Вирус-установщик, медленная работа компьютера [not-a-virus:WebToolbar.Win32.Agent.byh, not-a-virus:RiskTool.Win32.GlobalUpdate.dd ]

Проверка cure it'ом показала что очень много вирусов
Но почистить их не удалось
Прошу помочь, спасибо

Уважаемый(ая) [B]Nidhogg[/B], спасибо за обращение на наш форум!

Помощь при заражении комьютера на VirusInfo.Info оказывается абсолютно бесплатно. Хелперы, в самое ближайшее время, ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в [URL="http://virusinfo.info/pravila.html"]правилах оформления запроса о помощи[/URL].

Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста [URL="http://virusinfo.info/content.php?r=113-virusinfo.info-donate"]поддержите проект[/URL].

Выполните скрипт в AVZ
[code]begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\Катя\appdata\local\smartweb\__u.exe','');
QuarantineFile('C:\Users\Катя\AppData\Roaming\oursurfing\UninstallManager.exe','');
QuarantineFile('C:\Program Files (x86)\Torrent Search\P9qQBHj.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-7.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-6.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-5.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-3.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-11.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-10.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-7.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-6.exe','');
DelBHO('{6E727987-C8EA-44DA-8749-310C0FBE3C3E}');
DelBHO('{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}');
QuarantineFile('C:\Program Files (x86)\Torrent Search\IEEF\4BhGVQRcD6.dll','');
QuarantineFile('C:\iexplore.bat','');
QuarantineFile('C:\Users\Катя\AppData\Local\Yandex\browser.bat','');
QuarantineFile('C:\Program Files (x86)\Zaxar\timetasks.exe','');
QuarantineFile('C:\Program Files (x86)\Zaxar\ZaxarLoader.exe','');
QuarantineFile('C:\Program Files (x86)\Zaxar\ZaxarGameBrowser.exe','');
QuarantineFile('C:\Program Files (x86)\Google\chrome.bat','');
DeleteService('TSSKX64');
DeleteService('TS888x64');
DeleteService('QMUdisk');
SetServiceStart('innfd_1_10_0_14', 4);
DeleteService('innfd_1_10_0_14');
QuarantineFile('C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe','');
DeleteService('globalUpdatem');
DeleteService('globalUpdate');
SetServiceStart('zeminoxy', 4);
DeleteService('zeminoxy');
SetServiceStart('xubigomo', 4);
DeleteService('xubigomo');
SetServiceStart('minidixe', 4);
DeleteService('minidixe');
SetServiceStart('lozycegu', 4);
DeleteService('lozycegu');
SetServiceStart('kozyhese', 4);
DeleteService('kozyhese');
SetServiceStart('insvc_1.10.0.14', 4);
DeleteService('insvc_1.10.0.14');
QuarantineFile('C:\Windows\system32\drivers\innfd_1_10_0_14.sys','');
QuarantineFile('C:\Users\Катя\AppData\Local\SmartWeb\swhk.dll','');
TerminateProcessByName('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\vnsw4339.tmp');
QuarantineFile('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\vnsw4339.tmp','');
TerminateProcessByName('c:\users\Катя\appdata\local\gmsd_ru_258\upgmsd_ru_258.exe');
QuarantineFile('c:\users\Катя\appdata\local\gmsd_ru_258\upgmsd_ru_258.exe','');
TerminateProcessByName('c:\users\Катя\appdata\local\4e435451-1432768880-3034-4332-10bf48a1ada4\snsh5ee3.tmp');
QuarantineFile('c:\users\Катя\appdata\local\4e435451-1432768880-3034-4332-10bf48a1ada4\snsh5ee3.tmp','');
TerminateProcessByName('c:\users\Катя\appdata\local\smartweb\smartwebhelper.exe');
QuarantineFile('c:\users\Катя\appdata\local\smartweb\smartwebhelper.exe','');
TerminateProcessByName('c:\users\Катя\appdata\local\smartweb\smartwebapp.exe');
QuarantineFile('c:\users\Катя\appdata\local\smartweb\smartwebapp.exe','');
TerminateProcessByName('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\nsdeabe.tmp');
QuarantineFile('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\nsdeabe.tmp','');
TerminateProcessByName('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\jnsg8841.tmp');
QuarantineFile('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\jnsg8841.tmp','');
TerminateProcessByName('c:\program files (x86)\infonaut_1.10.0.14\service\insvc.exe');
QuarantineFile('c:\program files (x86)\infonaut_1.10.0.14\service\insvc.exe','');
TerminateProcessByName('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\hnsga0a3.tmp');
QuarantineFile('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\hnsga0a3.tmp','');
TerminateProcessByName('c:\program files (x86)\crossbrowse\crossbrowse\application\crossbrowse.exe');
TerminateProcessByName('c:\program files (x86)\gmsd_ru_258\gmsd_ru_258.exe');
QuarantineFile('c:\program files (x86)\gmsd_ru_258\gmsd_ru_258.exe','');
QuarantineFile('c:\program files (x86)\crossbrowse\crossbrowse\application\crossbrowse.exe','');
TerminateProcessByName('c:\users\Катя\appdata\local\4e435451-1432768863-3034-4332-10bf48a1ada4\cnsh33a1.tmp');
QuarantineFile('c:\users\Катя\appdata\local\4e435451-1432768863-3034-4332-10bf48a1ada4\cnsh33a1.tmp','');
QuarantineFile('c:\users\Катя\appdata\local\4e435451-1432768863-3034-4332-10bf48a1ada4\ansc3075.exe','');
TerminateProcessByName('c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-6.exe');
QuarantineFile('c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-6.exe','');
TerminateProcessByName('c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-6.exe');
QuarantineFile('c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-6.exe','');
DeleteFile('c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-6.exe','32');
DeleteFile('c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-6.exe','32');
DeleteFile('c:\users\Катя\appdata\local\4e435451-1432768863-3034-4332-10bf48a1ada4\ansc3075.exe','32');
DeleteFile('c:\users\Катя\appdata\local\4e435451-1432768863-3034-4332-10bf48a1ada4\cnsh33a1.tmp','32');
