после перезагрузки пк удаляется, адблок и прочие разрешения на блокировку рекламы

После того как пк перезагружается удаяется адблок, каждый раз переустанавливаю, 
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2016
Ran by Георгий (administrator) on ГЕОРГИЙ-ПК (08-12-2016 12:10:07)
Running from M:\Users\Георгий\Downloads
Loaded Profiles: Георгий (Available Profiles: Георгий)
Platform: Microsoft Windows 7 Максимальная Service Pack 1 (X86) Language: Русский (Россия)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel(R) Corporation) M:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) M:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) M:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) M:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) M:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) M:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Logitech Inc.) M:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Realtek Semiconductor) M:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Skype Technologies S.A.) M:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) M:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) M:\Program Files\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) M:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) M:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) M:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) M:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) M:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) M:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) M:\Program Files\Google\Chrome\Application\chrome.exe
(HP Inc.) M:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) M:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) M:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) M:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) M:\Windows\System32\wuauclt.exe
(Logitech, Inc.) M:\Users\Георгий\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
(Logitech, Inc.) M:\Users\Георгий\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\…\Run: [LWS] => M:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM\…\Run: [ShadowPlay] => «M:\Windows\system32\rundll32.exe» M:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\…\Run: [RtHDVCpl] => M:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\…\Policies\Explorer\Run: [73966E1C-1798-4C34-BA48-FD989E59A9FF] => M:\ProgramData\Microsoft\Adobe\Flash Player\73966E1C-1798-4C34-BA48-FD989E59A9FF\C9D03392-0A99-459D-A562-631F39BD07BC.exe [919363 2016-08-08] ()
HKLM\…\Policies\Explorer\Run: [3CD6DC9EBC8A857AC798B4F2A856BE05SB] => M:\Users\Георгий\AppData\Local\Microsoft\E94AF2E77208C874FFB21EB27198423F\56BE058A2F4B897CA758A8CBE93CD6DC.exe [439057 2016-10-26] ()
HKU\S-1-5-21-3490537627-2674646849-459115155-1000\…\Run: [Steam] => M:\Program Files\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-3490537627-2674646849-459115155-1000\…\Run: [Skype] => M:\Program Files\Skype\Phone\Skype.exe [27212760 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-18\…\RunOnce: [SPReview] => M:\Windows\System32\SPReview\SPReview.exe [280576 2016-09-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * aswBoot.exe /M:23871d74ad /dir:»M:\Program Files\AVAST Software\Avast»
GroupPolicy: Restriction — Chrome <======= ATTENTION
GroupPolicy\User: Restriction ? <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D3C50A3C-CEE4-498E-A7C9-35EA7972B29A}: [DhcpNameServer] 192.168.1.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3490537627-2674646849-459115155-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-3490537627-2674646849-459115155-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3490537627-2674646849-459115155-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3490537627-2674646849-459115155-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
FireFox:
========
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> M:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> M:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin: @nvidia.com/3DVision -> M:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-25] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> M:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-25] (NVIDIA Corporation)
FF Plugin: @raidcall.en/RCplugin -> M:\Users\Георгий\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2015-03-18] (Raidcall)
FF Plugin: @tools.google.com/Google Update;version=3 -> M:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> M:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-07] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.ru/webhp?hl=ru&tab=ww
CHR Profile: M:\Users\Георгий\AppData\Local\Google\Chrome\User Data\Default [2016-12-08]CHR Extension: (Диск Google) — M:\Users\Георгий\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-07]CHR Extension: (Красоты) — M:\Users\Георгий\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbbelgoeoihcmnkgkeanmogncgkfichm [2016-12-07]CHR Extension: (YouTube) — M:\Users\Георгий\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-07]CHR Extension: (Adblock Plus) — M:\Users\Георгий\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-08]CHR Extension: (Advance Adblock Plus) — M:\Users\Георгий\AppData\Local\Google\Chrome\User Data\Default\Extensions\eknnbffdlphlgfbkjlclmleipefbfadd [2016-12-07]CHR Extension: (Доступ к Рутрекеру) — M:\Users\Георгий\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbdmhpkmonokeldelekgfefldfboblbj [2016-12-07]CHR Extension: (Платежная система Интернет-магазина Chrome) — M:\Users\Георгий\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-07]CHR Extension: (Gmail) — M:\Users\Георгий\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-07]CHR Extension: (Chrome Media Router) — M:\Users\Георгий\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-07] Opera:
=======
OPR Extension: (No Name) — M:\Users\Георгий\AppData\Roaming\Opera Software\Opera Stable\Extensions\ihbiedpeaicgipncdnnkikeehnjiddck [2016-09-10]OPR Extension: (No Name) — M:\Users\Георгий\AppData\Roaming\Opera Software\Opera Stable\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2016-11-20]OPR Extension: (No Name) — M:\Users\Георгий\AppData\Roaming\Opera Software\Opera Stable\Extensions\johjcheghocokbkhacbfbhojoangkpcb [2016-12-05]OPR Extension: (No Name) — M:\Users\Георгий\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfgdmpfihlmdekaclngibpjhdebndhdj [2016-11-24]OPR Extension: (PlusHome) — M:\Users\Георгий\AppData\Roaming\Opera Software\Opera Stable\Extensions\npknnddabjhdijgmmbocdicnknegobkm [2016-12-07]OPR Extension: (No Name) — M:\Users\Георгий\AppData\Roaming\Opera Software\Opera Stable\Extensions\oghkljobbhapacbahlneolfclkniiami [2016-10-08] ==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 defragsvc; M:\Windows\System32\defragsvc.dll [218624 2009-07-14] (Корпорация Майкрософт)
R2 HPSupportSolutionsFrameworkService; M:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 Intel(R) Capability Licensing Service Interface; M:\Program Files\Intel\iCLS Client\HeciServer.exe [595968 2013-08-27] (Intel(R) Corporation) [File not signed]S3 Intel(R) Capability Licensing Service TCP IP Interface; M:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [642520 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; M:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NvContainerLocalSystem; M:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [425408 2016-11-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; M:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [425408 2016-11-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; M:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [421944 2016-11-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; M:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [930240 2016-11-25] (NVIDIA Corporation)
R2 WinDefend; M:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 WPCSvc; M:\Windows\System32\wpcsvc.dll [10752 2009-07-14] (Корпорация Майкрософт)
S2 LMIGuardianSvc; «C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe» [X] ===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 adgnetworktdidrv; M:\Windows\System32\drivers\adgnetworktdidrv.sys [58312 2016-03-29] ()
S3 hamachi; M:\Windows\System32\DRIVERS\hamachi.sys [27040 2015-11-12] (LogMeIn, Inc.)
