SPYWARE-RU.COM

Созданные ответы форума

Просмотр 12 сообщений - с 1 по 12 (из 12 всего)

Автор

Сообщения
26 января, 2016 в 8:09 дп в ответ на: redirest помогите избавиться #32725
angelver
Participant
- Темы:1
- Сообщений:13
Мы мучились 2 месяца и вот все хорошо. Глазам не верим! Огромное вам спасибо. Пусть у вас все будет хорошо! Просто так, даром, вы помогли нам.Мы так рады!!!!!!!
24 января, 2016 в 9:27 дп в ответ на: redirest помогите избавиться #32724
angelver
Participant
- Темы:1
- Сообщений:13
И еще я хотела спросить про тему «Читать обязательно…..» Эта тема, которую я только сейчас увидела (до этого все время была в панике 😳 ), создана очень давно. Она актуальна?
24 января, 2016 в 9:08 дп в ответ на: redirest помогите избавиться #32723
angelver
Participant
- Темы:1
- Сообщений:13
# AdwCleaner v5.030 — Отчёт создан 24/01/2016 в 12:02:56
# Обновлено 17/01/2016 by Xplode
# База данных : 2016-01-19.2 [Сервер]
# Операционная система : Windows 7 Ultimate (x64)
# Пользователь : Анжела — А
# Запущено из : C:UsersАнжелаDownloadsadwcleaner_5.030.exe
# Настройка : Сканировать
# помощь : http://toolslib.net/forum

***** [ Службы ] *****

***** [ Папки ] *****

Папка Найдено : C:Program FilesFileViewPro
Папка Найдено : C:Program FilesYandex
Папка Найдено : C:Program Files (x86)Ask.com
Папка Найдено : C:Program Files (x86)Constant Fun
Папка Найдено : C:Program Files (x86)Yandex
Папка Найдено : C:Program Files (x86)Constant Fun
Папка Найдено : C:ProgramDataMedia Get LLC
Папка Найдено : C:ProgramDataYandex
Папка Найдено : C:ProgramDataMicrosoftWindowsStart MenuProgramsFileViewPro
Папка Найдено : C:UsersАнжелаAppDataLocalInnovative Solutions
Папка Найдено : C:UsersАнжелаAppDataLocalMedia Get LLC
Папка Найдено : C:UsersАнжелаAppDataLocalNichrome
Папка Найдено : C:UsersАнжелаAppDataLocalXpom
Папка Найдено : C:UsersАнжелаAppDataLocalYandex
Папка Найдено : C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionscncgohepihcekklokhbhiblhfcmipbdh
Папка Найдено : C:UsersАнжелаAppDataLocalLowYandex
Папка Найдено : C:UsersАнжелаAppDataRoamingInnovative Solutions
Папка Найдено : C:UsersАнжелаAppDataRoamingMedia Get LLC
Папка Найдено : C:UsersАнжелаAppDataRoamingRPEng
Папка Найдено : C:UsersАнжелаAppDataRoamingSolvusoft
Папка Найдено : C:UsersАнжелаAppDataRoamingYandex
Папка Найдено : C:UsersАнжелаAppDataRoamingMicrosoftWindowsStart MenuProgramsMediaGet2
Папка Найдено : C:UsersАнжелаAppDataRoamingMicrosoftWindowsStart MenuProgramsYandex
Папка Найдено : C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultYandex
Папка Найдено : C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionstoolbar@ask.com
Папка Найдено : C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionsvb@yandex.ru
Папка Найдено : C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionsyasearch@yandex.ru
Папка Найдено : C:Windowsinstaller{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Файлы ] *****

Файл Найдено : C:UsersАнжелаAppDataRoamingMicrosoftWindowsStart MenuProgramsMediaGet.lnk
Файл Найдено : C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultsearchpluginsyandex.ru-093911.xml
Файл Найдено : C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultsearchpluginsyqs-barff-yandex.xml
Файл Найдено : C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultsearchpluginsAskcom.xml
Файл Найдено : C:UsersАнжелаDesktopMediaGet.lnk
Файл Найдено : C:WindowsReimage.ini
Файл Найдено : C:WindowsSysNativeroboot64.exe

***** [ DLL ] *****

***** [ Ярлыки ] *****

***** [ Запланированные задания ] *****

Задание Найдено : Scheduled Update for Ask Toolbar

***** [ Реестр ] *****

Ключ Найдено : HKLMSOFTWAREClassesAppIDREI_AxControl.DLL
Ключ Найдено : HKLMSOFTWAREMicrosoftMediaPlayerShimInclusionListbrowser.exe
Ключ Найдено : HKLMSOFTWAREGoogleChromeExtensionscncgohepihcekklokhbhiblhfcmipbdh
Ключ Найдено : HKLMSOFTWAREGoogleChromeExtensionsgehngeifmelphpllncobkmimphfkckne
Ключ Найдено : HKLMSOFTWAREClassesAppID{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Ключ Найдено : HKLMSOFTWAREClassesCLSID{AD4409E5-23C2-412B-849D-8FC0635B4073}
Ключ Найдено : HKLMSOFTWAREClassesCLSID{AEE9D70C-6C9E-4B27-9F2C-8F14E95BEEF6}
Ключ Найдено : HKLMSOFTWAREClassesCLSID{DD20920E-515A-4342-85E3-FC9A9FDA55C2}
Ключ Найдено : HKLMSOFTWAREClassesCLSID{92FDEF05-B35E-4806-B87F-8B66AB649997}
Ключ Найдено : HKLMSOFTWAREClassesCLSID{9F0BF664-B611-4C53-AEEA-FDBFCE6E3CA3}
Ключ Найдено : HKLMSOFTWAREClassesCLSID{A8BD93E8-F6AE-4F02-828D-DE47FEC4D375}
Ключ Найдено : HKLMSOFTWAREClassesCLSID{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Ключ Найдено : HKLMSOFTWAREClassesCLSID{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Ключ Найдено : HKLMSOFTWAREClassesInterface{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Ключ Найдено : HKLMSOFTWAREClassesInterface{BD51A48E-EB5F-4454-8774-EF962DF64546}
Ключ Найдено : HKLMSOFTWAREClassesInterface{0FAA29E8-B9EF-4766-823A-2B3512C0AC25}
Ключ Найдено : HKLMSOFTWAREClassesTypeLib{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Ключ Найдено : HKLMSOFTWAREClassesTypeLib{999721D2-F4D1-4397-8608-38928DDC0932}
Ключ Найдено : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{10ECCE17-29B5-4880-A8F5-EAD298611484}
Ключ Найдено : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Ключ Найдено : [x64] HKLMSOFTWAREClassesCLSID{10ECCE17-29B5-4880-A8F5-EAD298611484}
Ключ Найдено : [x64] HKLMSOFTWAREClassesCLSID{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Ключ Найдено : [x64] HKLMSOFTWAREClassesInterface{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Ключ Найдено : [x64] HKLMSOFTWAREClassesInterface{BD51A48E-EB5F-4454-8774-EF962DF64546}
Ключ Найдено : [x64] HKLMSOFTWAREClassesInterface{0FAA29E8-B9EF-4766-823A-2B3512C0AC25}
Ключ Найдено : HKCUSoftwareAsk.com
Ключ Найдено : HKCUSoftwareMedia Get LLC
Ключ Найдено : HKCUSoftwareMediaGet
Ключ Найдено : HKCUSoftwareReimage
Ключ Найдено : HKCUSoftwareundefined
Ключ Найдено : HKCUSoftwareLocal AppWizard-Generated ApplicationsReimage — Windows Problem Relief.
Ключ Найдено : HKCUSoftwareAppDataLowAskBarDis
Ключ Найдено : HKCUSoftwareAppDataLowAskToolbarInfo
Ключ Найдено : HKCUSoftwareAppDataLowSoftwareAskToolbar
Ключ Найдено : HKLMSOFTWAREConstantFun
Ключ Найдено : HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallMediaGet
Ключ Найдено : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Ключ Найдено : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallConstant Fun
Ключ Найдено : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallConstant Fun
Ключ Найдено : [x64] HKLMSOFTWAREReimage
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallFileViewPro_is1
Ключ Найдено : HKLMSOFTWAREClassesInstallerFeaturesA28B4D68DEBAA244EB686953B7074FEF
Ключ Найдено : HKLMSOFTWAREClassesInstallerProductsA28B4D68DEBAA244EB686953B7074FEF
Ключ Найдено : HKLMSOFTWAREClassesInstallerUpgradeCodesF928123A039649549966D4C29D35B1C9
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsE12F736682067FDE4D1158D5940A82E
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components1A24B5BB8521B03E0C8D908F5ABC0AE6
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components261F213D1F55267499B1F87D0CC3BCF7
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components2B0D56C4F4C46D844A57FFED6F0D2852
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components464AA55239C100F32AF2D438EDDC0F47
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components49D4375FE41653242AEA4C969E4E65E0
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5652BA3D5FB98AE31B337BF0AF939856
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components6AA0923513360135B272E8289C5F13FA
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components6F7467AF8F29C134CBBAB394ECCFDE96
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components741B4ADF27276464790022C965AB6DA8
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7DE196B10195F5647A2B21B761F3DE01
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components86EB95E1AFCBABE3DB9ECCC669B99494
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components922525DCC5199162F8935747CA3D8E59
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9D4F5849367142E4685ED8C25E44C5ED
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA5875B04372C19545BEB90D4D606C472
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA876D9E80B896EC44A8620248CC79296
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB66FFAB725B92594C986DE826A867888
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBCDA179D619B91648538E3394CAC94CC
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsD677B1A9671D4D4004F6F2A4469E86EA
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsDD1402A9DD4215A43ABDE169A41AFA0E
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsE36E114A0EAD2AD46B381D23AD69CDDF
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsEF8E618DB3AEDFBB384561B5C548F65E
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsA28B4D68DEBAA244EB686953B7074FEF
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUpgradeCodesF928123A039649549966D4C29D35B1C9
Значение Найдено : HKCUSoftwareMicrosoftInternet ExplorerMain [Start Page] — hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1ADB0VXfVBdFElXTwhgL1dLFVgfVXNWLg==
Значение Найдено : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerMain [Start Page] — hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1ADB0VXfVBdFElXTwhgL1dLFVgfVXNWLg==
Параметр Найдено : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes [DoNotAskAgain]
Ключ Найдено : HKCUSoftwareMicrosoftInternet ExplorerSearchScopesOldSearch
Ключ Найдено : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Ключ Найдено : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{F4137D40-259A-4FB3-B780-F8C39B303C41}
Значение Найдено : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes [DefaultScope] — {F4137D40-259A-4FB3-B780-F8C39B303C41}
Параметр Найдено : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes [DoNotAskAgain]
Ключ Найдено : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Значение Найдено : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes [DefaultScope] — {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [ Веб браузеры ] *****

[C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultWeb data] [Search Provider] Найдено : searchinterneat-a.akamaihd.net
[C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultSecure Preferences] [Startup_URLs] Найдено : hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1oDB0VXfV5bFElXTwhgL1dLFVgfVXNWLg==
[C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultSecure Preferences] [Default_Search_Provider_Data] Найдено : hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTQkcFME0FBloEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
[C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultSecure Preferences] [Extension] Найдено : cncgohepihcekklokhbhiblhfcmipbdh
[C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultSecure Preferences] [Extension] Найдено : gehngeifmelphpllncobkmimphfkckne

########## EOF — C:AdwCleanerAdwCleaner[S1].txt — [13887 байт] ##########
24 января, 2016 в 8:39 дп в ответ на: redirest помогите избавиться #32722
angelver
Participant
- Темы:1
- Сообщений:13
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Анжела (administrator) on А (24-01-2016 11:38:13)
Running from C:UsersАнжелаDesktop111
Loaded Profiles: Анжела (Available Profiles: Анжела)
Platform: Windows 7 Ultimate (X64) Language: Русский (Россия)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forums/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:WindowsSystem32nvvsvc.exe
(NVIDIA Corporation) C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
(AVAST Software) C:Program FilesAVAST SoftwareAvastAvastSvc.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe
(NVIDIA Corporation) C:WindowsSystem32nvvsvc.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe
(Adobe Systems, Incorporated) C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe
(Microsoft Corporation) C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationGeForce Experience ServiceGfExperienceService.exe
(NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamService.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvtray.exe
(NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
(Yandex) C:UsersАнжелаAppDataLocalYandexElementselements.exe8.14.0.1058elements64.exe
(Yandex LLC) C:UsersАнжелаAppDataLocalYandexBrowserManagerBrowserManager.exe
(Skype Technologies S.A.) C:Program Files (x86)SkypePhoneSkype.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamNetworkService.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamUserAgent.exe
(Яндекс) C:UsersАнжелаAppDataRoamingYandexYandexDiskYandexDisk.exe
(Adobe Systems Incorporated) C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe
(AVAST Software) C:Program FilesAVAST SoftwareAvastAvastUI.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeOOBEPDAppIPCAdobeIPCBroker.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonHEXAdobe CEF Helper.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonADSAdobe Desktop Service.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonHEXAdobe CEF Helper.exe
() C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncCoreSync.exe
(Adobe Systems Incorporated) C:Program Files (x86)AdobeAdobe Creative CloudCCXProcessCCXProcess.exe
(Joyent, Inc) C:Program Files (x86)AdobeAdobe Creative CloudCCXProcesslibsnode.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonHEXAdobe CEF Helper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [NvBackend] => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe [2757424 2015-11-25] (NVIDIA Corporation)
HKLM…Run: [ShadowPlay] => «C:Windowssystem32rundll32.exe» C:Windowssystem32nvspcap64.dll,ShadowPlayOnSystemStart
HKLM…Run: [AdobeAAMUpdater-1.0] => C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM-x32…Run: [Adobe Creative Cloud] => C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe [2304688 2015-12-15] (Adobe Systems Incorporated)
HKLM-x32…Run: [AvastUI.exe] => C:Program FilesAVAST SoftwareAvastAvastUI.exe [7021880 2015-12-30] (AVAST Software)
HKUS-1-5-21-84755647-3855591167-3748119490-1000…Run: [YandexElements] => C:UsersАнжелаAppDataLocalYandexElementselements.exe8.14.0.1058elements64.exe [1589536 2015-10-30] (Yandex)
HKUS-1-5-21-84755647-3855591167-3748119490-1000…Run: [Browser Manager] => C:UsersАнжелаAppDataLocalYandexBrowserManagerBrowserManager.exe [1427752 2015-03-23] (Yandex LLC)
HKUS-1-5-21-84755647-3855591167-3748119490-1000…Run: [Muzbaza] => C:Program Files (x86)MuzabazaMuzabaza playerMuzabaza.exe -m
HKUS-1-5-21-84755647-3855591167-3748119490-1000…Run: [Skype] => C:Program Files (x86)SkypePhoneSkype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKUS-1-5-21-84755647-3855591167-3748119490-1000…Run: [SyncManPath] => C:UsersАнжелаAppDataRoamingYandexYandexDiskYandexDisk.exe [21975392 2015-12-29] (Яндекс)
ShellIconOverlayIdentifiers: [ YndCase0Sync] -> {63D48440-63AB-44D0-B323-4731DFCDE9E9} => C:Program FilesYandexYandexDiskbinYandexDiskOverlays-2398.dll [2015-08-07] (Яндекс)
ShellIconOverlayIdentifiers: [ YndCase1Modified] -> {7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0} => C:Program FilesYandexYandexDiskbinYandexDiskOverlays-2398.dll [2015-08-07] (Яндекс)
ShellIconOverlayIdentifiers: [ YndCase2Error] -> {FB2FE984-05F5-4512-9D9B-69D3DE61F6D9} => C:Program FilesYandexYandexDiskbinYandexDiskOverlays-2398.dll [2015-08-07] (Яндекс)
ShellIconOverlayIdentifiers: [ YndCase3Shared] -> {AF8D197E-7022-4c3d-BD88-68AD35C9C169} => C:Program FilesYandexYandexDiskbinYandexDiskOverlays-2398.dll [2015-08-07] (Яндекс)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShA64.dll [2015-12-30] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

