Addiction:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Ran by Администратор (18-12-2016 12:52:5
Running from C:\Users\Администратор\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-09-25 13:48:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Администратор (S-1-5-21-2685324974-2637366840-3599799030-500 - Administrator - Enabled) => C:\Users\Администратор
Гость (S-1-5-21-2685324974-2637366840-3599799030-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
"Быстрая смена CD-keя" (HKLM-x32\..."Быстрая смена CD-keя") (Version: - )
«Need for Speed - Most Wanted» 1.5 (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}_is1) (Version: 1.5 - Electronic Arts)
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{5D0428D2-B5EA-46C8-B678-5F0485BC1DA1}_is1) (Version: 13.0.1.0 - Adobe)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1492, 24.04.2015 - AIMP DevTeam)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG (Version: 16.131.7924 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4739 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.4.1.903 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battlefield 2 (HKLM-x32\...\Battlefield 2) (Version: - )
Besiege v0.23 (HKLM-x32\...\vsetop.com Besiege v0.23_is1) (Version: - VseTop.Com)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Block N Load (HKLM-x32\...\Steam App 299360) (Version: - Jagex)
Bloons TD Battles (HKLM\...\Steam App 444640) (Version: - Ninja Kiwi)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
Castle Story v0.7.11.ea05 (HKLM-x32\...\vsetop.com Castle Story v0.7.11.ea05_is1) (Version: 0.7.11.ea05 - VseTop.Com)
Cinema 4D, версия R12 (HKLM-x32\...\{91AF918B-4E7D-4421-AB74-8DDEF688B9B0}_is1) (Version: R12 - Maxon Cinema 4D)
Clicker Heroes (HKLM\...\Steam App 363970) (Version: - Playsaurus)
Clone Drone in the Danger Zone v0.1.4 (HKLM-x32\...\vsetop.com Clone Drone in the Danger Zone v0.1.4_is1) (Version: 0.1.4 - VseTop.Com)
Clone Drone in the Danger Zone v0.3.1 (HKLM-x32\...\vsetop.com Clone Drone in the Danger Zone v0.3.1_is1) (Version: 0.3.1 - VseTop.Com)
ClusterTruck v0.15 (HKLM-x32\...\vsetop.com ClusterTruck v0.15_is1) (Version: - VseTop.Com)
ClusterTruck v1.0h2 (HKLM-x32\...\vsetop.com ClusterTruck v1.0h2_is1) (Version: 1.0h2 - VseTop.Com)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: 1.6 - GetCS16.ru)
Counter-Strike: Condition Zero (HKLM-x32\...\Counter-Strike: Condition Zero_is1) (Version: 1.0.0.3 - Turtle Rock Studios)
Cross Fire (HKU\S-1-5-21-2685324974-2637366840-3599799030-500\...\Cross Fire) (Version: 1.0 - Mail.Ru)
Cube Destroyer (HKLM\...\Steam App 440760) (Version: - Freedomize)
Dead Island (HKLM-x32\...\Dead Island_is1) (Version: RePack - Ultra)
Dig or Die v0.2 Build 256 (HKLM-x32\...\vsetop.com Dig or Die v0.2 Build 256_is1) (Version: - VseTop.Com)
Dig or Die v0.23 Build 285 (HKLM-x32\...\vsetop.com Dig or Die v0.23 Build 285_is1) (Version: 0.23 Build 285 - VseTop.Com)
Dig or Die v0.25 Build 301 (HKLM-x32\...\vsetop.com Dig or Die v0.25 Build 301_is1) (Version: 0.25 Build 301 - VseTop.Com)
Dig or Die, версия 0.2 (HKLM-x32\...\{98069667-9A84-4058-96A3-4DCF5A08654F}_is1) (Version: 0.2 - Trackerock.Ru)
Dont Starve Together v176665 (HKLM-x32\...\vsetop.com Dont Starve Together v176665_is1) (Version: 176665 - VseTop.Com)
Door Kickers (HKLM-x32\...\Door Kickers_is1) (Version: Door Kickers - U4enik_77)
Duck Game (HKLM-x32\...\{A756971A-6B12-2B42-48D3-6FDF3A865451}_is1) (Version: 1.0 - )
Executive Assault (HKLM-x32\...\Executive Assault_is1) (Version: - )
Executive Assault [v.1.1998] (HKLM-x32\...\{EXECUTIVEASSAULT-6B52-2B42-48D3-6FDF3A861253}_is1) (Version: 1.1998 - Hesketh Studios (Coop-Land))
Factorio version 0.12.0 (HKLM\...\Factorio_is1) (Version: - )
Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: 1.2.0.0 - Релиз от R.G. Steamgames)
FastStone Image Viewer, версия 5.3 (HKLM-x32\...\FastStone Image Viewer_is1) (Version: 5.3 - FastStone Soft)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Foxit Reader 7.1.5.425 (HKLM\...\Foxit Reader) (Version: v 7.1.5.425 - oszone.net)
Fractured Space (HKLM\...\Steam App 310380) (Version: - Edge Case Games Ltd.)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto: Anderius (Alien City) (HKLM-x32\...\Grand Theft Auto: Anderius (Alien City)_is1) (Version: Grand Theft Auto: Anderius (Alien City) - GTAMaps.NET)
Ground War Tanks (HKU\S-1-5-21-2685324974-2637366840-3599799030-500\...\Ground War Tanks) (Version: 1.68 - Mail.Ru)
GTA Alien City Anderius, версия 1.0 (HKLM-x32\...\{6AB080CE-4D28-46D975A-BA67C893-68CD7B211AE5}_is1) (Version: 1.0 - )
Half-Life (HKLM-x32\...\Half-Life_is1) (Version: 2015.02.15 - Valve Corporation)
Half-Life: Opposing Force (HKLM-x32\...\Half-Life: Opposing Force_is1) (Version: 2013.10.04 - Valve Corporation)
Hero Siege v1.7.0.8 (HKLM-x32\...\vsetop.com Hero Siege v1.7.0.8_is1) (Version: 1.7.0.8 - VseTop.Com)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Keep Talking and Nobody Explodes версия 1.0 (HKLM-x32\...\{E78D0C6F-65CF-486D-9710-E48FBA6A1C33}_is1) (Version: 1.0 - Steel Crate Games)
K-Lite Mega Codec Pack 10.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.5 - )
Life is Hard v0.9 (HKLM-x32\...\vsetop.com Life is Hard v0.9_is1) (Version: 0.9 - VseTop.Com)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker 2016 Live (HKLM-x32\...\MX.{57F338DB-E124-4DAD-B57D-19208DB63D3E}) (Version: 22.0.1.51 - MAGIX Software GmbH)
MAGIX Music Maker 2016 Live (Version: 22.0.1.51 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2016 Live Update (Version: 22.0.3.63 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2016 Trial Live Pads (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2016 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{0090E035-BD9F-4D4C-8333-355CC9EBB89E}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
Maximum Override v0.76 (HKLM-x32\...\vsetop.com Maximum Override v0.76_is1) (Version: 0.76 - VseTop.Com)
Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Профессиональный плюс 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mine-imator version 1.0.2 (HKLM-x32\...\{EF61A1AA-5F85-4E94-ACC6-D5650A312AE6}}_is1) (Version: 1.0.2 - David Norgren)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MTA:SA v1.5.1 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.1 - Multi Theft Auto)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Графический драйвер 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software)
Paint the Town Red v0.5.2 (HKLM-x32\...\vsetop.com Paint the Town Red v0.5.2_is1) (Version: 0.5.2 - VseTop.Com)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Pixel Survivors v02.08.2016 (HKLM-x32\...\vsetop.com Pixel Survivors v02.08.2016_is1) (Version: 02.08.2016 - VseTop.Com)
Pre-Civilization Marble Age (HKLM-x32\...\Pre-Civilization Marble Age_R.G. Gamblers_is1) (Version: - R.G. Gamblers, Fanfar)
Pre-Civilization Marble Age (HKLM-x32\...\Steam App 346810) (Version: - Echidna LLC)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rake Multiplayer, версия 0.0.1 (HKLM-x32\...\{2E2B9C04-A4ED-4106-BA5A-5E84BA85D3DD}_is1) (Version: 0.0.1 - Konsordo)
Reassembly v22.07.2016 (HKLM-x32\...\vsetop.com Reassembly v22.07.2016_is1) (Version: 22.07.2016 - VseTop.Com)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.7.36 - Red Giant, LLC)
Robocraft Launcher version 0.4 (HKU\S-1-5-21-2685324974-2637366840-3599799030-500\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.4 - Freejam Games)
