start
CreateRestorePoint:
(Tencent) F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCRTP.exe
(Tencent) F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCTray.exe
(Tencent) F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\plugins\QMNetMon\QQPCNetFlow.exe
(Tencent) F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCRealTimeSpeedup.exe
() F:\Documents and Settings\Дима\Application Data\1BD6AB60-1434604673-11D9-A075-14DAE9EDDE25\knsw8E.tmpfs
(Tencent) F:\Program Files\Common Files\Tencent\QQDownload\130\Tencentdl.exe
HKU\S-1-5-21-1935655697-776561741-682003330-1003\...\MountPoints2: {1ecddbce-63a2-11e3-b898-ae6b288f89cf} - G:\Autoinstaller.exe
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMGCShellExt.dll [2015-06-18] (Tencent)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=97951667_hao_pg
HKU\S-1-5-21-1935655697-776561741-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=97951667_hao_pg
FF Plugin: @qq.com/QQPCMgr -> F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\npQMExtensionsMozilla.dll [2015-06-18] (Tencent Technology (Shenzhen) Company Limited
CHR Extension: (Google Search) - F:\Documents and Settings\Дима\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-20]
CHR Extension: (Quick Searcher) - F:\Documents and Settings\Дима\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2015-06-18]
CHR Extension: (Chrome Hotword Shared Module) - F:\Documents and Settings\Дима\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]
R1 QMIEProtect; F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMIEProtect.sys [49464 2015-06-18] ()
R1 QMUdisk; F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMUdisk.sys [62392 2015-06-18] (Tencent)
R1 QQPCHelper; F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCHelper.sys [22880 2015-06-18] (Tencent)
R2 QQSysMon; F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQSysMon.sys [108472 2015-06-18] (电脑管家)
R2 TAOAccelerator; F:\WINDOWS\system32\Drivers\TAOAccelerator.sys [77016 2015-06-18] (Tencent)
R2 TAOKernelDriver; F:\WINDOWS\system32\Drivers\TAOKernelXP.sys [139064 2015-06-18] (Tencent Technology(Shenzhen) Company Limited)
R1 TFsFlt; F:\WINDOWS\System32\Drivers\TFsFlt.sys [150072 2015-06-18] (电脑管家)
R3 TS888; F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\TS888.sys [30392 2015-06-18] (Tencent)
R1 TSCPM; F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\tscpm.sys [43448 2015-06-18] (电脑管家)
R1 TSDefenseBt; F:\WINDOWS\System32\DRIVERS\TSDefenseBt.sys [14008 2015-06-18] (Tencent)
R0 TsFltMgr; F:\WINDOWS\System32\drivers\TsFltMgr.sys [124792 2015-06-18] (电脑管家)
R1 TSKSP; F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\TSKsp.sys [204920 2015-06-18] (电脑管家)
R1 TSSysKit; F:\Program Files\Tencent\QQPCMgr\10.10.16434.218\TSSysKit.sys [101560 2015-06-18] (电脑管家)
U5 1070EE3A; F:\Windows\System32\Drivers\1070EE3A.sys [22472 2015-06-18] () [File not signed]
S3 A6E64E7; \??\F:\WINDOWS\TEMP\A6E64E7.sys [X]
S3 A994109; \??\F:\WINDOWS\TEMP\A994109.sys [X]
S3 B281E86; \??\F:\WINDOWS\TEMP\B281E86.sys [X]
2015-06-18 15:40 - 2015-06-18 15:40 - 00022472 _____ F:\WINDOWS\system32\Drivers\1070EE3A.sys
2015-06-18 15:38 - 2015-06-18 15:38 - 00000000 ____D F:\Documents and Settings\蔫爨\Application Data\Tencent
2015-06-18 15:36 - 2015-06-18 15:38 - 00000000 ____D F:\Program Files\Common Files\Tencent
2015-06-18 15:36 - 2015-06-18 15:36 - 00030392 _____ (Tencent) F:\WINDOWS\system32\Drivers\TS888.sys
2015-06-18 15:35 - 2015-06-18 15:40 - 00000000 ____D F:\Documents and Settings\Дима\Application Data\Tencent