TcpipParameters: [DhcpNameServer] 192.168.1.1
Tcpip..Interfaces{19B103DB-1E4F-4A27-929B-4329611A918B}: [DhcpNameServer] 77.234.40.79
Tcpip..Interfaces{6F1C2ADB-C5DF-460B-B947-308D6511DF3C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1ADB0VXfVBdFElXTwhgL1dLFVgfVXNWLg==
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Start Page = hxxp://yandex.ru/?clid=2101081
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Search Page = hxxp://yandex.ru/yandsearch?clid=2101082&text={searchTerms}
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL =
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL =
HKUS-1-5-21-84755647-3855591167-3748119490-1000SoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp://yandex.ru/yandsearch?clid=2101082&text={searchTerms}
HKUS-1-5-21-84755647-3855591167-3748119490-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1ADB0VXfVBdFElXTwhgL1dLFVgfVXNWLg==
HKUS-1-5-21-84755647-3855591167-3748119490-1000SoftwareMicrosoftInternet ExplorerMain,Search Bar = hxxp://yandex.ru/?clid=2101081
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTSEcFME0FCFwEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTSEcFME0FCFwEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxp://yandex.ru/yandsearch?clid=2101082&text={searchTerms}
SearchScopes: HKLM-x32 -> {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxp://yandex.ru/yandsearch?clid=2101082&text={searchTerms}
SearchScopes: HKUS-1-5-21-84755647-3855591167-3748119490-1000 -> DefaultScope {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTSEcFME0FCFwEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
SearchScopes: HKUS-1-5-21-84755647-3855591167-3748119490-1000 -> OldSearch URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTSEcFME0FCFwEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
SearchScopes: HKUS-1-5-21-84755647-3855591167-3748119490-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://tbsearch.ask.com/redirect?client=ie&tb=PTV&o=&src=crm&q={searchTerms}&locale=
SearchScopes: HKUS-1-5-21-84755647-3855591167-3748119490-1000 -> {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTSEcFME0FCFwEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll [2015-12-30] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:Program Files (x86)YandexFastDialfastdial64host.dll [2015-07-28] ()
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll [2015-12-30] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:Program Files (x86)YandexFastDialfastdialhost.dll [2015-07-28] ()
Toolbar: HKUS-1-5-21-84755647-3855591167-3748119490-1000 -> No Name — {91397D20-1446-11D4-8AF4-0040CA1127B6} — No File
Handler: skypec2c — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: deflate — {8f6b0360-b80d-11d0-a9b3-006097942311} — C:Windowssystem32urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate — {8f6b0360-b80d-11d0-a9b3-006097942311} — C:WindowsSysWOW64urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip — {8f6b0360-b80d-11d0-a9b3-006097942311} — C:Windowssystem32urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip — {8f6b0360-b80d-11d0-a9b3-006097942311} — C:WindowsSysWOW64urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.default
FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll [2015-12-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:Windowssystem32MacromedAUTHORWAnp32asw.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:Windowssystem32AdobeDirectornp32dsw_1213153.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:Program Files (x86)GoogleUpdate1.3.29.1npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:Program Files (x86)GoogleUpdate1.3.29.1npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:VLCnpvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect32.dll [2015-12-15] (Adobe Systems)
FF SearchPlugin: C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultsearchpluginsaskcom.xml [2009-07-10]
FF SearchPlugin: C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultsearchpluginsyandex.ru-093911.xml [2015-08-05]
FF SearchPlugin: C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultsearchpluginsyqs-barff-yandex.xml [2015-08-05]
FF Extension: SaveFrom.net helper — C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionshelper@savefrom.net.xpi [2015-08-05] [not signed]
FF Extension: Speed Dial [FVD] — New Tab Page, Sync… — C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionspavel.sherbakov@gmail.com [2015-08-04]
FF Extension: Ask Toolbar — C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionstoolbar@ask.com [2015-08-04] [not signed]
FF Extension: Visual Bookmarks — C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionsvb@yandex.ru [2015-08-05] [not signed]
FF Extension: &Yandex Elements& — C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionsyasearch@yandex.ru [2015-08-05] [not signed]
FF HKLM-x32…FirefoxExtensions: [wrc@avast.com] — C:Program FilesAVAST SoftwareAvastWebRepFF
FF Extension: Avast Online Security — C:Program FilesAVAST SoftwareAvastWebRepFF [2015-12-30]
FF HKLM-x32…FirefoxExtensions: [sp@avast.com] — C:Program FilesAVAST SoftwareAvastSafePriceFF
FF Extension: Avast SafePrice — C:Program FilesAVAST SoftwareAvastSafePriceFF [2015-12-30]

Chrome:
=======
CHR HomePage: Default -> yandex.ru/?__PARAM__from=chromehp
CHR RestoreOnStartup: Default -> «hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1oDB0VXfV5bFElXTwhgL1dLFVgfVXNWLg==»
CHR StartupUrls: Default -> «hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1oDB0VXfV5bFElXTwhgL1dLFVgfVXNWLg==»
CHR DefaultSearchURL: Default -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTQkcFME0FBloEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
CHR DefaultSearchKeyword: Default -> searchinterneat-a.akamaihd.net
CHR DefaultNewTabURL: Default -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAMWJQkPWFwXDFARcV8VVQlJRxhCeA5dTAgTGFdCcQoOAFsVFhNBNARaAktXUUEeJ1pNER8fHHZMLkpMAFcFZ0BN
CHR Profile: C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefault
CHR Extension: (Сайдекс-сканнер Цен) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsaamfmnhcipnbjjnbfmaoooiohikifefk [2015-12-15]
CHR Extension: (Звонки Skype) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsblakpkgjpemejpbmfiglncklihnhjkij [2015-11-22]
CHR Extension: (Яндекс) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionscncgohepihcekklokhbhiblhfcmipbdh [2016-01-01]
CHR Extension: (Tampermonkey) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsdhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-21]
CHR Extension: (Стартовая — Яндекс) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsgbjeiekahklbgbfccohipinhgaadijad [2016-01-01]
CHR Extension: (Яндекс) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsnehapofakghljopfegjogpgpeljkhjjn [2015-12-10]
CHR Extension: (Платежная система Интернет-магазина Chrome) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR HKUS-1-5-21-84755647-3855591167-3748119490-1000SOFTWAREGoogleChromeExtensions…ChromeExtension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32…ChromeExtension: [cncgohepihcekklokhbhiblhfcmipbdh] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32…ChromeExtension: [dkekdlkmdpipihonapoleopfekmapadh] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32…ChromeExtension: [eofcbnmajmjmplflapaojjnihcjkigck] — C:Program FilesAVAST SoftwareAvastWebRepChromeaswWebRepChromeSp.crx [2015-12-30]
CHR HKLM-x32…ChromeExtension: [gbjeiekahklbgbfccohipinhgaadijad] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32…ChromeExtension: [gehngeifmelphpllncobkmimphfkckne] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32…ChromeExtension: [gomekmidlodglbbmalcneegieacbdmki] — C:Program FilesAVAST SoftwareAvastWebRepChromeaswWebRepChrome.crx [2015-12-30]
CHR HKLM-x32…ChromeExtension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] — C:Program Files (x86)SkypeToolbarsChromeExtensionskype_chrome_extension.crx [2016-01-08]