S3 igfx; M:\Windows\System32\DRIVERS\igdkmd32.sys [3768320 2013-10-31] (Intel Corporation) [File not signed]R3 MEI; M:\Windows\System32\DRIVERS\TeeDriver.sys [85464 2013-09-16] (Intel Corporation)
R0 mountmgr; M:\Windows\System32\drivers\mountmgr.sys [78568 2016-06-14] (Корпорация Майкрософт)
S3 NvStreamKms; M:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26048 2016-11-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; M:\Windows\System32\drivers\nvvad32v.sys [40384 2016-11-25] (NVIDIA Corporation)
R0 volmgrx; M:\Windows\System32\drivers\volmgrx.sys [297040 2009-07-14] (Корпорация Майкрософт)
R3 MBAMSwissArmy; \??\M:\Windows\system32\drivers\MBAMSwissArmy.sys [X]S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]S3 tsusbhub; system32\drivers\tsusbhub.sys [X]S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-08 12:10 — 2016-12-08 12:10 — 00013087 _____ M:\Users\Георгий\Downloads\FRST.txt
2016-12-08 12:09 — 2016-12-08 12:10 — 00000000 ____D M:\FRST
2016-12-08 12:09 — 2016-12-08 12:09 — 01761792 _____ (Farbar) M:\Users\Георгий\Downloads\FRST.exe
2016-12-08 11:47 — 2016-12-08 11:47 — 22851472 _____ (Malwarebytes ) M:\Users\Георгий\Downloads\mbam-setup-2.2.1.1043.exe
2016-12-08 11:44 — 2016-12-08 11:45 — 01631928 _____ (Malwarebytes) M:\Users\Георгий\Downloads\JRT.exe
2016-12-08 11:40 — 2016-12-08 11:40 — 00000000 ____D M:\AdwCleaner
2016-12-08 11:39 — 2016-12-08 11:39 — 03968464 _____ M:\Users\Георгий\Downloads\AdwCleaner.exe
2016-12-08 11:24 — 2016-12-08 11:24 — 00000000 ____D M:\Program Files\Common Files\TLNKS
2016-12-08 05:42 — 2016-12-08 05:42 — 00000000 ____D M:\Program Files\Opera
2016-12-07 14:39 — 2016-12-08 12:03 — 00000000 ____D M:\Program Files\Steam
2016-12-07 14:39 — 2016-12-08 05:41 — 00000000 ____D M:\Program Files\Common Files\Steam
2016-12-07 14:39 — 2016-12-07 14:39 — 00000930 ____N M:\Users\Public\Desktop\Steam.lnk
2016-12-07 14:39 — 2016-12-07 14:39 — 00000000 ____D M:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-07 14:28 — 2016-12-07 14:28 — 00002218 _____ M:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-07 14:27 — 2016-12-07 14:28 — 00000000 ____D M:\Program Files\Google
2016-12-07 14:27 — 2016-12-07 14:27 — 00000000 ____D M:\Users\Георгий\AppData\Local\Deployment
2016-12-07 14:27 — 2016-12-07 14:27 — 00000000 ____D M:\Users\Георгий\AppData\Local\Apps\2.0
2016-12-07 14:06 — 2014-06-17 17:13 — 00100896 _____ (Realtek Semiconductor Corporation) M:\Windows\system32\RTNUninst32.dll
2016-12-07 14:06 — 2014-06-17 17:13 — 00076872 _____ (Realtek Semiconductor Corporation) M:\Windows\system32\RtNicProp32.dll
2016-12-07 14:05 — 2013-09-16 12:17 — 00016344 _____ (Intel Corporation) M:\Windows\system32\Drivers\IntelMEFWVer.dll
2016-12-07 14:04 — 2016-12-07 14:04 — 00000000 ____D M:\Windows\system32\RTCOM
2016-12-07 14:04 — 2012-06-19 13:54 — 03240400 _____ (Realtek Semiconductor Corp.) M:\Windows\system32\Drivers\RTKVHDA.sys
2016-12-07 14:04 — 2012-06-19 10:30 — 00293889 _____ M:\Windows\system32\Drivers\RTAIODAT.DAT
2016-12-07 14:04 — 2012-06-08 13:23 — 00071808 _____ (Creative Technology Ltd.) M:\Windows\system32\MBWrp32.dll
2016-12-07 14:04 — 2012-06-08 13:21 — 00753280 _____ (Creative Technology Ltd.) M:\Windows\system32\MBAPO32.dll
2016-12-07 14:04 — 2012-06-08 13:18 — 03173008 _____ (Realtek Semiconductor Corp.) M:\Windows\system32\RtkAPO.dll
2016-12-07 14:04 — 2012-06-06 07:44 — 00645776 _____ (Realtek Semiconductor Corp.) M:\Windows\system32\RtkApoApi.dll
2016-12-07 14:04 — 2012-06-01 06:37 — 02417808 _____ (Realtek Semiconductor Corp.) M:\Windows\system32\RtkPgExt.dll
2016-12-07 14:04 — 2012-05-31 15:08 — 00087696 _____ (Realtek Semiconductor Corp.) M:\Windows\system32\RtkCoInstII.dll
2016-12-07 14:04 — 2012-04-10 11:40 — 02193472 _____ (Fortemedia Corporation) M:\Windows\system32\FMAPO.dll
2016-12-07 14:04 — 2012-04-03 15:41 — 00709976 _____ (Waves Audio Ltd.) M:\Windows\system32\MaxxAudioAPOShell.dll
2016-12-07 14:04 — 2012-03-08 08:47 — 00176736 _____ (Andrea Electronics Corporation) M:\Windows\system32\AERTACap.dll
2016-12-07 14:04 — 2012-03-08 08:47 — 00095840 _____ (Andrea Electronics Corporation) M:\Windows\system32\AERTARen.dll
2016-12-07 14:04 — 2011-12-18 14:57 — 01836376 _____ (Waves Audio Ltd.) M:\Windows\system32\MaxxAudioEQ.dll
2016-12-07 14:04 — 2011-12-16 11:57 — 00054360 _____ (Creative Technology Ltd.) M:\Windows\system32\MBppld32.dll
2016-12-07 14:04 — 2011-12-13 13:58 — 01497704 _____ (Realtek Semiconductor Corp.) M:\Windows\system32\RTSndMgr.cpl
2016-12-07 14:04 — 2011-11-22 13:28 — 00013416 _____ (Realtek Semiconductor Corp.) M:\Windows\system32\RtkCoLDR.dll
2016-12-07 14:04 — 2010-11-08 04:31 — 00359768 _____ (Dolby Laboratories, Inc.) M:\Windows\system32\RTEEP32A.dll
2016-12-07 14:04 — 2010-11-08 04:31 — 00295768 _____ (Dolby Laboratories, Inc.) M:\Windows\system32\RP3DHT32.dll
2016-12-07 14:04 — 2010-11-08 04:31 — 00295768 _____ (Dolby Laboratories, Inc.) M:\Windows\system32\RP3DAA32.dll
2016-12-07 14:04 — 2010-11-08 04:31 — 00170840 _____ (Dolby Laboratories, Inc.) M:\Windows\system32\RTEED32A.dll
2016-12-07 14:04 — 2010-11-08 04:31 — 00078680 _____ (Dolby Laboratories, Inc.) M:\Windows\system32\RTEEL32A.dll
2016-12-07 14:04 — 2010-11-08 04:31 — 00064856 _____ (Dolby Laboratories, Inc.) M:\Windows\system32\RTEEG32A.dll
2016-12-07 14:04 — 2010-09-27 06:34 — 00232792 _____ (Waves Audio Ltd.) M:\Windows\system32\MaxxAudioAPO20.dll
2016-12-07 14:04 — 2009-12-04 12:43 — 00132368 _____ (Waves Audio Ltd.) M:\Windows\system32\MaxxAudioAPO.dll
2016-12-07 14:04 — 2009-11-24 06:55 — 00345328 _____ (SRS Labs, Inc.) M:\Windows\system32\SRSTSXT.dll
2016-12-07 14:04 — 2009-11-24 06:55 — 00185584 _____ (SRS Labs, Inc.) M:\Windows\system32\SRSTSHD.dll
2016-12-07 14:04 — 2009-11-24 06:55 — 00173296 _____ (SRS Labs, Inc.) M:\Windows\system32\SRSHP360.dll
2016-12-07 14:04 — 2009-11-24 06:55 — 00140528 _____ (SRS Labs, Inc.) M:\Windows\system32\SRSWOW.dll
2016-12-07 14:04 — 2009-11-18 15:42 — 01783056 _____ (Waves Audio Ltd.) M:\Windows\system32\WavesLib.dll
2016-12-07 14:04 — 2009-11-18 04:13 — 00050776 _____ (Creative Technology Ltd.) M:\Windows\system32\MBPPCn32.dll
2016-12-02 00:44 — 2016-12-02 00:44 — 00001379 ____N M:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-02 00:42 — 2016-12-02 00:47 — 00000000 ____D M:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-02 00:42 — 2016-11-25 01:45 — 01452480 _____ (NVIDIA Corporation) M:\Windows\system32\nvspcap.dll
2016-12-02 00:42 — 2016-11-25 01:45 — 01317312 _____ (NVIDIA Corporation) M:\Windows\system32\nvspbridge.dll
2016-12-02 00:42 — 2016-11-25 01:45 — 00100288 _____ M:\Windows\system32\NvRtmpStreamer32.dll
2016-12-02 00:41 — 2016-11-25 01:45 — 00001951 _____ M:\Windows\NvContainerRecovery.bat
2016-12-02 00:41 — 2016-11-25 00:22 — 00134712 _____ (NVIDIA Corporation) M:\Windows\system32\nvStreaming.exe
2016-12-02 00:39 — 2016-12-02 00:39 — 00000000 ____D M:\Users\Все пользователи\Package Cache
2016-12-02 00:39 — 2016-12-02 00:39 — 00000000 ____D M:\ProgramData\Package Cache