DeleteFile('c:\program files (x86)\crossbrowse\crossbrowse\application\crossbrowse.exe','32');
DeleteFile('c:\program files (x86)\gmsd_ru_258\gmsd_ru_258.exe','32');
DeleteFile('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\hnsga0a3.tmp','32');
DeleteFile('c:\program files (x86)\infonaut_1.10.0.14\service\insvc.exe','32');
DeleteFile('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\jnsg8841.tmp','32');
DeleteFile('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\nsdeabe.tmp','32');
DeleteFile('c:\users\Катя\appdata\local\smartweb\smartwebapp.exe','32');
DeleteFile('c:\users\Катя\appdata\local\smartweb\smartwebhelper.exe','32');
DeleteFile('c:\users\Катя\appdata\local\4e435451-1432768880-3034-4332-10bf48a1ada4\snsh5ee3.tmp','32');
DeleteFile('c:\users\Катя\appdata\local\gmsd_ru_258\upgmsd_ru_258.exe','32');
DeleteFile('c:\users\Катя\appdata\roaming\4e435451-1432754276-3034-4332-10bf48a1ada4\vnsw4339.tmp','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\chrome.dll','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\chrome_child.dll','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\chrome_elf.dll','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libegl.dll','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libglesv2.dll','32');
DeleteFile('C:\Users\Катя\AppData\Local\SmartWeb\swhk.dll','32');
DeleteFile('C:\Windows\system32\drivers\innfd_1_10_0_14.sys','32');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TS888x64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMUdisk64.sys','32');
DeleteFile('C:\Windows\system32\drivers\tsskx64.sys','32');
DeleteFile('C:\Program Files (x86)\Google\chrome.bat','32');
DeleteFile('C:\Program Files (x86)\Zaxar\ZaxarGameBrowser.exe','32');
DeleteFile('C:\Program Files (x86)\Zaxar\ZaxarLoader.exe','32');
DeleteFile('C:\Program Files (x86)\Zaxar\timetasks.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','gmsd_ru_258');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Timestasks','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZaxarLoader','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZaxarGameBrowser','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_ru_258','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinCheck','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','SmartWeb');
DeleteFile('C:\Users\Катя\AppData\Local\Yandex\browser.bat','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','upgmsd_ru_258.exe');
DeleteFile('C:\iexplore.bat','32');
DeleteFile('C:\Program Files (x86)\Torrent Search\IEEF\4BhGVQRcD6.dll','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-10.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-11.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-3.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-5.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-6.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-4.5vV28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-7.exe','32');
DeleteFile('C:\Windows\Tasks\Ctdby3QQgs9.job','64');
DeleteFile('C:\Windows\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-7.job','64');
DeleteFile('C:\Windows\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-6.job','64');
DeleteFile('C:\Windows\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-5_user.job','64');
DeleteFile('C:\Windows\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-5.job','64');
DeleteFile('C:\Windows\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-3.job','64');
DeleteFile('C:\Windows\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-11.job','64');
DeleteFile('C:\Windows\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-10_user.job','64');
DeleteFile('C:\Windows\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-7.job','64');
DeleteFile('C:\Windows\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-6.job','64');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job','64');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job','64');
DeleteFile('C:\Windows\Tasks\Update Service for Torrent Search.job','64');
DeleteFile('C:\Windows\Tasks\Update Service for Torrent Search2.job','64');
DeleteFile('C:\Program Files (x86)\Torrent Search\P9qQBHj.exe','32');
DeleteFile('C:\Windows\system32\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-6','64');
DeleteFile('C:\Windows\system32\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-7','64');
DeleteFile('C:\Windows\system32\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-11','64');
DeleteFile('C:\Windows\system32\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-3','64');
DeleteFile('C:\Windows\system32\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-5','64');
DeleteFile('C:\Windows\system32\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-6','64');
DeleteFile('C:\Windows\system32\Tasks\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-7','64');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineCore','64');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineUA','64');
DeleteFile('C:\Windows\system32\Tasks\Soft installer','64');
DeleteFile('C:\Windows\system32\Tasks\SmartWeb Upgrade Trigger Task','64');
DeleteFile('C:\Windows\system32\Tasks\Update Service for Torrent Search','64');
DeleteFile('C:\Windows\system32\Tasks\Update Service for Torrent Search2','64');
DeleteFile('C:\Users\Катя\AppData\Local\Host installer\4236564619_monster.exe','32');
DeleteFile('C:\Users\Катя\AppData\Roaming\oursurfing\UninstallManager.exe','32');
DeleteFile('C:\Windows\system32\Tasks\{01F0A781-78E6-44AD-92D4-8C6D0048A922}','64');
DeleteFile('C:\Users\Катя\appdata\local\smartweb\__u.exe','32');
DeleteFile('C:\Users\Катя\AppData\Local\Temp\nscB423.tmp\blowfish.dll','32');
DeleteFile('C:\Users\Катя\AppData\Local\Temp\nsp2186.tmp\blowfish.dll','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.[/code]Компьютер перезагрузится.