Opera:
=======
OPR Session Restore: -> is enabled.
OPR Extension: (Сайдекс-сканнер Цен) — C:UsersАнжелаAppDataRoamingOpera SoftwareOpera StableExtensionsaamfmnhcipnbjjnbfmaoooiohikifefk [2015-12-16]
OPR Extension: (Constant Fun) — C:UsersАнжелаAppDataRoamingOpera SoftwareOpera StableExtensionscjlhikhnnbcdlneiodjelnjjphhbagoa [2016-01-24]
StartMenuInternet: (HKLM) OperaStable — D:\Launcher.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:Program FilesAVAST SoftwareAvastAvastSvc.exe [226440 2015-12-30] (AVAST Software)
R2 c2cautoupdatesvc; C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 defragsvc; C:WindowsSystem32defragsvc.dll [291328 2009-07-14] (Корпорация Майкрософт)
R2 GfExperienceService; C:Program FilesNVIDIA CorporationGeForce Experience ServiceGfExperienceService.exe [1156400 2015-11-25] (NVIDIA Corporation)
R2 NvNetworkService; C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe [1872688 2015-11-25] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamNetworkService.exe [8133424 2015-11-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamService.exe [5915440 2015-11-25] (NVIDIA Corporation)
R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 WPCSvc; C:WindowsSystem32wpcsvc.dll [12288 2009-07-14] (Корпорация Майкрософт)
S3 WPCSvc; C:WindowsSysWOW64wpcsvc.dll [10752 2009-07-14] (Корпорация Майкрософт)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:WindowsSystem32driversadgnetworkwfpdrv.sys [55800 2015-06-02] ()
R2 aswHwid; C:Windowssystem32driversaswHwid.sys [28656 2015-12-30] (AVAST Software)
R2 aswMonFlt; C:Windowssystem32driversaswMonFlt.sys [97648 2015-12-30] (AVAST Software)
R1 aswRdr; C:Windowssystem32driversaswRdr2.sys [93528 2015-12-30] (AVAST Software)
R0 aswRvrt; C:WindowsSystem32DriversaswRvrt.sys [65224 2015-12-30] (AVAST Software)
R1 aswSnx; C:Windowssystem32driversaswSnx.sys [1065208 2016-01-20] (AVAST Software)
R1 aswSP; C:Windowssystem32driversaswSP.sys [464256 2016-01-20] (AVAST Software)
R2 aswStm; C:Windowssystem32driversaswStm.sys [155304 2015-12-30] (AVAST Software)
S3 aswTap; C:WindowsSystem32DRIVERSaswTap.sys [44640 2015-12-30] (The OpenVPN Project)
R0 aswVmm; C:WindowsSystem32DriversaswVmm.sys [273784 2015-12-30] (AVAST Software)
S0 caxyvej; C:WindowsSysWOW64driversrjuvt.sys [61440 2016-01-13] () [File not signed]
S3 ebdrv; C:Windowssystem32DRIVERSevbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 mountmgr; C:WindowsSystem32driversmountmgr.sys [94784 2009-07-14] (Корпорация Майкрософт)
R3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [19760 2015-11-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:WindowsSystem32driversnvvad64v.sys [50472 2015-11-25] (NVIDIA Corporation)
R3 SmbDrvI; C:WindowsSystem32DRIVERSSmb_driver_Intel.sys [32496 2013-01-10] (Synaptics Incorporated)
R0 volmgrx; C:WindowsSystem32driversvolmgrx.sys [363584 2009-07-14] (Корпорация Майкрософт)
S3 cpuz134; ??C:UsersBD4A~1AppDataLocalTempcpuz134cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-24 11:02 — 2016-01-24 11:34 — 00000000 ____D C:UsersАнжелаDesktop111
2016-01-21 18:43 — 2016-01-21 18:43 — 00000000 ____D C:UsersАнжелаAppDataRoamingMicrosoftWindowsStart MenuProgramsЯндекс.Диск
2016-01-19 16:59 — 2016-01-19 16:59 — 00003352 ____N C:bootsqm.dat
2016-01-17 14:17 — 2016-01-14 13:44 — 02370560 _____ (Farbar) C:UsersАнжелаDesktopFRST64.exe
2016-01-14 14:04 — 2016-01-14 14:04 — 00054793 _____ C:UsersАнжелаDesktopFRST.txt
2016-01-14 13:58 — 2016-01-14 13:58 — 01250844 _____ C:UsersАнжелаDownloadsProcessExplorer.zip
2016-01-14 13:46 — 2016-01-14 13:46 — 00038708 _____ C:UsersАнжелаDownloadsAddition.txt
2016-01-14 13:45 — 2016-01-24 11:38 — 00000000 ____D C:FRST
2016-01-14 13:45 — 2016-01-21 16:28 — 00042589 _____ C:UsersАнжелаDownloadsFRST.txt
2016-01-14 13:44 — 2016-01-14 13:44 — 02370560 _____ (Farbar) C:UsersАнжелаDownloadsFRST64.exe
2016-01-13 14:22 — 2016-01-13 14:22 — 00135168 _____ C:zip.exe
2016-01-13 14:22 — 2016-01-13 14:22 — 00061440 _____ C:WindowsSysWOW64Driversrjuvt.sys
2016-01-13 14:22 — 2016-01-13 14:22 — 00019286 _____ C:cleanup.exe
2016-01-13 14:22 — 2016-01-13 14:22 — 00000060 _____ C:vejnek.txt
2016-01-13 14:22 — 2016-01-13 14:22 — 00000000 _____ C:backup.reg
2016-01-13 14:20 — 2016-01-13 14:20 — 00724952 _____ C:UsersАнжелаDownloadsavenger (1).zip
2016-01-13 14:15 — 2016-01-13 14:15 — 00724952 _____ C:UsersАнжелаDownloadsavenger.zip
2016-01-06 11:47 — 2016-01-06 11:57 — 00000000 ____D C:UsersАнжелаDesktopНечитанные книги
2016-01-06 11:35 — 2016-01-06 11:55 — 00000000 ____D C:UsersАнжелаDesktopаудиокниги
2016-01-06 11:29 — 2016-01-06 11:57 — 00000000 ____D C:UsersАнжелаDesktopаудио и Кэрри Блейк
2016-01-06 10:26 — 2016-01-06 10:26 — 00022528 ___SH C:UsersАнжелаThumbs.db
2016-01-01 10:33 — 2016-01-01 10:34 — 00000000 ____D C:UsersАнжелаDesktopреставлрац
2015-12-31 18:05 — 2015-12-31 18:04 — 00001171 _____ C:UsersАнжелаDesktopTimeShift — Ярлык.lnk
2015-12-31 16:37 — 2015-12-31 16:37 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuPrograms(Default)
2015-12-31 14:23 — 2015-12-31 14:23 — 00598592 _____ C:UsersАнжелаDownloadsSetup (1).exe
2015-12-30 19:04 — 2016-01-22 20:40 — 00004182 _____ C:WindowsSystem32Tasksavast! Emergency Update
2015-12-30 19:04 — 2015-12-30 19:04 — 00001928 _____ C:UsersPublicDesktopAvast Free Antivirus.lnk
2015-12-30 19:04 — 2015-12-30 19:04 — 00000000 ____D C:UsersАнжелаAppDataRoamingAVAST Software
2015-12-30 19:04 — 2015-12-30 19:04 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAVAST Software
2015-12-30 19:03 — 2016-01-20 19:04 — 01065208 _____ (AVAST Software) C:Windowssystem32Driversaswsnx.sys
2015-12-30 19:03 — 2016-01-20 19:04 — 00464256 _____ (AVAST Software) C:Windowssystem32Driversaswsp.sys
2015-12-30 19:03 — 2015-12-30 19:04 — 00097648 _____ (AVAST Software) C:Windowssystem32Driversaswmonflt.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00386096 _____ (AVAST Software) C:Windowssystem32aswBoot.exe
2015-12-30 19:03 — 2015-12-30 19:03 — 00273784 _____ (AVAST Software) C:Windowssystem32DriversaswVmm.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00155304 _____ (AVAST Software) C:Windowssystem32DriversaswStm.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00093528 _____ (AVAST Software) C:Windowssystem32DriversaswRdr2.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00065224 _____ (AVAST Software) C:Windowssystem32DriversaswRvrt.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00044640 _____ (The OpenVPN Project) C:Windowssystem32DriversaswTap.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00043112 _____ (AVAST Software) C:WindowsavastSS.scr
2015-12-30 19:03 — 2015-12-30 19:03 — 00028656 _____ (AVAST Software) C:Windowssystem32DriversaswHwid.sys
2015-12-29 20:09 — 2015-12-29 20:09 — 00000000 ____D C:UsersPublicDocumentsAdobeInstalledCodecs
2015-12-29 19:51 — 2015-12-29 19:51 — 00000997 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Media Encoder CC 2015.lnk
2015-12-29 19:50 — 2015-12-29 19:50 — 00000000 ____D C:UsersАнжелаDocumentsAdobe
2015-12-29 18:49 — 2015-12-29 18:49 — 00000987 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Premiere Pro CC 2015.lnk
2015-12-29 18:48 — 2015-12-29 20:09 — 00000000 ____D C:Program FilesAdobe
2015-12-29 18:46 — 2015-12-29 19:50 — 00000000 ____D C:Program FilesCommon FilesAdobe
2015-12-29 17:47 — 2015-12-29 17:47 — 00001227 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Creative Cloud.lnk
2015-12-29 17:47 — 2015-12-29 17:47 — 00001215 _____ C:UsersPublicDesktopAdobe Creative Cloud.lnk
2015-12-29 17:09 — 2016-01-01 15:39 — 00000000 ___RD C:UsersАнжелаCreative Cloud Files
2015-12-29 17:09 — 2016-01-01 15:39 — 00000000 ____D C:UsersВсе пользователиboost_interprocess
2015-12-29 17:09 — 2016-01-01 15:39 — 00000000 ____D C:ProgramDataboost_interprocess
2015-12-29 14:41 — 2015-12-29 17:50 — 00000000 ____D C:UsersВсе пользователиAdobe
2015-12-29 14:41 — 2015-12-29 17:50 — 00000000 ____D C:ProgramDataAdobe
2015-12-29 14:41 — 2015-12-29 17:47 — 00000000 ____D C:Program Files (x86)Adobe
2015-12-29 14:21 — 2015-12-29 14:21 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype
2015-12-29 14:04 — 2015-12-29 14:04 — 00675504 _____ (Adobe Systems Incorporated) C:UsersАнжелаDownloadsCreativeCloud_Rus_Setup.exe
2015-12-25 21:46 — 2015-12-25 21:46 — 00000000 ____D C:UsersАнжелаDocumentsSniper — Ghost Warrior
2015-12-25 21:40 — 2015-12-25 21:40 — 00000614 _____ C:UsersPublicDesktopSniper Ghost Warrior.lnk
2015-12-25 21:40 — 2015-12-25 21:40 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSniper Ghost Warrior
2015-12-25 20:46 — 2015-12-25 20:46 — 00000720 _____ C:UsersАнжелаDesktopMagicISO.lnk
2015-12-25 20:46 — 2015-12-25 20:46 — 00000000 ____D C:UsersАнжелаAppDataRoamingMicrosoftWindowsStart MenuProgramsMagicISO
2015-12-25 20:46 — 2015-12-25 20:46 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMagicISO
2015-12-25 15:30 — 2015-12-25 15:30 — 00000479 _____ C:UsersPublicDesktopWinImage (administrator).lnk
2015-12-25 15:30 — 2015-12-25 15:30 — 00000447 _____ C:UsersPublicDesktopWinImage.lnk
2015-12-25 15:30 — 2015-12-25 15:30 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinImage
2015-12-25 15:29 — 2015-12-25 15:29 — 00746592 _____ (WinImage) C:UsersАнжелаDownloadswinima90 (1).exe
2015-12-25 15:28 — 2015-12-25 15:29 — 00746592 _____ (WinImage) C:UsersАнжелаDownloadswinima90.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-24 11:34 — 2009-07-14 07:45 — 00014016 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-24 11:34 — 2009-07-14 07:45 — 00014016 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-24 11:34 — 2009-07-14 06:20 — 00000000 ____D C:Windows
2016-01-24 11:33 — 2015-08-08 22:02 — 00000970 _____ C:WindowsTasksGoogleUpdateTaskMachineUA.job
2016-01-24 11:30 — 2015-11-07 15:07 — 00000402 _____ C:WindowsTasksОбновление Браузера Яндекс .job
2016-01-24 11:29 — 2015-09-01 12:05 — 00000000 ____D C:UsersАнжелаAppDataRoamingSkype
2016-01-24 11:28 — 2015-12-17 18:53 — 00000008 __RSH C:UsersВсе пользователиntuser.pol
2016-01-24 11:28 — 2015-12-17 18:53 — 00000008 __RSH C:ProgramDatantuser.pol
2016-01-24 11:28 — 2015-09-10 18:09 — 00000000 ___RD C:UsersАнжелаYandexDisk
2016-01-24 11:27 — 2015-12-15 23:55 — 00000000 ____D C:UsersВсе пользователиNVIDIA
2016-01-24 11:27 — 2015-12-15 23:55 — 00000000 ____D C:ProgramDataNVIDIA
2016-01-24 11:27 — 2015-08-08 22:02 — 00000966 _____ C:WindowsTasksGoogleUpdateTaskMachineCore.job
2016-01-24 11:27 — 2009-07-14 08:08 — 00000006 ____H C:WindowsTasksSA.DAT
2016-01-24 11:20 — 2009-07-14 06:20 — 00000000 ____D C:Windowssystem32GroupPolicy
2016-01-24 11:12 — 2015-08-04 19:43 — 00000896 _____ C:WindowsTasksAdobe Flash Player Updater.job
2016-01-24 08:49 — 2015-08-04 19:41 — 00000000 ____D C:UsersАнжелаAppDataLocalAdobe
2016-01-23 23:50 — 2015-08-04 19:43 — 00000958 _____ C:WindowsTasksAdobe Flash Player PPAPI Notifier.job
2016-01-23 20:11 — 2015-10-16 20:11 — 00000402 _____ C:WindowsTasksОбновление Браузера Яндекс.job
2016-01-21 19:07 — 2015-08-22 10:19 — 00000000 ____D C:UsersАнжелаDesktopsetup_fresheyegui
2016-01-21 18:43 — 2015-09-10 18:09 — 00002028 _____ C:UsersАнжелаDesktopСкриншоты в Яндекс.Диске.lnk
2016-01-21 18:43 — 2015-09-10 18:09 — 00001969 _____ C:UsersАнжелаDesktopЯндекс.Диск.lnk
2016-01-21 18:43 — 2015-08-05 09:39 — 00000000 ____D C:Program Files (x86)Yandex
2016-01-21 15:38 — 2009-07-14 06:20 — 00000000 ____D C:Windowsinf
2016-01-20 21:48 — 2015-08-04 19:30 — 00003796 _____ C:WindowsSystem32TasksOpera scheduled Autoupdate 1438705804
2016-01-20 15:14 — 2015-08-04 19:43 — 00003940 _____ C:WindowsSystem32TasksAdobe Flash Player PPAPI Notifier
2016-01-20 15:14 — 2015-08-04 19:43 — 00003834 _____ C:WindowsSystem32TasksAdobe Flash Player Updater
2016-01-20 15:14 — 2015-08-04 14:29 — 00796864 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe
2016-01-20 15:14 — 2015-08-04 14:29 — 00142528 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl
2016-01-17 14:30 — 2015-08-04 14:16 — 00000000 ____D C:UsersАнжела
2016-01-15 14:35 — 2015-08-08 22:26 — 00002185 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2016-01-14 12:46 — 2015-09-01 12:05 — 00000000 ___RD C:Program Files (x86)Skype
2016-01-13 14:13 — 2015-08-08 19:35 — 00002454 _____ C:UsersАнжелаDesktopYandex.lnk
2016-01-10 20:48 — 2015-10-03 22:14 — 00000000 ____D C:UsersАнжелаAppDataRoamingvlc
2016-01-10 17:14 — 2015-08-04 14:38 — 00000000 ____D C:Program Files (x86)uTorrent
2016-01-08 14:52 — 2015-09-10 10:45 — 00000000 ____D C:UsersАнжелаDesktopАнжелика
2016-01-06 13:31 — 2015-08-04 14:36 — 00000000 ____D C:UsersАнжелаAppDataRoamingAIMP3
2016-01-01 12:10 — 2015-08-22 10:16 — 00000000 ____D C:Program Files (x86)WinRAR
2016-01-01 10:53 — 2015-08-22 10:16 — 00000000 ____D C:UsersАнжелаAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR
2016-01-01 10:53 — 2015-08-22 10:16 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinRAR
2016-01-01 10:53 — 2015-08-22 10:16 — 00000000 ____D C:Program FilesWinRAR
2016-01-01 10:35 — 2009-08-03 20:13 — 00721772 _____ C:Windowssystem32perfh019.dat
2016-01-01 10:35 — 2009-08-03 20:13 — 00148824 _____ C:Windowssystem32perfc019.dat
2016-01-01 10:35 — 2009-07-14 08:13 — 01640642 _____ C:Windowssystem32PerfStringBackup.INI
2015-12-31 16:33 — 2015-08-04 15:01 — 00000000 ____D C:Program Files (x86)The KMPlayer
2015-12-31 12:34 — 2015-10-26 17:57 — 00000000 ____D C:UsersАнжелаAppDataLocalElevatedDiagnostics
2015-12-31 10:20 — 2015-08-04 14:29 — 00000000 ____D C:UsersАнжелаAppDataRoamingAdobe
2015-12-30 19:01 — 2015-12-17 18:31 — 00000000 ____D C:Program Files (x86)AVG
2015-12-30 19:01 — 2015-12-17 18:29 — 00000000 ____D C:UsersВсе пользователиAVG
2015-12-30 19:01 — 2015-12-17 18:29 — 00000000 ____D C:ProgramDataAVG
2015-12-30 19:00 — 2015-12-20 21:24 — 00000000 ____D C:UsersАнжелаAppDataLocalAvgSetupLog
2015-12-30 18:58 — 2015-08-04 14:42 — 00063960 _____ C:UsersАнжелаAppDataLocalGDIPFONTCACHEV1.DAT
2015-12-30 18:58 — 2015-08-04 14:30 — 00000000 ____D C:UsersВсе пользователиPackage Cache
2015-12-30 18:58 — 2015-08-04 14:30 — 00000000 ____D C:ProgramDataPackage Cache
2015-12-30 10:27 — 2009-07-14 07:45 — 04967328 _____ C:Windowssystem32FNTCACHE.DAT
2015-12-29 14:21 — 2015-09-01 12:05 — 00002697 _____ C:UsersPublicDesktopSkype.lnk
2015-12-29 14:21 — 2015-09-01 12:05 — 00000000 ____D C:UsersАнжелаAppDataLocalSkype
2015-12-29 14:21 — 2015-08-04 14:37 — 00000000 ____D C:UsersВсе пользователиSkype
2015-12-29 14:21 — 2015-08-04 14:37 — 00000000 ____D C:ProgramDataSkype

==================== Files in the root of some directories =======

2013-02-07 15:22 — 2013-02-07 15:22 — 0050330 _____ () C:Program Files (x86)AntiDust.exe
2015-09-24 17:42 — 2015-09-24 17:42 — 0000417 _____ () C:ProgramDatafontcacheev1.dat

Files to move or delete:
====================
C:ProgramDatafontcacheev1.dat
C:UsersВсе пользователиfontcacheev1.dat

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:Windowssystem32winlogon.exe => File is digitally signed
C:Windowssystem32wininit.exe => File is digitally signed
C:WindowsSysWOW64wininit.exe => File is digitally signed
C:Windowsexplorer.exe => File is digitally signed
C:WindowsSysWOW64explorer.exe => File is digitally signed
C:Windowssystem32svchost.exe => File is digitally signed
C:WindowsSysWOW64svchost.exe => File is digitally signed
C:Windowssystem32services.exe => File is digitally signed
C:Windowssystem32User32.dll => File is digitally signed
C:WindowsSysWOW64User32.dll => File is digitally signed
C:Windowssystem32userinit.exe => File is digitally signed
C:WindowsSysWOW64userinit.exe => File is digitally signed
C:Windowssystem32rpcss.dll => File is digitally signed
C:Windowssystem32dnsapi.dll => File is digitally signed
C:WindowsSysWOW64dnsapi.dll => File is digitally signed
C:Windowssystem32Driversvolsnap.sys => File is digitally signed

LastRegBack: 2016-01-11 14:23

==================== End of FRST.txt ============================
24 января, 2016 в 8:37 дп в ответ на: redirest помогите избавиться #32721
angelver
Participant
- Темы:1
- Сообщений:13
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Анжела (2016-01-24 11:34:29)
Running from C:UsersАнжелаDesktop111
Windows 7 Ultimate (X64) (2015-08-04 11:16:52)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