2016-12-02 00:39 — 2016-11-25 01:45 — 35224632 _____ M:\Windows\system32\nvcompiler.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 28139576 _____ (NVIDIA Corporation) M:\Windows\system32\nvoglv32.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 17373312 _____ (NVIDIA Corporation) M:\Windows\system32\nvwgf2um.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 14410120 _____ (NVIDIA Corporation) M:\Windows\system32\nvd3dum.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 12119488 _____ (NVIDIA Corporation) M:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-02 00:39 — 2016-11-25 01:45 — 09151216 _____ (NVIDIA Corporation) M:\Windows\system32\nvopencl.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 08913512 _____ (NVIDIA Corporation) M:\Windows\system32\nvptxJitCompiler.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 08754344 _____ (NVIDIA Corporation) M:\Windows\system32\nvcuda.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 03479560 _____ (NVIDIA Corporation) M:\Windows\system32\nvapi.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 03206592 _____ (NVIDIA Corporation) M:\Windows\system32\nvcuvid.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 01081912 _____ (NVIDIA Corporation) M:\Windows\system32\nvdispco3237609.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00974272 _____ (NVIDIA Corporation) M:\Windows\system32\NvFBC.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00937536 _____ (NVIDIA Corporation) M:\Windows\system32\nvhdagenco3220103.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00927168 _____ (NVIDIA Corporation) M:\Windows\system32\nvdispgenco3237609.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00895424 _____ (NVIDIA Corporation) M:\Windows\system32\NvIFR.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00572888 _____ (NVIDIA Corporation) M:\Windows\system32\nvfatbinaryLoader.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00435904 _____ (NVIDIA Corporation) M:\Windows\system32\nvEncodeAPI.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00407248 _____ (NVIDIA Corporation) M:\Windows\system32\nvumdshim.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00390200 _____ (NVIDIA Corporation) M:\Windows\system32\NvIFROpenGL.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00179144 _____ (NVIDIA Corporation) M:\Windows\system32\Drivers\nvhda32v.sys
2016-12-02 00:39 — 2016-11-25 01:45 — 00148200 _____ (NVIDIA Corporation) M:\Windows\system32\nvinit.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00131720 _____ (NVIDIA Corporation) M:\Windows\system32\nvoglshim32.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00091584 _____ (NVIDIA Corporation) M:\Windows\system32\nvaudcap32v.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00044608 _____ (NVIDIA Corporation) M:\Windows\system32\nvhdap32.dll
2016-12-02 00:39 — 2016-11-25 01:45 — 00040384 _____ (NVIDIA Corporation) M:\Windows\system32\Drivers\nvvad32v.sys
2016-12-02 00:39 — 2016-11-25 01:45 — 00000669 _____ M:\Windows\system32\nv-vk32.json
2016-12-02 00:37 — 2016-12-02 00:37 — 00000000 ____D M:\NVIDIA
2016-11-21 19:33 — 2016-11-21 19:33 — 00000000 ____D M:\ESD
2016-11-21 19:31 — 2016-11-21 19:31 — 00000000 ___HD M:\$Windows.~WS
2016-11-21 19:04 — 2016-11-21 19:04 — 00000000 ____D M:\$WINDOWS.~BT
2016-11-09 10:54 — 2016-11-02 20:22 — 00308456 _____ (Adobe Systems Incorporated) M:\Windows\system32\atmfd.dll
2016-11-09 10:54 — 2016-11-02 20:16 — 00070656 _____ (Microsoft Corporation) M:\Windows\system32\fontsub.dll
2016-11-09 10:54 — 2016-11-02 20:16 — 00026112 _____ (Microsoft Corporation) M:\Windows\system32\lpk.dll
2016-11-09 10:54 — 2016-11-02 20:16 — 00010240 _____ (Microsoft Corporation) M:\Windows\system32\dciman32.dll
2016-11-09 10:54 — 2016-11-02 19:53 — 00034304 _____ (Adobe Systems) M:\Windows\system32\atmlib.dll
2016-11-09 10:54 — 2016-10-28 08:14 — 00346320 _____ (Microsoft Corporation) M:\Windows\system32\iedkcs32.dll
2016-11-09 10:54 — 2016-10-27 20:05 — 20304896 _____ (Microsoft Corporation) M:\Windows\system32\mshtml.dll
2016-11-09 10:54 — 2016-10-27 19:16 — 00689664 _____ (Microsoft Corporation) M:\Windows\system32\ie4uinit.exe
2016-11-09 10:54 — 2016-10-25 19:54 — 02399744 _____ (Microsoft Corporation) M:\Windows\system32\win32k.sys
2016-11-09 10:54 — 2016-10-22 22:54 — 02724864 _____ (Microsoft Corporation) M:\Windows\system32\mshtml.tlb
2016-11-09 10:54 — 2016-10-22 22:53 — 00004096 _____ (Microsoft Corporation) M:\Windows\system32\ieetwcollectorres.dll
2016-11-09 10:54 — 2016-10-22 22:36 — 00062464 _____ (Microsoft Corporation) M:\Windows\system32\iesetup.dll
2016-11-09 10:54 — 2016-10-22 22:36 — 00047616 _____ (Microsoft Corporation) M:\Windows\system32\ieetwproxystub.dll
2016-11-09 10:54 — 2016-10-22 22:35 — 00498688 _____ (Microsoft Corporation) M:\Windows\system32\vbscript.dll
2016-11-09 10:54 — 2016-10-22 22:35 — 00341504 _____ (Microsoft Corporation) M:\Windows\system32\html.iec
2016-11-09 10:54 — 2016-10-22 22:34 — 00064000 _____ (Microsoft Corporation) M:\Windows\system32\MshtmlDac.dll
2016-11-09 10:54 — 2016-10-22 22:27 — 02287616 _____ (Microsoft Corporation) M:\Windows\system32\iertutil.dll
2016-11-09 10:54 — 2016-10-22 22:27 — 00047104 _____ (Microsoft Corporation) M:\Windows\system32\jsproxy.dll
2016-11-09 10:54 — 2016-10-22 22:26 — 00030720 _____ (Microsoft Corporation) M:\Windows\system32\iernonce.dll
2016-11-09 10:54 — 2016-10-22 22:22 — 00476160 _____ (Microsoft Corporation) M:\Windows\system32\ieui.dll
2016-11-09 10:54 — 2016-10-22 22:21 — 00663552 _____ (Microsoft Corporation) M:\Windows\system32\jscript.dll
2016-11-09 10:54 — 2016-10-22 22:21 — 00115712 _____ (Microsoft Corporation) M:\Windows\system32\ieUnatt.exe
2016-11-09 10:54 — 2016-10-22 22:21 — 00102912 _____ (Microsoft Corporation) M:\Windows\system32\ieetwcollector.exe
2016-11-09 10:54 — 2016-10-22 22:20 — 00620032 _____ (Microsoft Corporation) M:\Windows\system32\jscript9diag.dll
2016-11-09 10:54 — 2016-10-22 22:13 — 00667648 _____ (Microsoft Corporation) M:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-09 10:54 — 2016-10-22 22:09 — 00416256 _____ (Microsoft Corporation) M:\Windows\system32\dxtmsft.dll
2016-11-09 10:54 — 2016-10-22 22:04 — 00060416 _____ (Microsoft Corporation) M:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-09 10:54 — 2016-10-22 22:03 — 00091136 _____ (Microsoft Corporation) M:\Windows\system32\inseng.dll
2016-11-09 10:54 — 2016-10-22 21:59 — 00168960 _____ (Microsoft Corporation) M:\Windows\system32\msrating.dll
2016-11-09 10:54 — 2016-10-22 21:58 — 00076288 _____ (Microsoft Corporation) M:\Windows\system32\mshtmled.dll
2016-11-09 10:54 — 2016-10-22 21:56 — 00279040 _____ (Microsoft Corporation) M:\Windows\system32\dxtrans.dll
2016-11-09 10:54 — 2016-10-22 21:54 — 00130048 _____ (Microsoft Corporation) M:\Windows\system32\occache.dll
2016-11-09 10:54 — 2016-10-22 21:46 — 00230400 _____ (Microsoft Corporation) M:\Windows\system32\webcheck.dll
2016-11-09 10:54 — 2016-10-22 21:45 — 00693248 _____ (Microsoft Corporation) M:\Windows\system32\msfeeds.dll
2016-11-09 10:54 — 2016-10-22 21:44 — 04608000 _____ (Microsoft Corporation) M:\Windows\system32\jscript9.dll