Пришлите карантин согласно [B]Приложения 2[/B] правил по красной ссылке [COLOR="Red"][U][B]Прислать запрошенный карантин[/B][/U][/COLOR] над первым сообщением в Вашей теме.

[B][COLOR="Blue"]Сделайте новые логи по правилам[/COLOR][/B]

Сделайте лог [url="http://virusinfo.info/soft/tool.php?tool=checkbrowserlnk"]CheckBrowserLnk[/url]

Спасибо за оперативный ответ
прикрепляю

Скачайте [url=http://virusinfo.info/soft/tool.php?tool=ClearLNK]ClearLNK[/url] и сохраните архив с утилитой на Рабочем столе.
[list][*]Распакуйте архив с утилитой в отдельную папку.[*]Перенесите [B]Check_Browsers_LNK.log[/B] на ClearLNK как показано на рисунке

[img]http://dragokas.com/tools/move.gif[/img]
[*]Отчет о работе [b]ClearLNK-<Дата>.log[/b] будет сохранен в папке [b]LOG[/b].[*]Прикрепите этот отчет к своему следующему сообщению.[/list]

Скачайте [url=http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/][b]Farbar Recovery Scan Tool[/b][/url] [img]http://i.imgur.com/NAAC5Ba.png[/img] и сохраните на Рабочем столе.

[b]Примечание[/b]: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.
[list][*]Запустите программу двойным щелчком. Когда программа запустится, нажмите [b]Yes[/b] для соглашения с предупреждением.[*]Убедитесь, что в окне [b]Optional Scan[/b] отмечены [i]"List BCD"[/i] и [i]"Driver MD5"[/i].
[img]http://i.imgur.com/B92LqRQ.png[/img][*]Нажмите кнопку [b]Scan[/b].[*]После окончания сканирования будет создан отчет ([b]FRST.txt[/b]) в той же папке, откуда была запущена программа. Пожалуйста, прикрепите отчет в следующем сообщении.[*]Если программа была запущена в первый раз, будет создан отчет ([b]Addition.txt[/b]). Пожалуйста, прикрепите его в следующем сообщении.[/list]

Прикрепил отчеты.