S.T.A.L.K.E.R. - Чистое небо (HKLM-x32\...\{717B803F-D328-4000-B6F6-E61D992A0BA7}_is1) (Version: - -=Hooli G@n=-)
SCP Containment Breach v1.3.0 (HKLM-x32\...\vsetop.com SCP Containment Breach v1.3.0_is1) (Version: 1.3.0 - VseTop.Com)
Sid Meier's Civilization 5.Gold Edition.v 1.0.1.674 + 13 DLC (HKLM-x32\...\Sid Meier's Civilization 5.Gold Edition.v 1.0.1.~1A495BFE_is1) (Version: Sid Meier's Civilization 5.Gold Edition.v 1.0.1.674 + 13 DLC - Fenixx--Repack--(23.06.2012))
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Slime Rancher v0.2.3b (HKLM-x32\...\vsetop.com Slime Rancher v0.2.3b_is1) (Version: - VseTop.Com)
Slime Rancher v0.3.4b Rus (HKLM-x32\...\vsetop.com Slime Rancher v0.3.4b Rus_is1) (Version: 0.3.4b Rus - VseTop.Com)
Slime Rancher v0.4.0c (HKLM-x32\...\vsetop.com Slime Rancher v0.4.0c_is1) (Version: 0.4.0c - VseTop.Com)
Spore (HKLM-x32\...\Spore_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Star Wars : Galactic Battlegrounds & Clone Campaigns (HKLM-x32\...\Star Wars : Galactic Battlegrounds & Clone Campaigns) (Version: - )
Star Wars Galactic Battlegrounds Clone Campaign (HKLM-x32\...\Star Wars Galactic Battlegrounds Clone Campaign) (Version: - )
State Of Decay v.14.4.23.u21 (HKLM-x32\...\State Of Decay_is1) (Version: - )
Subnautica, версия 498 (HKLM-x32\...\{B9508019-457A-4F84-9DA4-2EC2F944ECB3}_is1) (Version: 498 - Trackeroc.Ru)
Sumotori Full Version (HKLM-x32\...\Sumotori Full Version) (Version: - )
SuperTruck v0.2.0 (HKLM-x32\...\vsetop.com SuperTruck v0.2.0_is1) (Version: - VseTop.Com)
Sven Co-op (HKLM\...\Steam App 225840) (Version: - Sven Co-op Team)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeeWorlds 0.6.1 (HKLM-x32\...\{9EAC0CBE-0945-4F85-884E-80335EF710D3}_is1) (Version: 0.6.1 - GoodGame.by)
TerraTech v0.7 Beta (HKLM-x32\...\vsetop.com TerraTech v0.7 Beta_is1) (Version: 0.7 Beta - VseTop.Com)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Totally Accurate Battle Simulator v0.1.06 (HKLM-x32\...\vsetop.com Totally Accurate Battle Simulator v0.1.06_is1) (Version: 0.1.06 - VseTop.Com)
Trapcode Suite v13.0.0 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.0.0 - Red Giant, LLC)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.5 - Tunngle.net GmbH)
Turbo Dismount v1.22.0 (HKLM-x32\...\vsetop.com Turbo Dismount v1.22.0_is1) (Version: 1.22.0 - VseTop.Com)
Unity Web Player (HKU\S-1-5-21-2685324974-2637366840-3599799030-500\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
War Thunder Launcher 1.0.1.594 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Warface (HKU\S-1-5-21-2685324974-2637366840-3599799030-500\...\Warface) (Version: 1.106 - Mail.Ru)
WinRAR 5.20 (32-разрядная) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Игровой центр (HKU\S-1-5-21-2685324974-2637366840-3599799030-500\...\GameCenterMailRu) (Version: 3.1139 - ООО "Мэйл.Ру Геймз")
Обновления NVIDIA 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.4.5.28 - NVIDIA Corporation)
Панель управления NVIDIA 353.06 (Version: 353.06 - NVIDIA Corporation) Hidden
Поддержка программ Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Русификатор Music Maker Live 2016 22.0.3.63 (HKLM-x32\...\Русификатор Music Maker Live 2016 22.0.3.63) (Version: 22.0.3.63 - Teodorrrro)
Русификатор для Adobe After Effects CS6 11.0.1.12 1.0 (HKLM-x32\...\{E3185528-D54D-4DC0-9284-CA2D9C8BC2BE}_is1) (Version: 1.0 - by fixap - pcportal.org.ru)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07E7EAFE-4508-4BC3-8D23-AB2346923ECD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0FBFB11C-7C9E-48FE-AA42-D78BD57A4652} - System32\Tasks\AVG-SSU_0916tb => C:\ProgramData\Avg_Update_0916tb\AVG-Secure-Search-Update_0916tb.exe
Task: {19E2A2E4-EF43-40F6-BCC7-DFA9C60B5C39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {2760C568-FF9F-4424-85AA-6170C86CA4CE} - System32\Tasks\AVG-SSU_0816tb => C:\ProgramData\Avg_Update_0816tb\AVG-Secure-Search-Update_0816tb.exe
Task: {442C7845-0758-47A0-ADBD-C8C9E9688B25} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {515490F1-BC48-49B4-977B-4332EE5939F7} - System32\Tasks\AVG-SSU_0816tb2 => C:\ProgramData\Avg_Update_0816tb2\AVG-Secure-Search-Update_0816tb2.exe
Task: {54C1DFF0-FE6D-4DBC-B320-BFAB69DD12A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {59F17D49-1EC7-42D7-8D54-A19A341D98D6} - System32\Tasks\AVG-SSU_0616tb => C:\ProgramData\Avg_Update_0616tb\AVG-Secure-Search-Update_0616tb.exe
Task: {6C235FA5-DA6C-4742-BF91-47A8F65096AD} - System32\Tasks\{E2CE3686-E15C-409B-AF8B-71092296B25D} => pcalua.exe -a C:\Temp\jre-8u73-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {98931561-174A-4289-A2A1-30C36A671E70} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {A3BB655B-781C-42EC-9FCE-EBE310CD26B0} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\Windows\system32\aitagent.exe [2010-11-21] (Корпорация Майкрософт (Microsoft Corp.))
Task: {B2E0D834-BF24-46B5-87C3-512FEF91CD0C} - System32\Tasks\AVG-SSU_1116sp => C:\ProgramData\Avg_Update_1116sp\AVG-Secure-Search-Update_1116sp.exe [2016-11-08] ()
Task: {B6328F7A-AC48-402B-A5CE-D1DFE5649907} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {BAA80D85-612E-480B-B6EC-C9A5077AAF0A} - System32\Tasks\Opera scheduled Autoupdate 1443451221 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-11] (Opera Software)
Task: {C02A4AAC-89EF-4EA9-8FAB-A7A8345F096C} - System32\Tasks\InternetEA => C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe [2016-04-14] (Opera Software)
Task: {C111D321-41CC-4E49-85D6-7F7B795DD758} - System32\Tasks\Garena+ Plugin Host Service => D:\Games\Garena Plus\ggdllhost.exe [2016-02-22] ()
Task: {C5B0BA9B-6761-47E0-8233-1E938280C1A0} - System32\Tasks\{DB2CA51C-7F23-4F12-9020-FFB25A61E87E} => pcalua.exe -a C:\Users\Администратор\Downloads\forge-1.8-11.14.3.1450-installer-win.exe -d C:\Users\Администратор\Downloads
Task: {CE0CA34E-1EF2-4B7A-9008-49530EF2BD5D} - System32\Tasks\AVG-SSU_1116tb => C:\ProgramData\Avg_Update_1116tb\AVG-Secure-Search-Update_1116tb.exe
Task: {EEBC4050-E4DD-43B4-9BCC-2D6EEAC8B607} - System32\Tasks\AVG-SSU_0516tb => C:\ProgramData\Avg_Update_0516tb\AVG-Secure-Search-Update_0516tb.exe
Task: {F954E3FB-E05E-4AA1-9192-B197ADAFBC25} - System32\Tasks\AVG-SSU_1216tb => C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe
Task: {FF64C4E7-FD4C-4574-BE5F-855AAB747143} - System32\Tasks\{012A6E0F-AB2A-4E74-81F4-0CDF658DCD83} => c:\users\Администратор\appdata\local\amigo\application\amigo.exe
Task: {FF87F609-5357-498E-985E-F0C047FB0CD9} - System32\Tasks\AVG-SSU_1016tb => C:\ProgramData\Avg_Update_1016tb\AVG-Secure-Search-Update_1016tb.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-SSU_0516tb.job => C:\ProgramData\Avg_Update_0516tb\AVG-Secure-Search-Update_0516tb.exe
Task: C:\Windows\Tasks\AVG-SSU_0616tb.job => C:\ProgramData\Avg_Update_0616tb\AVG-Secure-Search-Update_0616tb.exe
Task: C:\Windows\Tasks\AVG-SSU_0816tb.job => C:\ProgramData\Avg_Update_0816tb\AVG-Secure-Search-Update_0816tb.exe
Task: C:\Windows\Tasks\AVG-SSU_0816tb2.job => C:\ProgramData\Avg_Update_0816tb2\AVG-Secure-Search-Update_0816tb2.exe
Task: C:\Windows\Tasks\AVG-SSU_0916tb.job => C:\ProgramData\Avg_Update_0916tb\AVG-Secure-Search-Update_0916tb.exe
Task: C:\Windows\Tasks\AVG-SSU_1016tb.job => C:\ProgramData\Avg_Update_1016tb\AVG-Secure-Search-Update_1016tb.exe
Task: C:\Windows\Tasks\AVG-SSU_1116sp.job => C:\ProgramData\Avg_Update_1116sp\AVG-Secure-Search-Update_1116sp.exe