2015-06-18 15:35 - 2015-06-18 11:29 - 00139064 _____ (Tencent Technology(Shenzhen) Company Limited) F:\WINDOWS\system32\Drivers\TAOKernelXP.sys
2015-06-18 15:35 - 2015-06-18 11:29 - 00077016 _____ (Tencent) F:\WINDOWS\system32\Drivers\TAOAccelerator.sys
2015-06-18 13:55 - 2015-06-18 15:39 - 00000000 ____D F:\Documents and Settings\袛懈屑邪\Local Settings\Temp
2015-06-18 13:55 - 2015-06-18 13:55 - 00000000 ____D F:\Documents and Settings\袛懈屑邪
2015-06-18 11:29 - 2015-06-18 11:29 - 00150072 ____N (电脑管家) F:\WINDOWS\system32\Drivers\TFsFlt.sys
2015-06-18 11:29 - 2015-06-18 11:29 - 00124792 ____N (电脑管家) F:\WINDOWS\system32\Drivers\TsFltMgr.sys
2015-06-18 11:29 - 2015-06-18 11:29 - 00067896 ____N (电脑管家) F:\WINDOWS\system32\TSSK.sys
2015-06-18 11:29 - 2015-06-18 11:29 - 00014008 ____N (Tencent) F:\WINDOWS\system32\Drivers\TSDefenseBt.sys
2015-06-18 11:29 - 2015-06-18 11:29 - 00000852 _____ F:\Documents and Settings\All Users\Главное меню\强力卸载电脑上的软件 .lnk
2015-06-18 11:29 - 2015-06-18 11:29 - 00000000 ____D F:\Documents and Settings\蔫爨
2015-06-18 11:29 - 2015-06-18 11:29 - 00000000 ____D F:\Documents and Settings\LocalService\Application Data\Tencent
2015-06-18 11:28 - 2015-06-18 15:38 - 00000000 ____D F:\Documents and Settings\All Users\Application Data\Tencent
2015-06-18 11:28 - 2015-06-18 11:28 - 00000000 ____D F:\Program Files\Tencent
2015-06-18 11:18 - 2015-06-18 11:18 - 00000000 ____D F:\Documents and Settings\Дима\Local Settings\Application Data\Chedot
F:\Documents and Settings\Дима\Local Settings\Temp\APNSetup.exe
F:\Documents and Settings\Дима\Local Settings\Temp\ChedotSetup.exe
F:\Documents and Settings\Дима\Local Settings\Temp\communicator.exe
F:\Documents and Settings\Дима\Local Settings\Temp\jre-7u67-windows-i586-iftw.exe
F:\Documents and Settings\Дима\Local Settings\Temp\jre-8u31-windows-au.exe
F:\Documents and Settings\Дима\Local Settings\Temp\loadmoney.exe
F:\Documents and Settings\Дима\Local Settings\Temp\mailruhomesearchvbm.exe
F:\Documents and Settings\Дима\Local Settings\Temp\new-super-ext.exe
F:\Documents and Settings\Дима\Local Settings\Temp\QQPCMgr_Setup.exe
F:\Documents and Settings\Дима\Local Settings\Temp\qqpcmgr_v10.10.16434.218_72489_Silence.exe
F:\Documents and Settings\Дима\Local Settings\Temp\Quarantine.exe
F:\Documents and Settings\Дима\Local Settings\Temp\rn32.dll
F:\Documents and Settings\Дима\Local Settings\Temp\Setup-yabrowser.exe
F:\Documents and Settings\Дима\Local Settings\Temp\siinst.exe
F:\Documents and Settings\Дима\Local Settings\Temp\SkypeSetup.exe
F:\Documents and Settings\Дима\Local Settings\Temp\sqlite3.dll
F:\Documents and Settings\Дима\Local Settings\Temp\strings.dll
F:\Documents and Settings\Дима\Local Settings\Temp\tmp1B4.exe
F:\Documents and Settings\Дима\Local Settings\Temp\tmp1B7.exe
F:\Documents and Settings\Дима\Local Settings\Temp\tmp4A.exe
F:\Documents and Settings\Дима\Local Settings\Temp\vuupc.exe
F:\Documents and Settings\Дима\Local Settings\Temp\yupdate-exec-yabrowser.exe
F:\Documents and Settings\Дима\Local Settings\Temp\{843E5834-688C-4968-B70E-BC86D62F7E72}-35.0.1916.114_chrome_installer.exe
F:\Documents and Settings\????\Local Settings\Temp\TempQMDTLSDKSetup20141114(1).exe
F:\Documents and Settings\????\Local Settings\Temp\TempQMDTLSDKSetup20141114.exe
F:\Documents and Settings\????\Local Settings\Temp\TempQMSystemSetup_10.10.16434.218_112217724(1).exe
F:\Documents and Settings\????\Local Settings\Temp\TempQMSystemSetup_10.10.16434.218_112217724.exe
F:\Documents and Settings\????\Local Settings\Temp\TempQQPhoneManager-5.3.2_710201.4693.pa.exe
EmptyTemp:
Reboot:
end