Скопируйте приведенный ниже текст в Блокнот и сохраните файл как [b]fixlist.txt[/b] в ту же папку, откуда была запущена утилита Farbar Recovery Scan Tool:
[code]
CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Startup: C:\Users\Катя\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-05-30]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&q={searchTerms}
HKU\S-1-5-21-1013785140-1009257019-232061116-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://getsearch.ru/?ri=1&rsid=b52ed1de0b2ede6dc5332c361c426942&q={searchTerms}
HKU\S-1-5-21-1013785140-1009257019-232061116-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX
HKU\S-1-5-21-1013785140-1009257019-232061116-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://getsearch.ru/?ri=1&rsid=b52ed1de0b2ede6dc5332c361c426942&q={searchTerms}
URLSearchHook: [S-1-5-21-1013785140-1009257019-232061116-1001] ATTENTION ==> Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-1013785140-1009257019-232061116-1001 - (No Name) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=ds&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=ds&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=ds&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=ds&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1013785140-1009257019-232061116-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?q={SearchTerms}&fr=ntg&gp=anvir3
SearchScopes: HKU\S-1-5-21-1013785140-1009257019-232061116-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&ts=1432924729&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1013785140-1009257019-232061116-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&ts=1432924729&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1013785140-1009257019-232061116-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&ts=1432924729&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1013785140-1009257019-232061116-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&ts=1432924729&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1013785140-1009257019-232061116-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&ts=1432924729&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1013785140-1009257019-232061116-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX&ts=1432924729&type=default&q={searchTerms}
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll [2015-05-30] (Goobzo Ltd.)
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll [2015-05-30] (Goobzo Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1432755079&z=8d5e4db7dee8ec42048cc40gazacboem9wfw6eem4g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX
CHR Extension: (SavePass 1.1) - C:\Users\Катя\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2015-05-30]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.oursurfing.com/?type=sc&ts=1432924696&z=97edd2cef324099b74cf2c1g3zfc3o3tcocb2oct5g&from=cmi&uid=HitachiXHTS547575A9E384_J2540020C6AV5EC6AV5EX
OPR Extension: (SavePass 1.1) - C:\Users\Катя\AppData\Roaming\Opera Software\Opera Stable\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2015-05-30]
OPR Extension: (Ge-Force) - C:\Users\Катя\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhongheibdpfhdpfccheljfcabgliidh [2015-05-30]
OPR Extension: (Sense) - C:\Users\Катя\AppData\Roaming\Opera Software\Opera Stable\Extensions\knlpigpfaognbholppaembpfphilacie [2015-05-30]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-05-30] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-05-30] (globalUpdate) [File not signed] <==== ATTENTION
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58528 2015-05-29] (YTDownloader)
R2 SPDRIVER_1.42.1.1899; C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1899\jsdrv.sys [52384 2015-05-30] ()
2015-05-30 19:46 - 2015-05-30 19:46 - 00003428 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2015-05-30 19:45 - 2015-05-30 19:45 - 00004270 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2015-05-30 19:44 - 2015-05-30 19:44 - 00004084 _____ () C:\Windows\System32\Tasks\Crossbrowse
2015-05-30 19:44 - 2015-05-30 19:44 - 00002392 _____ () C:\Users\Public\Desktop\Crossbrowse.lnk
2015-05-30 19:44 - 2015-05-30 19:44 - 00001054 _____ () C:\Windows\Tasks\Crossbrowse.job
2015-05-30 19:44 - 2015-05-30 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-05-30 19:43 - 2015-05-30 19:46 - 00000000 ____D () C:\rei
2015-05-30 19:43 - 2015-05-30 19:45 - 00000000 ____D () C:\Users\Все пользователи\Reimage Protector
2015-05-30 19:43 - 2015-05-30 19:45 - 00000000 ____D () C:\ProgramData\Reimage Protector
2015-05-30 19:43 - 2015-05-30 19:45 - 00000000 ____D () C:\Program Files\Reimage
2015-05-30 19:43 - 2015-05-30 19:43 - 00001903 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2015-05-30 19:43 - 2015-05-30 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2015-05-30 19:41 - 2015-05-30 19:46 - 00000128 _____ () C:\Windows\Reimage.ini
2015-05-30 19:40 - 2015-05-30 20:40 - 00005842 _____ () C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-6.job
2015-05-30 19:40 - 2015-05-30 20:40 - 00003118 _____ () C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-6.job
2015-05-30 19:40 - 2015-05-30 19:40 - 00008870 _____ () C:\Windows\System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-6
2015-05-30 19:40 - 2015-05-30 19:40 - 00008528 _____ () C:\Windows\System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-7
2015-05-30 19:40 - 2015-05-30 19:40 - 00008194 _____ () C:\Windows\System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-11
2015-05-30 19:40 - 2015-05-30 19:40 - 00007504 _____ () C:\Windows\System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-3
2015-05-30 19:40 - 2015-05-30 19:40 - 00006484 _____ () C:\Windows\System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-7
2015-05-30 19:40 - 2015-05-30 19:40 - 00006146 _____ () C:\Windows\System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-6
2015-05-30 19:40 - 2015-05-30 19:40 - 00005498 _____ () C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-7.job
2015-05-30 19:40 - 2015-05-30 19:40 - 00005456 _____ () C:\Windows\System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-5
2015-05-30 19:40 - 2015-05-30 19:40 - 00005164 _____ () C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-11.job
