Смотрите видео ниже, чтобы узнать, как установить наш сайт в качестве веб-приложения на домашнем экране.
Примечание: Эта возможность может быть недоступна в некоторых браузерах.
HPWombat [2017/01/13 16:22:05]-->C:\Users\HP\AppData\Roaming\HPWombat\uninstaller.exe
UmmyVideoDownloader [20160807]-->"C:\Users\HP\AppData\Local\UmmyVideoDownloader\unins000.exe"
VideoBox [2015/11/11 23:37:35]-->C:\Users\HP\AppData\Roaming\Baidu\VideoBox\uninst.exe
XCube [2016/03/05 19:58:20]-->C:\Users\HP\AppData\Roaming\XCube\uninst.exe
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
TerminateProcessByName('c:\users\hp\appdata\roaming\xcube\xcube.exe');
TerminateProcessByName('c:\users\hp\appdata\roaming\baidu\videobox\videobox.exe');
TerminateProcessByName('c:\users\hp\appdata\roaming\baidu\videobox\upserver.exe');
TerminateProcessByName('c:\users\hp\appdata\roaming\baidu\videobox\player\player.exe');
TerminateProcessByName('c:\users\hp\appdata\roaming\hpwombat\hpwombatsrv.exe');
TerminateProcessByName('c:\users\hp\appdata\roaming\baidu\videobox\player\hip2pservice.exe');
SetServiceStart('VBUpSvr', 4);
SetServiceStart('HPWombat Service', 4);
StopService('VBUpSvr');
StopService('HPWombat Service');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\zlib1.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\serviceContainer.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\P2SBase.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\P2PStatReport.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\P2PBase.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\p2pAdapter.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\ManagerStub.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\log_report.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\icudt.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\fileservice.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\BDPlayer.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\libcurl.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\icudt.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\box_res.dll', '');
QuarantineFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\box_dll.dll', '');
QuarantineFile('c:\users\hp\appdata\roaming\xcube\xcube.exe', '');
QuarantineFile('c:\users\hp\appdata\roaming\baidu\videobox\videobox.exe', '');
QuarantineFile('c:\users\hp\appdata\roaming\baidu\videobox\upserver.exe', '');
QuarantineFile('c:\users\hp\appdata\roaming\baidu\videobox\player\player.exe', '');
QuarantineFile('c:\users\hp\appdata\roaming\hpwombat\hpwombatsrv.exe', '');
QuarantineFile('c:\users\hp\appdata\roaming\baidu\videobox\player\hip2pservice.exe', '');
DeleteFile('c:\users\hp\appdata\roaming\baidu\videobox\player\hip2pservice.exe', '32');
DeleteFile('c:\users\hp\appdata\roaming\baidu\videobox\player\player.exe', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\box_dll.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\box_res.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\icudt.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\libcurl.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\BDPlayer.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\fileservice.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\icudt.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\log_report.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\ManagerStub.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\p2pAdapter.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\P2PBase.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\P2PStatReport.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\P2SBase.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\serviceContainer.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\zlib1.dll', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\HPWombat\HPWombatSrv.exe', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\UpServer.exe', '32');
DeleteFile('C:\Windows\system32\DRIVERS\BAPIDRV64.sys', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\Baidu\VideoBox\VideoBox.exe', '32');
DeleteFile('C:\Users\HP\AppData\Roaming\XCube\XCube.exe', '32');
DeleteService('BAPIDRV');
DeleteService('VBUpSvr');
DeleteService('HPWombat Service');
DelBHO('{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}');
DeleteFileMask('C:\Users\HP\AppData\Roaming\Baidu\', '*.*', true);
DeleteDirectory('C:\Users\HP\AppData\Roaming\Baidu\');
DeleteFileMask('C:\Users\HP\AppData\Roaming\HPWombat\', '*.*', true);
DeleteDirectory('C:\Users\HP\AppData\Roaming\HPWombat\');
DeleteFileMask('C:\Users\HP\AppData\Roaming\XCube\', '*.*', true);
DeleteDirectory('C:\Users\HP\AppData\Roaming\XCube\');
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Run', 'VideoBox');
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Run', 'XCube');
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
ClearHostsFile;
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
begin
CreateQurantineArchive('c:\quarantine.zip');
end.