HomeGroupUser$ (S-1-5-21-84755647-3855591167-3748119490-1002 — Limited — Enabled)
Администратор (S-1-5-21-84755647-3855591167-3748119490-500 — Administrator — Disabled)
Анжела (S-1-5-21-84755647-3855591167-3748119490-1000 — Administrator — Enabled) => C:UsersАнжела
Гость (S-1-5-21-84755647-3855591167-3748119490-501 — Limited — Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled — Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled — Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled — Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with «Hidden» flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1.0 (HKLM-x32…{745CE240-0965-4857-975A-2710A25B384C}_is1) (Version: — )
Adobe Creative Cloud (HKLM-x32…Adobe Creative Cloud) (Version: 3.4.3.189 — Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32…Adobe Flash Player ActiveX) (Version: 20.0.0.286 — Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 20.0.0.286 — Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32…Adobe Flash Player PPAPI) (Version: 20.0.0.286 — Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32…{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.1.0 — Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32…{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 — Adobe Systems Incorporated)
Adobe Shockwave Player + Authorware Web Player (HKLM-x32…Adobe Shockwave Player + Authorware Web Player) (Version: v12.1.3.153 — Adobe Systems, Inc.)
AIMP3 (HKLM-x32…AIMP3) (Version: v3.55.1355, 14.07.2014 — AIMP DevTeam)
Ask Toolbar (HKLM-x32…{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.5.0.0 — Ask.com) <==== ATTENTION
Avast Free Antivirus (HKLM-x32…Avast) (Version: 11.1.2245 — AVAST Software)
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.638 — AVG Technologies) Hidden
Constant Fun (HKLM-x32…Constant Fun) (Version: 2.0.5829.7997 — Constant Fun) <==== ATTENTION
FastStone Image Viewer, версия 5.1 (HKLM-x32…FastStone Image Viewer_is1) (Version: 5.1 — FastStone Soft)
FileViewPro (HKLM…FileViewPro_is1) (Version: 4.0 — Solvusoft Corporation)
Foxit Reader 6.2.2.0802 (HKLM…Foxit Reader) (Version: v 6.2.2.0802 — oszone.net)
Google Chrome (HKLM-x32…Google Chrome) (Version: 47.0.2526.111 — Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 — Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 — Google Inc.) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32…{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: — )
Magic ISO Maker v5.5 (build 0281) (HKLM-x32…Magic ISO Maker v5.5 (build 0281)) (Version: — )
MediaGet (HKUS-1-5-21-84755647-3855591167-3748119490-1000…MediaGet) (Version: — Banner LLC)
Microsoft .NET Framework 4 Client Profile (HKLM…Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 — Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM…Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 — Microsoft Corporation)
Microsoft Office Excel 2007 (HKLM-x32…EXCEL) (Version: 12.0.4518.1014 — Microsoft Corporation)
Microsoft Office PowerPoint 2007 (HKLM-x32…POWERPOINT) (Version: 12.0.4518.1014 — Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32…WORD) (Version: 12.0.4518.1014 — Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable — x64 8.0.61000 (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 — Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable — x86 8.0.61001 (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 — Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable — x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 — Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 — Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable — x64 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 — Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable — x86 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 — Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) — 11.0.61030 (HKLM-x32…{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 — Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) — 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 — Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) — 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 — Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) — 11.0.61030 (HKLM-x32…{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 — Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) — 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 — Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) — 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 — Microsoft Corporation)
MPC-HC 1.7.10 (HKLM-x32…{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 — MPC-HC Team)
NVIDIA GeForce Experience 2.7.4.10 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 — NVIDIA Corporation)
NVIDIA Аудиодрайвер HD 1.3.34.4 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 — NVIDIA Corporation)
NVIDIA Графический драйвер 359.06 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 — NVIDIA Corporation)
NVIDIA Драйвер 3D Vision 359.06 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 — NVIDIA Corporation)
NVIDIA Драйвер контроллера 3D Vision 352.65 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 — NVIDIA Corporation)
NVIDIA Системное программное обеспечение PhysX 9.15.0428 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 — NVIDIA Corporation)
Opera Stable 34.0.2036.50 (HKLM-x32…Opera 34.0.2036.50) (Version: 34.0.2036.50 — Opera Software)
SAM CoDeC Pack (HKLM…SAM CoDeC Pack) (Version: 5.60 — http://www.SamLab.ws)
SHIELD Streaming (Version: 4.1.0240 — NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 — NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32…{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 — Microsoft Corporation)
Skype™ 7.17 (HKLM-x32…{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 — Skype Technologies S.A.)
Sniper Ghost Warrior (HKLM-x32…{F0605930-FB73-49F6-AAF5-74CB7D2C00EC}_is1) (Version: — R.G.Spieler)
The KMPlayer (remove only) (HKLM-x32…The KMPlayer) (Version: — )
Ut Video Codec Suite (HKLM…utvideo_is1) (Version: 14.2.0 — UMEZAWA Takeshi)
VLC media player (HKLM-x32…VLC media player) (Version: 2.2.1 — VideoLAN)
WinImage (HKUS-1-5-21-84755647-3855591167-3748119490-1000…WinImage) (Version: — )
WinRAR 5.21 (32-разрядная) (HKLM-x32…WinRAR archiver) (Version: 5.21.0 — win.rar GmbH)
WinRAR 5.21 (64-разрядная) (HKLM…WinRAR archiver) (Version: 5.21.0 — win.rar GmbH)
x264vfw — H.264/MPEG-4 AVC codec (remove only) (HKLM-x32…x264vfw) (Version: — )
x264vfw — H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32…x264vfw64) (Version: — )
Xvid MPEG-4 Video Codec (HKLM…Xvid_is1) (Version: — )
Xvid MPEG-4 Video Codec (HKLM-x32…Xvid_is1) (Version: — )
Yandex (HKUS-1-5-21-84755647-3855591167-3748119490-1000…YandexBrowser) (Version: 15.12.0.6151 — ООО «ЯНДЕКС»)
yWriter4 (HKLM-x32…yWriter4_is1) (Version: — Spacejock Software)
yWriter5 (HKLM-x32…yWriter5_is1) (Version: — Spacejock Software)
Кнопка «Яндекс» на панели задач (HKUS-1-5-21-84755647-3855591167-3748119490-1000…YaPinLancher) (Version: 2.0.0.2117 — Яндекс)
Менеджер браузеров (HKUS-1-5-21-84755647-3855591167-3748119490-1000…{12f34aee-538c-44d5-b33a-12213b7e0197}) (Version: 2.1.2.577 — Яндекс)
Менеджер браузеров (x32 Version: 2.1.2.577 — Яндекс) Hidden
Обновления NVIDIA 2.7.4.10 (Version: 2.7.4.10 — NVIDIA Corporation) Hidden
Панель управления NVIDIA 359.06 (Version: 359.06 — NVIDIA Corporation) Hidden
Элементы Яндекса 8.9 для Internet Explorer (HKLM-x32…{F5E5A5C8-479C-4D19-B5D8-175ADB1C80B9}) (Version: 8.9.1.5100 — Яндекс)
Языковой пакет клиентского профиля Microsoft.NET Framework 4 — RUS (HKLM…Microsoft .NET Framework 4 Client Profile RUS Language Pack) (Version: 4.0.30319 — Корпорация Майкрософт)
Языковой пакет расширенной версии Microsoft.NET Framework 4 — RUS (HKLM…Microsoft .NET Framework 4 Extended RUS Language Pack) (Version: 4.0.30319 — Корпорация Майкрософт)
Яндекс.Диск (HKUS-1-5-21-84755647-3855591167-3748119490-1000…YandexDisk) (Version: 1.4.5.4922 — Яндекс)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-84755647-3855591167-3748119490-1000_ClassesCLSID{19170A69-A883-40D5-AF97-F6DC41495F15}InprocServer32 -> C:UsersАнжелаAppDataRoamingYandexYandexDiskYandexDiskShellExt-4724.dll (Яндекс)
CustomCLSID: HKUS-1-5-21-84755647-3855591167-3748119490-1000_ClassesCLSID{2D6BD2F0-5F84-4a06-924F-AEE0598B6272}InprocServer32 -> C:UsersАнжелаAppDataRoamingYandexYandexDiskYandexDiskShellExt-4724.dll (Яндекс)
CustomCLSID: HKUS-1-5-21-84755647-3855591167-3748119490-1000_ClassesCLSID{33A431BB-FF15-4047-8FEC-F82FD3523A00}localserver32 -> C:UsersАнжелаAppDataRoamingYandexYandexDiskYandexDisk.exe (Яндекс)
CustomCLSID: HKUS-1-5-21-84755647-3855591167-3748119490-1000_ClassesCLSID{97836AB9-12C5-4C30-A128-B75196DD1787}InprocServer32 -> C:UsersАнжелаAppDataRoamingYandexYandexDiskYandexDiskShellExt-4724.dll (Яндекс)
CustomCLSID: HKUS-1-5-21-84755647-3855591167-3748119490-1000_ClassesCLSID{E36606FE-036A-4dd0-ABA9-A58F409803F0}InprocServer32 -> C:UsersАнжелаAppDataRoamingYandexYandexDiskYandexDiskShellExt-4724.dll (Яндекс)
CustomCLSID: HKUS-1-5-21-84755647-3855591167-3748119490-1000_ClassesCLSID{e8c77137-e224-5791-b6e9-ff0305797a13}InprocServer32 -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03CEEF5E-91F5-4957-BE3C-D3D1A6321F69} — System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0C4A75BA-1AF7-41AF-89A3-061F6E341CB4} — System32TasksОбновление Браузера Яндекс => C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe [2015-12-01] (YANDEX LLC)
Task: {2449D943-537C-4367-930E-82B50E935C4B} — System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {3155D101-D1AB-431A-99A7-8D39AD03876D} — System32Tasks{FC8D2F22-C28D-4559-AF82-4B329BCEEAFE} => D:Deus Ex Human Revolution — The Missing Linkdxhrml.exe
Task: {37A2873C-B48C-43EE-A5A1-F07A7C838C35} — System32TasksDriverMaxAgent => C:Program Files (x86)Innovative SolutionsDriverMaxdrivermax.exe
Task: {3D19F103-72F5-4B1C-B0A8-9EE726DDEA7B} — {3E5A513A-440B-495B-9D23-F8BBAEA2C3D2} -> No File <==== ATTENTION
Task: {4551BEB5-711A-4386-88A2-9886DBFD6087} — System32TasksОбновление Браузера Яндекс => C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe [2015-12-01] (YANDEX LLC)
Task: {55E67696-609B-489F-A7D5-22978D26D190} — System32TasksScheduled Update for Ask Toolbar => C:Program Files (x86)Ask.comUpdateTask.exe [2009-07-10] () <==== ATTENTION
Task: {586D3770-0807-4AE7-B47A-4951DDF1D2D4} — System32Tasks{66B28667-816E-449A-9D15-440046B90784} => pcalua.exe -a C:UsersАнжелаDownloadsDirectx_9.10.11.exe -d C:UsersАнжелаDownloads
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} — System32TasksMicrosoftWindowsUPnPUPnPHostConfig => config upnphost start= auto
Task: {78191FA7-982D-4DEB-97B3-E9EEC0FF8A6A} — System32Tasks{A1BC404F-31DB-465B-B330-3739F5CE76EB} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.16.66.105&LastError=404
Task: {8C3FDF4D-4BC5-4D5E-90A8-8EB7471F543D} — System32TasksВыключение компьютера => C:WindowsSystem32shutdown.exe [2009-07-14] (Microsoft Corporation)
Task: {9AA7F43B-2CF7-49EF-A6F3-802F60172232} — System32TasksOpera scheduled Autoupdate 1438705804 => D:launcher.exe [2016-01-18] (Opera Software)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} — System32TasksMicrosoftWindowsApplication ExperienceAitAgent => C:Windowssystem32aitagent.exe [2009-07-14] (Корпорация Майкрософт (Microsoft Corp.))
Task: {BA782E20-18C3-4A51-AD87-EC2010E262BB} — System32TasksAdobe Flash Player PPAPI Notifier => C:WindowsSysWOW64MacromedFlashFlashUtil32_20_0_0_286_pepper.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {BD3BF790-B344-4EFB-A170-5C667A660BFA} — System32TasksAVAST SoftwareAvast settings backup => C:Program FilesCommon FilesAVavast! Antivirusbackup.exe [2016-01-20] (AVAST Software)
Task: {CB32F087-1CD1-4193-8FA3-E50765524365} — System32Tasksavast! Emergency Update => C:Program FilesAVAST SoftwareAvastAvastEmUpdate.exe [2015-12-30] (AVAST Software)
Task: {D6951D40-D452-439E-8171-D6BDAADFA634} — {652B2283-3E41-4B50-96BE-92375F636700} -> No File <==== ATTENTION
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} — System32TasksMicrosoftWindowsSoftwareProtectionPlatformSvcRestartTask => start sppsvc
Task: {F14CC12B-B7D7-49EF-87A1-136CE212DD13} — System32Tasks{24B6CB8E-2233-4673-B9EC-D1860315E700} => D:Deus Ex Human Revolution — The Missing Linkdxhrml.exe
Task: {FB83B368-A965-4247-93D0-64D88FF42290} — System32Tasks{00BBB314-A39E-4E7D-9E49-4A78E36BFBF3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.16.66.105&LastError=404
Task: {FD9B4EB7-FFF2-4D0A-8EEA-B4F06F755283} — System32TasksAdobe Flash Player Updater => C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:WindowsTasksAdobe Flash Player PPAPI Notifier.job => C:WindowsSysWOW64MacromedFlashFlashUtil32_20_0_0_286_pepper.exe
Task: C:WindowsTasksAdobe Flash Player Updater.job => C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
Task: C:WindowsTasksGoogleUpdateTaskMachineCore.job => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
Task: C:WindowsTasksGoogleUpdateTaskMachineUA.job => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
Task: C:WindowsTasksОбновление Браузера Яндекс .job => C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
Task: C:WindowsTasksОбновление Браузера Яндекс.job => C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-12-15 23:54 — 2015-11-24 21:40 — 00116344 _____ () C:Program FilesNVIDIA CorporationDisplayNvSmartMax64.dll
2015-11-14 04:23 — 2015-11-14 04:23 — 00553120 _____ () C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll
2015-12-10 18:32 — 2015-12-29 13:08 — 00302944 _____ () C:UsersАнжелаAppDataRoamingYandexYandexDisklibpng14-14-x64.dll
2015-12-10 18:32 — 2015-12-29 13:08 — 00187744 _____ () C:UsersАнжелаAppDataRoamingYandexYandexDiskzlib1-x64.dll
2015-11-14 04:22 — 2015-11-14 04:22 — 31401120 _____ () C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncCoreSync.exe
2016-01-13 14:13 — 2015-12-01 15:50 — 00408016 _____ () C:UsersАнжелаAppDataLocalYandexYandexBrowserApplication46.0.2490.6151crash_service.exe
2015-12-30 19:03 — 2015-12-30 19:03 — 00103888 _____ () C:Program FilesAVAST SoftwareAvastlog.dll
2015-12-30 19:03 — 2015-12-30 19:03 — 00125512 _____ () C:Program FilesAVAST SoftwareAvastJsonRpcServer.dll
2016-01-23 23:17 — 2016-01-23 23:17 — 02818048 _____ () C:Program FilesAVAST SoftwareAvastdefs16012301algo.dll
2015-12-30 19:03 — 2015-12-30 19:03 — 00469008 _____ () C:Program FilesAVAST SoftwareAvastffl2.dll
2015-12-15 23:55 — 2015-11-25 02:10 — 00012080 _____ () C:Program Files (x86)NVIDIA CorporationUpdate Coredetoured.dll
2015-12-05 10:21 — 2015-12-05 10:21 — 00933056 ____R () C:Program Files (x86)SkypePhonessScreenVVS2.dll
2015-11-16 17:43 — 2015-11-16 17:43 — 40523440 _____ () C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonCEFlibcef.dll
2015-12-30 19:03 — 2015-12-30 19:03 — 40539648 _____ () C:Program FilesAVAST SoftwareAvastlibcef.dll
2015-11-16 17:43 — 2015-11-16 17:43 — 01365680 _____ () C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonCEFlibglesv2.dll
2015-11-16 17:43 — 2015-11-16 17:43 — 00219312 _____ () C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonCEFlibegl.dll
2015-12-03 04:37 — 2015-12-03 04:37 — 00124416 _____ () C:Program Files (x86)AdobeAdobe Creative CloudCCXProcessjsnode_modulesfs-extbuildReleasefs-ext.node
2015-12-03 04:37 — 2015-12-03 04:37 — 00188416 _____ () C:Program Files (x86)AdobeAdobe Creative CloudCCXProcessjsnode_modulesnode-vulcanjsbuildReleaseVulcanJS.node
2015-12-03 04:37 — 2015-12-03 04:37 — 00121344 _____ () C:Program Files (x86)AdobeAdobe Creative CloudCCXProcessjsnode_modulesrefbuildReleasebinding.node
2015-12-03 04:37 — 2015-12-03 04:37 — 00129536 _____ () C:Program Files (x86)AdobeAdobe Creative CloudCCXProcessjsnode_modulesffibuildReleaseffi_bindings.node
2015-12-07 01:04 — 2015-12-07 01:04 — 00089264 _____ () C:Program Files (x86)AdobeAdobe Creative CloudCCXProcessjsnode_modulesnode-ProxyResolvernativeProxyResolverWin7.dll
2015-12-03 04:37 — 2015-12-03 04:37 — 00081408 _____ () C:Program Files (x86)AdobeAdobe Creative CloudCCXProcessjsnode_modulesidle-gcbuildReleaseidle-gc.node
2016-01-13 14:13 — 2015-12-01 15:50 — 01532880 _____ () C:UsersАнжелаAppDataLocalYandexYandexBrowserApplication46.0.2490.6151libglesv2.dll
2016-01-13 14:13 — 2015-12-01 15:50 — 00081360 _____ () C:UsersАнжелаAppDataLocalYandexYandexBrowserApplication46.0.2490.6151libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The «AlternateShell» will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkAmmyyAdmin => «»=»Service»

