 /restoreme_5 /url_hxxp://mpnl.ru/offers/uaby.csv /url2_hxxp://hello.limbbo.ru/offers/uaby.csv
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} =>  No File
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSWebMon64.dat => No File
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
FF Plugin HKU\S-1-5-21-2608073043-2279228004-2253963994-1000: @acestream.net/acestreamplugin,version=3.1.7 -> C:\Users\CorJlaceH\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
CHR HKU\S-1-5-21-2608073043-2279228004-2253963994-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
Task: {58CE96A3-322B-45C7-94D6-9F23926D97C3} - System32\Tasks\InternetAD => Chrome.exe hxxp://timeinsnewsing.org/hotravossm
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [159]
AlternateDataStreams: C:\Users\Все пользователи\TEMP:1CE11B51 [159]
C:\Users\CorJlaceH\AppData\Roaming\MyDesktop\linkme0704.exe
EmptyTemp:
Reboot:
*****************

Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe => value removed successfully
HKU\S-1-5-21-2608073043-2279228004-2253963994-1000\Software\Microsoft\Windows\CurrentVersion\Run\\MyDesktop => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => key removed successfully
HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509}" => key removed successfully
HKCR\CLSID\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => key removed successfully
"HKCR\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509}" => key removed successfully
HKCR\Wow6432Node\CLSID\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => key not found. 
"HKU\S-1-5-21-2608073043-2279228004-2253963994-1000\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.7" => key removed successfully
C:\Users\CorJlaceH\AppData\Roaming\ACEStream\player\npace_plugin.dll => not found.
"HKU\S-1-5-21-2608073043-2279228004-2253963994-1000\SOFTWARE\Google\Chrome\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58CE96A3-322B-45C7-94D6-9F23926D97C3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58CE96A3-322B-45C7-94D6-9F23926D97C3}" => key removed successfully
C:\Windows\System32\Tasks\InternetAD => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\InternetAD" => key removed successfully
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully.
"C:\Users\Все пользователи\TEMP" => ":1CE11B51" ADS not found.
"C:\Users\CorJlaceH\AppData\Roaming\MyDesktop\linkme0704.exe" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19622246 B
Java, Flash, Steam htmlcache => 14078 B
Windows/system/drivers => 397321003 B
Edge => 0 B
Chrome => 103513349 B
Firefox => 378476897 B
Opera => 485191150 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 84157 B
systemprofile32 => 759 B
LocalService => 66228 B
NetworkService => 306782 B
CorJlaceH => 5472385889 B

RecycleBin => 0 B
EmptyTemp: => 6.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:46:30 ====

Вложения:

You must be logged in to view attached files.

Ответ в теме: Всплывающие окна с рекламой

Вложения:

Добро пожаловать

Поиск

Важные инструкции

Как восстановить зашифрованные файлы (Инструкция)

Этот параметр включен администратором

Как сбросить настройки Firefox (Инструкция)

Установлено в соответствии с корпоративным правилом (Удалить из Хрома)

Как запустить компьютер в безопасном режиме (Safe Mode)

СПАЙВАРЕ РУ

Нужна помощь?

Ссылки