2015-05-30 19:40 - 2015-05-30 19:40 - 00004474 _____ () C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-3.job
2015-05-30 19:40 - 2015-05-30 19:40 - 00003454 _____ () C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-7.job
2015-05-30 19:40 - 2015-05-30 19:40 - 00002762 _____ () C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-5_user.job
2015-05-30 19:40 - 2015-05-30 19:40 - 00002426 _____ () C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-5_user.job
2015-05-30 19:40 - 2015-05-30 19:40 - 00002426 _____ () C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-5.job
2015-05-30 19:40 - 2015-05-30 19:40 - 00002092 _____ () C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-10_user.job
2015-05-30 19:40 - 2015-05-30 19:40 - 00000000 ____D () C:\Program Files (x86)\SavePass 1.1
2015-05-30 19:40 - 2015-05-30 19:40 - 00000000 ____D () C:\Program Files (x86)\a237421e-f6eb-403c-9eb7-258a1b8de38c
2015-05-30 19:39 - 2015-05-30 20:39 - 00005834 _____ () C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-6.job
2015-05-30 19:39 - 2015-05-30 20:39 - 00005828 _____ () C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-6.job
2015-05-30 19:39 - 2015-05-30 20:39 - 00003446 _____ () C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-6.job
2015-05-30 19:39 - 2015-05-30 20:39 - 00003440 _____ () C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-6.job
2015-05-30 19:39 - 2015-05-30 19:40 - 00005792 _____ () C:\Windows\System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-5
2015-05-30 19:39 - 2015-05-30 19:40 - 00005786 _____ () C:\Windows\System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-5
2015-05-30 19:39 - 2015-05-30 19:40 - 00002762 _____ () C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-5.job
2015-05-30 19:39 - 2015-05-30 19:40 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2015-05-30 19:39 - 2015-05-30 19:39 - 00008864 _____ () C:\Windows\System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-7
2015-05-30 19:39 - 2015-05-30 19:39 - 00008862 _____ () C:\Windows\System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-6
2015-05-30 19:39 - 2015-05-30 19:39 - 00008858 _____ () C:\Windows\System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-7
2015-05-30 19:39 - 2015-05-30 19:39 - 00008856 _____ () C:\Windows\System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-6
2015-05-30 19:39 - 2015-05-30 19:39 - 00006820 _____ () C:\Windows\System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-7
2015-05-30 19:39 - 2015-05-30 19:39 - 00006814 _____ () C:\Windows\System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-7
2015-05-30 19:39 - 2015-05-30 19:39 - 00006474 _____ () C:\Windows\System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-6
2015-05-30 19:39 - 2015-05-30 19:39 - 00006468 _____ () C:\Windows\System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-6
2015-05-30 19:39 - 2015-05-30 19:39 - 00005834 _____ () C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-7.job
2015-05-30 19:39 - 2015-05-30 19:39 - 00005828 _____ () C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-7.job
2015-05-30 19:39 - 2015-05-30 19:39 - 00003790 _____ () C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-7.job
2015-05-30 19:39 - 2015-05-30 19:39 - 00003784 _____ () C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-7.job
2015-05-30 19:39 - 2015-05-30 19:39 - 00002756 _____ () C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-5_user.job
2015-05-30 19:39 - 2015-05-30 19:39 - 00002756 _____ () C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-5.job
2015-05-30 19:39 - 2015-05-30 19:39 - 00002718 _____ () C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator
2015-05-30 19:39 - 2015-05-30 19:39 - 00001050 _____ () C:\Users\Катя\Desktop\PC Speed Up.lnk
2015-05-30 19:39 - 2015-05-30 19:39 - 00000338 _____ () C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2015-05-30 19:39 - 2015-05-30 19:39 - 00000000 ____D () C:\Users\Катя\Documents\PCSpeedUp
2015-05-30 19:39 - 2015-05-30 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
2015-05-30 19:39 - 2015-05-30 19:39 - 00000000 ____D () C:\Program Files (x86)\24b9ad85-ce8f-4f34-864a-47ec2dc39968
2015-05-30 19:38 - 2015-05-30 19:45 - 00000882 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-05-30 19:38 - 2015-05-30 19:45 - 00000878 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-05-30 19:38 - 2015-05-30 19:40 - 00003880 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-05-30 19:38 - 2015-05-30 19:40 - 00003626 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-05-30 19:38 - 2015-05-30 19:40 - 00000000 ____D () C:\Users\Катя\AppData\Local\BrowserHelper
2015-05-30 19:38 - 2015-05-30 19:40 - 00000000 ____D () C:\Program Files (x86)\Ge-Force
2015-05-30 19:38 - 2015-05-30 19:40 - 00000000 ____D () C:\Program Files (x86)\2847b357-3585-4a3e-b4ee-c3c4406dc6c2
2015-05-30 19:38 - 2015-05-30 19:39 - 00000000 ____D () C:\Program Files (x86)\Sense
2015-05-30 19:38 - 2015-05-30 19:38 - 00008522 _____ () C:\Windows\System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-11
2015-05-30 19:38 - 2015-05-30 19:38 - 00008516 _____ () C:\Windows\System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-11
2015-05-30 19:38 - 2015-05-30 19:38 - 00005492 _____ () C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-11.job
2015-05-30 19:38 - 2015-05-30 19:38 - 00005486 _____ () C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-11.job
2015-05-30 19:38 - 2015-05-30 19:38 - 00003578 _____ () C:\Windows\System32\Tasks\YTDownloader
2015-05-30 19:38 - 2015-05-30 19:38 - 00002084 _____ () C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-10_user.job
2015-05-30 19:37 - 2015-05-30 19:38 - 00003900 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2015-05-30 19:37 - 2015-05-30 19:37 - 00004498 _____ () C:\Windows\System32\Tasks\ShopperPro
2015-05-30 19:37 - 2015-05-30 19:37 - 00003564 _____ () C:\Windows\System32\Tasks\ShopperProJSUpd
2015-05-30 19:37 - 2015-05-30 19:37 - 00003490 _____ () C:\Windows\System32\Tasks\SPDriver
2015-05-30 19:37 - 2015-05-30 19:37 - 00001951 _____ () C:\Users\Љ*вп\Desktop\YTDownloader.lnk
2015-05-30 19:37 - 2015-05-30 19:37 - 00000000 ____D () C:\Users\Љ*вп\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2015-05-30 19:37 - 2015-05-30 19:37 - 00000000 ____D () C:\Users\Все пользователи\ShopperPro