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:34 — 2009-06-11 00:00 — 00000824 ____A C:Windowssystem32Driversetchosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-84755647-3855591167-3748119490-1000Control PanelDesktop\Wallpaper -> C:UsersАнжелаAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A99BE517-51AA-403D-BC6B-DFE87F31D2DA}] => (Allow) C:UsersDefaultAppDataLocalYandexYandexBrowserApplicationbrowser.exe
FirewallRules: [{4DB5B5E6-7466-4B31-B243-CBAF1F20B6AE}] => (Allow) C:UsersАнжелаAppDataLocalMediaGet2mediaget.exe
FirewallRules: [{32FC42C5-EF5C-44E1-890E-BF31146E497B}] => (Allow) C:UsersАнжелаAppDataLocalMediaGet2mediaget.exe
FirewallRules: [{B40F4D43-4EEA-4182-8FEA-CAFC1903669C}] => (Allow) C:Program Files (x86)SkypePhoneSkype.exe
FirewallRules: [{97E9BB63-4369-418C-9DF1-932A1D34A3B7}] => (Allow) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
FirewallRules: [{221D08E4-1D44-4B37-B8A2-570AC208A012}] => (Allow) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
FirewallRules: [{8C0FF871-BAD0-4C18-87EA-8EAC6A4B955E}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamNetworkService.exe
FirewallRules: [{8BCE51D8-8604-405A-9C8B-4E9DABAB36B8}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamNetworkService.exe
FirewallRules: [{28BF3C6F-73B2-4858-BC27-172AAAF24BA6}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamUserAgent.exe
FirewallRules: [{E21EE29F-5C05-43AE-A5CC-BD8556B509EB}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe
FirewallRules: [{0FB4A67B-82CE-4AF6-AE7C-220896A148EB}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe
FirewallRules: [{8FDDE591-3E0D-4D55-BC20-C94E1C4EE767}] => (Allow) C:Program Files (x86)uTorrentuTorrent.exe
FirewallRules: [{115ED477-B613-4C4B-8E70-D51E1E77B6D8}] => (Allow) C:Program Files (x86)uTorrentuTorrent.exe
FirewallRules: [TCP Query User{76B8079F-E8DC-44ED-AE33-9346D9B823E8}C:program files (x86)spyware terminatorspywareterminatorupdate.exe] => (Block) C:program files (x86)spyware terminatorspywareterminatorupdate.exe
FirewallRules: [UDP Query User{73EDADBD-2845-4D7B-BE17-08467949D16A}C:program files (x86)spyware terminatorspywareterminatorupdate.exe] => (Block) C:program files (x86)spyware terminatorspywareterminatorupdate.exe
FirewallRules: [{01A82461-EE8A-4A26-9125-333EFA30F2C4}] => (Allow) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
FirewallRules: [{7AA338B1-CF0B-4F9B-92F8-19E28C323B34}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe

==================== Restore Points =========================

21-01-2016 15:37:46 Установить пакет драйверов устройств: TAP-Windows Provider V9 Сетевые адаптеры
24-01-2016 11:19:49 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click «Action», and then click «Enable Device». This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/24/2016 11:19:49 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Ошибка теневого копирования тома: непредвиденная ошибка при запросе интерфейса IVssWriterCallback. hr = 0x80070005, Отказано в доступе.
.
Наиболее вероятная причина — неправильные параметры безопасности запрашивающего процесса или записывающего процесса.

Операция:
Сбор данных модуля записи

Контекст:
Код класса модуля записи: {e8132975-6f93-4464-a53e-1050253ae220}
Имя модуля записи: System Writer
Код экземпляра модуля записи: {3c3d65b7-8f6c-4bbb-a363-40e14364d9f8}

Error: (01/14/2016 10:49:15 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Работа службы Windows Search остановлена из-за проблем с индексатором: The catalog is corrupt.

Подробности:
Каталог индексов содержимого поврежден. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/14/2016 10:49:15 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Невозможно инициализировать каталог.

Подробности:
Каталог индексов содержимого поврежден. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/14/2016 10:49:15 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Не удается инициализировать приложение.

Контекст: приложение «Windows»

Подробности:
Каталог индексов содержимого поврежден. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/14/2016 10:49:15 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Не удалось инициализировать объект средства сбора данных.

Контекст: приложение «Windows», каталог «SystemIndex»

Подробности:
Каталог индексов содержимого поврежден. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/14/2016 10:49:15 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Не удается инициализировать подключаемый модуль в .

Контекст: приложение «Windows», каталог «SystemIndex»

Подробности:
Элемент не найден. (HRESULT : 0x80070490) (0x80070490)

Error: (01/14/2016 10:49:10 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Не удается инициализировать подключаемый модуль в .

Контекст: приложение «Windows», каталог «SystemIndex»

Подробности:
Каталог индексов содержимого поврежден. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/14/2016 10:49:10 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Службе Windows Search не удается загрузить данные из хранилища свойств.

Контекст: приложение «Windows», каталог «SystemIndex»

Подробности:
Серверу индекса содержимого не удалось обновить данные (или получить доступ к ним) из-за ошибки базы данных. Остановите и перезапустите службу поиска. Если ошибка продолжает возникать, заново инициализируйте индекс и выполните обход содержимого. В некоторых случаях может потребоваться удалить индекс содержимого и создать его заново. (HRESULT : 0x8004117f) (0x8004117f)

Error: (01/14/2016 10:49:10 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Службой поиска обнаружены поврежденные файлы данных в индексе {ИД=1100}. Будет предпринята попытка автоматического устранения этой неполадки путем перестройки индекса.

Подробности:
Каталог индексов содержимого поврежден. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/14/2016 10:49:09 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Службе Windows Search не удается открыть хранилище свойств Jet.

Подробности:
0x%08x (0x8004117f — Серверу индекса содержимого не удалось обновить данные (или получить доступ к ним) из-за ошибки базы данных. Остановите и перезапустите службу поиска. Если ошибка продолжает возникать, заново инициализируйте индекс и выполните обход содержимого. В некоторых случаях может потребоваться удалить индекс содержимого и создать его заново. (HRESULT : 0x8004117f))

System errors:
=============
Error: (01/24/2016 11:27:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Сбой при загрузке драйвера(ов) перезагрузки или запуска системы:
caxyvej

Error: (01/24/2016 10:37:19 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Возникло следующее неустранимое предупреждение: 70. Внутреннее состояние ошибки: 105.

Error: (01/24/2016 10:37:13 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Возникло следующее неустранимое предупреждение: 70. Внутреннее состояние ошибки: 105.

Error: (01/24/2016 10:36:56 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Возникло следующее неустранимое предупреждение: 10. Внутреннее состояние ошибки: 10.

Error: (01/24/2016 08:49:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Сбой при загрузке драйвера(ов) перезагрузки или запуска системы:
caxyvej

Error: (01/23/2016 02:17:44 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Возникло следующее неустранимое предупреждение: 70. Внутреннее состояние ошибки: 105.

Error: (01/23/2016 02:17:39 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Возникло следующее неустранимое предупреждение: 70. Внутреннее состояние ошибки: 105.

Error: (01/23/2016 02:17:21 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Возникло следующее неустранимое предупреждение: 10. Внутреннее состояние ошибки: 10.

Error: (01/23/2016 11:15:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Сбой при загрузке драйвера(ов) перезагрузки или запуска системы:
caxyvej

Error: (01/23/2016 08:20:38 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Возникло следующее неустранимое предупреждение: 70. Внутреннее состояние ошибки: 105.

CodeIntegrity:
===================================
Date: 2015-12-17 18:39:02.350
Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume1Program Files (x86)AVGAVG PC TuneUpavgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-12-17 18:39:02.318
Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume1Program Files (x86)AVGAVG PC TuneUpavgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-12-17 18:39:02.184
Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume1Program Files (x86)AVGAVG PC TuneUpavgdumpa.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-12-17 18:39:02.144
Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume1Program Files (x86)AVGAVG PC TuneUpavgdumpa.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-12-17 18:38:57.938
Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume1Program Files (x86)AVGAVG PC TuneUpavgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-12-17 18:38:57.885
Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume1Program Files (x86)AVGAVG PC TuneUpavgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-12-17 18:38:57.844
Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume1Program Files (x86)AVGAVG PC TuneUpavgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-12-17 18:38:57.804
Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume1Program Files (x86)AVGAVG PC TuneUpavgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-12-17 18:38:57.726
Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume1Program Files (x86)AVGAVG PC TuneUpavgdumpa.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-12-17 18:38:57.699
Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume1Program Files (x86)AVGAVG PC TuneUpavgdumpa.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU G1620 @ 2.70GHz
Percentage of memory in use: 61%
Total physical RAM: 4047.78 MB
Available physical RAM: 1557.85 MB
Total Virtual: 8093.7 MB
Available Virtual: 5304.43 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:80 GB) (Free:4.17 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:832 GB) (Free:574.18 GB) NTFS
Drive e: (Hidden) (Fixed) (Total:19.51 GB) (Free:10.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00680067)
Partition 1: (Active) — (Size=80 GB) — (Type=07 NTFS)
Partition 2: (Not Active) — (Size=851.5 GB) — (Type=05)

==================== End of Addition.txt ============================
24 января, 2016 в 8:32 дп в ответ на: redirest помогите избавиться #32720
angelver
Participant
- Темы:1
- Сообщений:13
Fix result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Анжела (2016-01-24 11:19:46) Run:1
Running from C:UsersАнжелаDesktop111
Loaded Profiles: Анжела (Available Profiles: Анжела)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
GroupPolicy: Restriction — Chrome <======= ATTENTION
CHR HKLMSOFTWAREPoliciesGoogle: Restriction <======= ATTENTION
R2 Service Mgr ConstantFun; C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54PluginContainer.exe [782560 2016-01-14] () <==== ATTENTION
R2 Update Mgr ConstantFun; C:Program Files (x86)Common Files415c6520-c0da-4fcb-9597-9d03c710be54updater.exe [640736 2016-01-14] () <==== ATTENTION
2016-01-01 13:18 — 2016-01-01 13:18 — 00003398 _____ C:WindowsSystem32Tasks{3E5A513A-440B-495B-9D23-F8BBAEA2C3D2}
2016-01-01 13:15 — 2016-01-01 13:15 — 00003398 _____ C:WindowsSystem32Tasks{652B2283-3E41-4B50-96BE-92375F636700}
2016-01-01 13:06 — 2016-01-01 13:06 — 01297046 _____ C:UsersАнжелаDownloadshelper (3).user.js
2016-01-01 13:05 — 2016-01-01 13:05 — 01297046 _____ C:UsersАнжелаDownloadshelper (2).user.js
2016-01-01 13:05 — 2016-01-01 13:05 — 01297046 _____ C:UsersАнжелаDownloadshelper (1).user.js
2016-01-01 13:04 — 2016-01-01 13:04 — 00790912 _____ C:UsersАнжелаDownloadsSaveFromNetHelper_Rus_Setup.exe
EmptyTemp:
Reboot:
*****************

Restore point was successfully created.
C:Windowssystem32GroupPolicyMachine => moved successfully
C:Windowssystem32GroupPolicyGPT.ini => moved successfully
«HKLMSOFTWAREPoliciesGoogle» => key removed successfully
Service Mgr ConstantFun => service not found.
Update Mgr ConstantFun => Service stopped successfully.
Update Mgr ConstantFun => service removed successfully
C:WindowsSystem32Tasks{3E5A513A-440B-495B-9D23-F8BBAEA2C3D2} => moved successfully
C:WindowsSystem32Tasks{652B2283-3E41-4B50-96BE-92375F636700} => moved successfully
C:UsersАнжелаDownloadshelper (3).user.js => moved successfully
C:UsersАнжелаDownloadshelper (2).user.js => moved successfully
C:UsersАнжелаDownloadshelper (1).user.js => moved successfully
C:UsersАнжелаDownloadsSaveFromNetHelper_Rus_Setup.exe => moved successfully
EmptyTemp: => 2.6 GB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 11:21:18 ====
19 января, 2016 в 9:58 дп в ответ на: redirest помогите избавиться #32718
angelver
Participant
- Темы:1
- Сообщений:13
Три дня сидела, искала FRST/FRST64, этот FRST64 у меня в загрузках, когда ищу в «Поиск», то все время отправляет в загрузки, естественно, когда включаю FRST64, он говорит, что нет fixlist и не работает. Ищу путь в проводнике, а там С/-Users|Анжела/Desktop/FRST64. Вхожу в С, нет Users. Где только не ищу, открываю все папки и папки windows, нет ничего. Никак не могу найти этот Users и FRST64 и вставить в него то, что Вы мне прислали. Я скопировала в Блокнот, то, что Вы прислали, нажимаю на «Сохранить как» и он в С/ выдает только лист FRST — Блокнот после сканирования в FRST. Я уж думала, может, туда мне его вставить.
15 января, 2016 в 11:33 дп в ответ на: redirest помогите избавиться #32716
angelver
Participant
- Темы:1
- Сообщений:13
Вот сейчас я зашла, чтобы посмотреть, есть ли ответ на мое сообщение. Сбоку у меня какой-то Related Searches cо списком ссылок на AVG, там список ссылок антивирусника: Free Antivirus Downloads, Virus Protection и т.д. Внизу черные квардаты, на другой странице на них написано было, мол не хотите ли почистить ваш компьютер, в нем вирусы или что-то подобное, причем квадраты эти закрывают на 1/3 экрана, приходится перекручивать. Когда я нажала на ссылку на «ответить», то меня перенаправили на страницу с рекламой во весь экран, я нажала на крестик и только тогда попала сюда. На этой странице еще ничего, а вот, когда я зашла туда, где учебники по математике, так комп. все загружает и загружает, никак не загрузит, хотя уж не знаю, что там делать, если все что мне нужно уже на странице есть.
А я не ошиблась, проблема в redirest, а не в redigest — при перенаправлении быстро появляется страница, где написано это слово, но я никак не могу успеть его прочитать.
Заранее благодарю за помощь.
15 января, 2016 в 11:08 дп в ответ на: redirest помогите избавиться #32715
angelver
Participant
- Темы:1
- Сообщений:13
что же дальше делать?
14 января, 2016 в 11:16 дп в ответ на: redirest помогите избавиться #32714
angelver
Participant
- Темы:1
- Сообщений:13
Addition.txt. почему-то не открывается.
14 января, 2016 в 11:08 дп в ответ на: redirest помогите избавиться #32713
angelver
Participant
- Темы:1
- Сообщений:13
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Анжела (administrator) on А (14-01-2016 14:06:44)
Running from C:UsersАнжелаDownloads
Loaded Profiles: Анжела (Available Profiles: Анжела)
Platform: Windows 7 Ultimate (X64) Language: Русский (Россия)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forums/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:WindowsSystem32nvvsvc.exe
(NVIDIA Corporation) C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
(AVAST Software) C:Program FilesAVAST SoftwareAvastAvastSvc.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe
(NVIDIA Corporation) C:WindowsSystem32nvvsvc.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe
(Adobe Systems, Incorporated) C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationGeForce Experience ServiceGfExperienceService.exe
(NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamService.exe
(NVIDIA Corporation) C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
() C:Program Files (x86)Common Files415c6520-c0da-4fcb-9597-9d03c710be54updater.exe
(Yandex) C:UsersАнжелаAppDataLocalYandexElementselements.exe8.14.0.1058elements64.exe
(Yandex LLC) C:UsersАнжелаAppDataLocalYandexBrowserManagerBrowserManager.exe
(Яндекс) C:UsersАнжелаAppDataRoamingYandexYandexDiskYandexDisk.exe
(Skype Technologies S.A.) C:Program Files (x86)SkypePhoneSkype.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvtray.exe
(Adobe Systems Incorporated) C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe
(AVAST Software) C:Program FilesAVAST SoftwareAvastAvastUI.exe
(Яндекс) C:UsersАнжелаAppDataRoamingYandexYandexDiskwow64YandexDiskStarter.exe
(Яндекс) C:UsersАнжелаAppDataRoamingYandexYandexDiskYandexDiskStarter.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeOOBEPDAppIPCAdobeIPCBroker.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamNetworkService.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamUserAgent.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonHEXAdobe CEF Helper.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonADSAdobe Desktop Service.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonHEXAdobe CEF Helper.exe
() C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncCoreSync.exe
(Adobe Systems Incorporated) C:Program Files (x86)AdobeAdobe Creative CloudCCXProcessCCXProcess.exe
(Joyent, Inc) C:Program Files (x86)AdobeAdobe Creative CloudCCXProcesslibsnode.exe
(Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonHEXAdobe CEF Helper.exe
(Microsoft Corporation) C:WindowsSystem32UI0Detect.exe
(Microsoft Corporation) C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
() C:UsersАнжелаAppDataLocalYandexYandexBrowserApplication46.0.2490.6151crash_service.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54PluginContainer.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins2Plugin.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins3Plugin.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins5Plugin.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins6Plugin.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins10Plugin.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins8Plugin.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins7Plugin.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins12Plugin.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins7Plugin.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins3Plugin.exe
() C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54plugins12Plugin.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera_crashreporter.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(Opera Software) D:34.0.2036.47opera.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(Alexander Roshal) C:Program FilesWinRARWinRAR.exe
(Sysinternals — http://www.sysinternals.com) C:UsersBD4A~1AppDataLocalTempRar$EXa0.927procexp.exe
(Sysinternals — http://www.sysinternals.com) C:UsersBD4A~1AppDataLocalTempprocexp64.exe
(YANDEX LLC) C:UsersАнжелаAppDataLocalYandexYandexBrowserApplicationbrowser.exe
(Opera Software) D:34.0.2036.47opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [NvBackend] => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe [2757424 2015-11-25] (NVIDIA Corporation)
HKLM…Run: [ShadowPlay] => «C:Windowssystem32rundll32.exe» C:Windowssystem32nvspcap64.dll,ShadowPlayOnSystemStart
HKLM…Run: [AdobeAAMUpdater-1.0] => C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM-x32…Run: [Adobe Creative Cloud] => C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe [2304688 2015-12-15] (Adobe Systems Incorporated)
HKLM-x32…Run: [AvastUI.exe] => C:Program FilesAVAST SoftwareAvastAvastUI.exe [7021880 2015-12-30] (AVAST Software)
HKUS-1-5-21-84755647-3855591167-3748119490-1000…Run: [YandexElements] => C:UsersАнжелаAppDataLocalYandexElementselements.exe8.14.0.1058elements64.exe [1589536 2015-10-30] (Yandex)
HKUS-1-5-21-84755647-3855591167-3748119490-1000…Run: [Browser Manager] => C:UsersАнжелаAppDataLocalYandexBrowserManagerBrowserManager.exe [1427752 2015-03-23] (Yandex LLC)
HKUS-1-5-21-84755647-3855591167-3748119490-1000…Run: [Muzbaza] => C:Program Files (x86)MuzabazaMuzabaza playerMuzabaza.exe -m
HKUS-1-5-21-84755647-3855591167-3748119490-1000…Run: [SyncManPath] => C:UsersАнжелаAppDataRoamingYandexYandexDiskYandexDisk.exe [24112480 2015-12-02] (Яндекс)
HKUS-1-5-21-84755647-3855591167-3748119490-1000…Run: [Skype] => C:Program Files (x86)SkypePhoneSkype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ YndCase0Sync] -> {63D48440-63AB-44D0-B323-4731DFCDE9E9} => C:Program FilesYandexYandexDiskbinYandexDiskOverlays-2398.dll [2015-08-07] (Яндекс)
ShellIconOverlayIdentifiers: [ YndCase1Modified] -> {7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0} => C:Program FilesYandexYandexDiskbinYandexDiskOverlays-2398.dll [2015-08-07] (Яндекс)
ShellIconOverlayIdentifiers: [ YndCase2Error] -> {FB2FE984-05F5-4512-9D9B-69D3DE61F6D9} => C:Program FilesYandexYandexDiskbinYandexDiskOverlays-2398.dll [2015-08-07] (Яндекс)
ShellIconOverlayIdentifiers: [ YndCase3Shared] -> {AF8D197E-7022-4c3d-BD88-68AD35C9C169} => C:Program FilesYandexYandexDiskbinYandexDiskOverlays-2398.dll [2015-08-07] (Яндекс)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShA64.dll [2015-12-30] (AVAST Software)
GroupPolicy: Restriction — Chrome <======= ATTENTION
CHR HKLMSOFTWAREPoliciesGoogle: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

