Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Ольга (administrator) on ОЛЬГА-ПК (15-11-2015 10
51)
Running from C:\Users\Ольга\Desktop
Loaded Profiles: Ольга (Available Profiles: Ольга)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Русский (Россия)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Users\134E~1\AppData\Local\Temp\nscDAF6.tmp
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(WestByte) C:\Program Files (x86)\Download Master\dmaster.exe
(Yandex) C:\Users\Ольга\AppData\Local\Yandex\Elements\elements.exe\8.4.0.9140\elements64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\kmsem\KMService.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\Multisim\Shared\Security\nidmsrv.exe
(National Instruments Corp.) C:\Windows\SysWOW64\nisvcloc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TODO: <Company name>) C:\Users\134E~1\AppData\Local\Temp\wk2_tvL0kxLFjxXB.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [NI Background Service] => C:\Program Files (x86)\Multisim\Shared\Update Service\BackgroundService.exe [77824 2008-04-03] (National Instruments)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2383065730-3847593260-79587010-1000\...\Run: [Download Master] => C:\Program Files (x86)\Download Master\dmaster.exe [5162272 2014-12-29] (WestByte)
HKU\S-1-5-21-2383065730-3847593260-79587010-1000\...\Run: [YandexElements] => C:\Users\Ольга\AppData\Local\Yandex\Elements\elements.exe\8.4.0.9140\elements64.exe [1594656 2014-10-24] (Yandex)
HKU\S-1-5-21-2383065730-3847593260-79587010-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2383065730-3847593260-79587010-1000\...\Run: [laafqqthcn] => explorer "http://dzapas.ru/?utm_source=uoua03&utm_content=4b29258d400182752200523ed761d710&utm_term=33DB6F93F3F6A82158F5AB1A3FCCB7EA" <===== ATTENTION
HKU\S-1-5-21-2383065730-3847593260-79587010-1000\...\MountPoints2: {e1b0f61a-d523-11e4-a1eb-50465d06d720} - G:\Startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2014-12-17]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5A35472C-2E8A-4077-AB6A-A3C7B5532479}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130917388477664916&GUID=390F47F3-F4F6-4150-A0A6-949BF83DD699
HKU\S-1-5-21-2383065730-3847593260-79587010-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130917388477674916&GUID=390F47F3-F4F6-4150-A0A6-949BF83DD699
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2383065730-3847593260-79587010-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2383065730-3847593260-79587010-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04] (Adobe Systems Incorporated)
BHO-x32: WebGuardBHO -> {1B2639A9-EE25-4AE7-A2E3-B308F08125C4} -> C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\WebGuardBHO.dll => No File
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-14] (Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2014-11-28] (WestByte)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-14] (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF ProfilePath: C:\Users\Ольга\AppData\Roaming\Mozilla\Firefox\Profiles\zj4irwrz.default
FF Homepage: hxxps://mail.ru/cnt/11956636?fr=ffhp&gp=801016
FF Keyword.URL: hxxp://go.mail.ru/distib/ep/?product_id=%7B893BF7A0-C112-4DB4-B7BB-55B64D4EB74A%7D&gp=801516
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll [2007-02-08] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv85win32.dll [2007-07-24] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2003-05-15] (Adobe Systems Inc.)
FF Extension: Download Master Toolbar - C:\Users\Ольга\AppData\Roaming\Mozilla\Firefox\Profiles\zj4irwrz.default\Extensions\
[email protected] [2015-01-12] [not signed]
FF Extension: Download Master Media Monitor - C:\Users\Ольга\AppData\Roaming\Mozilla\Firefox\Profiles\zj4irwrz.default\Extensions\
[email protected] [2015-05-20] [not signed]
FF Extension: Download Master Plugin - C:\Users\Ольга\AppData\Roaming\Mozilla\Firefox\Profiles\zj4irwrz.default\Extensions\
[email protected] [2015-01-12] [not signed]
FF Extension: Download Master Remote Download - C:\Users\Ольга\AppData\Roaming\Mozilla\Firefox\Profiles\zj4irwrz.default\Extensions\
