Zloy Бугимен спросил 8 лет назад
Выскакивает окно зодиак-гейм, проскранировал
Start your code hereScan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by police (administrator) on IDEA-PC (13-12-2016 17:50:12)
Running from C:\Users\бонькать\Downloads
Loaded Profiles: police (Available Profiles: police)
Platform: Windows 10 Home Single Language Version 1607 (X64) Language: Русский (Россия)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\Ghostery Storage Server\ghstore.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Users\бонькать\AppData\Local\Apps\2.0\1KR1QM5T.5JG\JDDTGH22.VBK\lsb...tion_2d7b41b05b24775e_0001.0006_6c5982beb50abfca\LSB.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-03-17] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-03-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-09] (Valve Corporation)
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3044848 2016-11-24] (Electronic Arts)
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3134216 2016-12-05] (Wargaming.net)
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\Run: [**<*>] => explorer.exe hxxp://kb-ribaki.org <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\MountPoints2: {bd3010d1-5740-11e6-bebe-208984850b5d} - "G:\SETUP.EXE"
HKU\S-1-5-18\...\Run: [script_fcbd] => "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\fcbd.bat"
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 94.26.128.3 94.26.128.4
Tcpip\..\Interfaces\{641e5e41-ac7d-46a9-8395-aed15e9dfa90}: [DhcpNameServer] 94.26.128.3 94.26.128.4
Tcpip\..\Interfaces\{8cf6bd43-5f51-4a75-b2c3-8a89ff181443}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=818405
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3611519387-3624931759-1378339320-1002 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-3611519387-3624931759-1378339320-1002 -> {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3611519387-3624931759-1378339320-1002 -> {B77D0045-7176-48BD-B2A9-3B5F5019F1DC} URL =
FireFox:
========
FF ProfilePath: C:\Users\бонькать\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2016-12-13]FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> user_pref("browser.startup.homepage", "hxxps://www.malwarebytes.org/restorebrowser/
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-03] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-3611519387-3624931759-1378339320-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\бонькать\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3611519387-3624931759-1378339320-1002: rt.ru/IFCPlugin -> C:\Users\бонькать\AppData\Roaming\Rostelecom\IFCPlugin\2.0.6.0\x32\npIFCPlugin.dll [2014-08-04] (Rostelecom)
Chrome:
=======
CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=dse&q={searchTerms}&fr=chxtn12.0.11
CHR DefaultSearchKeyword: Default -> mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default [2016-12-13]CHR Extension: (Google Презентации) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-13]CHR Extension: (Документы Google) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-13]CHR Extension: (Диск Google) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-13]CHR Extension: (YouTube) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-13]CHR Extension: (Дополнительные настройки ВКонтакте) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\djhgiahomjkabjdodlemhnhbnbfcomam [2016-12-13]CHR Extension: (Google Таблицы) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-13]CHR Extension: (Google Документы офлайн) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-13]CHR Extension: (AdBlock) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-13]CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-13]CHR Extension: (Gmail) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-13]CHR Extension: (Chrome Media Router) - C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-13]CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [icanjjkadceebmhanpekkofdhclnoijl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (No Name) - C:\Users\бонькать\AppData\Roaming\Opera Software\Opera Stable\Extensions\ahggfmgiidlaceichjfemgbaggnbaloe [2016-12-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [240416 2016-03-29] (EasyAntiCheat Ltd)
R2 Ghostery Storage Server; C:\Program Files (x86)\Ghostery Storage Server\ghstore.exe [243712 2016-12-12] () [File not signed]R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2015-12-10] (Lenovo)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-11-24] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-11-24] (Electronic Arts)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-31] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-31] (Disc Soft Ltd)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-13] (Malwarebytes)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_a41d83955b423dff\nvlddmkm.sys [14181304 2016-12-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S1 ServiceMgr; system32\drivers\ServiceMgr.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-13 17:43 - 2016-12-13 17:50 - 00059459 _____ C:\Users\бонькать\Downloads\Addition.txt
2016-12-13 17:40 - 2016-12-13 17:50 - 00018898 _____ C:\Users\бонькать\Downloads\FRST.txt
2016-12-13 17:40 - 2016-12-13 17:50 - 00000000 ____D C:\FRST
2016-12-13 17:35 - 2016-12-13 17:37 - 02420224 _____ (Farbar) C:\Users\бонькать\Downloads\FRST64.exe
2016-12-13 17:30 - 2016-12-13 17:30 - 00000000 ____D C:\Users\бонькать\Downloads\backups
2016-12-13 17:28 - 2016-12-13 17:28 - 00388608 _____ (Trend Micro Inc.) C:\Users\бонькать\Downloads\HijackThis.exe
2016-12-13 07:34 - 2016-12-13 07:34 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 07:33 - 2016-12-13 17:23 - 00000984 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-13 07:33 - 2016-12-13 17:23 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-13 07:33 - 2016-12-13 07:33 - 00004042 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-13 07:33 - 2016-12-13 07:33 - 00003810 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-13 00:03 - 2016-12-13 07:24 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-13 00:03 - 2016-12-13 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-13 00:02 - 2016-12-13 00:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-13 00:02 - 2016-12-13 00:02 - 00000000 ____D C:\Users\Все пользователи\Malwarebytes