2015-05-30 19:37 - 2015-05-30 19:37 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-05-30 19:37 - 2015-05-30 19:37 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-05-30 19:37 - 2015-05-30 19:37 - 00000000 ____D () C:\Program Files (x86)\YTDownloader
2015-05-30 19:37 - 2015-05-30 19:37 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-05-30 17:38 - 2015-05-30 17:38 - 00003146 _____ () C:\Windows\System32\Tasks\{DD4984A1-D640-48B1-8CB4-FEA27CB125DA}
2015-05-30 13:18 - 2015-05-30 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Обнови Софт
2015-05-30 13:18 - 2015-05-30 13:18 - 00000175 _____ () C:\Users\Катя\Desktop\Искать в Интернете.url
2015-05-29 23:45 - 2015-05-29 23:45 - 00000000 ____D () C:\Users\Катя\AppData\Local\Crossbrowse
2015-05-29 23:05 - 2015-05-29 23:05 - 00000000 ____D () C:\Users\Катя\AppData\Roaming\mystartsearch
2015-05-29 22:59 - 2015-05-29 22:59 - 00000000 __SHD () C:\Users\Катя\AppData\Roaming\AnyProtectEx
2015-05-29 22:59 - 2015-05-29 22:59 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2015-05-29 22:39 - 2015-05-29 22:39 - 00000000 ____D () C:\Users\Катя\AppData\Local\globalUpdate
2015-05-29 22:39 - 2015-05-29 22:39 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-05-29 22:38 - 2015-05-29 22:38 - 00000000 ____D () C:\Program Files (x86)\Crossbrowse
2015-05-28 00:51 - 2015-05-28 00:51 - 00000000 ____D () C:\Program Files (x86)\version23SpeedCheck
2015-05-28 00:20 - 2015-05-30 19:36 - 00000000 ____D () C:\Users\Катя\AppData\Local\SmartWeb
2015-05-28 00:19 - 2015-05-29 22:57 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-05-28 00:11 - 2015-05-28 00:11 - 00000000 ____D () C:\Device
2015-05-27 23:55 - 2015-05-27 23:55 - 00000000 ____D () C:\Users\Катя\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-05-27 23:38 - 2015-05-27 23:38 - 00000000 ____D () C:\Users\Все пользователи\AppMgr6.49.325397
2015-05-27 23:38 - 2015-05-27 23:38 - 00000000 ____D () C:\ProgramData\AppMgr6.49.325397
2015-05-27 23:37 - 2015-05-30 00:09 - 00000000 ____D () C:\Program Files (x86)\Edu App
2015-05-27 23:36 - 2015-05-30 17:00 - 00000000 ____D () C:\Users\Катя\AppData\Local\gmsd_ru_258
2015-05-27 23:36 - 2015-05-29 23:35 - 00000000 ____D () C:\Program Files (x86)\gmsd_ru_258
2015-05-27 23:35 - 2015-05-27 23:35 - 00000000 ____D () C:\Users\Все пользователи\TXQMPC
2015-05-27 23:35 - 2015-05-27 23:35 - 00000000 ____D () C:\ProgramData\TXQMPC
2015-05-27 23:32 - 2015-05-29 22:40 - 00000000 ____D () C:\Users\Все пользователи\WindowsMangerProtect
2015-05-27 23:32 - 2015-05-29 22:40 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-05-27 23:32 - 2015-05-29 22:40 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-05-27 23:32 - 2015-05-27 23:32 - 00000000 ____D () C:\Users\Все пользователи\IHProtectUpDate
2015-05-27 23:32 - 2015-05-27 23:32 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-05-27 23:31 - 2015-05-27 23:31 - 00000000 ____D () C:\Users\Катя\AppData\Roaming\oursurfing
2015-05-27 23:21 - 2015-05-27 23:21 - 00000000 ____D () C:\Users\Все пользователи\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-05-27 23:21 - 2015-05-27 23:21 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-05-27 23:21 - 2015-05-27 23:21 - 00000000 ____D () C:\Program Files\Common Files\Tencent
2015-05-27 23:20 - 2015-05-27 23:20 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-05-27 23:20 - 2015-05-27 23:20 - 00038200 _____ (电脑管家) C:\Windows\system32\Drivers\TSSKX64.sys
2015-05-27 23:20 - 2015-05-27 23:20 - 00000000 ____D () C:\Program Files (x86)\Tencent
2015-05-27 23:19 - 2015-05-27 23:52 - 00000000 ____D () C:\Users\Катя\AppData\Roaming\Tencent
2015-05-27 23:19 - 2015-05-27 23:35 - 00000000 ____D () C:\Users\Все пользователи\Tencent
2015-05-27 23:19 - 2015-05-27 23:35 - 00000000 ____D () C:\ProgramData\Tencent
2015-05-27 23:19 - 2011-03-29 02:24 - 00748336 ____H (Microsoft Corporation) C:\iехplоrе.bаt.exe
2015-05-27 23:18 - 2015-05-27 23:18 - 00000000 ____D () C:\Users\Катя\AppData\Local\4E435451-1432768724-3034-4332-10BF48A1ADA4
2015-05-27 23:17 - 2015-05-28 08:32 - 00000000 ____D () C:\Users\Катя\AppData\Roaming\4E435451-1432754276-3034-4332-10BF48A1ADA4
C:\Users\Катя\AppData\Local\Temp\1259.exe
C:\Users\Катя\AppData\Local\Temp\5973.exe
C:\Users\Катя\AppData\Local\Temp\6374.exe
C:\Users\Катя\AppData\Local\Temp\cfcabfibcdg.exe
C:\Users\Катя\AppData\Local\Temp\MailRuUpdater.exe
C:\Users\Катя\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\Катя\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Катя\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Катя\AppData\Local\Temp\sdf72FD.exe
C:\Users\Катя\AppData\Local\Temp\sdfBA88.exe
Task: {04177E08-775E-4620-8843-2A0002246A21} - System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-6 => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-6.exe [2015-05-30] (Webar) <==== ATTENTION
Task: {18D94A97-A4EF-4500-BFB2-06283804049C} - System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-5 => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-5.exe [2015-05-30] (OB) <==== ATTENTION
Task: {1FAA3C43-2986-47C0-BBA3-5A84AD6B6A4B} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION
Task: {21FA1327-3A78-4CA1-816A-B81477979841} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe [2015-05-19] () <==== ATTENTION
Task: {246AF33A-0EA8-4AC9-9B1B-EE7F75DA7E8D} - System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-7 => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-7.exe [2015-05-30] (Webar) <==== ATTENTION
Task: {27ED45D0-2BBD-45CD-A1EB-62ED651C2A8E} - System32\Tasks\ShopperPro => C:\Program Files (x86)\ShopperPro\ShopperPro.exe [2015-05-30] (Goobzo LTD) <==== ATTENTION
Task: {3574A1F5-6308-4C7F-BFC2-5008FE7591ED} - System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-5 => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-5.exe [2015-05-30] (Sense+) <==== ATTENTION
Task: {39B3D7AB-6B41-48DB-BAAF-C31BF54A195F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {41110B02-0C89-4D6C-A9EF-339065DD2068} - System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-7 => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-7.exe [2015-05-30] (Sense+) <==== ATTENTION