2016-11-09 10:54 — 2016-10-22 21:43 — 02055680 _____ (Microsoft Corporation) M:\Windows\system32\inetcpl.cpl
2016-11-09 10:54 — 2016-10-22 21:43 — 01155072 _____ (Microsoft Corporation) M:\Windows\system32\mshtmlmedia.dll
2016-11-09 10:54 — 2016-10-22 21:30 — 13654016 _____ (Microsoft Corporation) M:\Windows\system32\ieframe.dll
2016-11-09 10:54 — 2016-10-22 21:12 — 02444800 _____ (Microsoft Corporation) M:\Windows\system32\wininet.dll
2016-11-09 10:54 — 2016-10-22 21:09 — 01312256 _____ (Microsoft Corporation) M:\Windows\system32\urlmon.dll
2016-11-09 10:54 — 2016-10-22 21:09 — 00710144 _____ (Microsoft Corporation) M:\Windows\system32\ieapfltr.dll
2016-11-09 10:54 — 2016-10-15 20:13 — 00741888 _____ (Microsoft Corporation) M:\Windows\system32\inetcomm.dll
2016-11-09 10:54 — 2016-10-15 20:13 — 00084480 _____ (Microsoft Corporation) M:\Windows\system32\INETRES.dll
2016-11-09 10:54 — 2016-10-11 20:24 — 00250600 _____ (Microsoft Corporation) M:\Windows\system32\clfs.sys
2016-11-09 10:54 — 2016-10-11 20:18 — 01027584 _____ (Microsoft Corporation) M:\Windows\system32\IMJP10.IME
2016-11-09 10:54 — 2016-10-11 20:18 — 00829952 _____ (Microsoft Corporation) M:\Windows\system32\msctf.dll
2016-11-09 10:54 — 2016-10-11 20:18 — 00701440 _____ (Microsoft Corporation) M:\Windows\system32\IMJP10K.DLL
2016-11-09 10:54 — 2016-10-11 20:18 — 00430080 _____ (Microsoft Corporation) M:\Windows\system32\imkr80.ime
2016-11-09 10:54 — 2016-10-11 20:18 — 00202240 _____ (Microsoft Corporation) M:\Windows\system32\input.dll
2016-11-09 10:54 — 2016-10-11 20:18 — 00126976 _____ (Microsoft Corporation) M:\Windows\system32\tintlgnt.ime
2016-11-09 10:54 — 2016-10-11 20:18 — 00125952 _____ (Microsoft Corporation) M:\Windows\system32\quick.ime
2016-11-09 10:54 — 2016-10-11 20:18 — 00125952 _____ (Microsoft Corporation) M:\Windows\system32\qintlgnt.ime
2016-11-09 10:54 — 2016-10-11 20:18 — 00125952 _____ (Microsoft Corporation) M:\Windows\system32\phon.ime
2016-11-09 10:54 — 2016-10-11 20:18 — 00125952 _____ (Microsoft Corporation) M:\Windows\system32\cintlgnt.ime
2016-11-09 10:54 — 2016-10-11 20:18 — 00125952 _____ (Microsoft Corporation) M:\Windows\system32\chajei.ime
2016-11-09 10:54 — 2016-10-11 20:18 — 00090112 _____ (Microsoft Corporation) M:\Windows\system32\pintlgnt.ime
2016-11-09 10:54 — 2016-10-11 18:33 — 00187392 _____ (Microsoft Corporation) M:\Windows\system32\UIAnimation.dll
2016-11-09 10:54 — 2016-10-10 20:21 — 00137960 _____ (Microsoft Corporation) M:\Windows\system32\Drivers\ksecpkg.sys
2016-11-09 10:54 — 2016-10-10 20:21 — 00067304 _____ (Microsoft Corporation) M:\Windows\system32\Drivers\ksecdd.sys
2016-11-09 10:54 — 2016-10-10 20:16 — 01062912 _____ (Microsoft Corporation) M:\Windows\system32\lsasrv.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00690688 _____ (Microsoft Corporation) M:\Windows\system32\adtschema.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00655360 _____ (Microsoft Corporation) M:\Windows\system32\rpcrt4.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00553472 _____ (Microsoft Corporation) M:\Windows\system32\kerberos.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00261120 _____ (Microsoft Corporation) M:\Windows\system32\msv1_0.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00254464 _____ (Microsoft Corporation) M:\Windows\system32\schannel.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00223232 _____ (Microsoft Corporation) M:\Windows\system32\ncrypt.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00172032 _____ (Microsoft Corporation) M:\Windows\system32\wdigest.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00146432 _____ (Microsoft Corporation) M:\Windows\system32\msaudite.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00141312 _____ (Microsoft Corporation) M:\Windows\system32\rpchttp.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00099840 _____ (Microsoft Corporation) M:\Windows\system32\sspicli.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00065536 _____ (Microsoft Corporation) M:\Windows\system32\TSpkg.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00060416 _____ (Microsoft Corporation) M:\Windows\system32\msobjs.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00022016 _____ (Microsoft Corporation) M:\Windows\system32\secur32.dll
2016-11-09 10:54 — 2016-10-10 20:16 — 00017408 _____ (Microsoft Corporation) M:\Windows\system32\credssp.dll
2016-11-09 10:54 — 2016-10-10 19:54 — 00050176 _____ (Microsoft Corporation) M:\Windows\system32\auditpol.exe
2016-11-09 10:54 — 2016-10-10 19:50 — 00226304 _____ (Microsoft Corporation) M:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-09 10:54 — 2016-10-10 19:50 — 00124416 _____ (Microsoft Corporation) M:\Windows\system32\Drivers\mrxsmb.sys
2016-11-09 10:54 — 2016-10-10 19:50 — 00098304 _____ (Microsoft Corporation) M:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-09 10:54 — 2016-10-10 19:50 — 00036352 _____ (Microsoft Corporation) M:\Windows\system32\cryptbase.dll
2016-11-09 10:54 — 2016-10-10 19:50 — 00022016 _____ (Microsoft Corporation) M:\Windows\system32\lsass.exe
2016-11-09 10:54 — 2016-10-10 19:50 — 00015872 _____ (Microsoft Corporation) M:\Windows\system32\sspisrv.dll
2016-11-09 10:54 — 2016-10-07 20:18 — 04000488 _____ (Microsoft Corporation) M:\Windows\system32\ntkrnlpa.exe
2016-11-09 10:54 — 2016-10-07 20:18 — 03944680 _____ (Microsoft Corporation) M:\Windows\system32\ntoskrnl.exe
2016-11-09 10:54 — 2016-10-07 20:15 — 01310528 _____ (Microsoft Corporation) M:\Windows\system32\ntdll.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 02291712 _____ (Microsoft Corporation) M:\Windows\system32\MSVidCtl.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 00644096 _____ (Microsoft Corporation) M:\Windows\system32\advapi32.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 00581632 _____ (Microsoft Corporation) M:\Windows\system32\oleaut32.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 00400896 _____ (Microsoft Corporation) M:\Windows\system32\srcore.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 00090624 _____ (Microsoft Corporation) M:\Windows\system32\olepro32.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 00067584 _____ (Microsoft Corporation) M:\Windows\system32\asycfilt.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 00050688 _____ (Microsoft Corporation) M:\Windows\system32\appidapi.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 00050176 _____ (Microsoft Corporation) M:\Windows\system32\setbcdlocale.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 00043008 _____ (Microsoft Corporation) M:\Windows\system32\srclient.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 00038912 _____ (Microsoft Corporation) M:\Windows\system32\csrsrv.dll
2016-11-09 10:54 — 2016-10-07 20:12 — 00006656 _____ (Microsoft Corporation) M:\Windows\system32\apisetschema.dll
2016-11-09 10:54 — 2016-10-07 19:54 — 00097792 _____ (Microsoft Corporation) M:\Windows\system32\appidpolicyconverter.exe
2016-11-09 10:54 — 2016-10-07 19:54 — 00050688 _____ (Microsoft Corporation) M:\Windows\system32\Drivers\appid.sys
