- Сообщения
- 9,327
- Реакции
- 3,979
Смотрите видео ниже, чтобы узнать, как установить наш сайт в качестве веб-приложения на домашнем экране.
Примечание: Эта возможность может быть недоступна в некоторых браузерах.
Разделы реестра: 8
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO, , [112cc423d2c86fc74322a90731cf768a],
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO.1, , [d469f6f1bddd8bab6302733ddd23827e],
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESearchPlugin.MailRuBHO, , [d469f6f1bddd8bab6302733ddd23827e],
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESearchPlugin.MailRuBHO.1, , [d469f6f1bddd8bab6302733ddd23827e],
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\IESearchPlugin.MailRuBHO, , [d469f6f1bddd8bab6302733ddd23827e],
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\IESearchPlugin.MailRuBHO.1, , [d469f6f1bddd8bab6302733ddd23827e],
PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1, , [b984d611a7f310267b4b7d0534ccc43c],
PUP.Optional.Zaxar, HKU\S-1-5-21-3568367139-2977000476-3800039126-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\3CFDED22_0, , [85b8c0270e8c5cda47fd1b559b687090],
Значения реестра: 1
PUP.Optional.Zaxar, HKU\S-1-5-21-3568367139-2977000476-3800039126-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\3cfded22_0, {0.0.0.00000000}.{d9898507-4d08-47a9-a52a-19ca3bcc9f03}|\Device\HarddiskVolume2\Program Files (x86)\Zaxar\ZaxarGameBrowser.exe%b{00000000-0000-0000-0000-000000000000}, , [85b8c0270e8c5cda47fd1b559b687090]
Файлы: 46
PUP.Optional.Zaxar, C:\AdwCleaner\quarantine\files\azgozpozgyboejhkynkkycxvuwbllnun\ZaxarGameBrowser.exe, , [95a834b32e6ca98df7c0bb12758b728e],
Adware.FileTour, C:\AdwCleaner\quarantine\files\azgozpozgyboejhkynkkycxvuwbllnun\ZaxarLoader.exeold, , [1b2281668f0baf87a7afbed408f8df21],
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
DeleteFile('c:\program files (x86)\ghostery storage server\ghstore.exe', '32');
DeleteFileMask('c:\program files (x86)\ghostery storage server', '*', true);
DeleteDirectory('c:\program files (x86)\ghostery storage server');
DeleteService('Ghostery Storage Server');
ExecuteSysClean;
ExecuteWizard('SCU', 2, 3, true);
RebootWindows(true);
end.
start
CMD: wmic /Namespace:\\root\default Path SystemRestore Call Enable "%SystemDrive%"
CreateRestorePoint:
HKU\S-1-5-21-3568367139-2977000476-3800039126-1000\...\Run: [AceStream] => C:\Users\Dmitriy\AppData\Roaming\ACEStream\engine\ace_engine.exe
CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/distib/ep/?q={searchTerms}&product_id=%7B487DFAC6-708E-402D-A5A5-BE2BF9F3F070%7D&gp=811041
CHR DefaultSearchKeyword: Default -> mail.ru_
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/ff3?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
2016-12-12 15:57 - 2009-07-14 06:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-12-12 15:57 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
Task: {E2AF729C-D27D-4A13-AB8E-534B280F05F7} - System32\Tasks\InternetCFC => Firefox.exe hxxp://andria-loft.ru/florida
EmptyTemp:
Reboot:
end