Оооо, нет, максимум что добавлял так это adobe и всё.Сами столько записей в hosts добавляли?
start
CMD: wmic /Namespace:\\root\default Path SystemRestore Call Enable "%SystemDrive%"
CreateRestorePoint:
HKU\S-1-5-21-181000615-3261950118-2443793598-1000\...\Policies\Explorer: []
HKU\S-1-5-21-181000615-3261950118-2443793598-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-181000615-3261950118-2443793598-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Hosts:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: [S-1-5-21-181000615-3261950118-2443793598-1000] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM-x32\...\Chrome\Extension: [gdknicmnhbaajdglbinpahhapghpakch] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jedelkhanefmcnpappfhachbpnlhomai] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pganlglbhgfjfgopijbhemcpbehjnpia] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
2017-01-05 14:25 - 2017-01-05 14:25 - 00000077 _____ C:\Windows\system32\Drivers\etc\hosts_PTbackup2.bak
EmptyTemp:
Reboot:
end
Сам ставил, и вот буквально пару часов назад удалил из-за ненадобности.Kingo Root сами ставили? Просто в списке установленных ее нет!!!
Программка ушла, а шмотье своё забылаА процессы и службы от него остались))
start
CreateRestorePoint:
() C:\Users\123\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
R2 KingoSoftService; C:\Users\123\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe [367584 2016-12-22] ()
C:\Users\123\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe
C:\Users\123\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
C:\Users\123\AppData\Local\Kingosoft\Kingo Root\
C:\Program Files (x86)\internet explorer\iexplore.bat
C:\Windows\pss\w98Eject.lnk
C:\Windows\pss\w98Eject.lnk.CommonStartup
2016-12-22 18:47 - 2017-01-05 19:48 - 00000000 ____D C:\Program Files (x86)\Kingo ROOT
2016-12-22 18:47 - 2016-12-22 18:47 - 00000000 ____D C:\Users\123\AppData\Roaming\Kingosoft
2016-12-22 18:47 - 2016-12-22 18:47 - 00000000 ____D C:\Users\123\AppData\Local\Kingosoft
Task: {15F6110D-2D29-4F99-BC7F-4C4AFB165A5D} - \{3A054213-EB28-40B0-97C6-B5BC09205F94} -> No File <==== ATTENTION
Task: {3D87B38D-B8A6-4E90-A60B-5470847929DD} - System32\Tasks\{0686888D-7B9F-4897-974B-FA9962378120} => pcalua.exe -a C:\Users\123\Downloads\NetFx20SP2_x64.exe -d C:\Users\123\Downloads
Task: {48F4E153-860F-4B20-9EC6-6248E4250FF5} - \{4C652DCB-C09C-4278-AA6C-5269A9DE1C7E} -> No File <==== ATTENTION
Task: {6F11AA32-763F-4FBF-B7DA-AC182631B06A} - System32\Tasks\{4E91DEC2-7DDC-491D-ADCA-9665503F526C} => pcalua.exe -a C:\Users\123\Downloads\dotnetfx30SP1setup.exe -d C:\Users\123\Downloads
Task: {739853F2-98D3-4217-BDF4-381230527E2C} - \{33E05A33-4E09-408D-8596-9713BEAC6A4D} -> No File <==== ATTENTION
Task: {958D97B0-1083-412E-BC30-3FBDFE38BB17} - System32\Tasks\{137FCD6C-DC64-4EE4-B3ED-AE63DC5AC749} => pcalua.exe -a "C:\Program Files (x86)\kX Audio Driver\a2ddrivers312.exe" -d "C:\Program Files (x86)\kX Audio Driver"
Task: {9A4218BC-B638-4E76-B1A0-809C7429623C} - \{BC22A287-8F10-4525-A08B-3E00AD0A699E} -> No File <==== ATTENTION
Task: {9B3F3C2A-1913-4082-94CE-E57EA10A02A5} - \{DDD987BA-D5CD-4113-9C1E-18885D66501C} -> No File <==== ATTENTION
Task: {9E9887A0-6F2F-4D74-B3B0-7BB66BCEF807} - \{F027CC18-A530-4C69-881F-B50F1597FE8F} -> No File <==== ATTENTION
2016-12-22 18:49 - 2016-12-22 18:48 - 00017376 _____ () C:\Users\123\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [116]
AlternateDataStreams: C:\Users\Все пользователи\TEMP:A1EDB939 [116]
HKU\S-1-5-21-181000615-3261950118-2443793598-1000\Software\Classes\.scr: scrfile => <===== ATTENTION
IE trusted site: HKU\S-1-5-21-181000615-3261950118-2443793598-1000\...\4game.com -> hxxps://4game.com
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^w98Eject.lnk => C:\Windows\pss\w98Eject.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon =>
MSCONFIG\startupreg: Autodesk Sync =>
MSCONFIG\startupreg: BitTorrent =>
EmptyTemp:
Reboot:
end
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?