[email protected] [2015-01-12] [not signed]
FF Extension: Домашняя страница Mail.Ru - C:\Users\Ольга\AppData\Roaming\Mozilla\Firefox\Profiles\zj4irwrz.default\Extensions\
[email protected] [2015-11-11]
FF Extension: Поиск@Mail.Ru - C:\Users\Ольга\AppData\Roaming\Mozilla\Firefox\Profiles\zj4irwrz.default\Extensions\
[email protected] [2015-11-10]
FF Extension: friGate - unlock sites - C:\Users\Ольга\AppData\Roaming\Mozilla\Firefox\Profiles\zj4irwrz.default\Extensions\
[email protected] [2015-06-08]
FF Extension: Adblock Plus - C:\Users\Ольга\AppData\Roaming\Mozilla\Firefox\Profiles\zj4irwrz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
Chrome:
=======
CHR Profile: C:\Users\Ольга\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Домашняя страница Mail.Ru) - C:\Users\Ольга\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbgnhmfbcifpkjofoojfplmfkmaiadn [2015-11-10]
CHR Extension: (Визуальные Закладки Mail.Ru) - C:\Users\Ольга\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgangmffjcofiknibcmfjionicohfgj [2015-11-10]
CHR Extension: (Ultimate Discounter) - C:\Users\Ольга\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckcmdpmhiekiihmfjffdehhbhgllpapg [2015-06-15]
CHR Extension: (Mail.Ru) - C:\Users\Ольга\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbifdkmdojgmpmopdebnjcobekgdoncn [2015-11-10]
CHR HKLM-x32\...\Chrome\Extension: [bgbgnhmfbcifpkjofoojfplmfkmaiadn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpgangmffjcofiknibcmfjionicohfgj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nbifdkmdojgmpmopdebnjcobekgdoncn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pchfckkccldkbclgdepkaonamkignanh] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-28] (Advanced Micro Devices, Inc.) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Корпорация Майкрософт)
R2 ginoquci; C:\Users\134E~1\AppData\Local\Temp\nscDAF6.tmp [222208 2015-11-12] () [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 ihctrl32; C:\Windows\SysWOW64\ihctrl32.dll [221184 2012-11-30] () [File not signed]
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-11-29] () [File not signed]
R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2007-11-27] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [40488 2007-11-27] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [50736 2007-11-27] (National Instruments Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 NIDomainService; C:\Program Files (x86)\Multisim\Shared\Security\nidmsrv.exe [213552 2007-11-27] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\Multisim\Shared\License Manager\Bin\lmgrd.exe [1007616 2007-01-29] (Macrovision Corporation) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [48704 2007-07-19] (National Instruments Corp.)
S2 pr2ah84b; C:\Windows\system32\pr2ah84b.exe [754344 2007-03-12] (Akella)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Корпорация Майкрософт)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Корпорация Майкрософт)
R2 wsaudio; C:\Windows\SysWOW64\wsaudio.dll [367104 2012-11-30] () [File not signed]
S2 Updater.Mail.Ru; C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe --s [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (
www.winchiphead.com)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-07-10] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77480 2013-02-25] (Fresco Logic)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Корпорация Майкрософт)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R0 oem-drv64; C:\Windows\System32\DRIVERS\oem-drv64.sys [42496 2015-11-15] (secr9tos) [File not signed]
R0 pe3ah84b; C:\Windows\System32\drivers\pe3ah84b.sys [72624 2007-03-12] (Akella)
R0 ps6ah84b; C:\Windows\System32\drivers\ps6ah84b.sys [73656 2007-03-12] (Akella)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Корпорация Майкрософт)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S2 ksapi64; \??\C:\Windows\system32\drivers\ksapi64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aksdf.sys 94C0972B06C75456ED574DD46417B1D8