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - (no file)
O22 - ScheduledTask: (Disabled) HiveUploadTask - \Microsoft\Windows\User Profile Service - (XML-код задачи содержит значение в неправильном формате или за пределами допустимого диапазона., idx: 6)
O22 - ScheduledTask: (Disabled) VerifiedPublisherCertStoreCheck - \Microsoft\Windows\AppID - (XML-код задачи содержит значение в неправильном формате или за пределами допустимого диапазона., idx: 6)
O22 - ScheduledTask: (Ready) BackgroundUploadTask - \Microsoft\Windows\SettingSync - (Образ задачи поврежден или изменен., idx: 6)
O22 - ScheduledTask: (Ready) Consolidator - \Microsoft\Windows\Customer Experience Improvement Program - (XML-код задачи содержит значение в неправильном формате или за пределами допустимого диапазона., idx: 6)
O22 - ScheduledTask: (Ready) License Validation - \Microsoft\Windows\WS - (XML-код задачи содержит значение в неправильном формате или за пределами допустимого диапазона., idx: 6)
O22 - ScheduledTask: (Ready) RacTask - \Microsoft\Windows\RAC - (XML-код задачи содержит значение в неправильном формате или за пределами допустимого диапазона., idx: 6)
O22 - ScheduledTask: (Ready) SystemTask - \Microsoft\Windows\CertificateServicesClient - (XML-код задачи содержит значение в неправильном формате или за пределами допустимого диапазона., idx: 6)
O22 - ScheduledTask: (Ready) UserTask - \Microsoft\Windows\CertificateServicesClient - (XML-код задачи содержит значение в неправильном формате или за пределами допустимого диапазона., idx: 6)
start
CreateRestorePoint:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> {C05A823C-0CCF-4261-84B7-31C893CF04E0} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2371436881-4241300498-3741803415-1002 -> DefaultScope {4CED39A0-0976-4C59-8D74-A9155279B68C} URL =
FF Plugin HKU\S-1-5-21-2371436881-4241300498-3741803415-1002: hao123.com/VideoBox -> C:\Users\HP\AppData\Roaming\Baidu\VideoBox\plugin\browser\npVboxPlugin.dll [No File]
CHR HomePage: Default -> hxxp://www.kizihome.com
CHR StartupUrls: Default -> "hxxp://www.kizihome.com "
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Tampermonkey) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-11-09]
CHR Extension: (Fast search) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-13]
CHR HKU\S-1-5-21-2371436881-4241300498-3741803415-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pchfckkccldkbclgdepkaonamkignanh] - hxxp://clients2.google.com/service/update2/crx
OPR Extension: (YouWatch) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\lolpdhiocgjpmamiogamfejeakmnlehj [2016-11-10]
OPR Extension: (Fast search) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-13]
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
2017-01-13 16:22 - 2017-01-13 19:53 - 00000000 ____D C:\Users\HP\AppData\Roaming\MediaPlayerApplication
2017-01-13 16:22 - 2017-01-13 16:22 - 00001252 _____ C:\Users\HP\Desktop\mplayerc.lnk
C:\Users\HP\AppData\Local\Temp\AmigoDistrib.exe
C:\Users\HP\AppData\Local\Temp\mailruhomesearch.exe
C:\Users\HP\AppData\Local\Temp\setup.exe
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
FirewallRules: [{97FA6D8B-5BFC-4416-A4FB-C76DE48CE657}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{5F74946C-75AA-475B-9218-5DD371D93883}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{E059E856-BA33-4050-8336-44C542090F7A}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{9B9926BA-493C-44CB-AC83-2D68D824148B}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{4CD5DE8C-5425-4085-A527-D14F18811DC7}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\VideoBox.exe