TcpipParameters: [DhcpNameServer] 192.168.1.1
Tcpip..Interfaces{6F1C2ADB-C5DF-460B-B947-308D6511DF3C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1ADB0VXfVBdFElXTwhgL1dLFVgfVXNWLg==
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Start Page = hxxp://yandex.ru/?clid=2101081
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Search Page = hxxp://yandex.ru/yandsearch?clid=2101082&text={searchTerms}
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL =
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL =
HKUS-1-5-21-84755647-3855591167-3748119490-1000SoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp://yandex.ru/yandsearch?clid=2101082&text={searchTerms}
HKUS-1-5-21-84755647-3855591167-3748119490-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1ADB0VXfVBdFElXTwhgL1dLFVgfVXNWLg==
HKUS-1-5-21-84755647-3855591167-3748119490-1000SoftwareMicrosoftInternet ExplorerMain,Search Bar = hxxp://yandex.ru/?clid=2101081
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTSEcFME0FCFwEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTSEcFME0FCFwEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxp://yandex.ru/yandsearch?clid=2101082&text={searchTerms}
SearchScopes: HKLM-x32 -> {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxp://yandex.ru/yandsearch?clid=2101082&text={searchTerms}
SearchScopes: HKUS-1-5-21-84755647-3855591167-3748119490-1000 -> DefaultScope OldSearch URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTSEcFME0FCFwEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
SearchScopes: HKUS-1-5-21-84755647-3855591167-3748119490-1000 -> OldSearch URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTSEcFME0FCFwEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
SearchScopes: HKUS-1-5-21-84755647-3855591167-3748119490-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://tbsearch.ask.com/redirect?client=ie&tb=PTV&o=&src=crm&q={searchTerms}&locale=
SearchScopes: HKUS-1-5-21-84755647-3855591167-3748119490-1000 -> {F4137D40-259A-4FB3-B780-F8C39B303C41} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTSEcFME0FCFwEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll [2015-12-30] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:Program Files (x86)YandexFastDialfastdial64host.dll [2015-07-28] ()
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll [2015-12-30] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:Program Files (x86)YandexFastDialfastdialhost.dll [2015-07-28] ()
Toolbar: HKUS-1-5-21-84755647-3855591167-3748119490-1000 -> No Name — {91397D20-1446-11D4-8AF4-0040CA1127B6} — No File
Handler: skypec2c — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: deflate — {8f6b0360-b80d-11d0-a9b3-006097942311} — C:Windowssystem32urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate — {8f6b0360-b80d-11d0-a9b3-006097942311} — C:WindowsSysWOW64urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip — {8f6b0360-b80d-11d0-a9b3-006097942311} — C:Windowssystem32urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip — {8f6b0360-b80d-11d0-a9b3-006097942311} — C:WindowsSysWOW64urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.default
FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll [2015-12-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:Windowssystem32MacromedAUTHORWAnp32asw.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:Windowssystem32AdobeDirectornp32dsw_1213153.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:Program Files (x86)GoogleUpdate1.3.29.1npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:Program Files (x86)GoogleUpdate1.3.29.1npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:VLCnpvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect32.dll [2015-12-15] (Adobe Systems)
FF SearchPlugin: C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultsearchpluginsaskcom.xml [2009-07-10]
FF SearchPlugin: C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultsearchpluginsyandex.ru-093911.xml [2015-08-05]
FF SearchPlugin: C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultsearchpluginsyqs-barff-yandex.xml [2015-08-05]
FF Extension: SaveFrom.net helper — C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionshelper@savefrom.net.xpi [2015-08-05] [not signed]
FF Extension: Speed Dial [FVD] — New Tab Page, Sync… — C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionspavel.sherbakov@gmail.com [2015-08-04]
FF Extension: Ask Toolbar — C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionstoolbar@ask.com [2015-08-04] [not signed]
FF Extension: Visual Bookmarks — C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionsvb@yandex.ru [2015-08-05] [not signed]
FF Extension: &Yandex Elements& — C:UsersАнжелаAppDataRoamingMozillaFirefoxProfileswaz0nb2e.defaultExtensionsyasearch@yandex.ru [2015-08-05] [not signed]
FF HKLM-x32…FirefoxExtensions: [wrc@avast.com] — C:Program FilesAVAST SoftwareAvastWebRepFF
FF Extension: Avast Online Security — C:Program FilesAVAST SoftwareAvastWebRepFF [2015-12-30]
FF HKLM-x32…FirefoxExtensions: [sp@avast.com] — C:Program FilesAVAST SoftwareAvastSafePriceFF
FF Extension: Avast SafePrice — C:Program FilesAVAST SoftwareAvastSafePriceFF [2015-12-30]

Chrome:
=======
CHR HomePage: Default -> yandex.ru/?__PARAM__from=chromehp
CHR RestoreOnStartup: Default -> «hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1oDB0VXfV5bFElXTwhgL1dLFVgfVXNWLg==»
CHR StartupUrls: Default -> «hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVdVwIVgAURxhGcgheTA1BGVMOIQEPBBRAQwxBIQgLV1gTRQIFIk0FA1oDB0VXfV5bFElXTwhgL1dLFVgfVXNWLg==»

CHR DefaultSearchURL: Default -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8NBAlGGFBFbVwKUF9cFQUbJhRZWQ4UDARBeVtZUApHQFdHdx9aFQQTQkcFME0FBloEURNNfXpXD0oFQFtXBkxW&q={searchTerms}
CHR DefaultSearchKeyword: Default -> searchinterneat-a.akamaihd.net
CHR DefaultNewTabURL: Default -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAMWJQkPWFwXDFARcV8VVQlJRxhCeA5dTAgTGFdCcQoOAFsVFhNBNARaAktXUUEeJ1pNER8fHHZMLkpMAFcFZ0BN
CHR Profile: C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefault
CHR Extension: (Сайдекс-сканнер Цен) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsaamfmnhcipnbjjnbfmaoooiohikifefk [2015-12-15]
CHR Extension: (Skype Calling) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsblakpkgjpemejpbmfiglncklihnhjkij [2015-11-22]
CHR Extension: (Яндекс) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionscncgohepihcekklokhbhiblhfcmipbdh [2016-01-01]
CHR Extension: (Tampermonkey) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsdhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-21]
CHR Extension: (Стартовая — Яндекс) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsgbjeiekahklbgbfccohipinhgaadijad [2016-01-01]
CHR Extension: (Яндекс) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsnehapofakghljopfegjogpgpeljkhjjn [2015-12-10]
CHR Extension: (Chrome Web Store Payments) — C:UsersАнжелаAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR HKUS-1-5-21-84755647-3855591167-3748119490-1000SOFTWAREGoogleChromeExtensions…ChromeExtension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32…ChromeExtension: [cncgohepihcekklokhbhiblhfcmipbdh] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32…ChromeExtension: [dkekdlkmdpipihonapoleopfekmapadh] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32…ChromeExtension: [eofcbnmajmjmplflapaojjnihcjkigck] — C:Program FilesAVAST SoftwareAvastWebRepChromeaswWebRepChromeSp.crx [2015-12-30]
CHR HKLM-x32…ChromeExtension: [gbjeiekahklbgbfccohipinhgaadijad] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32…ChromeExtension: [gehngeifmelphpllncobkmimphfkckne] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32…ChromeExtension: [gomekmidlodglbbmalcneegieacbdmki] — C:Program FilesAVAST SoftwareAvastWebRepChromeaswWebRepChrome.crx [2015-12-30]
CHR HKLM-x32…ChromeExtension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] — C:Program Files (x86)SkypeToolbarsChromeExtensionskype_chrome_extension.crx [2016-01-08]