Task: {44394E04-47B6-49FD-8B09-EFDC072BD7F6} - System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-6 => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-6.exe [2015-05-30] (Webar) <==== ATTENTION
Task: {57BB9028-2B29-4B64-8EB1-FAFF15D29446} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-05-30] () <==== ATTENTION
Task: {59A667FC-4735-48D6-B184-6134900A1760} - System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-5 => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-5.exe [2015-05-30] (Webar) <==== ATTENTION
Task: {5C893628-4AE0-4C04-A167-155833BC5320} - System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-6 => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-6.exe [2015-05-30] (OB) <==== ATTENTION
Task: {6EF4ED6D-CC7A-48E4-837C-2962F9A61E06} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2015-03-16] (Reimage ltd.) <==== ATTENTION
Task: {77F3A16E-4CCB-4780-8616-80C4F3F48D08} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-05-30] (globalUpdate) <==== ATTENTION
Task: {92D14111-6D14-47D9-8FBB-CC4A54B661BC} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2015-05-29] (YTDownloader) <==== ATTENTION
Task: {AA7788FC-84E5-4EBD-87E8-A1D08465C15A} - System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-11 => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-11.exe [2015-05-30] (OB) <==== ATTENTION
Task: {AAC5A5FA-73F3-4235-AA8B-2E5E511AB9DB} - System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-11 => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-11.exe [2015-05-30] (Sense+) <==== ATTENTION
Task: {AD9A9760-9C49-49F3-B760-F723EEE8824A} - System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-6 => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-6.exe [2015-05-30] (Sense+) <==== ATTENTION
Task: {B7954708-3A4A-4A18-80CA-2A4D45AEDC07} - System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-7 => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-7.exe [2015-05-30] (OB) <==== ATTENTION
Task: {B898B239-26C7-4CEE-B379-2C4D0316E02B} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe [2015-05-30] (Goobzo) <==== ATTENTION
Task: {BB33D59B-0ACD-4479-AFB2-DD170BC9050E} - System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-7 => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-7.exe [2015-05-30] (Sense+) <==== ATTENTION
Task: {C9DD242B-C891-4920-81A5-85F624938793} - System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-6 => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-6.exe [2015-05-30] (OB) <==== ATTENTION
Task: {CC00F2D9-0B26-433A-8674-E61F47EC63DF} - System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-7 => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-7.exe [2015-05-30] (OB) <==== ATTENTION
Task: {CD63FC46-F841-4238-A257-7AE5F67307F4} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe [2015-05-29] (Goobzo) <==== ATTENTION
Task: {CEB4DF47-C9FD-4E20-AB6B-A3B1AD564294} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-05-30] (globalUpdate) <==== ATTENTION
Task: {D346E12B-19E5-4E7B-9F01-4581DF72EE9E} - System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-7 => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-7.exe [2015-05-30] (Webar) <==== ATTENTION
Task: {D726CEE4-5502-4EAC-AAD7-D698F09DAE99} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1899\jsdrv.exe [2015-05-30] () <==== ATTENTION
Task: {DCB5093F-4CA3-42F0-896D-80AC71C43B34} - System32\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-11 => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-11.exe [2015-05-30] (Webar) <==== ATTENTION
Task: {DE3B9221-98FD-4068-AD63-ADEAA60D6732} - System32\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-3 => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-3.exe [2015-05-30] (OB) <==== ATTENTION
Task: {E3E51983-B9C9-4728-B497-8AF84BFC53B5} - System32\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-6 => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-6.exe [2015-05-30] (Sense+) <==== ATTENTION
Task: {F3E1640D-0151-4198-ACE0-02B754F1BBE9} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {FE04B300-1B7C-4549-9024-4EC3F7A03F3D} - \{01F0A781-78E6-44AD-92D4-8C6D0048A922} No Task File <==== ATTENTION
Task: C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-6.job => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-7.job => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-10_user.job => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-11.job => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-5.job => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-5_user.job => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-6.job => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\0a4b9919-1bc8-4f29-84dc-4811345d7273-7.job => C:\Program Files (x86)\Ge-Force\0a4b9919-1bc8-4f29-84dc-4811345d7273-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-6.job => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-7.job => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-11.job => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-5.job => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-5_user.job => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-6.job => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3e7fc09c-542c-45cd-9797-93b967ef97e1-7.job => C:\Program Files (x86)\Sense\3e7fc09c-542c-45cd-9797-93b967ef97e1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-6.job => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-7.job => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-10_user.job => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-11.job => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-3.job => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-5.job => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-5_user.job => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-6.job => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-7.job => C:\Program Files (x86)\SavePass 1.1\4ee9d678-5dc5-4bf3-ae6b-665dca85c949-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe <==== ATTENTION
Reboot:
[/code]
[list][*]Запустите FRST, нажмите один раз на кнопку [b]Fix[/b] и подождите. Программа создаст лог-файл ([b]Fixlog.txt[/b]). Пожалуйста, прикрепите его в следующем сообщении![*]Обратите внимание, что компьютер будет [b]перезагружен[/b].[/list]