C:\Windows\system32\drivers\aksfridge.sys 7B0BC062CA6ABAB23F88EA483B5A538E
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdhub30.sys C17BAFA60F941A1AF5C2B10D8632C409
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys C9E75B11C74BF7569B6B657F8E241614
C:\Windows\System32\DRIVERS\atikmpag.sys 4F15962C032465B4A69C56984A4DBE0C
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\amdxhc.sys 3DC51308F5E7A4BB8020D16E64E9D882
C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys C3D487827E48CC5EC17994FEC5BDFF87
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asmthub3.sys 236023DAC93037A8DDE9539F36D7F3EE
C:\Windows\System32\DRIVERS\asmtxhci.sys 1390ABD16ADE1F2443B5749D06C4C8F2
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys F270AFC3848C54C67E3BFB892CE9B9C6
C:\Windows\System32\DRIVERS\AtiPcie.sys C07A040D6B5A42DD41EE386CF90974C8
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\Drivers\CH341S64.SYS C58EC27035731337ADD1326880086B16
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 6A0E850DDCB136AA3D2FB7234382DF12
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\E1G6032E.sys ==> MD5 is legit
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\EtronHub3.sys 3DBC10CBC436288801FAEE66DE91AE47
C:\Windows\System32\Drivers\EtronSTOR.sys 1EDF0CF390B84266FD7FFED38AB7DCAC
C:\Windows\System32\Drivers\EtronXHCI.sys DE261095A2220D400D9603E1E42D4185
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\FLxHCIc.sys CA84611F482FF27FCB0A37B4264AF93C
C:\Windows\system32\drivers\FLxHCIh.sys B9D915AD74465980EFA4391C935B83B0
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hardlock.sys 78FAD9117E4527F2CA82259DA10F40BD
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\drivers\iusb3hcs.sys 75779002A6084C1A011E195E421A9C75
C:\Windows\system32\drivers\iusb3hub.sys F390B641FE6115F536B8B78AA71B8814
C:\Windows\system32\drivers\iusb3xhc.sys 653B86AA174FF7661D00EE1E524B234F
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys 6439D1E559D08BD8A1465A8943357053
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 03B7145C889603537E9FFEABB1AD1089
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys F9EEFFC65C68A45001D1349E652B8B6F
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys E453ACF4E7D44E5530B5D5F2B9CA8563
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nusb3hub.sys B01C1E6D7477961D6D1CBDCD44AF3E67
C:\Windows\system32\drivers\nusb3xhc.sys 796BAE22DD827DB8AD7AE7C3F775E92F
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\oem-drv64.sys 49DF32F291BA6976A06E4E8898BAF149
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\pe3ah84b.sys AABF965DF26DCB451BF5D7F1B577954B
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\drivers\ps6ah84b.sys 90D43D185BC7774A4385A2786FFD104F
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys B358C047E081AC70035017BD1D7ED818
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\Synth3dVsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\drivers\tcpip.sys B62A953F2BF3922C8764A29C34A22899
C:\Windows\System32\DRIVERS\tcpip.sys B62A953F2BF3922C8764A29C34A22899
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 2B5BDFF688EC9871D7EC5837833374E9
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\system32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-15 10:20 - 2015-11-15 10:21 - 00034603 _____ C:\Users\Ольга\Desktop\FRST.txt
2015-11-15 10:20 - 2015-11-15 10:20 - 00000000 ____D C:\FRST
2015-11-15 10:19 - 2015-11-15 10:19 - 02198528 _____ (Farbar) C:\Users\Ольга\Desktop\FRST64.exe
2015-11-14 19:13 - 2015-11-14 19:13 - 00000000 ____D C:\Users\Ольга\AppData\Roaming\Sun
2015-11-14 19:13 - 2015-11-14 19:13 - 00000000 ____D C:\Users\Ольга\AppData\LocalLow\Sun
2015-11-14 19:13 - 2015-11-14 19:13 - 00000000 ____D C:\Users\Ольга\.oracle_jre_usage
2015-11-14 19:13 - 2015-11-14 19:12 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-14 19:12 - 2015-11-14 19:13 - 00000000 ____D C:\Users\Все пользователи\Oracle
2015-11-14 19:12 - 2015-11-14 19:13 - 00000000 ____D C:\ProgramData\Oracle