Opera:
=======
OPR Session Restore: -> is enabled.
OPR Extension: (Сайдекс-сканнер Цен) — C:UsersАнжелаAppDataRoamingOpera SoftwareOpera StableExtensionsaamfmnhcipnbjjnbfmaoooiohikifefk [2015-12-16]
OPR Extension: (Constant Fun) — C:UsersАнжелаAppDataRoamingOpera SoftwareOpera StableExtensionscjlhikhnnbcdlneiodjelnjjphhbagoa [2016-01-14]
StartMenuInternet: (HKLM) OperaStable — D:\Launcher.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:Program FilesAVAST SoftwareAvastAvastSvc.exe [226440 2015-12-30] (AVAST Software)
R2 c2cautoupdatesvc; C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 defragsvc; C:WindowsSystem32defragsvc.dll [291328 2009-07-14] (Корпорация Майкрософт)
R2 GfExperienceService; C:Program FilesNVIDIA CorporationGeForce Experience ServiceGfExperienceService.exe [1156400 2015-11-25] (NVIDIA Corporation)
R2 NvNetworkService; C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe [1872688 2015-11-25] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamNetworkService.exe [8133424 2015-11-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamService.exe [5915440 2015-11-25] (NVIDIA Corporation)
R2 Service Mgr ConstantFun; C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54PluginContainer.exe [782560 2016-01-14] () <==== ATTENTION
R2 Update Mgr ConstantFun; C:Program Files (x86)Common Files415c6520-c0da-4fcb-9597-9d03c710be54updater.exe [640736 2016-01-14] () <==== ATTENTION
R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 WPCSvc; C:WindowsSystem32wpcsvc.dll [12288 2009-07-14] (Корпорация Майкрософт)
S3 WPCSvc; C:WindowsSysWOW64wpcsvc.dll [10752 2009-07-14] (Корпорация Майкрософт)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:WindowsSystem32driversadgnetworkwfpdrv.sys [55800 2015-06-02] ()
R2 aswHwid; C:Windowssystem32driversaswHwid.sys [28656 2015-12-30] (AVAST Software)
R2 aswMonFlt; C:Windowssystem32driversaswMonFlt.sys [97648 2015-12-30] (AVAST Software)
R1 aswRdr; C:Windowssystem32driversaswRdr2.sys [93528 2015-12-30] (AVAST Software)
R0 aswRvrt; C:WindowsSystem32DriversaswRvrt.sys [65224 2015-12-30] (AVAST Software)
R1 aswSnx; C:Windowssystem32driversaswSnx.sys [1055560 2015-12-30] (AVAST Software)
R1 aswSP; C:Windowssystem32driversaswSP.sys [451040 2015-12-30] (AVAST Software)
R2 aswStm; C:Windowssystem32driversaswStm.sys [155304 2015-12-30] (AVAST Software)
R0 aswVmm; C:WindowsSystem32DriversaswVmm.sys [273784 2015-12-30] (AVAST Software)
S0 caxyvej; C:WindowsSysWOW64driversrjuvt.sys [61440 2016-01-13] () [File not signed]
S3 ebdrv; C:Windowssystem32DRIVERSevbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 mountmgr; C:WindowsSystem32driversmountmgr.sys [94784 2009-07-14] (Корпорация Майкрософт)
R3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [19760 2015-11-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:WindowsSystem32driversnvvad64v.sys [50472 2015-11-25] (NVIDIA Corporation)
R3 SmbDrvI; C:WindowsSystem32DRIVERSSmb_driver_Intel.sys [32496 2013-01-10] (Synaptics Incorporated)
R0 volmgrx; C:WindowsSystem32driversvolmgrx.sys [363584 2009-07-14] (Корпорация Майкрософт)
S3 cpuz134; ??C:UsersBD4A~1AppDataLocalTempcpuz134cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-14 14:04 — 2016-01-14 14:04 — 00054793 _____ C:UsersАнжелаDesktopFRST.txt
2016-01-14 13:58 — 2016-01-14 13:58 — 01250844 _____ C:UsersАнжелаDownloadsProcessExplorer.zip
2016-01-14 13:46 — 2016-01-14 13:46 — 00038708 _____ C:UsersАнжелаDownloadsAddition.txt
2016-01-14 13:45 — 2016-01-14 14:06 — 00028069 _____ C:UsersАнжелаDownloadsFRST.txt
2016-01-14 13:45 — 2016-01-14 14:06 — 00000000 ____D C:FRST
2016-01-14 13:44 — 2016-01-14 13:44 — 02370560 _____ (Farbar) C:UsersАнжелаDownloadsFRST64.exe
2016-01-14 10:48 — 2016-01-14 13:24 — 00000000 ____D C:UsersВсе пользователи415c6520-c0da-4fcb-9597-9d03c710be54
2016-01-14 10:48 — 2016-01-14 13:24 — 00000000 ____D C:ProgramData415c6520-c0da-4fcb-9597-9d03c710be54
2016-01-13 14:22 — 2016-01-13 14:22 — 00135168 _____ C:zip.exe
2016-01-13 14:22 — 2016-01-13 14:22 — 00061440 _____ C:WindowsSysWOW64Driversrjuvt.sys
2016-01-13 14:22 — 2016-01-13 14:22 — 00019286 _____ C:cleanup.exe
2016-01-13 14:22 — 2016-01-13 14:22 — 00000060 _____ C:vejnek.txt
2016-01-13 14:22 — 2016-01-13 14:22 — 00000000 _____ C:backup.reg
2016-01-13 14:20 — 2016-01-13 14:20 — 00724952 _____ C:UsersАнжелаDownloadsavenger (1).zip
2016-01-13 14:15 — 2016-01-13 14:15 — 00724952 _____ C:UsersАнжелаDownloadsavenger.zip
2016-01-06 11:47 — 2016-01-06 11:57 — 00000000 ____D C:UsersАнжелаDesktopНечитанные книги
2016-01-06 11:35 — 2016-01-06 11:55 — 00000000 ____D C:UsersАнжелаDesktopаудиокниги
2016-01-06 11:29 — 2016-01-06 11:57 — 00000000 ____D C:UsersАнжелаDesktopаудио и Кэрри Блейк
2016-01-06 10:26 — 2016-01-06 10:26 — 00022528 ___SH C:UsersАнжелаThumbs.db
2016-01-01 13:18 — 2016-01-01 13:18 — 00003398 _____ C:WindowsSystem32Tasks{3E5A513A-440B-495B-9D23-F8BBAEA2C3D2}
2016-01-01 13:15 — 2016-01-01 13:15 — 00003398 _____ C:WindowsSystem32Tasks{652B2283-3E41-4B50-96BE-92375F636700}
2016-01-01 13:06 — 2016-01-01 13:06 — 01297046 _____ C:UsersАнжелаDownloadshelper (3).user.js
2016-01-01 13:05 — 2016-01-01 13:05 — 01297046 _____ C:UsersАнжелаDownloadshelper (2).user.js
2016-01-01 13:05 — 2016-01-01 13:05 — 01297046 _____ C:UsersАнжелаDownloadshelper (1).user.js
2016-01-01 13:04 — 2016-01-01 13:04 — 00790912 _____ C:UsersАнжелаDownloadsSaveFromNetHelper_Rus_Setup.exe
2016-01-01 10:33 — 2016-01-01 10:34 — 00000000 ____D C:UsersАнжелаDesktopреставлрац
2015-12-31 18:05 — 2015-12-31 18:04 — 00001171 _____ C:UsersАнжелаDesktopTimeShift — Ярлык.lnk
2015-12-31 16:37 — 2015-12-31 16:37 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuPrograms(Default)
2015-12-31 14:23 — 2015-12-31 14:23 — 00598592 _____ C:UsersАнжелаDownloadsSetup (1).exe
2015-12-30 19:04 — 2016-01-14 10:49 — 00004182 _____ C:WindowsSystem32Tasksavast! Emergency Update
2015-12-30 19:04 — 2015-12-30 19:04 — 00001928 _____ C:UsersPublicDesktopAvast Free Antivirus.lnk
2015-12-30 19:04 — 2015-12-30 19:04 — 00000000 ____D C:UsersАнжелаAppDataRoamingAVAST Software
2015-12-30 19:04 — 2015-12-30 19:04 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAVAST Software
2015-12-30 19:03 — 2015-12-30 19:04 — 00451040 _____ (AVAST Software) C:Windowssystem32Driversaswsp.sys
2015-12-30 19:03 — 2015-12-30 19:04 — 00097648 _____ (AVAST Software) C:Windowssystem32Driversaswmonflt.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 01055560 _____ (AVAST Software) C:Windowssystem32DriversaswSnx.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00386096 _____ (AVAST Software) C:Windowssystem32aswBoot.exe
2015-12-30 19:03 — 2015-12-30 19:03 — 00273784 _____ (AVAST Software) C:Windowssystem32DriversaswVmm.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00155304 _____ (AVAST Software) C:Windowssystem32DriversaswStm.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00093528 _____ (AVAST Software) C:Windowssystem32DriversaswRdr2.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00065224 _____ (AVAST Software) C:Windowssystem32DriversaswRvrt.sys
2015-12-30 19:03 — 2015-12-30 19:03 — 00043112 _____ (AVAST Software) C:WindowsavastSS.scr
2015-12-30 19:03 — 2015-12-30 19:03 — 00028656 _____ (AVAST Software) C:Windowssystem32DriversaswHwid.sys
2015-12-29 20:09 — 2015-12-29 20:09 — 00000000 ____D C:UsersPublicDocumentsAdobeInstalledCodecs
2015-12-29 19:51 — 2015-12-29 19:51 — 00000997 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Media Encoder CC 2015.lnk
2015-12-29 19:50 — 2015-12-29 19:50 — 00000000 ____D C:UsersАнжелаDocumentsAdobe
2015-12-29 18:49 — 2015-12-29 18:49 — 00000987 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Premiere Pro CC 2015.lnk
2015-12-29 18:48 — 2015-12-29 20:09 — 00000000 ____D C:Program FilesAdobe
2015-12-29 18:46 — 2015-12-29 19:50 — 00000000 ____D C:Program FilesCommon FilesAdobe
2015-12-29 17:47 — 2015-12-29 17:47 — 00001227 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Creative Cloud.lnk
2015-12-29 17:47 — 2015-12-29 17:47 — 00001215 _____ C:UsersPublicDesktopAdobe Creative Cloud.lnk
2015-12-29 17:09 — 2016-01-01 15:39 — 00000000 ___RD C:UsersАнжелаCreative Cloud Files
2015-12-29 17:09 — 2016-01-01 15:39 — 00000000 ____D C:UsersВсе пользователиboost_interprocess
2015-12-29 17:09 — 2016-01-01 15:39 — 00000000 ____D C:ProgramDataboost_interprocess
2015-12-29 14:41 — 2015-12-29 17:50 — 00000000 ____D C:UsersВсе пользователиAdobe
2015-12-29 14:41 — 2015-12-29 17:50 — 00000000 ____D C:ProgramDataAdobe
2015-12-29 14:41 — 2015-12-29 17:47 — 00000000 ____D C:Program Files (x86)Adobe
2015-12-29 14:21 — 2015-12-29 14:21 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype
2015-12-29 14:04 — 2015-12-29 14:04 — 00675504 _____ (Adobe Systems Incorporated) C:UsersАнжелаDownloadsCreativeCloud_Rus_Setup.exe
2015-12-25 21:46 — 2015-12-25 21:46 — 00000000 ____D C:UsersАнжелаDocumentsSniper — Ghost Warrior
2015-12-25 21:40 — 2015-12-25 21:40 — 00000614 _____ C:UsersPublicDesktopSniper Ghost Warrior.lnk
2015-12-25 21:40 — 2015-12-25 21:40 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSniper Ghost Warrior
2015-12-25 20:46 — 2015-12-25 20:46 — 00000720 _____ C:UsersАнжелаDesktopMagicISO.lnk
2015-12-25 20:46 — 2015-12-25 20:46 — 00000000 ____D C:UsersАнжелаAppDataRoamingMicrosoftWindowsStart MenuProgramsMagicISO
2015-12-25 20:46 — 2015-12-25 20:46 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMagicISO
2015-12-25 15:30 — 2015-12-25 15:30 — 00000479 _____ C:UsersPublicDesktopWinImage (administrator).lnk
2015-12-25 15:30 — 2015-12-25 15:30 — 00000447 _____ C:UsersPublicDesktopWinImage.lnk
2015-12-25 15:30 — 2015-12-25 15:30 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinImage
2015-12-25 15:29 — 2015-12-25 15:29 — 00746592 _____ (WinImage) C:UsersАнжелаDownloadswinima90 (1).exe
2015-12-25 15:28 — 2015-12-25 15:29 — 00746592 _____ (WinImage) C:UsersАнжелаDownloadswinima90.exe
2015-12-22 21:43 — 2015-12-22 21:43 — 00000598 _____ C:UsersАнжелаDesktopMPC-HC.lnk
2015-12-22 21:43 — 2015-12-22 21:43 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMPC-HC
2015-12-22 21:10 — 2015-12-22 21:10 — 00000496 _____ C:UsersPublicDesktopVLC media player.lnk
2015-12-22 21:10 — 2015-12-22 21:10 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN
2015-12-20 21:24 — 2015-12-30 19:00 — 00000000 ____D C:UsersАнжелаAppDataLocalAvgSetupLog
2015-12-18 22:51 — 2015-12-18 22:54 — 00000139 _____ C:WindowsReimage.ini
2015-12-18 22:32 — 2015-12-18 22:32 — 00260336 _____ C:UsersАнжелаDownloadssetup.exe
2015-12-18 22:26 — 2015-12-18 22:26 — 00002968 _____ C:WindowsSystem32Tasks{FC8D2F22-C28D-4559-AF82-4B329BCEEAFE}
2015-12-18 11:53 — 2015-12-18 11:54 — 00476704 _____ (MediaGet LLC) C:UsersАнжелаDownloadsMediaGet_id4702004ids1s.exe
2015-12-17 18:53 — 2015-12-17 18:53 — 00000464 __RSH C:UsersВсе пользователиntuser.pol
2015-12-17 18:53 — 2015-12-17 18:53 — 00000464 __RSH C:ProgramDatantuser.pol
2015-12-17 18:33 — 2015-12-17 18:33 — 00000000 ____D C:Program Files (x86)Constant Fun
2015-12-17 18:31 — 2015-12-30 19:01 — 00000000 ____D C:Program Files (x86)AVG
2015-12-17 18:31 — 2015-12-17 18:31 — 00000000 ____D C:UsersАнжелаAppDataRoamingAVG
2015-12-17 18:30 — 2015-12-20 21:24 — 00000000 ____D C:UsersАнжелаAppDataLocalAvg
2015-12-17 18:29 — 2015-12-30 19:01 — 00000000 ____D C:UsersВсе пользователиAVG
2015-12-17 18:29 — 2015-12-30 19:01 — 00000000 ____D C:ProgramDataAVG
2015-12-17 18:23 — 2015-12-18 10:46 — 00003372 _____ C:WindowsSystem32TasksDriverMaxAgent
2015-12-17 18:23 — 2015-12-17 18:23 — 00000000 ____D C:UsersАнжелаAppDataRoamingRPEng
2015-12-17 18:23 — 2015-12-17 18:23 — 00000000 ____D C:UsersАнжелаAppDataRoamingInnovative Solutions
2015-12-17 18:23 — 2015-12-17 18:23 — 00000000 ____D C:UsersАнжелаAppDataLocalInnovative Solutions
2015-12-17 18:20 — 2015-12-17 18:21 — 05844736 _____ (Innovative Solutions ) C:UsersАнжелаDownloadsDriverMax_Rus_Setup.exe
2015-12-15 23:56 — 2015-12-16 08:38 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation
2015-12-15 23:56 — 2015-12-15 23:56 — 00000000 ____D C:UsersАнжелаAppDataLocalNVIDIA
2015-12-15 23:56 — 2015-11-25 02:10 — 01828160 _____ (NVIDIA Corporation) C:Windowssystem32nvspcap64.dll
2015-12-15 23:56 — 2015-11-25 02:10 — 01756424 _____ (NVIDIA Corporation) C:Windowssystem32nvspbridge64.dll
2015-12-15 23:56 — 2015-11-25 02:10 — 01509824 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvspcap.dll
2015-12-15 23:56 — 2015-11-25 02:10 — 01316000 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvspbridge.dll
2015-12-15 23:56 — 2015-11-25 02:10 — 00112712 _____ C:Windowssystem32NvRtmpStreamer64.dll
2015-12-15 23:55 — 2016-01-14 12:18 — 00000000 ____D C:UsersВсе пользователиNVIDIA
2015-12-15 23:55 — 2016-01-14 12:18 — 00000000 ____D C:ProgramDataNVIDIA
2015-12-15 23:55 — 2015-12-15 23:55 — 00000000 ____D C:UsersАнжелаAppDataLocalNVIDIA Corporation
2015-12-15 23:55 — 2015-11-24 21:29 — 00102704 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvStreaming.exe
2015-12-15 23:54 — 2015-12-16 00:00 — 00000000 ____D C:UsersВсе пользователиNVIDIA Corporation
2015-12-15 23:54 — 2015-12-16 00:00 — 00000000 ____D C:ProgramDataNVIDIA Corporation
2015-12-15 23:54 — 2015-12-15 23:56 — 00000000 ____D C:Program Files (x86)NVIDIA Corporation
2015-12-15 23:54 — 2015-11-25 02:10 — 00112760 _____ (Khronos Group) C:Windowssystem32OpenCL.dll
2015-12-15 23:54 — 2015-11-25 02:10 — 00105080 _____ (Khronos Group) C:WindowsSysWOW64OpenCL.dll
2015-12-15 23:54 — 2015-11-24 21:40 — 06358648 _____ (NVIDIA Corporation) C:Windowssystem32nvcpl.dll
2015-12-15 23:54 — 2015-11-24 21:40 — 02983032 _____ (NVIDIA Corporation) C:Windowssystem32nvsvc64.dll
2015-12-15 23:54 — 2015-11-24 21:40 — 02554488 _____ (NVIDIA Corporation) C:Windowssystem32nvsvcr.dll
2015-12-15 23:54 — 2015-11-24 21:40 — 00938616 _____ (NVIDIA Corporation) C:Windowssystem32nvvsvc.exe
2015-12-15 23:54 — 2015-11-24 21:40 — 00385144 _____ (NVIDIA Corporation) C:Windowssystem32nvmctray.dll
2015-12-15 23:54 — 2015-11-24 21:40 — 00062584 _____ (NVIDIA Corporation) C:Windowssystem32nvshext.dll
2015-12-15 23:54 — 2015-11-23 13:38 — 06049858 _____ C:Windowssystem32nvcoproc.bin
2015-12-15 23:52 — 2015-12-15 23:53 — 01618322 _____ C:WindowsSysWOW64PerfStringBackup.INI
2015-12-15 23:48 — 2015-11-25 02:10 — 42913912 _____ C:Windowssystem32nvcompiler.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 37882488 _____ C:WindowsSysWOW64nvcompiler.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 22310008 _____ (NVIDIA Corporation) C:Windowssystem32nvoglv64.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 18363696 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvoglv32.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 17516040 _____ (NVIDIA Corporation) C:Windowssystem32nvwgf2umx.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 16553568 _____ (NVIDIA Corporation) C:Windowssystem32nvopencl.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 15717672 _____ (NVIDIA Corporation) C:Windowssystem32nvd3dumx.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 15122296 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvwgf2um.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 14835872 _____ (NVIDIA Corporation) C:Windowssystem32nvcuda.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 13527248 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvopencl.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 12770752 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvd3dum.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 12034248 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvcuda.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 11131184 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvlddmkm.sys
2015-12-15 23:48 — 2015-11-25 02:10 — 03579696 _____ (NVIDIA Corporation) C:Windowssystem32nvapi64.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 03159248 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvapi.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 02870392 _____ (NVIDIA Corporation) C:Windowssystem32nvcuvid.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 02490488 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvcuvid.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 01905272 _____ (NVIDIA Corporation) C:Windowssystem32nvdispco6435906.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 01572496 _____ (NVIDIA Corporation) C:Windowssystem32nvhdagenco6420103.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 01564792 _____ (NVIDIA Corporation) C:Windowssystem32nvdispgenco6435906.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00877360 _____ (NVIDIA Corporation) C:Windowssystem32NvFBC64.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00861816 _____ (NVIDIA Corporation) C:Windowssystem32NvIFR64.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00689272 _____ (NVIDIA Corporation) C:WindowsSysWOW64NvFBC.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00673912 _____ (NVIDIA Corporation) C:WindowsSysWOW64NvIFR.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00467912 _____ (NVIDIA Corporation) C:Windowssystem32nvumdshimx.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00388024 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvumdshim.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00205456 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvhda64v.sys
2015-12-15 23:48 — 2015-11-25 02:10 — 00177600 _____ (NVIDIA Corporation) C:Windowssystem32nvinitx.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00155792 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvinit.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00151184 _____ (NVIDIA Corporation) C:Windowssystem32nvoglshim64.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00128696 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvoglshim32.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00072504 _____ (NVIDIA Corporation) C:Windowssystem32nvaudcap64v.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00069416 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvaudcap32v.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00050472 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvvad64v.sys
2015-12-15 23:48 — 2015-11-25 02:10 — 00039240 _____ (NVIDIA Corporation) C:Windowssystem32nvhdap64.dll
2015-12-15 23:48 — 2015-11-25 02:10 — 00033607 _____ C:Windowssystem32nvinfo.pb
2015-12-15 23:47 — 2015-12-15 23:56 — 00000000 ____D C:Program FilesNVIDIA Corporation
2015-12-15 23:47 — 2015-12-15 23:47 — 00000000 ____D C:NVIDIA
2015-12-15 23:32 — 2015-12-15 23:46 — 316046904 _____ (NVIDIA Corporation) C:UsersАнжелаDownloads359.06-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-12-15 23:24 — 2015-12-15 23:24 — 00003130 _____ C:WindowsSystem32Tasks{66B28667-816E-449A-9D15-440046B90784}
2015-12-15 23:24 — 2007-03-05 12:42 — 00017688 _____ (Microsoft Corporation) C:Windowssystem32x3daudio1_1.dll
2015-12-15 23:24 — 2007-03-05 12:42 — 00015128 _____ (Microsoft Corporation) C:WindowsSysWOW64x3daudio1_1.dll
2015-12-15 23:21 — 2015-12-18 23:26 — 00000000 ____D C:UsersАнжелаAppDataRoaming6D71396F6E_1008
2015-12-15 23:21 — 2015-12-15 23:21 — 00000000 ____D C:UsersАнжелаAppDataLocalBallz3D
2015-12-15 23:21 — 2015-12-15 23:21 — 00000000 ____D C:UsersАнжелаAppDataLocalAlawar
2015-12-15 23:20 — 2015-12-15 23:20 — 00000000 ____D C:UsersВсе пользователиAlawarWrapper
2015-12-15 23:20 — 2015-12-15 23:20 — 00000000 ____D C:UsersАнжелаAppDataRoamingMicrosoftWindowsStart MenuProgramsБесплатные игры Atarata
2015-12-15 23:20 — 2015-12-15 23:20 — 00000000 ____D C:UsersАнжелаAppDataRoamingAlawar
2015-12-15 23:20 — 2015-12-15 23:20 — 00000000 ____D C:ProgramDataAlawarWrapper
2015-12-15 23:15 — 2015-12-15 23:19 — 100340480 _____ (Besplatnye Programmy, Inc ) C:UsersАнжелаDownloadsDirectx_9.10.11.exe
2015-12-15 23:02 — 2015-12-15 23:02 — 00001334 _____ C:UsersАнжелаDesktopMisericordiae_vultus (2) — Ярлык.lnk
2015-12-15 23:01 — 2015-12-15 23:01 — 00000854 _____ C:UsersPublicDesktopFileViewPro.lnk
2015-12-15 23:01 — 2015-12-15 23:01 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFileViewPro
2015-12-15 23:01 — 2015-12-15 23:01 — 00000000 ____D C:Program FilesFileViewPro
2015-12-15 23:00 — 2015-12-18 22:03 — 00000000 ____D C:UsersАнжелаAppDataRoamingSolvusoft
2015-12-15 23:00 — 2012-10-15 17:02 — 00019888 _____ (solvusoft) C:Windowssystem32roboot64.exe
2015-12-15 22:53 — 2015-12-15 22:53 — 00002968 _____ C:WindowsSystem32Tasks{24B6CB8E-2233-4673-B9EC-D1860315E700}
2015-12-15 18:11 — 2015-12-15 18:11 — 00029390 _____ C:UsersАнжелаDownloadseow.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-14 14:06 — 2015-09-01 12:05 — 00000000 ____D C:UsersАнжелаAppDataRoamingSkype
2016-01-14 13:46 — 2009-07-14 06:20 — 00000000 ____D C:Windows
2016-01-14 13:33 — 2015-08-08 22:02 — 00000970 _____ C:WindowsTasksGoogleUpdateTaskMachineUA.job
2016-01-14 13:20 — 2015-11-07 15:07 — 00000402 _____ C:WindowsTasksОбновление Браузера Яндекс .job
2016-01-14 13:12 — 2015-08-04 19:43 — 00000896 _____ C:WindowsTasksAdobe Flash Player Updater.job
2016-01-14 12:46 — 2015-09-01 12:05 — 00000000 ___RD C:Program Files (x86)Skype
2016-01-14 12:27 — 2009-07-14 07:45 — 00014016 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-14 12:27 — 2009-07-14 07:45 — 00014016 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-14 12:24 — 2015-08-04 19:30 — 00003796 _____ C:WindowsSystem32TasksOpera scheduled Autoupdate 1438705804
2016-01-14 12:19 — 2015-09-10 18:09 — 00000000 ___RD C:UsersАнжелаYandexDisk
2016-01-14 12:19 — 2015-08-08 22:02 — 00000966 _____ C:WindowsTasksGoogleUpdateTaskMachineCore.job
2016-01-14 12:18 — 2009-07-14 08:08 — 00000006 ____H C:WindowsTasksSA.DAT
2016-01-13 20:11 — 2015-10-16 20:11 — 00000402 _____ C:WindowsTasksОбновление Браузера Яндекс.job
2016-01-13 14:24 — 2015-08-04 19:41 — 00000000 ____D C:UsersАнжелаAppDataLocalAdobe
2016-01-13 14:13 — 2015-08-08 19:35 — 00002454 _____ C:UsersАнжелаDesktopYandex.lnk
2016-01-10 20:48 — 2015-10-03 22:14 — 00000000 ____D C:UsersАнжелаAppDataRoamingvlc
2016-01-10 17:14 — 2015-08-04 14:38 — 00000000 ____D C:Program Files (x86)uTorrent
2016-01-09 23:50 — 2015-08-04 19:43 — 00000958 _____ C:WindowsTasksAdobe Flash Player PPAPI Notifier.job
2016-01-08 14:52 — 2015-09-10 10:45 — 00000000 ____D C:UsersАнжелаDesktopАнжелика
2016-01-06 13:31 — 2015-08-04 14:36 — 00000000 ____D C:UsersАнжелаAppDataRoamingAIMP3
2016-01-06 10:26 — 2015-08-04 14:16 — 00000000 ____D C:UsersАнжела
2016-01-02 17:13 — 2015-08-04 19:43 — 00003834 _____ C:WindowsSystem32TasksAdobe Flash Player Updater
2016-01-02 17:12 — 2015-08-04 14:29 — 00796864 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe
2016-01-02 17:12 — 2015-08-04 14:29 — 00142528 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl
2016-01-01 12:10 — 2015-08-22 10:16 — 00000000 ____D C:Program Files (x86)WinRAR
2016-01-01 10:53 — 2015-08-22 10:16 — 00000000 ____D C:UsersАнжелаAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR
2016-01-01 10:53 — 2015-08-22 10:16 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinRAR
2016-01-01 10:53 — 2015-08-22 10:16 — 00000000 ____D C:Program FilesWinRAR
2016-01-01 10:35 — 2009-08-03 20:13 — 00721772 _____ C:Windowssystem32perfh019.dat
2016-01-01 10:35 — 2009-08-03 20:13 — 00148824 _____ C:Windowssystem32perfc019.dat
2016-01-01 10:35 — 2009-07-14 08:13 — 01640642 _____ C:Windowssystem32PerfStringBackup.INI
2016-01-01 10:35 — 2009-07-14 06:20 — 00000000 ____D C:Windowsinf
2015-12-31 16:33 — 2015-08-04 15:01 — 00000000 ____D C:Program Files (x86)The KMPlayer
2015-12-31 12:34 — 2015-10-26 17:57 — 00000000 ____D C:UsersАнжелаAppDataLocalElevatedDiagnostics
2015-12-31 10:20 — 2015-08-04 14:29 — 00000000 ____D C:UsersАнжелаAppDataRoamingAdobe
2015-12-30 18:58 — 2015-08-04 14:42 — 00063960 _____ C:UsersАнжелаAppDataLocalGDIPFONTCACHEV1.DAT
2015-12-30 18:58 — 2015-08-04 14:30 — 00000000 ____D C:UsersВсе пользователиPackage Cache
2015-12-30 18:58 — 2015-08-04 14:30 — 00000000 ____D C:ProgramDataPackage Cache
2015-12-30 10:27 — 2009-07-14 07:45 — 04967328 _____ C:Windowssystem32FNTCACHE.DAT
2015-12-29 20:13 — 2015-08-04 19:43 — 00003940 _____ C:WindowsSystem32TasksAdobe Flash Player PPAPI Notifier
2015-12-29 14:21 — 2015-09-01 12:05 — 00002697 _____ C:UsersPublicDesktopSkype.lnk
2015-12-29 14:21 — 2015-09-01 12:05 — 00000000 ____D C:UsersАнжелаAppDataLocalSkype
2015-12-29 14:21 — 2015-08-04 14:37 — 00000000 ____D C:UsersВсе пользователиSkype
2015-12-29 14:21 — 2015-08-04 14:37 — 00000000 ____D C:ProgramDataSkype
2015-12-24 22:31 — 2015-09-24 17:44 — 00000000 ____D C:UsersАнжелаDesktopTor Browser
2015-12-20 20:09 — 2015-08-30 19:31 — 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSQUARE ENIX
2015-12-18 23:26 — 2013-11-22 15:50 — 00000000 ____D C:Temp
2015-12-18 10:50 — 2015-08-04 14:46 — 00000000 ____D C:UsersВсе пользователиMicrosoft Help
2015-12-18 10:50 — 2015-08-04 14:46 — 00000000 ____D C:ProgramDataMicrosoft Help
2015-12-17 21:59 — 2015-10-07 21:08 — 00000000 ____D C:UsersАнжелаDesktopНовая папка
2015-12-17 21:11 — 2015-09-22 23:33 — 00000000 ____D C:WindowsMinidump
2015-12-17 21:11 — 2009-07-14 06:20 — 00000000 ____D C:Windowssystem32sysprep
2015-12-17 18:35 — 2009-07-14 06:20 — 00000000 ____D C:Windowssystem32GroupPolicy
2015-12-16 22:35 — 2015-08-08 22:26 — 00002185 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2015-12-16 08:37 — 2009-07-14 08:08 — 00032512 _____ C:WindowsTasksSCHEDLGU.TXT
2015-12-15 23:54 — 2009-07-14 06:20 — 00000000 ____D C:WindowsHelp