2016-11-09 10:54 — 2016-10-07 19:54 — 00029696 _____ (Microsoft Corporation) M:\Windows\system32\appidsvc.dll
2016-11-09 10:54 — 2016-10-07 19:54 — 00016896 _____ (Microsoft Corporation) M:\Windows\system32\appidcertstorecheck.exe
2016-11-09 10:54 — 2016-10-07 19:51 — 00262656 _____ (Microsoft Corporation) M:\Windows\system32\rstrui.exe
2016-11-09 10:54 — 2016-10-07 19:49 — 00069632 _____ (Microsoft Corporation) M:\Windows\system32\smss.exe
2016-11-09 10:54 — 2016-10-05 19:50 — 00068608 _____ (Microsoft Corporation) M:\Windows\system32\Drivers\bowser.sys
2016-11-09 10:54 — 2016-09-15 19:51 — 00041984 _____ (Microsoft Corporation) M:\Windows\system32\UtcResources.dll
2016-11-09 10:54 — 2016-09-13 20:11 — 00002048 _____ (Microsoft Corporation) M:\Windows\system32\tzres.dll
2016-11-09 10:54 — 2016-09-09 23:00 — 00497152 _____ (Microsoft Corporation) M:\Windows\system32\win32spl.dll
2016-11-09 10:54 — 2016-08-21 18:05 — 00935424 _____ (Microsoft Corporation) M:\Windows\system32\diagtrack.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-08 12:07 — 2009-07-14 09:34 — 00016944 ____H M:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-08 12:07 — 2009-07-14 09:34 — 00016944 ____H M:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-08 12:04 — 2015-10-14 10:45 — 01648206 _____ M:\Windows\system32\PerfStringBackup.INI
2016-12-08 12:04 — 2009-07-14 13:41 — 00724294 _____ M:\Windows\system32\perfh019.dat
2016-12-08 12:04 — 2009-07-14 13:41 — 00150610 _____ M:\Windows\system32\perfc019.dat
2016-12-08 12:04 — 2009-07-14 07:37 — 00000000 ____D M:\Windows\inf
2016-12-08 12:02 — 2016-10-20 19:56 — 00000000 ____D M:\Users\Георгий\AppData\Roaming\Skype
2016-12-08 12:01 — 2016-08-29 00:51 — 00000954 _____ M:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-08 12:01 — 2016-08-08 12:29 — 00000258 __RSH M:\Users\Георгий\ntuser.pol
2016-12-08 12:01 — 2016-04-19 19:55 — 00000000 ____D M:\Users\Все пользователи\NVIDIA
2016-12-08 12:01 — 2016-04-19 19:55 — 00000000 ____D M:\ProgramData\NVIDIA
2016-12-08 12:01 — 2015-10-14 10:42 — 00000000 ____D M:\Users\Георгий
2016-12-08 12:00 — 2009-07-14 09:53 — 00000006 ____H M:\Windows\Tasks\SA.DAT
2016-12-08 11:53 — 2009-07-14 07:37 — 00000000 ____D M:\Windows\Globalization
2016-12-08 11:32 — 2016-08-29 00:51 — 00000958 _____ M:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-07 15:37 — 2015-10-18 01:31 — 00000000 ____D M:\Users\Георгий\AppData\LocalLow\uTorrent
2016-12-07 15:37 — 2015-10-18 01:26 — 00000000 ____D M:\Users\Георгий\AppData\Roaming\uTorrent
2016-12-07 14:28 — 2015-10-14 10:38 — 00000000 ____D M:\Users\Георгий\AppData\Local\Google
2016-12-07 14:06 — 2015-10-14 11:13 — 00000000 ___HD M:\Program Files\InstallShield Installation Information
2016-12-07 14:06 — 2015-10-14 11:13 — 00000000 ____D M:\Program Files\Realtek
2016-12-07 14:05 — 2015-10-14 10:54 — 00000000 ____D M:\Users\Все пользователи\Intel
2016-12-07 14:05 — 2015-10-14 10:54 — 00000000 ____D M:\ProgramData\Intel
2016-12-07 14:05 — 2015-10-14 10:54 — 00000000 ____D M:\Program Files\Intel
2016-12-07 14:05 — 2009-07-14 07:37 — 00000000 ____D M:\Program Files\Common Files\microsoft shared
2016-12-07 14:04 — 2015-10-14 10:52 — 00000000 ___HD M:\Program Files\Temp
2016-12-07 13:59 — 2015-12-12 18:42 — 00000000 ____D M:\Users\Георгий\Desktop\sf
2016-12-07 13:55 — 2016-09-13 19:52 — 00000000 ____D M:\Users\Все пользователи\Freemake
2016-12-07 13:55 — 2016-09-13 19:52 — 00000000 ____D M:\ProgramData\Freemake
2016-12-07 13:55 — 2016-09-10 19:55 — 00000000 ___HD M:\Users\Все пользователи\CanonIJScan
2016-12-07 13:55 — 2016-09-10 19:55 — 00000000 ___HD M:\ProgramData\CanonIJScan
2016-12-07 13:55 — 2016-07-10 09:00 — 00000000 ____D M:\Program Files\Freemake
2016-12-07 13:54 — 2016-09-30 02:36 — 00001945 _____ M:\Windows\epplauncher.mif
2016-12-02 01:32 — 2015-10-14 11:29 — 00000000 ____D M:\Users\Георгий\AppData\LocalLow\raidcall
2016-12-02 00:48 — 2016-04-19 19:29 — 00000000 ____D M:\Users\Георгий\AppData\Local\NVIDIA Corporation
2016-12-02 00:47 — 2016-04-19 19:29 — 00000000 ____D M:\Users\Георгий\AppData\Local\NVIDIA
2016-12-02 00:47 — 2016-04-19 19:29 — 00000000 ____D M:\Users\Все пользователи\NVIDIA Corporation
2016-12-02 00:47 — 2016-04-19 19:29 — 00000000 ____D M:\ProgramData\NVIDIA Corporation
2016-12-02 00:42 — 2016-04-19 19:28 — 00000000 ____D M:\Program Files\NVIDIA Corporation
2016-12-02 00:21 — 2016-09-25 03:32 — 00000000 ____D M:\Users\Георгий\AppData\Local\CrashDumps
2016-11-25 01:45 — 2016-04-19 19:54 — 00035537 _____ M:\Windows\system32\nvinfo.pb
2016-11-25 00:36 — 2016-04-19 19:55 — 03973568 _____ (NVIDIA Corporation) M:\Windows\system32\nvcpl.dll
2016-11-25 00:36 — 2016-04-19 19:55 — 02097600 _____ (NVIDIA Corporation) M:\Windows\system32\nvsvc.dll
2016-11-25 00:36 — 2016-04-19 19:55 — 01762752 _____ (NVIDIA Corporation) M:\Windows\system32\nvsvcr.dll
2016-11-25 00:36 — 2016-04-19 19:55 — 00460224 _____ (NVIDIA Corporation) M:\Windows\system32\nv3dappshext.dll
2016-11-25 00:36 — 2016-04-19 19:55 — 00383544 _____ (NVIDIA Corporation) M:\Windows\system32\nvmctray.dll
2016-11-25 00:36 — 2016-04-19 19:55 — 00083512 _____ (NVIDIA Corporation) M:\Windows\system32\nv3dappshextr.dll
2016-11-25 00:36 — 2016-04-19 19:55 — 00068544 _____ (NVIDIA Corporation) M:\Windows\system32\nvshext.dll
2016-11-23 17:48 — 2016-08-27 19:45 — 00001717 ____N M:\Users\Public\Desktop\League of Legends.lnk
2016-11-23 16:10 — 2016-04-19 19:55 — 07538847 _____ M:\Windows\system32\nvcoproc.bin
2016-11-22 12:39 — 2016-10-25 21:11 — 00000000 ___RD M:\Program Files\Skype
2016-11-22 12:39 — 2015-10-14 12:01 — 00000000 ____D M:\Users\Все пользователи\Skype
2016-11-22 12:39 — 2015-10-14 12:01 — 00000000 ____D M:\ProgramData\Skype
2016-11-21 19:31 — 2015-10-14 11:34 — 00000000 ____D M:\Windows\Panther
2016-11-20 17:39 — 2016-10-20 15:41 — 00000000 ____D M:\Users\Георгий\AppData\Local\ElevatedDiagnostics
2016-11-12 13:39 — 2009-07-14 07:37 — 00000000 ____D M:\Windows\rescache
2016-11-12 01:01 — 2009-07-14 09:33 — 00297584 _____ M:\Windows\system32\FNTCACHE.DAT
==================== Files in the root of some directories =======
2016-08-10 00:14 — 2016-08-10 00:14 — 0000124 ___SH () M:\Program Files\Common Files\SBEXTS
2016-04-21 00:11 — 2014-10-16 02:55 — 0145792 _____ () M:\Users\Георгий\AppData\Local\downloader.exe
2015-11-28 22:00 — 2015-11-28 22:00 — 0000003 _____ () M:\Users\Георгий\AppData\Local\updater.log
2015-11-28 22:00 — 2016-03-26 18:41 — 0000059 _____ () M:\Users\Георгий\AppData\Local\UserProducts.xml
2016-08-27 18:25 — 2016-08-27 18:25 — 0000259 _____ () M:\ProgramData\fontcacheev1.dat
Files to move or delete:
====================
M:\ProgramData\fontcacheev1.dat
M:\Users\Все пользователи\fontcacheev1.dat

Some files in TEMP:
====================
M:\Users\Георгий\AppData\Local\Temp\libeay32.dll
M:\Users\Георгий\AppData\Local\Temp\msvcr120.dll
M:\Users\Георгий\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
M:\Windows\explorer.exe => File is digitally signed
M:\Windows\system32\winlogon.exe => File is digitally signed