Task: C:\Windows\Tasks\AVG-SSU_1116tb.job => C:\ProgramData\Avg_Update_1116tb\AVG-Secure-Search-Update_1116tb.exe
Task: C:\Windows\Tasks\AVG-SSU_1216tb.job => C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Администратор\Desktop\S.T.A.L.K.E.R. - Чистое небо.lnk -> D:\Games\S.T.A.L.K.E.R. Clear sky\S.T.A.L.K.E.R. - Чистое небо\bin\xrEngine.exe () <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Амиго.lnk -> C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe (No File) <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Амиго\Амиго.Музыка.lnk -> C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe (No File) <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Амиго\ВКонтакте.lnk -> C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe (No File) <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Амиго\Мини-игры Mail.Ru.lnk -> C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe (No File) <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Амиго\Мой Мир.lnk -> C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe (No File) <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Амиго\Одноклассники.lnk -> C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe (No File) <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Амиго\Почта Mail.Ru.lnk -> C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe (No File) <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Новости в последней версии.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt () <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Руководство по консольной версии RAR.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt () <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Справка WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm () <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Деинсталлировать War Thunder.lnk -> C:\WarThunder\unins000.exe () <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Амиго.lnk -> C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe (No File) <===== Cyrillic
Shortcut: C:\Users\Администратор\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Амиго.lnk -> C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe (No File) <===== Cyrillic
ShortcutWithArgument: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Журнал ошибок.lnk -> C:\WarThunder\.game_logs () -> cd <===== Cyrillic
ShortcutWithArgument: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Повторы боев.lnk -> C:\WarThunder\Replays () -> cd <===== Cyrillic
ShortcutWithArgument: C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Скриншоты.lnk -> C:\WarThunder\Screenshots () -> cd <===== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2015-09-25 15:55 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-01-11 08:32 - 2016-02-22 13:24 - 00174632 _____ () D:\Games\Garena Plus\ggdllhost.exe
2016-01-29 06:04 - 2016-09-29 06:26 - 03437008 _____ () D:\Games\Garena Plus\ggspawn.dll
2016-12-03 00:06 - 2016-12-03 00:06 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2015-09-28 08:39 - 2015-09-28 08:39 - 00218112 _____ () C:\Program Files (x86)\AIMP3\System\libsoxr.dll
2015-09-28 08:39 - 2015-09-28 08:39 - 00467968 _____ () C:\Program Files (x86)\AIMP3\System\Encoders\libFLAC.dll
2015-09-28 08:39 - 2015-09-28 08:39 - 01733120 _____ () C:\Program Files (x86)\AIMP3\System\Encoders\aimp_libvorbis.dll
2015-09-28 08:39 - 2015-09-28 08:39 - 00059976 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_AnalogMeter\aimp_AnalogMeter.dll
2015-09-28 08:39 - 2015-09-28 08:39 - 00160840 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_cdda\aimp_cdda.dll
2015-09-28 08:39 - 2015-09-28 08:39 - 00159232 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_sacd\libsacd.dll
2015-09-28 08:39 - 2015-09-28 08:39 - 00026624 _____ () C:\Program Files (x86)\AIMP3\Plugins\Aorta\Aorta.dll
2015-09-28 08:39 - 2015-09-28 08:39 - 00237568 _____ () C:\Program Files (x86)\AIMP3\Plugins\OptimFROG\OptimFROG.dll
2015-09-28 08:39 - 2015-09-28 08:39 - 00152648 _____ () C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll
2014-08-25 18:42 - 2016-12-08 17:13 - 00656160 _____ () E:\#Clip\#Games\Steam\SDL2.dll
2014-12-07 14:54 - 2016-09-01 03:02 - 04969248 _____ () E:\#Clip\#Games\Steam\v8.dll
2014-12-07 14:54 - 2016-09-01 03:02 - 01563936 _____ () E:\#Clip\#Games\Steam\icui18n.dll
2014-12-07 14:54 - 2016-09-01 03:02 - 01195296 _____ () E:\#Clip\#Games\Steam\icuuc.dll
2014-08-25 18:42 - 2016-12-09 22:48 - 02322720 _____ () E:\#Clip\#Games\Steam\video.dll
2014-08-29 18:47 - 2016-01-27 09:49 - 02549760 _____ () E:\#Clip\#Games\Steam\libavcodec-56.dll
2014-08-29 18:47 - 2016-01-27 09:49 - 00442880 _____ () E:\#Clip\#Games\Steam\libavutil-54.dll
2014-08-29 18:47 - 2016-01-27 09:49 - 00491008 _____ () E:\#Clip\#Games\Steam\libavformat-56.dll
2014-08-29 18:47 - 2016-01-27 09:49 - 00332800 _____ () E:\#Clip\#Games\Steam\libavresample-2.dll
2014-08-29 18:47 - 2016-01-27 09:49 - 00485888 _____ () E:\#Clip\#Games\Steam\libswscale-3.dll
2014-08-25 18:42 - 2016-12-09 22:48 - 00838432 _____ () E:\#Clip\#Games\Steam\bin\chromehtml.DLL
2016-03-11 18:28 - 2016-07-05 00:17 - 00266560 _____ () E:\#Clip\#Games\Steam\openvr_api.dll
2016-12-14 16:20 - 2016-12-05 18:21 - 67304736 _____ () E:\#Clip\#Games\Steam\bin\cef\cef.win7\libcef.dll
2014-08-25 18:42 - 2016-12-09 22:48 - 00388384 _____ () E:\#Clip\#Games\Steam\steam.dll
2014-12-18 13:25 - 2015-09-25 01:52 - 00119208 _____ () E:\#Clip\#Games\Steam\winh264.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [344]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [344]
AlternateDataStreams: C:\Users\Все пользователи:NT [40]
AlternateDataStreams: C:\Users\Все пользователи:NT2 [344]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [344]
AlternateDataStreams: C:\ProgramData\Microsoft:1fpnXWZiBSZ0Oto2aWeKLN7ReA [2288]
AlternateDataStreams: C:\ProgramData\Microsoft:JilVeeeSW0e2Xjlsbt7TRzz [2412]
AlternateDataStreams: C:\ProgramData\Microsoft:ppV2knbZedwZ0xXh1h8WJgStPSU [2116]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [344]
AlternateDataStreams: C:\Users\Администратор\Application Data:NT [40]
AlternateDataStreams: C:\Users\Администратор\Application Data:NT2 [344]
AlternateDataStreams: C:\Users\Администратор\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Администратор\AppData\Roaming:NT2 [344]
AlternateDataStreams: C:\Users\Все пользователи\Application Data:NT [40]
AlternateDataStreams: C:\Users\Все пользователи\Application Data:NT2 [344]
AlternateDataStreams: C:\Users\Все пользователи\Microsoft:1fpnXWZiBSZ0Oto2aWeKLN7ReA [2288]
AlternateDataStreams: C:\Users\Все пользователи\Microsoft:JilVeeeSW0e2Xjlsbt7TRzz [2412]
AlternateDataStreams: C:\Users\Все пользователи\Microsoft:ppV2knbZedwZ0xXh1h8WJgStPSU [2116]
AlternateDataStreams: C:\Users\Все пользователи\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\Users\Все пользователи\MTA San Andreas All:NT2 [344]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2016-05-25 14:07 - 00001581 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 ood.opsource.net
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 OCSP.SPO1.VERISIGN.COM
127.0.0.1 activate-sea.adobe.com127.0.0.1 bandicam.com