==================== Files in the root of some directories =======

2013-02-07 15:22 — 2013-02-07 15:22 — 0050330 _____ () C:Program Files (x86)AntiDust.exe
2015-09-24 17:42 — 2015-09-24 17:42 — 0000417 _____ () C:ProgramDatafontcacheev1.dat

Files to move or delete:
====================
C:ProgramDatafontcacheev1.dat
C:UsersВсе пользователиfontcacheev1.dat

Some files in TEMP:
====================
C:UsersАнжелаAppDataLocalTempbitool.dll
C:UsersАнжелаAppDataLocalTempDseShExt-x64.dll
C:UsersАнжелаAppDataLocalTempDseShExt-x86.dll
C:UsersАнжелаAppDataLocalTempKeyGen.exe
C:UsersАнжелаAppDataLocalTempprocexp64.exe
C:UsersАнжелаAppDataLocalTempReimagePackage.exe
C:UsersАнжелаAppDataLocalTempSDShelEx-win32.dll
C:UsersАнжелаAppDataLocalTempSDShelEx-x64.dll
C:UsersАнжелаAppDataLocalTempSetup-yabrowser.exe
C:UsersАнжелаAppDataLocalTemptmp5F6E.exe
C:UsersАнжелаAppDataLocalTemptmpBE3.exe
C:UsersАнжелаAppDataLocalTemptmpC1F8.exe
C:UsersАнжелаAppDataLocalTemptmpDB7.exe
C:UsersАнжелаAppDataLocalTemptmpE6C6.exe
C:UsersАнжелаAppDataLocalTemptmpF48C.exe
C:UsersАнжелаAppDataLocalTempyupdate-exec-yabrowser.exe
C:UsersАнжелаAppDataLocalTemp{0FD65441-7283-4A93-8E65-E8783BB3613B}.dll
C:UsersАнжелаAppDataLocalTemp{D1E024CA-9916-4851-87BF-E2C00CC40C21}.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:Windowssystem32winlogon.exe => File is digitally signed
C:Windowssystem32wininit.exe => File is digitally signed
C:WindowsSysWOW64wininit.exe => File is digitally signed
C:Windowsexplorer.exe => File is digitally signed
C:WindowsSysWOW64explorer.exe => File is digitally signed
C:Windowssystem32svchost.exe => File is digitally signed
C:WindowsSysWOW64svchost.exe => File is digitally signed
C:Windowssystem32services.exe => File is digitally signed
C:Windowssystem32User32.dll => File is digitally signed
C:WindowsSysWOW64User32.dll => File is digitally signed
C:Windowssystem32userinit.exe => File is digitally signed
C:WindowsSysWOW64userinit.exe => File is digitally signed
C:Windowssystem32rpcss.dll => File is digitally signed
C:Windowssystem32dnsapi.dll => File is digitally signed
C:WindowsSysWOW64dnsapi.dll => File is digitally signed
C:Windowssystem32Driversvolsnap.sys => File is digitally signed

LastRegBack: 2016-01-11 14:23

==================== End of FRST.txt
14 января, 2016 в 10:43 дп в ответ на: redirest помогите избавиться #32712
angelver
Participant
- Темы:1
- Сообщений:13
Большое спасибо за ответ. Когда захожу на любой сайт любого браузера — не всегда, но часто появляется реклама на весь экран, т.е. я попадаю на рекламный сайт, я ее выключаю и только тогда вхожу туда, куда хотела. Ищем мультфильмы ребенку — реклама такая, что описывать вслух неприлично, приходится самим искать, чтобы дочь не видела ее. Экран становится меньше, т.к. сбоку реклама, внизу два темных квадрата на 1/3 экрана, там тоже или реклама появляется или эти квадраты так и торчат целый день. И страницы, когда мы что-то ищем часто, очень часто перезагружаются, будто комп. сам что-то ищет.
А теперь я пошла скачивать программу.
Автор

Сообщения