M:\Windows\system32\wininit.exe => File is digitally signed
M:\Windows\system32\svchost.exe => File is digitally signed
M:\Windows\system32\services.exe => File is digitally signed
M:\Windows\system32\User32.dll => File is digitally signed
M:\Windows\system32\userinit.exe => File is digitally signed
M:\Windows\system32\rpcss.dll => File is digitally signed
M:\Windows\system32\dnsapi.dll => File is digitally signed
M:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-04 09:20
==================== End of FRST.txt ============================
addition
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2016
Ran by Георгий (08-12-2016 12:10:21)
Running from M:\Users\Георгий\Downloads
Microsoft Windows 7 Максимальная Service Pack 1 (X86) (2015-10-14 05:42:11)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
HomeGroupUser$ (S-1-5-21-3490537627-2674646849-459115155-1002 — Limited — Enabled)
Администратор (S-1-5-21-3490537627-2674646849-459115155-500 — Administrator — Disabled)
Георгий (S-1-5-21-3490537627-2674646849-459115155-1000 — Administrator — Enabled) => M:\Users\Георгий
Гость (S-1-5-21-3490537627-2674646849-459115155-501 — Limited — Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled — Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with «Hidden» flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3490537627-2674646849-459115155-1000\…\uTorrent) (Version: 3.4.9.42973 — BitTorrent Inc.)
Ansel (Version: 376.09 — NVIDIA Corporation) Hidden
Battle.net (HKLM\…\Battle.net) (Version: — Blizzard Entertainment)
CameraHelperMsi (Version: 13.51.815.0 — Logitech) Hidden
erLT (Version: 1.20.138.34 — Logitech, Inc.) Hidden
Google Chrome (HKLM\…\Google Chrome) (Version: 55.0.2883.75 — Google Inc.)
Google Update Helper (Version: 1.3.31.5 — Google Inc.) Hidden
Hearthstone (HKLM\…\Hearthstone) (Version: — Blizzard Entertainment)
HP Support Solutions Framework (HKLM\…\{CD8ABEF0-BE6C-4C33-A438-C42917446D09}) (Version: 12.5.32.37 — HP)
Intel(R) Management Engine Components (HKLM\…\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 — Intel Corporation)
League of Legends (HKLM\…\League of Legends 4.1.2) (Version: 4.1.2 — Riot Games)
League of Legends (Version: 4.1.2 — Riot Games) Hidden
Logitech Webcam Software (HKLM\…\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 — Logitech Inc.)
Microsoft .NET Framework 4.5 (HKLM\…\{92FB6C44-E685-45AD-9B20-CADF4CABA132} — 1033) (Version: 4.5.50709 — Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable — 10.0.40219 (HKLM\…\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 — Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) — 12.0.21005 (HKLM\…\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 — Microsoft Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 — NVIDIA Corporation)
NVIDIA Аудиодрайвер HD 1.3.34.17 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 — NVIDIA Corporation)
NVIDIA Графический драйвер 376.09 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.09 — NVIDIA Corporation)
NVIDIA Драйвер 3D Vision 376.09 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.09 — NVIDIA Corporation)
NVIDIA Драйвер контроллера 3D Vision 369.04 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 — NVIDIA Corporation)
NVIDIA Системное программное обеспечение PhysX 9.16.0318 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 — NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 — NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 — NVIDIA Corporation) Hidden
OpenOffice 4.1.2 (HKLM\…\{21B8775C-C570-4ED8-B53C-E5ADC872850A}) (Version: 4.12.9782 — Apache Software Foundation)
RaidCall (HKLM\…\RaidCall) (Version: 7.3.6-1.2.13009.198 — raidcall.com.ru)
Realtek Ethernet Controller Driver (HKLM\…\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 — Realtek)
Realtek High Definition Audio Driver (HKLM\…\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 — Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0340 — NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 — NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM\…\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 — Skype Technologies S.A.)
Steam (HKLM\…\Steam) (Version: 2.10.91.91 — Valve Corporation)
WinRAR 4.20 (32-разрядная) (HKLM\…\WinRAR archiver) (Version: 4.20.0 — win.rar GmbH)
Обновления NVIDIA 2.13.0.21 (Version: 2.13.0.21 — NVIDIA Corporation) Hidden
Панель управления NVIDIA 376.09 (Version: 376.09 — NVIDIA Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {15C0EA02-DE57-44FB-917D-99853D2F632E} — System32\Tasks\AVAST Software\Avast settings backup => M:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {262297AA-B638-49E0-9ABA-00331CEBF274} — System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => M:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-25] (NVIDIA Corporation)
Task: {350B44C6-1143-4105-B13E-4D19C3C36BE0} — System32\Tasks\Microsoft\Windows\3CD6DC9EBC8A857AC798B4F2A856BE05 => M:\Users\Георгий\AppData\Local\Microsoft\E94AF2E77208C874FFB21EB27198423F\56BE058A2F4B897CA758A8CBE93CD6DC.exe [2016-10-26] ()
Task: {52E850F6-4254-47E6-A53C-D51AF6FDE606} — System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => M:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-25] (NVIDIA Corporation)
Task: {57B6676C-D3E3-4D61-896C-249A50153403} — System32\Tasks\GoogleUpdateTaskMachineCore => M:\Program Files\Google\Update\GoogleUpdate.exe [2016-12-07] (Google Inc.)
Task: {7536DCAC-49A3-452C-BEC0-F8945D09ED2A} — System32\Tasks\Microsoft\Windows\3CD6DC9EBC8A857AC798B4F2A856BE05SB => M:\Users\Георгий\AppData\Local\Microsoft\E94AF2E77208C874FFB21EB27198423F\56BE058A2F4B897CA758A8CBE93CD6DC.exe [2016-10-26] ()
Task: {7816CCF7-B805-480B-B2B5-5CDF7F0875E3} — System32\Tasks\{85A9E07B-C6A4-45ED-98E3-CCB1A22A7D8A} => Chrome.exe hxxps://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.29.66.102&amp;LastError=12002
Task: {8F4B6C5E-3692-44DF-B934-B22A4CD5DC51} — System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => M:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {9ED4099A-4C33-4A74-9666-F3B8E66939C1} — System32\Tasks\Microsoft\3CD6DC9EBC8A857AC798B4F2A856BE05 => M:\Users\Георгий\AppData\Local\Microsoft\E94AF2E77208C874FFB21EB27198423F\56BE058A2F4B897CA758A8CBE93CD6DC.exe [2016-10-26] ()
Task: {B3679092-D3D9-4DBE-AF44-D7FC352107FE} — System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => M:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2016-11-25] (NVIDIA Corporation)
Task: {CC567798-D08F-4915-8BCB-22598D145D76} — System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => M:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-25] (NVIDIA Corporation)
Task: {CEB51C34-5555-4D40-B543-C926046ADB06} — System32\Tasks\Microsoft\Windows\A73966E1C-1798-4C34-BA48-FD989E59A9FF => M:\ProgramData\Microsoft\Adobe\Flash Player\73966E1C-1798-4C34-BA48-FD989E59A9FF\C9D03392-0A99-459D-A562-631F39BD07BC.exe [2016-08-08] () <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} — System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => M:\Windows\system32\aitagent.exe [2010-11-20] (Корпорация Майкрософт (Microsoft Corp.))