127.0.0.1 ssl.bandisoft.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2685324974-2637366840-3599799030-500\Control Panel\Desktop\\Wallpaper -> C:\Program Files (x86)\FastStone Image Viewer\FSViewerWallPaper.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B8E626DC-1AC1-4149-B6F0-76A8710C6943}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{BB87EBE0-7845-41F0-B81A-09C46BD2A69C}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7D699A19-8CA5-4824-9644-066A8DC6B405}] => E:\#Clip\#Games\Steam\Steam.exe
FirewallRules: [{EE2A6E90-70F9-444B-B1EC-6219D0CD9B5D}] => E:\#Clip\#Games\Steam\Steam.exe
FirewallRules: [{31BD0FD0-F423-4B98-BC3B-6B0220B57452}] => E:\#Clip\#Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{226B38C2-516A-4D88-98E0-3AB14D330405}] => E:\#Clip\#Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{4DC20743-4672-45B3-87D4-C2C51C6D246A}] => E:\#Clip\#Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{44FEC6BF-AFDB-4411-B73F-0376BE16396B}] => E:\#Clip\#Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{48131EE0-B830-453E-A141-FE8D08E15DDD}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F8FA6CE1-C5FC-4202-8088-414207E2C57D}] => E:\#Clip\#Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{49835A39-9FCD-4343-9DA9-643F8F4C8F7D}] => E:\#Clip\#Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{FF00F75C-37EA-4ABE-AA38-8D903D64414E}] => LPort=8317
FirewallRules: [{2DB33E27-E1BD-4910-A743-881E7AC2401B}] => E:\#Clip\#Games\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{4799D92B-5FA2-44DA-93E3-038CA51A792A}] => E:\#Clip\#Games\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{88ECB254-352E-4ACF-976C-C19A5A392172}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{FDB94F10-3630-457B-A882-73249BB026D4}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{5DBFEF67-D56C-427F-80E2-818661DED7F2}] => E:\#Clip\#Games\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{67944A07-0530-4B86-9E81-A3A87A6ECC61}] => E:\#Clip\#Games\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{E477526B-04C9-4476-AC61-1520304EE4DB}] => C:\WarThunder\launcher.exe
FirewallRules: [{D6B849CA-2C01-465B-BFCE-3E9BD22EE0E7}] => C:\WarThunder\launcher.exe
FirewallRules: [{70443EA8-F77E-461D-B17A-ABE7BAB30EFB}] => C:\WarThunder\bpreport.exe
FirewallRules: [{ABCC7CAB-44BF-4E16-8B41-9A32F8CBD4A0}] => C:\WarThunder\bpreport.exe
FirewallRules: [{7FEF406A-0D1D-46FE-9CB5-DFF0D1A5E865}] => LPort=80
FirewallRules: [{FD997312-8D81-4A22-8123-FEFBD570B999}] => LPort=443
FirewallRules: [{8937F15D-DC58-46D5-A48E-2A9E6E8308AF}] => LPort=20010
FirewallRules: [{046930DC-C70B-4E10-ADBA-F6D2A2730B2E}] => LPort=3478
FirewallRules: [{98ADC106-D412-4CC9-A2D6-AF8493FE2883}] => LPort=7850
FirewallRules: [{B86DF13A-5E5C-4F85-AEE2-7FD2695C8197}] => LPort=7852
FirewallRules: [{BBF827D0-F8E1-4ED4-8383-13A1EE7C87BC}] => LPort=7853
FirewallRules: [{9D840BAD-CAF7-4A57-9899-9DB5E67DF65A}] => LPort=27022
FirewallRules: [{772CBA73-ED22-4DF2-A031-0B3B101FC505}] => LPort=6881
FirewallRules: [{BF4286AE-5113-483C-A02E-681F62791172}] => LPort=33333
FirewallRules: [{07403948-5085-4B5C-A1C3-3002697ABED4}] => LPort=20443
FirewallRules: [{37BF9F8D-F066-49D4-885B-14C6C15B56FD}] => LPort=8090
FirewallRules: [{BC30BA61-BEB4-4796-A2B3-32F8BA9E8B39}] => E:\#Clip\#Games\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{AC792736-2845-4373-9543-98495E7B4BD0}] => E:\#Clip\#Games\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{19A954C9-C75C-4879-B063-11420BBD70E1}] => E:\#Clip\#Games\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{87356C92-BD3C-4783-94B6-C724B9ECBE75}] => E:\#Clip\#Games\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{657958F0-AB7B-4637-8C26-F8BFCE4D78CD}] => D:\Games\Garena Plus\Room\garena_room.exe
FirewallRules: [{AD676FEE-21BB-4243-BF61-F73413C7DB11}] => E:\#Clip\#Games\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{F992BB1D-FB33-47BD-970B-2B9C829EE1EF}] => E:\#Clip\#Games\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{74CF6F11-FC70-4961-9034-17B4908D24AA}] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{F4FD5DAF-9FEF-4A34-B82A-364B47073ADC}] => E:\#Clip\#Games\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{6A291A38-E493-4398-8A19-0A589FC84FB2}] => E:\#Clip\#Games\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{4C7A1D69-B06E-42A8-9EDD-2D679FA03E1E}] => C:\Users\Администратор\AppData\Local\MediaGet2\mediaget.exe
FirewallRules: [{E21D6FE1-16AF-4249-A733-2EB97F0526CB}] => C:\Users\Администратор\AppData\Local\MediaGet2\mediaget.exe
FirewallRules: [{F18D20F7-9F18-4D3B-BFDF-480EECA766D9}] => D:\Games\Dont Starve Together v176665\bin\dontstarve_steam.exe
FirewallRules: [{A001B76A-A35E-4EDC-9C1C-23BAB90C7222}] => D:\Games\Dont Starve Together v176665\bin\dontstarve_steam.exe
FirewallRules: [{E5F94F09-1749-4347-8C39-396B10463313}] => D:\Games\Tunngle\TnglCtrl.exe
FirewallRules: [{D5B3D3D9-762A-4C14-8F4D-D13AE0C7A43B}] => D:\Games\Tunngle\TnglCtrl.exe
FirewallRules: [{70E62A4C-C083-4F1E-A101-E6FD7C8B2BD8}] => D:\Games\Tunngle\Tunngle.exe
FirewallRules: [{317EC54E-FE24-4F19-AF71-5B20CB8460FF}] => D:\Games\Tunngle\Tunngle.exe
FirewallRules: [{8D5EF1F2-BEAC-438A-96D5-950544B50642}] => E:\#Clip\#Games\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{8CA1E281-7D92-4C46-8CED-44F1EE841A9F}] => E:\#Clip\#Games\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{F965AD94-6B3E-4689-93B6-2876A1F59995}] => E:\#Clip\#Games\Steam\SteamApps\common\Bloons TD Battles\Battles-Win.exe
FirewallRules: [{71C1E08F-6061-4797-978E-AF99FE732063}] => E:\#Clip\#Games\Steam\SteamApps\common\Bloons TD Battles\Battles-Win.exe
FirewallRules: [{3FE599F4-5BFC-4A09-B009-E14DF0173647}] => E:\#Clip\#Games\Steam\SteamApps\common\Cube Destroyer\Cube Destroyer.exe
FirewallRules: [{4DA49865-D61D-4E2B-A91F-5C2BF88C2278}] => E:\#Clip\#Games\Steam\SteamApps\common\Cube Destroyer\Cube Destroyer.exe
FirewallRules: [{457D5B61-1A84-4E9B-A32C-6E4A093E108C}] => E:\#Clip\#Games\Steam\SteamApps\common\Unturned\Unturned_BE.exe
FirewallRules: [{0799CDC8-080C-4399-8232-9470BE967D67}] => E:\#Clip\#Games\Steam\SteamApps\common\Unturned\Unturned_BE.exe
FirewallRules: [{504BAAFD-1505-474C-B731-9D072719490A}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{A1353883-15F3-476D-BF9A-303E112130D6}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{0D201F48-B6CA-4234-8CEC-C7DBE4D6CB9F}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{F992B7F6-1FEC-47DE-A410-0C735EE3CF66}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{9ECDFBDD-88CA-4C95-9C5A-80F01D81AFCA}] => D:\engl\Новая папка\MusicMaker.exe
FirewallRules: [{7EEFE39F-1FE7-4809-B4D1-5F25E797E3A1}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D4A7FDAB-08D9-47F6-8876-A6D58A7E0DBB}] => E:\#Clip\#Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8B6C90EC-D15E-4DB1-8815-2B394BC43895}] => E:\#Clip\#Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{51B19231-C870-4947-AE03-9CFB715122A6}] => C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe
==================== Restore Points =========================
13-10-2016 17:26:26 Запланированная контрольная точка
31-10-2016 14:34:57 Запланированная контрольная точка
04-12-2016 11:25:43 Запланированная контрольная точка
15-12-2016 07:08:19 Запланированная контрольная точка
==================== Faulty Device Manager Devices =============
Name: gkernel
Description: gkernel
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: gkernel
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/18/2016 12:29:55 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Ошибка активации лицензии Windows. Ошибка 0x00000000.