2016-12-13 00:02 - 2016-12-13 00:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-13 00:02 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-13 00:02 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-12-13 00:02 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-13 00:01 - 2016-12-13 17:20 - 00000000 ____D C:\AdwCleaner
2016-12-12 23:15 - 2016-12-12 23:17 - 00000000 ____D C:\Users\бонькать\Desktop\ПАПКА ОТЦА
2016-12-12 23:11 - 2016-12-12 23:11 - 00000000 ____D C:\Users\бонькать\Documents\Lenovo
2016-12-12 23:11 - 2016-12-12 23:11 - 00000000 ____D C:\Users\бонькать\Documents\CyberLink
2016-12-12 23:11 - 2016-12-12 23:11 - 00000000 ____D C:\Users\бонькать\AppData\Roaming\WebApp
2016-12-12 21:06 - 2016-12-12 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-12-12 21:04 - 2016-12-12 21:04 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-12-12 21:04 - 2016-12-12 21:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-12-12 21:01 - 2016-12-12 21:01 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-12 21:00 - 2016-12-12 21:00 - 00000000 __RHD C:\MSOCache
2016-12-12 20:57 - 2016-12-12 20:58 - 00000000 ____D C:\Program Files\MS Word 2007
2016-12-12 20:19 - 2016-12-12 20:41 - 00000000 ____D C:\Users\бонькать\AppData\Roaming\PBot
2016-12-12 20:15 - 2016-12-12 20:15 - 00003974 _____ C:\WINDOWS\System32\Tasks\Trusted Language Manager
2016-12-12 20:15 - 2016-12-12 20:15 - 00003282 _____ C:\WINDOWS\System32\Tasks\Root Private Manager
2016-12-12 20:15 - 2016-12-12 20:15 - 00003262 _____ C:\WINDOWS\System32\Tasks\RunTime Base Manager
2016-12-12 20:15 - 2016-12-12 20:15 - 00000324 _____ C:\Users\бонькать\AppData\Local\expand.ini
2016-12-12 20:15 - 2016-12-12 20:15 - 00000000 ____D C:\Program Files (x86)\ScreenUp
2016-12-12 20:13 - 2016-12-12 20:13 - 00000000 ____D C:\Users\бонькать\AppData\LocalLow\SearchGo
2016-12-12 20:11 - 2016-12-12 20:41 - 00000000 ____D C:\Users\бонькать\AppData\Local\Amigo
2016-12-12 20:10 - 2016-12-12 20:32 - 00000258 __RSH C:\Users\бонькать\ntuser.pol
2016-12-12 20:09 - 2016-12-12 20:13 - 00000258 __RSH C:\Users\Все пользователи\ntuser.pol
2016-12-12 20:09 - 2016-12-12 20:13 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-12-12 20:07 - 2016-12-12 22:56 - 00000000 ____D C:\Users\бонькать\AppData\LocalLow\uTorrent
2016-12-12 19:54 - 2016-12-12 19:54 - 00000000 ____D C:\Users\бонькать\AppData\Local\ZaxarGameBrowser
2016-12-12 19:53 - 2016-12-12 19:53 - 00000000 ____D C:\Program Files (x86)\Ghostery Storage Server
2016-12-12 19:52 - 2016-12-12 19:52 - 00000856 _____ C:\Users\бонькать\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZaxarGameBrowser.lnk
2016-12-12 19:50 - 2016-12-12 19:50 - 00003704 _____ C:\WINDOWS\System32\Tasks\InternetDA
2016-12-12 19:47 - 2016-12-12 19:47 - 00000000 ____D C:\Users\бонькать\AppData\Local\MSfree Inc
2016-12-12 18:45 - 2016-12-12 18:45 - 00002744 _____ C:\Users\бонькать\Desktop\µTorrent.lnk
2016-12-12 18:42 - 2016-12-13 07:25 - 00000000 ____D C:\Users\бонькать\AppData\Roaming\uTorrent
2016-12-11 20:34 - 2016-12-13 00:35 - 00000000 ____D C:\Users\бонькать\Desktop\Хлам
2016-12-11 17:06 - 2016-12-11 17:06 - 00000000 ____D C:\Users\Все пользователи\.mono
2016-12-11 17:06 - 2016-12-11 17:06 - 00000000 ____D C:\Users\бонькать\AppData\Roaming\.mono
2016-12-11 17:06 - 2016-12-11 17:06 - 00000000 ____D C:\Users\бонькать\AppData\LocalLow\Blizzard Entertainment
2016-12-11 17:06 - 2016-12-11 17:06 - 00000000 ____D C:\Users\бонькать\AppData\Local\Blizzard
2016-12-11 17:06 - 2016-12-11 17:06 - 00000000 ____D C:\ProgramData\.mono
2016-12-11 15:14 - 2016-12-11 17:07 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-12-10 23:34 - 2016-12-10 23:34 - 00000481 _____ C:\Users\бонькать\Desktop\Администрирование.lnk
2016-12-10 08:20 - 2016-11-11 11:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 08:20 - 2016-11-11 11:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 08:20 - 2016-11-11 11:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 08:20 - 2016-11-11 10:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 08:20 - 2016-11-11 10:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 08:20 - 2016-11-11 10:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 08:20 - 2016-11-11 10:47 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-10 08:20 - 2016-11-11 10:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 08:20 - 2016-11-11 10:47 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-10 08:20 - 2016-11-11 10:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 08:20 - 2016-11-11 10:42 - 06668032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-10 08:20 - 2016-11-11 10:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 08:20 - 2016-11-11 10:42 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-10 08:20 - 2016-11-11 10:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 08:20 - 2016-11-11 10:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 08:20 - 2016-11-11 10:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 08:20 - 2016-11-11 10:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 08:20 - 2016-11-11 10:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 08:20 - 2016-11-11 10:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 08:20 - 2016-11-11 10:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 08:20 - 2016-11-11 10:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 08:20 - 2016-11-11 10:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 08:20 - 2016-11-11 10:26 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-10 08:20 - 2016-11-11 10:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 08:20 - 2016-11-11 10:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 08:20 - 2016-11-11 10:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 08:20 - 2016-11-11 10:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 08:20 - 2016-11-11 10:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 08:20 - 2016-11-11 10:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 08:20 - 2016-11-11 10:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 08:20 - 2016-11-11 10:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 08:20 - 2016-11-11 10:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 08:20 - 2016-11-11 10:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 08:20 - 2016-11-11 10:20 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-10 08:20 - 2016-11-11 10:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 08:20 - 2016-11-11 10:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 08:20 - 2016-11-11 10:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 08:20 - 2016-11-11 10:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 08:20 - 2016-11-11 10:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 08:20 - 2016-11-11 10:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 08:20 - 2016-11-11 10:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 08:20 - 2016-11-11 10:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 08:20 - 2016-11-11 10:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 08:20 - 2016-11-11 10:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 08:20 - 2016-11-11 10:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 08:20 - 2016-11-11 10:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 08:20 - 2016-11-11 10:17 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-10 08:20 - 2016-11-11 10:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 08:20 - 2016-11-11 10:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 08:20 - 2016-11-11 10:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 08:20 - 2016-11-11 10:15 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-10 08:20 - 2016-11-11 10:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 08:20 - 2016-11-11 10:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 08:20 - 2016-11-11 10:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 08:20 - 2016-11-11 10:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 08:20 - 2016-11-11 10:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-10 08:20 - 2016-11-11 10:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 08:20 - 2016-11-11 10:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 08:20 - 2016-11-11 10:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 08:20 - 2016-11-11 10:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 08:20 - 2016-11-11 10:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 08:20 - 2016-11-11 10:06 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-10 08:20 - 2016-11-11 10:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 08:20 - 2016-11-11 10:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 08:20 - 2016-11-11 10:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 08:20 - 2016-11-11 10:06 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-10 08:20 - 2016-11-11 10:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 08:20 - 2016-11-11 10:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 08:20 - 2016-11-11 10:05 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-10 08:20 - 2016-11-11 10:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 08:20 - 2016-11-11 10:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 08:20 - 2016-11-11 10:04 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-10 08:20 - 2016-11-11 10:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 08:20 - 2016-11-11 10:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 08:20 - 2016-11-11 10:04 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-10 08:20 - 2016-11-11 10:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 08:20 - 2016-11-11 10:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 08:20 - 2016-11-11 10:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 08:20 - 2016-11-11 10:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 08:20 - 2016-11-11 10:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-10 08:20 - 2016-11-11 10:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 08:20 - 2016-11-11 10:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 08:20 - 2016-11-11 10:01 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-10 08:19 - 2016-11-11 11:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 08:19 - 2016-11-11 11:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 08:19 - 2016-11-11 10:56 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-10 08:19 - 2016-11-11 10:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 08:19 - 2016-11-11 10:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 08:19 - 2016-11-11 10:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 08:19 - 2016-11-11 10:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 08:19 - 2016-11-11 10:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 08:19 - 2016-11-11 10:45 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-10 08:19 - 2016-11-11 10:45 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-10 08:19 - 2016-11-11 10:42 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-10 08:19 - 2016-11-11 10:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 08:19 - 2016-11-11 10:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 08:19 - 2016-11-11 10:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 08:19 - 2016-11-11 10:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 08:19 - 2016-11-11 10:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 08:19 - 2016-11-11 10:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 08:19 - 2016-11-11 10:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 08:19 - 2016-11-11 10:20 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-10 08:19 - 2016-11-11 10:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 08:19 - 2016-11-11 10:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 08:19 - 2016-11-11 10:19 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-10 08:19 - 2016-11-11 10:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 08:19 - 2016-11-11 10:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 08:19 - 2016-11-11 10:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 