Task: {D5AFFB7C-AA7F-4602-ADAD-A4F45708A584} — System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => M:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {E51EB5AF-A396-489F-8E14-6321CF246080} — System32\Tasks\{7A536659-18F5-496C-873C-0F74F302DA29} => pcalua.exe -a M:\Users\Георгий\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall
Task: {E9CE4A82-0B55-4BF1-8756-6D99482682EE} — System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => M:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2016-11-25] (NVIDIA Corporation)
Task: {ECFAF410-148B-4E16-A4F0-FC34D8F917CD} — System32\Tasks\GoogleUpdateTaskMachineUA => M:\Program Files\Google\Update\GoogleUpdate.exe [2016-12-07] (Google Inc.)
Task: {F040A88B-9166-4AE7-82D7-3AAE4F26FEBD} — System32\Tasks\Microsoft\3CD6DC9EBC8A857AC798B4F2A856BE05SB => M:\Users\Георгий\AppData\Local\Microsoft\E94AF2E77208C874FFB21EB27198423F\56BE058A2F4B897CA758A8CBE93CD6DC.exe [2016-10-26] ()
Task: {F2AE1034-1DFB-489F-9B2F-0C11FB43F03D} — System32\Tasks\Microsoft\Windows\Setup\EOSNotify => M:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {FE9698EC-0AEF-40A9-924F-8E619FCBC0BE} — System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => M:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-25] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: M:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => M:\Program Files\Google\Update\GoogleUpdate.exe
Task: M:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => M:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: M:\Users\Георгий\Desktop\H5_Game2 — Ярлык.lnk -> M:\Windows\System32\ForceBindIP.exe (No File) <===== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2016-04-04 23:29 — 2012-09-18 15:26 — 00169472 _____ () M:\Windows\System32\zlhp1020.dll
2016-04-04 23:29 — 2012-09-18 15:26 — 00059904 _____ () M:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-12-02 00:42 — 2016-11-25 01:45 — 00900032 _____ () M:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-02 00:42 — 2016-11-25 01:45 — 03774400 _____ () M:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-02 00:42 — 2016-11-25 01:45 — 00370112 _____ () M:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin.dll
2016-04-19 19:55 — 2016-11-25 00:36 — 00121792 _____ () M:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2016-04-19 19:29 — 2016-11-25 01:45 — 00018880 _____ () M:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2012-09-13 00:38 — 2012-09-13 00:38 — 02144104 _____ () M:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 — 2012-09-13 00:38 — 07955304 _____ () M:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 — 2012-09-13 00:38 — 00341352 _____ () M:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 — 2012-09-13 00:38 — 00028008 _____ () M:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 — 2012-09-13 00:38 — 00127336 _____ () M:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2016-12-07 14:28 — 2016-12-01 06:29 — 01834600 _____ () M:\Program Files\Google\Chrome\Application\55.0.2883.75\libglesv2.dll
2016-12-07 14:28 — 2016-12-01 06:29 — 00091240 _____ () M:\Program Files\Google\Chrome\Application\55.0.2883.75\libegl.dll
2016-12-07 14:05 — 2013-09-16 12:17 — 01242584 _____ () M:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The «AlternateShell» value will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 07:04 — 2013-09-03 17:19 — 00000833 ____A M:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3490537627-2674646849-459115155-1000\Control Panel\Desktop\\Wallpaper -> M:\Users\Георгий\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{28820C71-A63A-433F-858D-FFB1A19352CA}] => D:\makar\Steam\Steam.exe
FirewallRules: [{4A760A4A-89E8-4876-9407-4A6BFC7009EC}] => D:\makar\Steam\Steam.exe
FirewallRules: [{53C75198-AD9C-4A0E-B425-4929BF69FBBD}] => D:\makar\Steam\bin\steamwebhelper.exe
FirewallRules: [{1CC262C3-5C1F-4393-81FF-085059103DFB}] => D:\makar\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{2410A93B-9778-4C39-9FBF-6EF359DC21A9}M:\users\георгий\appdata\roaming\utorrent\utorrent.exe] => M:\users\георгий\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D497405A-D628-49C1-B6F0-5CFAF223C322}M:\users\георгий\appdata\roaming\utorrent\utorrent.exe] => M:\users\георгий\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{9CA75BF9-77E0-43F0-88C5-5DBDB5BD42B2}M:\program files\raidcall.ru\raidcall.exe] => M:\program files\raidcall.ru\raidcall.exe
FirewallRules: [UDP Query User{EF8ECAF0-BCFC-4B2A-9DED-B6F1590D6314}M:\program files\raidcall.ru\raidcall.exe] => M:\program files\raidcall.ru\raidcall.exe
FirewallRules: [{26D4D311-B3BD-4C12-9CA9-11238AC3CDE2}] => D:\Tor\makar\Steam\Steam.exe
FirewallRules: [{96BC9FEC-8F43-4936-815D-ABD77122774F}] => D:\Tor\makar\Steam\Steam.exe
FirewallRules: [TCP Query User{39400489-8A01-429B-883E-D5BB89AC0C88}D:\tor\makar\steam\steamapps\common\counter-strike global offensive\csgo.exe] => D:\tor\makar\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{584299DA-615C-440F-9498-F5739D5A5D21}D:\tor\makar\steam\steamapps\common\counter-strike global offensive\csgo.exe] => D:\tor\makar\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [{FEB8C7ED-CA7E-4247-BDD6-AF95913CFAE3}] => D:\Tor\makar\Steam\bin\steamwebhelper.exe
FirewallRules: [{31556AF5-CB40-49DB-9292-B8900DB680A3}] => D:\Tor\makar\Steam\bin\steamwebhelper.exe
FirewallRules: [{2C5CD6C9-D1E2-4E74-8686-D5A58E926846}] => D:\Tor\makar\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{F82A70DF-0B79-4BE4-8D0C-2F12B13ED50D}] => D:\Tor\makar\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{2AFDD82B-DC59-407B-8441-C268EBADDC6A}] => D:\Tor\makar\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{1A8CD617-F855-41E3-81C4-C1E70AD5C7FC}] => D:\Tor\makar\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{6D58CC67-976D-4057-B871-58F0AF1D1FD8}] => D:\Tor\makar\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{554AB307-7AE1-41E9-9E74-578DE9932669}] => D:\Tor\makar\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{50478F43-0592-47EB-9EA1-2864DAF897B6}] => M:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{501D6A2F-E5EB-4716-8CB4-7D9CE61BC319}] => D:\makar\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{C9298783-F84C-4B7B-83CB-CE642E134216}] => D:\makar\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{932CCF94-E79B-466A-ACBD-91E293E2EF22}] => D:\makar\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{6CEE9C91-1FF3-4A6E-B8F0-D3D3BDE3AAEA}] => D:\makar\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{0754B0F3-563E-4173-A75C-68F5CC3A2B60}] => D:\makar\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{EE104E7F-8B8F-4BD9-9727-CDD33C6BB37B}] => D:\makar\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{497224E6-EE51-4E0D-8589-A350BF9890B9}] => D:\makar\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B482A5A8-E307-40F1-90B4-6017EE4C3154}] => D:\makar\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{66D3D6AB-D980-482F-A210-EDE33D1674E5}D:\game\heroes of might and magic v — tribes of the east\bin\h5_game.exe] => D:\game\heroes of might and magic v — tribes of the east\bin\h5_game.exe
FirewallRules: [UDP Query User{0CEAD363-3218-49AF-BDAB-C753D7929D9B}D:\game\heroes of might and magic v — tribes of the east\bin\h5_game.exe] => D:\game\heroes of might and magic v — tribes of the east\bin\h5_game.exe
FirewallRules: [{0C34AE19-3C92-432D-BE79-81404C9C7C97}] => D:\game\heroes of might and magic v — tribes of the east\bin\h5_game.exe
FirewallRules: [{D7E742E3-6351-4CAB-AA47-A3ED1B5309DC}] => D:\game\heroes of might and magic v — tribes of the east\bin\h5_game.exe
FirewallRules: [{7C1EA885-0B97-4E97-82DC-8F1E65ABC750}] => M:\Program Files\RaidCall.RU\rcplugin.exe
FirewallRules: [{F2DCCBA3-9A81-4EE1-8347-1BC43FDEA7F1}] => M:\Program Files\RaidCall.RU\rcplugin.exe
FirewallRules: [{2D0627E4-0B0E-40BF-BBE1-6B08F73B576A}] => M:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{53671A4E-06F9-4951-A29A-F9413D978244}] => M:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{900C1527-02BB-4FAA-A589-92CEB1D967FF}] => M:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F96DDE83-639F-49F3-84D7-DCBCEF0FEEC2}] => M:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C443712D-5644-4E63-863D-1E833C81767E}] => M:\Program Files\Steam\Steam.exe