Error: (12/18/2016 12:29:55 PM) (Source: Software Protection Platform Service) (EventID: 819
(User: )
Description: Сбой активации лицензий (slui.exe). Код ошибки:
0x80070005
Error: (12/18/2016 12:29:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/18/2016 12:15:41 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Ошибка активации лицензии Windows. Ошибка 0x00000000.
Error: (12/18/2016 12:15:41 PM) (Source: Software Protection Platform Service) (EventID: 819
(User: )
Description: Сбой активации лицензий (slui.exe). Код ошибки:
0x80070005
Error: (12/18/2016 12:14:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/18/2016 11:17:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Имя сбойного приложения: launcher.exe_Opera Internet Browser, версия: 36.0.2130.65, отметка времени: 0x5707061c
Имя сбойного модуля: launcher.exe, версия: 36.0.2130.65, отметка времени 0x5707061c
Код исключения: 0x80000003
Смещение ошибки: 0x00022139
Идентификатор сбойного процесса: 0x1298
Время запуска сбойного приложения: 0x01d2590f8b8fda84
Путь сбойного приложения: C:\Users\Администратор\Desktop\launcher.exe
Путь сбойного модуля: C:\Users\Администратор\Desktop\launcher.exe
Код отчета: c942ceb0-c502-11e6-bd0e-bc5ff438a72a
Error: (12/18/2016 11:17:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Имя сбойного приложения: launcher.exe_Opera Internet Browser, версия: 36.0.2130.65, отметка времени: 0x5707061c
Имя сбойного модуля: launcher.exe, версия: 36.0.2130.65, отметка времени 0x5707061c
Код исключения: 0x80000003
Смещение ошибки: 0x00022139
Идентификатор сбойного процесса: 0x9d4
Время запуска сбойного приложения: 0x01d2590f851c0f53
Путь сбойного приложения: C:\Users\Администратор\Desktop\launcher.exe
Путь сбойного модуля: C:\Users\Администратор\Desktop\launcher.exe
Код отчета: c34d6021-c502-11e6-bd0e-bc5ff438a72a
Error: (12/18/2016 09:39:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/18/2016 09:39:32 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Ошибка активации лицензии Windows. Ошибка 0x00000000.
System errors:
=============
Error: (12/18/2016 12:28:38 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Сбой при вызове ScRegSetValueExW для FailureActions из-за ошибки
Отказано в доступе.
Error: (12/18/2016 12:28:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Сбой при вызове ScRegSetValueExW для FailureActions из-за ошибки
Отказано в доступе.
Error: (12/18/2016 12:26:58 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Сбой при вызове ScRegSetValueExW для FailureActions из-за ошибки
Отказано в доступе.
Error: (12/18/2016 12:21:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Служба "Skype Updater" неожиданно прервана. Это произошло (раз): 1.
Error: (12/18/2016 12:21:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Служба Защита программного обеспечения была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 120000 мсек: Перезапуск службы.
Error: (12/18/2016 12:21:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Служба "FABS - Helping agent for MAGIX media database" неожиданно прервана. Это произошло (раз): 1.
Error: (12/18/2016 12:21:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Служба "LogMeIn Hamachi Tunneling Engine" неожиданно прервана. Это произошло (раз): 1.
Error: (12/18/2016 12:21:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Служба "vToolbarUpdater40.3.6" неожиданно прервана. Это произошло (раз): 1.
Error: (12/18/2016 12:21:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Служба "VIA Karaoke digital mixer Service" неожиданно прервана. Это произошло (раз): 1.
Error: (12/18/2016 12:21:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Служба Updater.Mail.Ru была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 0 мсек: Перезапуск службы.
CodeIntegrity:
===================================
Date: 2016-12-18 12:31:00.349
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Temp\gkernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-18 12:31:00.230
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Temp\gkernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-18 12:18:15.856
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Temp\gkernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-18 12:18:15.711
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Temp\gkernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-18 09:42:26.537
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Temp\gkernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-18 09:42:26.431
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Temp\gkernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-17 14:29:41.133
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Temp\gkernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-17 14:29:41.034
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Temp\gkernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-17 08
58.453
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Temp\gkernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-17 08
58.176
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Temp\gkernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 260 Processor
Percentage of memory in use: 44%
Total physical RAM: 4095.24 MB
Available physical RAM: 2288.48 MB
Total Virtual: 7093.43 MB
Available Virtual: 5391.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.56 GB) (Free:22.54 GB) NTFS
Drive d: () (Fixed) (Total:439.45 GB) (Free:157.7 GB) NTFS
Drive e: (MEDIA1) (Fixed) (Total:394.4 GB) (Free:38.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 931.5 GB) (Disk ID: 7F6E0C7E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=394.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=439.5 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================
FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by Администратор (administrator) on ADMINISTRATOR (18-12-2016 12:51:0
Running from C:\Users\Администратор\Downloads
Loaded Profiles: Администратор (Available Profiles: Администратор)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Русский (Россия)
Internet Explorer Version 10 (Default browser: "C:\Users\Администратор\AppData\Local\Amigo\Application\amigo.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(LogMeIn Inc.) D:\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\x64\LMIGuardianSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
() D:\Games\Garena Plus\ggdllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
() D:\Games\Garena Plus\ggdllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe
(Valve Corporation) E:\#Clip\#Games\Steam\Steam.exe
(Valve Corporation) E:\#Clip\#Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) E:\#Clip\#Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-2685324974-2637366840-3599799030-500\...\Run: [GameCenterMailRu] => "C:\Users\Администратор\AppData\Local\Mail.Ru\GameCenter\
[email protected]" -autostart
HKU\S-1-5-21-2685324974-2637366840-3599799030-500\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27021952 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2685324974-2637366840-3599799030-500\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2685324974-2637366840-3599799030-500\...\Run: [GarenaPlus] => D:\Games\Garena Plus\GarenaMessenger.exe [9131560 2016-10-20] ()
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{8C1F6845-51DB-4677-93C6-744AED69202A}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{C392ABB9-B205-4D91-972A-09070C4F3919}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKU\S-1-5-21-2685324974-2637366840-3599799030-500\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-2685324974-2637366840-3599799030-500 -> 8fe2ddf2-7f2d-11e6-b6b8-00ff8c1f6845 URL = hxxps://yandex.ru/search/?win=247&clid=2255395-225&text={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Корпорация Майкрософт.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Корпорация Майкрософт.)