2015-11-14 19:12 - 2015-11-14 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-14 19:12 - 2015-11-14 19:12 - 00584288 _____ (Oracle Corporation) C:\Users\Ольга\Downloads\jxpiinstall.exe
2015-11-14 19:12 - 2015-11-14 19:12 - 00000000 ____D C:\Users\Ольга\AppData\LocalLow\Oracle
2015-11-14 19:12 - 2015-11-14 19:12 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-14 18:09 - 2015-11-14 18:09 - 01729536 _____ C:\Users\Ольга\Desktop\adwcleaner_5.020.exe
2015-11-14 18:05 - 2015-11-14 18:05 - 00000000 ____D C:\Users\Ольга\Desktop\LOG
2015-11-14 18:03 - 2015-08-31 21:29 - 00409624 _____ (Alex Dragokas) C:\Users\Ольга\Desktop\ClearLNK.exe
2015-11-13 23:17 - 2015-11-13 23:17 - 00000359 _____ C:\Users\Ольга\Desktop\Компьютер.lnk
2015-11-13 19:36 - 2015-11-13 19:36 - 00270336 _____ C:\Windows\SysWOW64\8b1d.exe
2015-11-13 19:36 - 2015-11-13 19:36 - 00270336 _____ C:\Windows\SysWOW64\22cb.exe
2015-11-13 19:36 - 2015-11-13 19:36 - 00000000 ____D C:\Users\Ольга\AppData\Local\CrashRpt
2015-11-13 08:23 - 2015-11-13 08:26 - 00000000 ____D C:\Users\Ольга\Desktop\CheckBrowsersLNK
2015-11-13 08:23 - 2015-11-13 08:23 - 00227533 _____ C:\Users\Ольга\Desktop\CheckBrowsersLNK.zip
2015-11-12 21:01 - 2015-11-12 21:02 - 00013005 _____ C:\Users\Ольга\Desktop\hijackthis.log
2015-11-12 20:42 - 2015-11-12 20:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ольга\Desktop\HijackThis.exe
2015-11-12 20:42 - 2015-11-12 20:42 - 00000000 ____D C:\Users\Ольга\Desktop\avz4
2015-11-12 20:41 - 2015-11-12 20:41 - 09842759 _____ C:\Users\Ольга\Desktop\avz4.zip
2015-11-12 15:56 - 2015-11-14 18:06 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-12 15:56 - 2015-11-14 18:06 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-12 15:56 - 2015-11-12 15:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-12 10:01 - 2015-11-15 09:15 - 00000017 _____ C:\Windows\SysWOW64\history.dat
2015-11-10 20:26 - 2015-11-14 18:05 - 00000808 _____ C:\Users\Public\Desktop\ZaxarGameBrowser.lnk
2015-11-10 20:25 - 2015-11-14 00:21 - 00000098 _____ C:\Users\Все пользователи\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-10 20:25 - 2015-11-14 00:21 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-10 20:25 - 2015-11-10 20:26 - 00284320 _____ C:\Windows\SysWOW64\ZaxarSetup.4.001.30.exe
2015-11-10 20:24 - 2015-11-10 20:24 - 00000000 ____D C:\Users\Все пользователи\UEhUjBzktsgbg
2015-11-10 20:24 - 2015-11-10 20:24 - 00000000 ____D C:\Users\Все пользователи\FiHRlWY
2015-11-10 20:24 - 2015-11-10 20:24 - 00000000 ____D C:\ProgramData\UEhUjBzktsgbg
2015-11-10 20:24 - 2015-11-10 20:24 - 00000000 ____D C:\ProgramData\FiHRlWY
2015-11-10 19:52 - 2015-11-10 19:52 - 00000000 ____D C:\Users\Ольга\AppData\Local\Fallout4
2015-11-10 19:35 - 2015-11-10 19:35 - 00000709 _____ C:\Users\Ольга\Desktop\Fallout 4.lnk
2015-11-10 19:35 - 2015-11-10 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2015-11-10 18:47 - 2015-11-10 18:47 - 00000000 ____D C:\Users\Ольга\AppData\Local\VS Revo Group
2015-11-10 18:47 - 2015-11-10 18:47 - 00000000 ____D C:\Users\Все пользователи\VS Revo Group
2015-11-10 18:47 - 2015-11-10 18:47 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-11-10 18:28 - 2015-11-10 18:28 - 00001014 _____ C:\Windows\Tasks\CjSuFHiQ3t4bEyT8GPDWu.job
2015-11-10 18:21 - 2009-06-11 01:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-11-10 18:19 - 2015-11-10 18:19 - 00000000 ____D C:\Users\Ольга\AppData\Local\cache
2015-11-10 17:19 - 2015-11-10 17:19 - 00000000 ____D C:\Users\Ольга\AppData\Local\GoodGame Empire
2015-11-10 17:18 - 2015-11-10 17:18 - 00000000 ____D C:\Users\Ольга\AppData\Local\Войны престолов
2015-11-10 17:17 - 2015-11-10 17:17 - 00000000 ____D C:\Users\Ольга\AppData\Roaming\WindowsUpdater
2015-11-10 17:13 - 2015-11-10 17:13 - 00000000 ____D C:\Users\Ольга\AppData\Local\Вoйти в Интeрнет
2015-11-10 17:07 - 2015-11-10 17:07 - 00000000 ____D C:\Users\Ольга\AppData\Local\Поиcк в Интeрнете
2015-11-10 17:06 - 2015-11-14 18:05 - 00000000 ____D C:\Users\Ольга\AppData\Local\SystemDir
2015-11-10 17:04 - 2015-11-10 17:04 - 00048839 _____ C:\Users\Ольга\Downloads\[free-torrents.org]Fallout 4.torrent