FirewallRules: [{E27F111A-97AE-4673-974D-B94A1D8609A2}] => M:\Program Files\Steam\Steam.exe
FirewallRules: [{C7B93BBD-EE98-4DE8-BB53-E7812EFFE3EC}] => M:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{713CC042-7D8A-4F51-AE68-9DEED7E78262}] => M:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{031FA115-3C67-458D-A72F-9AB2E3C3699A}] => M:\Program Files\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{CA8F8611-A9DA-48D1-9943-69714F92CE70}] => M:\Program Files\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{824C7170-E62C-4C30-BE72-CEF95A60CA73}M:\program files\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => M:\program files\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{399B4098-9666-4F10-95C9-817D70F70887}M:\program files\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => M:\program files\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{C735586E-49AB-44C0-8EC7-5867A5576185}] => M:\program files\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{D54D5D6D-2646-4076-A796-43C28772F474}] => M:\program files\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{57E9C823-A72D-4AB2-B271-D1CCE80DD434}] => M:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B2638348-1E0E-4DD5-937E-2D6566C05AE2}] => M:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{98D4C0C7-B7EF-4E17-AB5E-9498724F0F52}M:\program files\hearthstone\hearthstone.exe] => M:\program files\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{BB06C5A8-93AA-43E2-872E-31D60D3803D0}M:\program files\hearthstone\hearthstone.exe] => M:\program files\hearthstone\hearthstone.exe
FirewallRules: [{C9DABC44-8023-42D4-BF9B-22E2A3F820FC}] => M:\program files\hearthstone\hearthstone.exe
FirewallRules: [{39DB5D1D-1797-4CCF-905C-40E5FEEC77FE}] => M:\program files\hearthstone\hearthstone.exe
FirewallRules: [{C2BA2E56-F8F2-43F9-8B93-72FC6500B32A}] => M:\Users\Георгий\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{A57344FD-95DF-490E-981A-A4B379AB27C3}] => M:\Users\Георгий\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [TCP Query User{03520929-B532-4C4F-A9BE-62F8C00D87D1}M:\users\георгий\appdata\roaming\gameranger\gameranger\gameranger.exe] => M:\users\георгий\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{399E4157-26C6-4F1E-A0A9-1C054FF14B9D}M:\users\георгий\appdata\roaming\gameranger\gameranger\gameranger.exe] => M:\users\георгий\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{9363A70D-93EE-45EA-BAC6-BDA29C338A9D}] => M:\users\георгий\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{223E14F3-F866-4867-8891-3CBB24D9CACE}] => M:\users\георгий\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{4FB5D874-2863-4232-AED9-A3A7CC5598F6}M:\users\георгий\appdata\roaming\utorrent\utorrent.exe] => M:\users\георгий\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{4135893A-E472-4B56-87D0-85DABC8219A7}M:\users\георгий\appdata\roaming\utorrent\utorrent.exe] => M:\users\георгий\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{2A5153DF-ACF0-48DC-939E-8DEEF1359C62}] => D:\Tor\Skype 4.2.exe
FirewallRules: [{381D5217-CF9B-4415-8FAB-AC26A75A2384}] => M:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A5116AE0-C84E-4825-A6BB-CAF7B0E8CA31}M:\program files\battle.net\battle.net.8098\battle.net.exe] => M:\program files\battle.net\battle.net.8098\battle.net.exe
FirewallRules: [UDP Query User{9105B951-F071-4F5F-84AF-A5A028CCD965}M:\program files\battle.net\battle.net.8098\battle.net.exe] => M:\program files\battle.net\battle.net.8098\battle.net.exe
FirewallRules: [{9BF43038-18FC-4A92-BDF6-7494DF21A030}] => M:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{1192C3C1-AC92-4B19-8614-F0B6F4210991}] => M:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
02-12-2016 00:39:49 Microsoft Visual C++ 2013 Redistributable (x86) — 12.0.21005
02-12-2016 03:00:10 Центр обновления Windows
05-12-2016 07:56:26 Центр обновления Windows
07-12-2016 13:57:55 Удалена Realtek Ethernet Diagnostic Utility
07-12-2016 13:58:29 Удалена Realtek Ethernet Controller Driver
07-12-2016 14:06:14 Установлена Realtek Ethernet Controller Driver
08-12-2016 11:45:25 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (12/07/2016 02:03:21 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/07/2016 12:23:25 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/06/2016 04:34:15 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={5E1629C8-AF4A-4CB5-958F-303DA58EDE84}: Пользователь Георгий-ПК\Георгий установил удаленное подключение Высокоскоростное подключение, которое завершилось сбоем. Возвращен код ошибки 651.
Error: (12/06/2016 11:28:22 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/06/2016 12:34:18 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={04E85F06-E443-4A99-A916-FF4517993BA7}: Пользователь Георгий-ПК\Георгий установил удаленное подключение Высокоскоростное подключение, которое завершилось сбоем. Возвращен код ошибки 651.
Error: (12/05/2016 07:45:51 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/04/2016 01:14:02 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/04/2016 07:45:37 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/03/2016 01:54:24 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/02/2016 12:01:29 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Event-ID 0

System errors:
=============
Error: (12/08/2016 12:02:57 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Не удается запустить сервер DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}. Ошибка:
«2»
возникла при запуске команды:
«M:\Windows\system32\igfxsrvc.exe» -Embedding
Error: (12/08/2016 12:00:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы «LMIGuardianSvc» из-за ошибки
Не удается найти указанный файл.
Error: (12/08/2016 11:55:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы «LMIGuardianSvc» из-за ошибки
Не удается найти указанный файл.
Error: (12/08/2016 11:45:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Служба NVIDIA LocalSystem Container была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 1000 мсек: Перезапуск службы.
Error: (12/08/2016 11:45:34 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Регистрация сервера {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} DCOM не прошла за отведенное время ожидания.
Error: (12/08/2016 11:43:35 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: Не удается запустить сервер DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}. Ошибка:
«2»
возникла при запуске команды:
«M:\Windows\system32\igfxsrvc.exe» -Embedding
Error: (12/08/2016 11:43:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы «LMIGuardianSvc» из-за ошибки
Не удается найти указанный файл.
Error: (12/08/2016 11:41:23 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Регистрация сервера {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} DCOM не прошла за отведенное время ожидания.
Error: (12/08/2016 11:40:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Служба Служба общих сетевых ресурсов проигрывателя Windows Media была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 30000 мсек: Перезапуск службы.
Error: (12/08/2016 11:40:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Служба «Intel(R) Dynamic Application Loader Host Interface Service» неожиданно прервана. Это произошло (раз): 1.

==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G2010 @ 2.80GHz
Percentage of memory in use: 65%
Total physical RAM: 2011.72 MB
Available physical RAM: 701.23 MB
Total Virtual: 4023.44 MB
Available Virtual: 2446.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.12 GB) (Free:97.03 GB) NTFS
Drive d: () (Fixed) (Total:833.76 GB) (Free:535.78 GB) NTFS
Drive m: (Новый том) (Fixed) (Total:111.79 GB) (Free:53.14 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F5E246D1)
Partition 1: (Not Active) — (Size=97.1 GB) — (Type=07 NTFS)
Partition 2: (Not Active) — (Size=450 MB) — (Type=27)
Partition 3: (Active) — (Size=100 MB) — (Type=07 NTFS)
Partition 4: (Not Active) — (Size=833.8 GB) — (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A2054542)
Partition 1: (Not Active) — (Size=111.8 GB) — (Type=07 NTFS)
==================== End of Addition.txt ============================