FireFox:
========
FF ProfilePath: C:\Users\Администратор\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2016-12-18]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\nahd6ha2.default -> Поиск@Mail.Ru
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nahd6ha2.default -> Поиск@Mail.Ru
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxp://mail.ru/cnt/10445?gp=818409
FF Keyword.URL: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7BC717846F-2FB3-41A5-91D9-78277D89B224%7D&gp=811041
FF Extension: (Домашняя страница Mail.Ru) - C:\Users\Администратор\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\
[email protected] [2016-12-18]
FF Extension: (Поиск@Mail.Ru) - C:\Users\Администратор\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\
[email protected] [2016-12-18]
FF Extension: (Визуальные закладки @Mail.Ru) - C:\Users\Администратор\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [2016-12-18]
FF SearchPlugin: C:\Users\Администратор\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\mailru.xml [2016-12-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> D:\Games\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2016-09-23] ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2685324974-2637366840-3599799030-500: @mail.ru/GameCenter -> C:\Users\Администратор\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll [No File]
FF Plugin HKU\S-1-5-21-2685324974-2637366840-3599799030-500: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Администратор\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> yandex.ru/?__PARAM__from=chromehp
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/distib/ep/?q={searchTerms}&product_id=%7B83D4C29F-BA90-49BE-8F25-E50FE82306E1%7D&gp=811041
CHR DefaultSearchKeyword: Default -> mail.ru_
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/ff3?q={searchTerms}
CHR Profile: C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default [2016-12-18]
CHR Extension: (Документы Google) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-28]
CHR Extension: (Диск Google) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Tampermonkey) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-18]
CHR Extension: (Стартовая — Яндекс) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkekdlkmdpipihonapoleopfekmapadh [2016-09-20]
CHR Extension: (Google Таблицы) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-28]
CHR Extension: (Google Документы офлайн) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-20]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-20]
CHR Extension: (Gmail) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-28]
CHR Extension: (Chrome Media Router) - C:\Users\Администратор\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-20]
CHR HKLM-x32\...\Chrome\Extension: [dkekdlkmdpipihonapoleopfekmapadh] - hxxp://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Tampermonkey) - C:\Users\Администратор\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-18]
OPR Extension: (SaveFrom.net помощник) - C:\Users\Администратор\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2016-12-02]
OPR Extension: (Adblock Plus) - C:\Users\Администратор\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-10-27]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1456136 2016-11-20] ()
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Корпорация Майкрософт)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-06-28] (EasyAntiCheat Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 Hamachi2Svc; D:\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TunngleService; D:\Games\Tunngle\TnglCtrl.exe [818160 2016-05-11] (Tunngle.net GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Корпорация Майкрософт)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Корпорация Майкрософт)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Корпорация Майкрософт)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [47736 2015-12-21] (Tunngle.net)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Корпорация Майкрософт)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 GGSAFERDriver; \??\D:\Games\Garena Plus\Room\safedrv.sys [X]
S3 gkernel; \??\C:\Temp\gkernel.sys [X]
S0 oem-drv64; system32\DRIVERS\oem-drv64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va060; \??\C:\Windows\SysWOW64\Drivers\X6va060 [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgdiska.sys EBE91430DEC70E1F81D1C48B31160CAE
C:\Windows\System32\DRIVERS\avgidsdrivera.sys B86C75AB2F51C796611207EB97D1CD40
C:\Windows\System32\DRIVERS\avgidsha.sys D4CCC55958DC87A0F7EF8A809BE5D656
C:\Windows\System32\DRIVERS\avgldx64.sys 4CB2D2D75AC92C4763A54695179DE96F
C:\Windows\System32\DRIVERS\avgloga.sys 301E95F388C93D3C73EE35E3693C6A97
C:\Windows\System32\DRIVERS\avgmfx64.sys A8524438C36CEB9C1F6C6CF7CC56FC7B
C:\Windows\System32\DRIVERS\avgrkx64.sys 2A0D6982D0492BF6266E64F25C23EAE8
C:\Windows\System32\DRIVERS\avgtdia.sys 62106EC9E7AE887CC4A627206E082296
C:\Windows\System32\DRIVERS\avguniva.sys 1EEB894456B375A486950D343F6DB81F
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys AAFCB52FE0037207FB6FBEA070D25EFE
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\System32\DRIVERS\E1G6032E.sys ==> MD5 is legit
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 7EFB9333E4ECCE6AE4AE9D777D9E553E
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040
C:\Windows\System32\drivers\nvhda64v.sys 624C1453F9109D98F7E2612DAD76BBB1
C:\Windows\System32\DRIVERS\nvlddmkm.sys 017E0B4AEFCB291E7CF1CD4BF120A7A8
C:\Windows\System32\DRIVERS\nvmf6264.sys BD25E03EAD63AC3365F25175B4DBD56A
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\System32\DRIVERS\nvsmu.sys 61A59FB62864EB3F32D24985A505CE03
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nuvserenum.sys 8C4E747CBC6CDFF5F5BB6360348161F1
C:\Windows\System32\DRIVERS\nuvserial.sys 46E579857F593EBC5DD9DE3B16BF234A
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\Synth3dVsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\DRIVERS\tap0901t.sys DC643A36180AD0FA9439928EF2C98D02
C:\Windows\System32\drivers\tcpip.sys B62A953F2BF3922C8764A29C34A22899
C:\Windows\System32\DRIVERS\tcpip.sys B62A953F2BF3922C8764A29C34A22899
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys EF4469AB69EB15E5D3754E6AEAFBCD3D
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\system32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\viahduaa.sys 217829CFFF19B39FAE571B502963943A
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-18 12:51 - 2016-12-18 12:52 - 00033523 _____ C:\Users\Администратор\Downloads\FRST.txt
2016-12-18 12:50 - 2016-12-18 12:51 - 00000000 ____D C:\FRST
2016-12-18 12:49 - 2016-12-18 12:50 - 02420224 _____ (Farbar) C:\Users\Администратор\Downloads\FRST64.exe
2016-12-18 12:38 - 2016-12-18 12:40 - 22427800 _____ (MediaGet LLC ) C:\Users\Администратор\Downloads\MediaGet_id887089ids5s.exe
2016-12-18 12:30 - 2016-12-18 12:30 - 00003392 _____ C:\Windows\System32\Tasks\Garena+ Plugin Host Service
2016-12-18 12:08 - 2016-12-18 12:26 - 00000000 ____D C:\AdwCleaner
2016-12-18 12:08 - 2016-12-18 12:08 - 03977168 _____ C:\Users\Администратор\Downloads\adwcleaner_6.041.exe
2016-12-18 12:05 - 2016-12-18 12:42 - 00000143 _____ C:\Users\Администратор\Downloads\скрипт.txt
2016-12-18 12:05 - 2016-12-18 12:05 - 00002764 _____ C:\Users\Администратор\Downloads\AdwCleaner[S2].txt
2016-12-18 11:22 - 2016-12-18 11:49 - 00000000 ____D C:\Users\Все пользователи\Adguard
2016-12-18 11:22 - 2016-12-18 11:49 - 00000000 ____D C:\ProgramData\Adguard
2016-12-18 11:22 - 2016-12-18 11:22 - 00000260 _____ C:\Windows\SysWOW64\Drivers\vwifikerneldrv.sys
2016-12-18 11:22 - 2016-12-18 11:22 - 00000260 _____ C:\Windows\SysWOW64\d3dx9_11.dll.tmp
2016-12-18 11:22 - 2016-12-18 11:22 - 00000260 _____ C:\Users\Все пользователи\fontcacheev1.dat
2016-12-18 11:22 - 2016-12-18 11:22 - 00000260 _____ C:\ProgramData\fontcacheev1.dat
2016-12-18 11:19 - 2016-12-18 11:19 - 00173328 _____ C:\Users\Администратор\Downloads\adguardInstaller.exe