2015-11-10 17:04 - 2015-11-10 17:04 - 00000176 _____ C:\Users\Ольга\Desktop\Искать в Интернете.url
2015-10-24 13:13 - 2015-11-10 19:01 - 00000000 ____D C:\Program Files\Rockstar Games
2015-10-24 13:13 - 2015-10-24 13:13 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-10-24 10:39 - 2015-10-24 10:39 - 04129616 _____ (Microsoft Corporation) C:\Users\Ольга\Downloads\vcredist_x86.exe
2015-10-24 10:36 - 2015-10-24 11:27 - 00000000 ____D C:\Users\Ольга\Documents\Rockstar Games
2015-10-24 10:36 - 2015-10-24 10:36 - 00000000 ____D C:\Users\Ольга\AppData\Local\Rockstar Games
2015-10-24 10:36 - 2015-10-24 10:36 - 00000000 ____D C:\Users\Все пользователи\Steam
2015-10-24 10:36 - 2015-10-24 10:36 - 00000000 ____D C:\Users\Все пользователи\Socialclub
2015-10-24 10:36 - 2015-10-24 10:36 - 00000000 ____D C:\ProgramData\Steam
2015-10-24 10:36 - 2015-10-24 10:36 - 00000000 ____D C:\ProgramData\Socialclub
2015-10-21 20:02 - 2015-11-14 18:05 - 00000714 _____ C:\Users\Public\Desktop\Watch_Dogs.lnk
2015-10-21 20:02 - 2015-11-14 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watch_Dogs
2015-10-21 20:02 - 2015-10-21 20:02 - 00000000 ____D C:\Users\Все пользователи\Orbit
2015-10-21 20:02 - 2015-10-21 20:02 - 00000000 ____D C:\ProgramData\Orbit
2015-10-21 18:47 - 2015-10-21 19:02 - 00000000 ____D C:\Users\Ольга\Desktop\фотки
2015-10-21 11:30 - 2015-10-21 11:30 - 00000000 ____D C:\00c61c500abd4ee998
2015-10-18 11:01 - 2015-10-18 11:01 - 01710226 _____ C:\Users\Ольга\Downloads\14-10-2015_18-14-21.zip
2015-10-17 20:21 - 2015-10-17 20:21 - 00068267 _____ C:\Users\Ольга\Downloads\MT2AT.zip
2015-10-16 18:38 - 2015-10-16 18:38 - 43497340 _____ C:\Users\Ольга\Desktop\кв.rar
2015-10-16 18:38 - 2015-10-16 18:38 - 43440156 _____ C:\Users\Ольга\Desktop\кв.zip
2015-10-16 18:38 - 2015-10-16 18:38 - 00000000 ____D C:\Users\Ольга\Desktop\Новая папка
2015-10-16 18:36 - 2015-10-16 18:46 - 00000000 ____D C:\Users\Ольга\Desktop\кв
2015-10-14 22:27 - 2015-10-14 22:27 - 00000000 ____D C:\219c5188d7abc9c2be60
2015-10-14 12:40 - 2015-11-12 09:40 - 05286088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-10-12 16:31 - 2015-10-12 16:20 - 00000000 ____D C:\Users\Ольга\Desktop\все задачи
2015-10-08 21:26 - 2015-10-08 21:26 - 00980430 _____ C:\Users\Ольга\Desktop\DipTrace.rar
2015-10-08 19:59 - 2015-11-14 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DipTrace
2015-10-08 19:59 - 2015-10-11 21:21 - 00000000 ____D C:\Users\Ольга\Desktop\DipTrace
2015-10-08 19:58 - 2015-11-10 21:28 - 00000000 ____D C:\Users\Все пользователи\DipTrace
2015-10-08 19:58 - 2015-11-10 21:28 - 00000000 ____D C:\ProgramData\DipTrace
2015-10-08 19:58 - 2015-10-08 19:59 - 00000000 ____D C:\Users\Ольга\Documents\DipTrace
2015-10-08 19:58 - 2015-10-08 19:59 - 00000000 ____D C:\Program Files\DipTrace
2015-10-05 15:59 - 2015-10-05 21:58 - 00698683 _____ C:\Users\Ольга\Desktop\Презентация Microsoft PowerPoint.pptx
2015-10-04 12:30 - 2015-10-04 18:03 - 00000000 ____D C:\Users\Ольга\Documents\Syberia 2 Saves
2015-10-04 10:43 - 2015-10-04 10:43 - 00000626 _____ C:\Users\Public\Desktop\World of Warships.lnk
2015-10-04 10:43 - 2015-10-04 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships
2015-10-02 19:41 - 2015-10-02 19:41 - 00000000 ____D C:\Users\Ольга\Desktop\funtune
2015-10-02 19:00 - 2015-10-02 19:00 - 01348578 _____ C:\Users\Ольга\Downloads\FunTune_v2.0.rar
2015-10-02 18:57 - 2015-10-02 18:57 - 00000000 ____D C:\Users\Ольга\AppData\Local\uCozMedia
2015-09-23 19:51 - 2015-10-04 11:56 - 00000000 ____D C:\Users\Ольга\Documents\Syberia Saves
2015-09-19 09:59 - 2015-09-19 09:59 - 07610003 _____ C:\Users\Ольга\Downloads\baidu_root_2.6.5_rus.apk
2015-09-17 16:43 - 2015-09-17 16:43 - 00000000 ____D C:\Windows\SysWOW64\MailProducts
2015-09-08 21:31 - 2015-09-08 21:31 - 00000000 ____D C:\Users\Ольга\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CTP-3.21 FULL
2015-09-08 21:31 - 2015-09-08 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CTP-3.21 FULL
2015-09-08 21:30 - 2015-09-08 21:33 - 00000000 ____D C:\Program Files (x86)\CTP-3.21 FULL
