wholelifelooser
Новый пользователь
- Сообщения
- 16
- Реакции
- 0
>>> "C:\Users\user\Рабочий стол\Графический редактор.lnk" -> ["C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe"]
>>> "C:\Users\user\Рабочий стол\Менеджер фотографий.lnk" -> ["C:\Program Files\Google\Picasa3\Picasa3.exe"]
>>> "C:\Users\user\Рабочий стол\Видеоплеер.lnk" -> ["C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe"]
>>> "C:\Users\user\Рабочий стол\Архиватор.lnk" -> ["C:\Program Files\7-Zip\7zFM.exe"]
>>> "C:\Users\user\Рабочий стол\Аудио утилиты.lnk" -> ["C:\Program Files\AIMP2\AIMP2c.exe"]
>>> "C:\Users\user\Рабочий стол\Аудиоплеер.lnk" -> ["C:\Program Files\AIMP2\AIMP2.exe"]
>>> "C:\Users\user\Рабочий стол\Звуковой редактор.lnk" -> ["C:\Program Files\Audacity 1.3 Beta (Unicode)\audacity.exe"]
>>> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\ReadMe.lnk" -> ["D:\RivaTuner Statistics Server\Doc\ReadMe.pdf"]
>>> "C:\Users\user\Рабочий стол\Видео конвертер.lnk" -> ["C:\Program Files (x86)\Any Video Converter\VideoConverter.exe"]
>>> "C:\Users\user\Рабочий стол\MoneyTracker.lnk" -> ["C:\Program Files\MoneyTracker\MoneyTracker.exe" =>> user="1"]
>>> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games\Path of Exile.lnk" -> ["C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe"]
>>> "C:\Users\user\Desktop\other\Path of Exile.lnk" -> ["C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe"]
>>> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server skin format reference.lnk" -> ["D:\RivaTuner Statistics Server\SDK\Doc\USF skin format reference.pdf"]
>>> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server localization reference.lnk" -> ["D:\RivaTuner Statistics Server\SDK\Doc\Localization reference.pdf"]
>>> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\Samples.lnk" -> ["D:\RivaTuner Statistics Server\SDK\Samples"]
>>> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\RivaTuner Statistics Server.lnk" -> ["D:\RivaTuner Statistics Server\RTSS.exe"]
>>> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\Uninstall.lnk" -> ["D:\RivaTuner Statistics Server\Uninstall.exe"]
>>> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\АудиоМАСТЕР\АудиоМАСТЕР.lnk" -> ["C:\Users\user\Desktop\фыва\AudioMaster.exe"]
>>> "C:\Users\user\Рабочий стол\Базы данных.lnk" -> ["C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe"]
>>> "C:\Users\user\Рабочий стол\Презентации.lnk" -> ["C:\Program Files\OpenOffice.org 3\program\simpress.exe"]
>>> "C:\Users\user\Рабочий стол\Редактор таблиц.lnk" -> ["C:\Program Files\OpenOffice.org 3\program\scalc.exe"]
>>> "C:\Users\user\Рабочий стол\Текстовый редактор.lnk" -> ["C:\Program Files\OpenOffice.org 3\program\swriter.exe"]
>>> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\АудиоМАСТЕР\Удалить программу.lnk" -> ["C:\Users\user\Desktop\фыва\unins000.exe"]
>>> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\АудиоМАСТЕР\Cправочная система.lnk" -> ["C:\Users\user\Desktop\фыва\Help.chm"]
>>> "C:\Users\user\Desktop\other\Uplay.lnk" -> ["C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"]
>>> "C:\Users\user\Desktop\other\Avast Free Antivirus.lnk" -> ["C:\Program Files\AVAST Software\Avast\AvastUI.exe"]
>>> "C:\Users\user\Desktop\other\MediaGet.lnk" -> ["C:\Users\user\AppData\Local\MediaGet2\mediaget.exe"]
>>> "C:\Users\user\Desktop\other\Service Center.lnk" -> ["C:\Program Files\Native Instruments\Service Center\ServiceCenter.exe"]
>>> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UV SoundRecorder\UV Sound Recorder.lnk" -> ["C:\Users\user\Desktop\UV Sound Recorder\UV SoundRecorder.exe"]
>>> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UV SoundRecorder\Uninstall UV SoundRecorder.lnk" -> ["C:\Users\user\Desktop\UV Sound Recorder\unins000.exe"]
>>> "C:\Users\user\Desktop\other\Massive.lnk" -> ["D:\FLStudio and others\Massive\Massive.exe"]