Прикрепил

Что с проблемой?

Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]15[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-10.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B][*] c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-11.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.tv1@kWv22QkO )[*] c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-6.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B][*] c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-1-7.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.iv1@kuFgXUmO )[*] c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-3.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.tv1@kWv22QkO )[*] c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-5.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.mv1@kexzsCpO )[*] c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-6.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.Cz1@kKgP9tji )[*] c:\program files (x86)\cinemaplus-4.5vv28.05\68ffd55b-b383-4e0c-aad7-8b00b56d5a49-7.exe - [B]not-a-virus:WebToolbar.Win32.CrossRider.amqa[/B] ( BitDefender: Gen:Application.Heur.iv1@kuFgXUmO )[*] c:\program files (x86)\globalupdate\update\globalupdate.exe - [B]not-a-virus:RiskTool.Win32.GlobalUpdate.dd[/B][*] c:\program files (x86)\gmsd_ru_258\gmsd_ru_258.exe - [B]not-a-virus:AdWare.Win32.Eorezo.mjk[/B] ( BitDefender: Adware.Eorezo.BZ )[*] c:\program files (x86)\infonaut_1.10.0.14\service\insvc.exe - [B]not-a-virus:AdWare.Win32.Vitruvian.k[/B][*] c:\program files (x86)\torrent search\ieef\4bhgvqrcd6.dll - [B]not-a-virus:WebToolbar.Win32.Agent.byh[/B] ( AVAST4: Win32:Malware-gen )[*] c:\windows\system32\drivers\innfd_1_10_0_14.sys - [B]not-a-virus:RiskTool.Win64.NetFilter.b[/B] ( DrWEB: Adware.Plugin.274 )[/LIST][/LIST]