2015-09-08 21:25 - 2015-10-25 09:00 - 00000000 ____D C:\Users\Ольга\Desktop\январь 5.1
2015-09-04 19:12 - 2015-09-04 19:12 - 00000040 _____ C:\Users\Все пользователи\ra3.ini
2015-09-04 19:12 - 2015-09-04 19:12 - 00000040 _____ C:\ProgramData\ra3.ini
2015-09-04 19:12 - 2015-09-04 19:12 - 00000000 ____D C:\Users\Ольга\AppData\Roaming\Red Alert 3
2015-09-04 19:03 - 2015-09-04 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Alert 3
2015-09-01 13:36 - 2015-09-01 13:36 - 00000000 ____D C:\07bb677e351ca813665f3ebd3bf3e72d
2015-09-01 13:26 - 2015-09-01 13:26 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-01 13:26 - 2015-09-01 13:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-01 13:26 - 2015-09-01 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-30 20:45 - 2015-08-30 20:45 - 01487589 _____ C:\Users\Ольга\Downloads\pro.burgerz.wsm.manager_v234_de90d0.apk
2015-08-27 11:02 - 2015-08-27 11:02 - 00731648 _____ C:\Users\Ольга\Downloads\Zadachi_na_postroenie_1421605773_88758.ppt
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-15 10:19 - 2009-07-14 08:51 - 00198108 _____ C:\Windows\setupact.log
2015-11-15 09:40 - 2015-01-12 14:39 - 00000896 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-15 09:13 - 2009-07-14 08:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-15 09:13 - 2009-07-14 08:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-15 09:09 - 2014-11-29 12:16 - 01533003 _____ C:\Windows\WindowsUpdate.log
2015-11-15 09:06 - 2015-07-01 14:54 - 00082748 _____ C:\Windows\SysWOW64\win32_hlp
2015-11-15 09:05 - 2014-11-29 12:20 - 00042496 _____ (secr9tos) C:\Windows\system32\Drivers\oem-drv64.sys
2015-11-15 09:05 - 2009-07-14 09:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-14 19:13 - 2014-11-29 12:20 - 00000000 ____D C:\Users\Ольга
2015-11-14 19:10 - 2014-11-29 14:22 - 00000000 ____D C:\Users\Ольга\Downloads\Архивы
2015-11-14 18:19 - 2015-02-09 23:36 - 00000000 ____D C:\Users\Ольга\AppData\Local\Opera Software
2015-11-14 18:19 - 2015-02-09 23:35 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-14 18:19 - 2014-11-29 14:01 - 00000000 ____D C:\Users\Ольга\AppData\Roaming\Opera Software
2015-11-14 18:19 - 2014-11-29 12:20 - 00002289 _____ C:\Users\Ольга\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-14 18:14 - 2010-11-21 07:47 - 00074422 _____ C:\Windows\PFRO.log
2015-11-14 18:12 - 2015-03-01 22:25 - 00000000 ____D C:\AdwCleaner
2015-11-12 21:00 - 2014-11-29 12:20 - 00000000 ____D C:\Users\Ольга\AppData\Local\VirtualStore
2015-11-12 15:56 - 2015-06-02 22:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-12 09:40 - 2015-01-12 14:39 - 00003834 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-12 09:40 - 2014-11-29 14:08 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-12 09:40 - 2014-11-29 14:08 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 22:06 - 2009-07-14 08:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-10 19:52 - 2015-05-15 19:54 - 00000000 ____D C:\Users\Ольга\Documents\My Games
2015-11-10 19:51 - 2009-07-14 09:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-11-10 19:48 - 2013-04-16 21:39 - 00000000 ____D C:\Users\Все пользователи\Package Cache
2015-11-10 19:48 - 2013-04-16 21:39 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-10 19:45 - 2013-04-14 13:52 - 00723936 _____ C:\Windows\system32\perfh019.dat
2015-11-10 19:45 - 2013-04-14 13:52 - 00150252 _____ C:\Windows\system32\perfc019.dat
2015-11-10 19:45 - 2009-07-14 09:13 - 01647438 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-10 19:44 - 2015-05-15 19:49 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-11-10 18:57 - 2015-01-07 19:41 - 00000000 ____D C:\Users\Ольга\AppData\Roaming\mgyun
2015-11-10 18:47 - 2014-11-29 14:04 - 00000000 ____D C:\Users\Ольга\AppData\Roaming\uTorrent
2015-11-10 17:23 - 2015-07-01 18:52 - 00000000 ____D C:\Users\Ольга\AppData\Roaming\MailProducts
2015-11-10 09:14 - 2015-05-15 20:07 - 00000000 ____D C:\Users\Ольга\AppData\Roaming\Raptr