>>> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Помощник по обновлению до Windows 10.lnk" -> ["C:\Windows10Upgrade\Windows10UpgraderApp.exe" =>> /ClientID "Win10Upgrade:VNL:NHV20:{}"]
>>> "C:\Users\user\Desktop\other\All\Vegas Pro 10.0.lnk" -> ["C:\Program Files (x86)\Sony\Vegas Pro 10.0\vegas100.exe"]
>>> "C:\Users\user\Desktop\other\Cinema4D 32Bit.lnk" -> ["D:\Cinema 4D R12\CINEMA 4D.exe"]
>>> "C:\Users\user\Desktop\other\Cinema4D 64Bit.lnk" -> ["D:\Cinema 4D R12\CINEMA 4D 64 Bit.exe"]
>>> "C:\Users\user\Desktop\other\FL Studio 10.lnk" -> ["D:\FL Studio 10.0.9\FL.exe"]
>>> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX\Nexus\What's New.lnk" -> ["D:\FLStudio and others\FL Studio 11\Plugins\VST\VstPluginsManual\What's New.pdf"]
>>> "C:\ProgramData\Spectrasonics\STEAM.lnk" -> ["D:\FLStudio and others\Omnisphere data\STEAM"]
>>> "C:\Users\user\Desktop\other\for my PC\CPU-Control.lnk" -> ["C:\Program Files (x86)\CPU-Control\CPU_Control.exe"]
>>> "C:\Users\user\Desktop\other\Battle.net.lnk" -> ["D:\Battle.net\Battle.net Launcher.exe"]
>>> "C:\Users\user\Desktop\other\for my PC\Format Factory.lnk" -> ["C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe"]
>>> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12.lnk" -> ["D:\FLStudio and others\FL Studio 12\FL.exe"]
>>> "C:\Users\user\Desktop\other\GeForce Experience.lnk" -> ["C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe"]
>>> "C:\Users\user\Desktop\other\Folder\dlya cs 1.6\Jed's Half-Life Model Viewer.lnk" -> ["C:\Program Files (x86)\Jed's Half-Life Model Viewer 1.3.6\hlmv.exe"]
>>> "C:\Users\user\Desktop\other\Adobe Photoshop CS6 x64.lnk" -> ["D:\Adobe Photoshop CS6\Photoshop.exe"]
>>> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12 (32bit).lnk" -> ["D:\FLStudio and others\FL Studio 12\FL.exe"]
>>> "C:\Users\user\Desktop\other\All\Снятие и монтаж видео\Vegas Pro 13.0 (64-bit).lnk" -> ["C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe"]
>>> "C:\Users\user\Desktop\other\for my PC\MSI Afterburner.lnk" -> ["C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe"]
>>> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12 (64bit).lnk" -> ["D:\FLStudio and others\FL Studio 12\FL64.exe"]
>>> "C:\Users\user\Desktop\other\w10\Windows Update.lnk" -> ["C:\WINDOWS\system32\wuapp.exe" =>> startmenu]
>>> "C:\Users\user\Desktop\other\FL Studio 11.lnk" -> ["D:\FL Studio 11\FL.exe"]
>>> "C:\Users\user\Desktop\other\Hearthstone.lnk" -> ["D:\Hearthstone\Hearthstone Beta Launcher.exe"]
>>> "C:\Users\user\Desktop\other\w10\Помощник по обновлению до Windows 10.lnk" -> ["C:\Windows10Upgrade\Windows10UpgraderApp.exe"]
>>> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReelSmart Motion Blur 4, After Effects-compatible plugin set\Remove ReelSmart Motion Blur 4, After Effects-compatible plugin set.lnk" -> ["C:\WINDOWS\unvise32.exe" =>> C:\PROGRA~2\REVISI~1\UNINST~1\RSMB4A~1.LOG]
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - Task: \Microsoft\Windows\UpdateAssistant\UpdateAssistant - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV20:{} (file missing)
O22 - Task: \Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV20:{} /AllUsersRun (file missing)
O22 - Task: \Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV20:{} /CalendarRun (file missing)
O22 - Task: \Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV20:{} /WakeupRun (file missing)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateAssistant - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} (file missing)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} /CalendarRun (file missing)
Start::
CreateRestorePoint:
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ProxyServer: [S-1-5-21-4115839203-277889472-2027091558-1001] => 151.106.63.166:1080