2016-12-18 10:01 - 2016-12-18 10:01 - 00003644 _____ C:\Windows\System32\Tasks\InternetEA
2016-12-18 10:00 - 2016-12-18 10:00 - 03196056 _____ (CamStudio Group) C:\Users\Администратор\Downloads\Need_for_Speed_Carbon.torrent.exe
2016-12-18 09:56 - 2016-12-18 09:56 - 01361590 _____ C:\Users\Администратор\Downloads\Need_for_Speed_Carbon_96934848.zip
2016-12-18 09:56 - 2016-12-18 09:56 - 00000000 ____D C:\Users\Администратор\Downloads\Need_for_Speed_Carbon_96934848
2016-12-18 09:53 - 2016-12-18 09:53 - 03196056 _____ (CamStudio Group) C:\Users\Администратор\Downloads\Need_for_Speed_Carbon_-_Collectors_Edition.torrent.exe
2016-12-18 09:48 - 2016-12-18 09:48 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2016-12-17 18:50 - 2016-12-17 18:50 - 00017684 _____ C:\Users\Администратор\Downloads\1663_need-for-speed-.torrent
2016-12-17 17:53 - 2016-12-17 17:53 - 00000000 ____D C:\Users\Администратор\Documents\Criterion Games
2016-12-17 17:41 - 2016-12-17 17:41 - 00000991 _____ C:\Users\Администратор\Desktop\Need for Speed - Most Wanted.lnk
2016-12-17 17:41 - 2016-12-17 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst
2016-12-17 14:38 - 2016-12-17 14:38 - 00015212 _____ C:\Users\Администратор\Downloads\Need-for-Speed-Most-Wanted-2012.torrent
2016-12-16 19:51 - 2016-12-16 19:51 - 00118936 _____ C:\Neprikasaemy_41247P.lua
2016-12-16 19:50 - 2016-12-16 19:51 - 00078542 _____ C:\Reassembly_maski_-_Nuke-Storeship_20160101_03_16_15_PM_14187P.lua
2016-12-16 19:50 - 2016-12-16 19:50 - 00040243 _____ C:\Reassembly_maski_-_Korabl_bez_imeni_20160101_03_15_46_PM_17280P.lua
2016-12-16 19:46 - 2016-12-16 19:46 - 00013405 _____ C:\Users\Администратор\Downloads\161_Need_for_Speed_.torrent
2016-12-16 19:24 - 2016-12-16 19:24 - 00000000 ____D C:\Users\Администратор\AppData\LocalLow\Sauropod Studio
2016-12-16 18:28 - 2016-12-16 18:28 - 00014674 _____ C:\Users\Администратор\Downloads\Castle_Story.torrent
2016-12-10 22:28 - 2016-12-10 22:28 - 01872879 _____ C:\Users\Администратор\Downloads\pu6setup.rar
2016-12-08 17:23 - 2016-12-18 12:29 - 00000572 _____ C:\Windows\Tasks\AVG-SSU_1216tb.job
2016-12-08 17:23 - 2016-12-08 17:23 - 00002868 _____ C:\Windows\System32\Tasks\AVG-SSU_1216tb
2016-12-06 21:12 - 2016-12-06 21:12 - 00000000 ____D C:\Users\Администратор\Documents\Загрузки MAGIX
2016-12-06 21:05 - 2016-12-06 21:12 - 00000000 ____D C:\Users\Администратор\Documents\MAGIX Downloads
2016-12-06 21:01 - 2016-12-06 21:12 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\MAGIX
2016-12-06 21:01 - 2016-12-06 21:01 - 00000654 _____ C:\Users\Public\Desktop\MAGIX Music Maker 2016 Live.lnk
2016-12-06 21:01 - 2016-12-06 21:01 - 00000000 ____D C:\Users\Администратор\Documents\MAGIX_MusicEditor
2016-12-06 21:01 - 2016-12-06 21:01 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2016-12-06 21:01 - 2016-12-06 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2016-12-06 20:58 - 2016-12-06 21:13 - 00000000 ___RD C:\Users\Администратор\Documents\MAGIX
2016-12-06 20:58 - 2016-12-06 20:58 - 00000000 ____D C:\Program Files (x86)\MAGIX
2016-12-06 20:54 - 2016-12-06 21:06 - 00000000 ____D C:\Users\Все пользователи\MAGIX
2016-12-06 20:54 - 2016-12-06 21:06 - 00000000 ____D C:\ProgramData\MAGIX
2016-12-03 16:05 - 2016-12-03 16:05 - 00039910 _____ C:\Users\Администратор\Downloads\trapcode.rar
2016-12-03 16:05 - 2016-12-03 16:05 - 00000000 ____D C:\Users\Администратор\Downloads\trapcode
2016-12-03 14:23 - 2016-12-03 14:23 - 01968173 _____ C:\Users\Администратор\Downloads\Half Life 2.zip
2016-12-03 09:49 - 2016-12-03 09:49 - 00050564 _____ C:\Users\Администратор\Downloads\ZhUKI.rar
2016-12-02 21:41 - 2016-12-02 21:41 - 00004071 _____ C:\Users\Администратор\Downloads\Mineimator.Ru_rigs___Kar 98K.rar
2016-11-27 12:15 - 2016-11-27 12:15 - 00302246 _____ C:\Users\Администратор\Desktop\Updater.exe
2016-11-26 22:38 - 2016-11-26 22:38 - 00000000 ____D C:\Users\Администратор\AppData\LocalLow\Subvert Games
2016-11-26 16:15 - 2016-11-26 16:15 - 00016246 _____ C:\Users\Администратор\Downloads\Slime_Rancher.torrent
2016-11-22 18:36 - 2016-11-22 18:36 - 00000000 ____D C:\Program Files (x86)\Red Giant Link
2016-11-22 18:34 - 2015-10-26 16:13 - 15554560 _____ (Trapcode AB) C:\Windows\system32\TCParticleBuilder.dll
2016-11-20 14:21 - 2016-11-20 14:45 - 00000000 ____D C:\Users\Public\Documents\stalker-stcs
2016-11-20 14:20 - 2016-11-20 14:20 - 00001041 _____ C:\Users\Администратор\Desktop\S.T.A.L.K.E.R. - Чистое небо.lnk
2016-11-20 14:20 - 2016-11-20 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. - Чистое небо
2016-11-19 17:13 - 2016-11-19 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarGame
2016-11-19 17:03 - 2016-11-19 17:03 - 00020520 _____ C:\Users\Администратор\Downloads\S.T.A.L.K.E.R.Clear.Sky.2008.PC.RePack.torrent
2016-11-18 22:30 - 2016-11-18 22:30 - 00015403 _____ C:\Users\Администратор\Downloads\sid-meiers-civilization-5-2012.torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-18 12:52 - 2013-06-10 12:04 - 00000000 ____D C:\Temp
2016-12-18 12:50 - 2015-09-28 08:39 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\AIMP3
2016-12-18 12:41 - 2015-09-28 17:50 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\Skype
2016-12-18 12:38 - 2016-08-28 15:06 - 00000000 ____D C:\Program Files\Java
2016-12-18 12:38 - 2015-10-20 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-18 12:37 - 2016-08-28 15:07 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-12-18 12:33 - 2016-02-17 17:58 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\GarenaPlus
2016-12-18 12:33 - 2016-02-17 17:57 - 00000000 ____D C:\Users\Все пользователи\GarenaMessenger
2016-12-18 12:33 - 2016-02-17 17:57 - 00000000 ____D C:\ProgramData\GarenaMessenger
2016-12-18 12:33 - 2015-09-28 16:25 - 00000000 ____D C:\Program Files (x86)\Opera
2016-12-18 12:29 - 2016-11-17 17:22 - 00000572 _____ C:\Windows\Tasks\AVG-SSU_1116tb.job
2016-12-18 12:29 - 2016-11-16 17:59 - 00000360 _____ C:\Windows\Tasks\AVG-SSU_1116sp.job
2016-12-18 12:29 - 2016-10-20 17:18 - 00000572 _____ C:\Windows\Tasks\AVG-SSU_1016tb.job
2016-12-18 12:29 - 2016-09-13 13:49 - 00000572 _____ C:\Windows\Tasks\AVG-SSU_0916tb.job
2016-12-18 12:29 - 2016-08-22 21:03 - 00000578 _____ C:\Windows\Tasks\AVG-SSU_0816tb2.job
2016-12-18 12:29 - 2016-07-25 18:46 - 00000572 _____ C:\Windows\Tasks\AVG-SSU_0816tb.job
2016-12-18 12:29 - 2016-06-09 12:49 - 00000572 _____ C:\Windows\Tasks\AVG-SSU_0616tb.job
2016-12-18 12:29 - 2016-05-07 20:05 - 00000572 _____ C:\Windows\Tasks\AVG-SSU_0516tb.job
2016-12-18 12:28 - 2015-09-25 16:18 - 00000000 ____D C:\Users\Все пользователи\MFAData
2016-12-18 12:28 - 2015-09-25 16:18 - 00000000 ____D C:\ProgramData\MFAData
2016-12-18 12:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-18 12:27 - 2009-07-14 06:45 - 00028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-18 12:27 - 2009-07-14 06:45 - 00028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-18 12:07 - 2016-01-27 21:01 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\Mine_imator
2016-12-18 11:57 - 2015-09-28 16:50 - 00000896 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-18 11:49 - 2015-09-25 16:04 - 00000000 ____D C:\Users\Все пользователи\Package Cache
2016-12-18 11:49 - 2015-09-25 16:04 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-17 23:38 - 2015-09-28 16:50 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-17 23:38 - 2015-09-25 16:02 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-17 22:47 - 2016-09-20 21:24 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-17 17:42 - 2015-10-03 20:11 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-17 14:26 - 2009-07-14 07:08 - 00032506 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-17 09:25 - 2015-12-01 21:32 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixel Gun World
2016-12-17 08:39 - 2015-09-28 16:53 - 00003400 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 08:39 - 2015-09-28 16:53 - 00003272 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 20:38 - 2015-12-14 16:02 - 00000000 ____D C:\WarThunder