2015-11-01 15:21 - 2014-12-30 20:57 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-21 20:03 - 2015-05-15 19:53 - 00058413 _____ C:\Windows\DirectX.log
2015-10-21 20:03 - 2009-07-14 09:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
==================== Files in the root of some directories =======
2015-04-14 20:28 - 2015-04-14 20:28 - 0004387 _____ () C:\Users\Ольга\AppData\Roaming\CjSuFHiQ3t4bEyT8GPDWu
2015-04-20 18:05 - 2015-04-20 18:05 - 1246720 _____ () C:\Users\Ольга\AppData\Roaming\CjSuFHiQ3t4bEyT8GPDWu.exe
2015-09-04 19:12 - 2015-09-04 19:12 - 0000040 _____ () C:\ProgramData\ra3.ini
2015-11-10 20:25 - 2015-11-14 00:21 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Все пользователи\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\Ольга\AppData\Local\Temp\1-20150313-152755.exe
C:\Users\Ольга\AppData\Local\Temp\264F.tmp.exe
C:\Users\Ольга\AppData\Local\Temp\319A.tmp.exe
C:\Users\Ольга\AppData\Local\Temp\54E3.tmp.exe
C:\Users\Ольга\AppData\Local\Temp\5794.exe
C:\Users\Ольга\AppData\Local\Temp\7F9C.tmp.exe
C:\Users\Ольга\AppData\Local\Temp\83D8.tmp.exe
C:\Users\Ольга\AppData\Local\Temp\A157.tmp.exe
C:\Users\Ольга\AppData\Local\Temp\AmigoDistrib.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup0159__10017.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup0427__13749.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup0489__13749.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup0547__10235.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup0579__10235.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup0679__13746.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup1597__10017.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup1672__13749.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup1750__13749.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup2227__13746.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup2276__13746.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup2619__14468.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup2688__14468.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup5757__10017.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup5768__10017.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup5783__13749.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup5806__13746.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup5829__14468.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup5855__10235.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup6620__13749.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup6650__13749.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup6823__13746.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup6852__13746.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup7081__14468.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup7117__10235.exe
C:\Users\Ольга\AppData\Local\Temp\amisetup9666__11198.exe
C:\Users\Ольга\AppData\Local\Temp\amt_oursurfing.exe
C:\Users\Ольга\AppData\Local\Temp\aoe3-113-english.exe
C:\Users\Ольга\AppData\Local\Temp\aoe3-114-english.exe
C:\Users\Ольга\AppData\Local\Temp\aoe3x-106-english.exe
C:\Users\Ольга\AppData\Local\Temp\aoe3y-103-english.exe
C:\Users\Ольга\AppData\Local\Temp\bbh.exe
C:\Users\Ольга\AppData\Local\Temp\C4FF.tmp.exe
C:\Users\Ольга\AppData\Local\Temp\cfcabfibcdg.exe
C:\Users\Ольга\AppData\Local\Temp\coi1.exe
C:\Users\Ольга\AppData\Local\Temp\duba_3_25.exe
C:\Users\Ольга\AppData\Local\Temp\F0608_s_31247.exe
C:\Users\Ольга\AppData\Local\Temp\fsd2961.exe
C:\Users\Ольга\AppData\Local\Temp\fsd4F38.exe
C:\Users\Ольга\AppData\Local\Temp\fsd5CDE.exe
C:\Users\Ольга\AppData\Local\Temp\fsd7963.exe
C:\Users\Ольга\AppData\Local\Temp\fsdA7B4.exe
C:\Users\Ольга\AppData\Local\Temp\fsdA949.exe
C:\Users\Ольга\AppData\Local\Temp\fsdC40A.exe
C:\Users\Ольга\AppData\Local\Temp\fsdD5C5.exe
C:\Users\Ольга\AppData\Local\Temp\fsdD97.exe
C:\Users\Ольга\AppData\Local\Temp\fsdE8D8.exe
C:\Users\Ольга\AppData\Local\Temp\G0417_s_71299.exe
C:\Users\Ольга\AppData\Local\Temp\hasp_windows.dll
C:\Users\Ольга\AppData\Local\Temp\ICReinstall_WinrarSetup.exe