CHR HKU\S-1-5-21-4115839203-277889472-2027091558-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4115839203-277889472-2027091558-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jinjaccalgkegednnccohejagnlnfdag] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [epgjfmblhacacphaljkdcjllkomdcjpc] - hxxps://clients2.google.com/service/update2/crx
Folder: C:\ProgramData\WindowsMenu
2019-05-12 20:47 - 2019-05-12 23:12 - 000000004 _____ () C:\ProgramData\lock.dat
2019-05-12 20:47 - 2019-05-12 20:48 - 000000008 _____ () C:\ProgramData\ts.dat
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [185]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [185]
AlternateDataStreams: C:\Users\Все пользователи:NT [40]
AlternateDataStreams: C:\Users\Все пользователи:NT2 [185]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [185]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [185]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`bfjhioihihfh [0]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`bfjhioihinfh [0]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhioihinfh [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [468]
AlternateDataStreams: C:\Users\user\Application Data:NT [40]
AlternateDataStreams: C:\Users\user\Application Data:NT2 [185]
AlternateDataStreams: C:\Users\user\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\user\AppData\Roaming:NT2 [185]
AlternateDataStreams: C:\Users\Все пользователи\Application Data:NT [40]
AlternateDataStreams: C:\Users\Все пользователи\Application Data:NT2 [185]
AlternateDataStreams: C:\Users\Все пользователи\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\Users\Все пользователи\MTA San Andreas All:NT2 [185]
AlternateDataStreams: C:\Users\Все пользователи\Reprise:jhqduwvxlctbqqijsf`usjbm`bfjhioihihfh [0]
AlternateDataStreams: C:\Users\Все пользователи\Reprise:jhqduwvxlctbqqijsf`usjbm`bfjhioihinfh [0]
AlternateDataStreams: C:\Users\Все пользователи\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhioihinfh [0]
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "Zaxar"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "NERRR5BJVSA4STJ"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "GB35R2FZ1CFXHOU"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "583949"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "5394275"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "2742185"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "8213117"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "YoutubeDownloader"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "622185"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "4622848"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "S0D9XWZG5JQQ29O"
HKU\S-1-5-21-4115839203-277889472-2027091558-1001\...\StartupApproved\Run: => "gerpril"
EmptyTemp:
Reboot:
End::
;uVS v4.1.4 [http://dsrt.dyndns.org]
;Target OS: NTv10.0
v400c
BREG
;---------command-b---------
delref LINK.EXE
delref %SystemDrive%\PROGRAM
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\AVAST SOFTWARE\OVERSEER\OVERSEER.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.30.3\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.31.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.3\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.17\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.32.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.23\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.30.3\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.31.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.3\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.17\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.32.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.23\PSMACHINE_64.DLL
apply
deltmp
restart
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?