2016-12-14 10:58 - 2015-09-28 16:50 - 00003978 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-14 10:58 - 2015-09-28 16:50 - 00003834 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 10:58 - 2015-09-25 16:02 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-14 10:58 - 2015-09-25 16:02 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-14 10:57 - 2015-09-25 16:02 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 20:19 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-12-13 20:15 - 2011-04-12 15:26 - 00727016 _____ C:\Windows\system32\perfh019.dat
2016-12-13 20:15 - 2011-04-12 15:26 - 00151108 _____ C:\Windows\system32\perfc019.dat
2016-12-13 20:15 - 2009-07-14 07:13 - 01655454 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-13 20:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-12-12 19:45 - 2015-11-23 19:09 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\.cristalix
2016-12-10 15:17 - 2015-11-24 18:43 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\.vimeworld
2016-12-10 12:05 - 2016-03-07 14:33 - 00465371 _____ (VimeWorld.ru) C:\Users\Администратор\Desktop\VimeWorld.exe
2016-12-09 22:38 - 2015-09-28 16:53 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-09 22:38 - 2015-09-28 16:53 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-07 07:16 - 2015-09-25 14:43 - 05112168 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-06 20:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2016-12-05 17:27 - 2015-12-27 10:17 - 00000132 _____ C:\Users\Администратор\AppData\Roaming\Установки формата PNG Adobe CS6
2016-12-03 17:07 - 2016-01-14 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2016-12-03 17:07 - 2016-01-14 18:21 - 00000000 ____D C:\Program Files (x86)\Red Giant
2016-11-29 19:02 - 2016-01-19 19:59 - 00000000 ____D C:\Games
2016-11-29 17:42 - 2015-11-28 09:54 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-11-29 17:42 - 2015-11-28 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-11-26 14:13 - 2016-04-15 14:35 - 00000000 ____D C:\Users\Администратор\AppData\LocalLow\Smartly Dressed Games
2016-11-23 18:22 - 2015-11-19 20:38 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\.minecraft
2016-11-22 18:35 - 2016-01-14 18:22 - 00000000 ____D C:\Users\Все пользователи\Red Giant
2016-11-22 18:35 - 2016-01-14 18:22 - 00000000 ____D C:\ProgramData\Red Giant
2016-11-21 17:51 - 2015-09-25 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-11-19 17:13 - 2015-11-26 18:35 - 00000000 ____D C:\Users\Администратор\Documents\My Games
==================== Files in the root of some directories =======
2016-04-16 14:44 - 2016-04-16 14:44 - 0001024 _____ () C:\Program Files\4864_6836_21817265.aac
2016-04-16 14:44 - 2016-04-16 14:44 - 0059220 _____ () C:\Program Files\4864_6836_21817265.m4v
2016-04-16 14:44 - 2016-04-16 14:44 - 0000000 _____ () C:\Program Files\first part.mp4
2015-11-23 19:55 - 2016-07-30 19:49 - 0000064 ____H () C:\Program Files\JVM.log
2015-12-26 12:24 - 2012-09-01 19:03 - 0000144 _____ () C:\Users\Администратор\AppData\Roaming\ACEConfigCache2.lst
2016-01-13 17:26 - 2016-01-13 17:26 - 0005120 _____ () C:\Users\Администратор\AppData\Roaming\GiftBag.db
2016-02-17 18:29 - 2016-10-28 14:19 - 0045270 _____ () C:\Users\Администратор\AppData\Roaming\room_v3.dat
2015-12-27 10:17 - 2016-12-05 17:27 - 0000132 _____ () C:\Users\Администратор\AppData\Roaming\Установки формата PNG Adobe CS6
2016-07-24 11:19 - 2016-07-24 11:19 - 0000998 _____ () C:\Users\Администратор\AppData\Local\recently-used.xbel
2016-12-18 11:22 - 2016-12-18 11:22 - 0000260 _____ () C:\ProgramData\fontcacheev1.dat
2016-10-21 19:57 - 2016-10-21 19:57 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat
C:\Users\Все пользователи\fontcacheev1.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2010-11-21 05:24] - [2010-11-21 05:24] - 1008128 ____A (Microsoft Corporation) D58EACFE7F2A787AC4B0EA82215B123C
C:\Windows\SysWOW64\User32.dll
[2010-11-21 05:24] - [2010-11-21 05:24] - 0833024 ____A (Microsoft Corporation) FE2163502FD4135816360720FE227F9A
C:\Windows\system32\userinit.exe
[2010-11-21 05:24] - [2010-11-21 05:24] - 0030720 ____A (Microsoft Corporation) 8A23A8204DDD0FC3B2E6C30B67A845C6
C:\Windows\SysWOW64\userinit.exe
[2010-11-21 05:23] - [2010-11-21 05:23] - 0026624 ____A (Microsoft Corporation) 9FCF19DFE8E2D11B0D0855A389D4DBE6
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION
==================== BCD ================================
„ЁбЇҐвзҐа § Јаг§ЄЁ Windows
--------------------
Ё¤Ґ*вЁдЁЄ в®а {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale ru-RU
inherit {globalsettings}
default {current}
resumeobject {c5856d8e-454f-11e2-9fd2-af53957b323e}
displayorder {ntldr}
{current}
toolsdisplayorder {memdiag}
timeout 30
‡ Јаг§Є Windows
-------------------
Ё¤Ґ*вЁдЁЄ в®а {c5856d8c-454f-11e2-9fd2-af53957b323e}
device ramdisk=[C:]\Recovery\c5856d8c-454f-11e2-9fd2-af53957b323e\Winre.wim,{c5856d8d-454f-11e2-9fd2-af53957b323e}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\c5856d8c-454f-11e2-9fd2-af53957b323e\Winre.wim,{c5856d8d-454f-11e2-9fd2-af53957b323e}
systemroot \windows
nx OptIn
winpe Yes
‡ Јаг§Є Windows
-------------------
Ё¤Ґ*вЁдЁЄ в®а {current}
device partition=C:
path \Windows\System32\xOsLoad.exe
description Windows 7
locale ru-RU
inherit {bootloadersettings}
recoverysequence {c5856d90-454f-11e2-9fd2-af53957b323e}
recoveryenabled Yes
nointegritychecks Yes
osdevice partition=C:
systemroot \Windows
kernel xNtKrnl.exe
resumeobject {c5856d8e-454f-11e2-9fd2-af53957b323e}
nx OptIn
‡ Јаг§Є Windows
-------------------
Ё¤Ґ*вЁдЁЄ в®а {c5856d90-454f-11e2-9fd2-af53957b323e}
device ramdisk=[C:]\Recovery\c5856d90-454f-11e2-9fd2-af53957b323e\Winre.wim,{c5856d91-454f-11e2-9fd2-af53957b323e}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\c5856d90-454f-11e2-9fd2-af53957b323e\Winre.wim,{c5856d91-454f-11e2-9fd2-af53957b323e}
systemroot \windows
nx OptIn
winpe Yes
‚л室 Ё§ ०Ё¬ ЈЁЎҐа* жЁЁ
--------------------------
Ё¤Ґ*вЁдЁЄ в®а {c5856d8a-454f-11e2-9fd2-af53957b323e}
device partition=C:
path \Windows\System32\winresume.exe
description Windows Resume Application
locale ru-RU
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
‚л室 Ё§ ०Ё¬ ЈЁЎҐа* жЁЁ
--------------------------
Ё¤Ґ*вЁдЁЄ в®а {c5856d8e-454f-11e2-9fd2-af53957b323e}
device partition=C:
path \Windows\System32\winresume.exe
description Windows Resume Application
locale ru-RU
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Џа®ўҐаЄ Ї ¬пвЁ Windows
---------------------
Ё¤Ґ*вЁдЁЄ в®а {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description „Ё Ј*®бвЁЄ Ї ¬пвЁ
locale ru-RU
inherit {globalsettings}
badmemoryaccess Yes
‡ Јаг§зЁЄ ЇаҐ¦*Ёе ўҐабЁ© Ћ‘ Windows
------------------------
Ё¤Ґ*вЁдЁЄ в®а {ntldr}
device partition=\Device\HarddiskVolume1
path \ntldr
description ЏаҐ¤иҐбвўгой п ўҐабЁп Windows
Џ а ¬Ґвал EMS
-------------
Ё¤Ґ*вЁдЁЄ в®а {emssettings}
bootems Yes
Џ а ¬Ґвал ®в« ¤зЁЄ
-------------------
Ё¤Ґ*вЁдЁЄ в®а {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
„ҐдҐЄвл Ћ‡“
-----------
Ё¤Ґ*вЁдЁЄ в®а {badmemory}
ѓ«®Ў «м*лҐ Ї а ¬Ґвал
--------------------
Ё¤Ґ*вЁдЁЄ в®а {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Џ а ¬Ґвал § Јаг§зЁЄ
--------------------
Ё¤Ґ*вЁдЁЄ в®а {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Џ а ¬Ґвал ЈЁЇҐаўЁ§®а
-------------------
Ё¤Ґ*вЁдЁЄ в®а {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Џ а ¬Ґвал § Јаг§зЁЄ ў®ббв *®ў«Ґ*Ёп
-----------------------------------
Ё¤Ґ*вЁдЁЄ в®а {resumeloadersettings}
inherit {globalsettings}
Џ а ¬Ґвал гбва®©бвў
-------------------
Ё¤Ґ*вЁдЁЄ в®а {c5856d8d-454f-11e2-9fd2-af53957b323e}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\c5856d8c-454f-11e2-9fd2-af53957b323e\boot.sdi
Џ а ¬Ґвал гбва®©бвў
-------------------
Ё¤Ґ*вЁдЁЄ в®а {c5856d91-454f-11e2-9fd2-af53957b323e}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\c5856d90-454f-11e2-9fd2-af53957b323e\boot.sdi
LastRegBack: 2016-12-14 13:41
==================== End of FRST.txt ============================
Скрыть
Каждые 30 минут открывается браузер и выдаёт рекламу!