C:\Users\Ольга\AppData\Local\Temp\iG62enq40dBa.exe
C:\Users\Ольга\AppData\Local\Temp\kl6OrVWqU2Nc.exe
C:\Users\Ольга\AppData\Local\Temp\kometa.exe
C:\Users\Ольга\AppData\Local\Temp\mailruhomesearchvbm.exe
C:\Users\Ольга\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Ольга\AppData\Local\Temp\PYYzVWIMC8cP.exe
C:\Users\Ольга\AppData\Local\Temp\QQPCMgr_Setup.exe
C:\Users\Ольга\AppData\Local\Temp\qqpcmgr_v10.9.16345.222_72461_Silence.exe
C:\Users\Ольга\AppData\Local\Temp\Quarantine.exe
C:\Users\Ольга\AppData\Local\Temp\raptrpatch.exe
C:\Users\Ольга\AppData\Local\Temp\raptr_stub.exe
C:\Users\Ольга\AppData\Local\Temp\sender.exe
C:\Users\Ольга\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ольга\AppData\Local\Temp\sqlite3.dll
C:\Users\Ольга\AppData\Local\Temp\standalonepatcher.exe
C:\Users\Ольга\AppData\Local\Temp\standalonepatcherX.exe
C:\Users\Ольга\AppData\Local\Temp\standalonepatcherY.exe
C:\Users\Ольга\AppData\Local\Temp\tmp32D2.exe
C:\Users\Ольга\AppData\Local\Temp\tmpB3A9.exe
C:\Users\Ольга\AppData\Local\Temp\Uninstall.exe
C:\Users\Ольга\AppData\Local\Temp\UninstallModule.exe
C:\Users\Ольга\AppData\Local\Temp\updt52374.exe
C:\Users\Ольга\AppData\Local\Temp\WindowsUpdateKB12695__7428_il213171.exe
C:\Users\Ольга\AppData\Local\Temp\wpwlwk5Achu4.exe
C:\Users\Ольга\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Ольга\AppData\Local\Temp\ytdieamodc_amodc_inst.exe
C:\Users\Ольга\AppData\Local\Temp\ZaxarSetup.4.001.30.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION
==================== BCD ================================
„ЁбЇҐвзҐа §*Јаг§ЄЁ Windows
--------------------
Ё¤Ґ*вЁдЁЄ*в®а {bootmgr}
device partition=C:
description Windows Boot Manager
locale ru-RU
inherit {globalsettings}
default {current}
resumeobject {0de730a2-7804-11e4-972e-867dd00dab85}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
‡*Јаг§Є* Windows
-------------------
Ё¤Ґ*вЁдЁЄ*в®а {current}
device partition=C:
path \Windows\System32\xOsLoad.exe
description Windows 7
locale ru-RU
inherit {bootloadersettings}
recoverysequence {0de730a4-7804-11e4-972e-867dd00dab85}
recoveryenabled Yes
nointegritychecks Yes
osdevice partition=C:
systemroot \Windows
kernel xNtKrnl.exe
resumeobject {0de730a2-7804-11e4-972e-867dd00dab85}
nx OptIn
‡*Јаг§Є* Windows
-------------------
Ё¤Ґ*вЁдЁЄ*в®а {0de730a4-7804-11e4-972e-867dd00dab85}
device ramdisk=[C:]\Recovery\0de730a4-7804-11e4-972e-867dd00dab85\Winre.wim,{0de730a5-7804-11e4-972e-867dd00dab85}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\0de730a4-7804-11e4-972e-867dd00dab85\Winre.wim,{0de730a5-7804-11e4-972e-867dd00dab85}
systemroot \windows
nx OptIn
winpe Yes
‚л室 Ё§ ०Ё¬* ЈЁЎҐа**жЁЁ
--------------------------
Ё¤Ґ*вЁдЁЄ*в®а {0de730a2-7804-11e4-972e-867dd00dab85}
device partition=C:
path \Windows\System32\winresume.exe
description Windows Resume Application
locale ru-RU
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Џа®ўҐаЄ* Ї*¬пвЁ Windows
---------------------
Ё¤Ґ*вЁдЁЄ*в®а {memdiag}
device partition=C:
path \boot\memtest.exe
description „Ё*Ј*®бвЁЄ* Ї*¬пвЁ
locale ru-RU
inherit {globalsettings}
badmemoryaccess Yes
Џ*а*¬Ґвал EMS
-------------
Ё¤Ґ*вЁдЁЄ*в®а {emssettings}
bootems Yes
Џ*а*¬Ґвал ®в«*¤зЁЄ*
-------------------
Ё¤Ґ*вЁдЁЄ*в®а {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
„ҐдҐЄвл Ћ‡“
-----------
Ё¤Ґ*вЁдЁЄ*в®а {badmemory}
ѓ«®Ў*«м*лҐ Ї*а*¬Ґвал
--------------------
Ё¤Ґ*вЁдЁЄ*в®а {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Џ*а*¬Ґвал §*Јаг§зЁЄ*
--------------------
Ё¤Ґ*вЁдЁЄ*в®а {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Џ*а*¬Ґвал ЈЁЇҐаўЁ§®а*
-------------------
Ё¤Ґ*вЁдЁЄ*в®а {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Џ*а*¬Ґвал §*Јаг§зЁЄ* ў®ббв**®ў«Ґ*Ёп
-----------------------------------
Ё¤Ґ*вЁдЁЄ*в®а {resumeloadersettings}
inherit {globalsettings}
Џ*а*¬Ґвал гбва®©бвў
-------------------
Ё¤Ґ*вЁдЁЄ*в®а {0de730a5-7804-11e4-972e-867dd00dab85}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\0de730a4-7804-11e4-972e-867dd00dab85\boot.sdi
LastRegBack: 2015-11-10 10:43
==================== End of FRST.txt ============================
Скрыть