FirewallRules: [{66857E9D-40D1-433F-8EC9-75E4DA027EBD}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\VideoBox.exe
FirewallRules: [{09344C84-150B-4552-B827-146CADB318FD}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\stat.exe
FirewallRules: [{F260D9AF-98D2-4B12-A008-EFA0743C06DE}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\stat.exe
FirewallRules: [{616216D1-49F5-4B13-ABF2-B821D4D45BEF}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\HiP2PService.exe
FirewallRules: [{945902D0-3521-41F3-9884-EB7CA8CA7930}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\HiP2PService.exe
FirewallRules: [{D4B575F3-7746-46EA-A8B3-314B5FA20290}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\player.exe
FirewallRules: [{1B350351-8CEE-46CE-BD25-32F61B86D1EE}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\player.exe
FirewallRules: [{5EA3D08E-65CB-4C55-8559-E19259C387DD}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\UpServer.exe
FirewallRules: [{593EFB4F-B9BC-4085-86E9-CB70F00FEADF}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\UpServer.exe
FirewallRules: [{B9BD413C-7ED0-41F2-8251-C2CDA3D9517D}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\vbUpdate.exe
FirewallRules: [{69501C9A-0DE4-49CA-B356-7F26BAF6B6CE}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\vbUpdate.exe
FirewallRules: [{6B756009-D795-4852-8AA0-0F3F327F2E2F}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\bugreport.exe
FirewallRules: [{C236E52A-C115-4A3E-B288-D3A9CD0B8A1E}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\bugreport.exe
FirewallRules: [{7A865217-F08D-444B-85BD-A2EE92729090}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\VideoBox.exe
FirewallRules: [{342B4038-407E-4DC1-82A1-179FC1350E4A}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\VideoBox.exe
FirewallRules: [{37B0F7E6-F6A1-4F1F-9E75-E06D47776207}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\stat.exe
FirewallRules: [{90A6E58A-625A-4F95-A71D-C82ADF0B7FBA}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\stat.exe
FirewallRules: [{4967CA1C-3A86-43CB-858C-9599FA8BA7F2}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\HiP2PService.exe
FirewallRules: [{34E50190-F391-4CB0-8C80-41868FBC6BF0}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\HiP2PService.exe
FirewallRules: [{3734A6FB-5C90-401A-9602-3572A9D15567}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\player.exe
FirewallRules: [{0A2B43C6-DF7E-46D2-BAC6-B0AB9948E888}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\player\player.exe
FirewallRules: [{0D33910E-A3D0-431D-AF79-A838EF7BCB74}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\UpServer.exe
FirewallRules: [{199EC027-E5F3-40F8-B7BE-5597FB6CCB91}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\UpServer.exe
FirewallRules: [{836A83F3-F8F2-4987-BE5B-8E22A26BDEB4}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\vbUpdate.exe
FirewallRules: [{1ECB15BC-A5A2-45A6-9CC7-D2F6EB73BDD7}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\vbUpdate.exe
FirewallRules: [{60BEB816-A1D6-4D9A-B9EA-B3596FBEA2FB}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\bugreport.exe
FirewallRules: [{7858618F-061A-4945-A98D-A1F86BE3B5FC}] => C:\Users\HP\AppData\Roaming\Baidu\VideoBox\bugreport.exe
FirewallRules: [{3B47CA9D-3E3B-4474-B36A-97EE4CBCDF96}] => C:\Users\HP\AppData\Roaming\XCube\XCube.exe
FirewallRules: [{2CE90B13-52B7-468F-9627-416A2773A748}] => C:\Users\HP\AppData\Roaming\XCube\XCube.exe
FirewallRules: [{52E172DB-BA06-4C59-BF0C-0983F8CB6D81}] => C:\Users\HP\AppData\Roaming\XCube\bugreport.exe
FirewallRules: [{3E914979-1318-4F62-9C9D-F26CA499395C}] => C:\Users\HP\AppData\Roaming\XCube\bugreport.exe
EmptyTemp:
Reboot:
end