08:19 - 2016-11-11 10:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 08:19 - 2016-11-11 10:16 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-10 08:19 - 2016-11-11 10:16 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-10 08:19 - 2016-11-11 10:14 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-10 08:19 - 2016-11-11 10:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 08:19 - 2016-11-11 10:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 08:19 - 2016-11-11 10:11 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-10 08:19 - 2016-11-11 10:10 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-10 08:19 - 2016-11-11 10:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 08:19 - 2016-11-11 10:09 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-10 08:19 - 2016-11-11 10:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 08:19 - 2016-11-11 10:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 08:19 - 2016-11-11 10:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 08:19 - 2016-11-11 10:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 08:19 - 2016-11-11 10:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 08:19 - 2016-11-11 10:03 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-10 08:19 - 2016-11-11 10:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 08:19 - 2016-11-11 09:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-10 08:13 - 2016-11-11 13:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 08:13 - 2016-11-11 13:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 08:13 - 2016-11-11 12:57 - 08170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-10 08:13 - 2016-11-11 12:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 08:13 - 2016-11-11 12:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 08:13 - 2016-11-11 12:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 08:13 - 2016-11-11 12:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 08:13 - 2016-11-11 12:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 08:12 - 2016-11-11 13:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 08:12 - 2016-11-11 13:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 08:12 - 2016-11-11 13:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 08:12 - 2016-11-11 13:13 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-10 08:12 - 2016-11-11 13:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 08:12 - 2016-11-11 13:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 08:12 - 2016-11-11 13:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 08:12 - 2016-11-11 13:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 08:12 - 2016-11-11 13:01 - 01738048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-10 08:12 - 2016-11-11 13:01 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-10 08:12 - 2016-11-11 13:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 08:12 - 2016-11-11 12:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 08:12 - 2016-11-11 12:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 08:12 - 2016-11-11 12:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 08:12 - 2016-11-11 12:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 08:12 - 2016-11-11 12:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 08:12 - 2016-11-11 12:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 08:12 - 2016-11-11 12:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 08:12 - 2016-11-11 12:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 08:12 - 2016-11-11 12:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 08:12 - 2016-11-11 12:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 08:12 - 2016-11-11 12:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-10 08:12 - 2016-11-11 12:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 08:12 - 2016-11-11 12:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 08:12 - 2016-11-11 12:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 08:12 - 2016-11-11 12:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 08:12 - 2016-11-11 12:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 08:12 - 2016-11-11 12:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 08:12 - 2016-11-11 12:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 08:12 - 2016-11-11 12:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 08:12 - 2016-11-11 12:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 08:12 - 2016-11-11 12:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 08:12 - 2016-11-11 12:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 08:12 - 2016-11-11 12:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 08:12 - 2016-11-11 12:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 08:12 - 2016-11-11 12:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 08:12 - 2016-11-11 12:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 08:12 - 2016-11-11 12:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 08:12 - 2016-11-11 12:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 08:12 - 2016-11-11 12:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 08:12 - 2016-11-11 12:20 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-10 08:12 - 2016-11-11 12:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 08:12 - 2016-11-11 12:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 08:12 - 2016-11-11 12:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 08:12 - 2016-11-11 12:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 08:12 - 2016-11-11 12:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 08:12 - 2016-11-11 12:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-10 08:12 - 2016-11-11 12:18 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-10 08:12 - 2016-11-11 12:18 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-10 08:12 - 2016-11-11 12:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 08:12 - 2016-11-11 12:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 08:12 - 2016-11-11 12:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 08:12 - 2016-11-11 12:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 08:12 - 2016-11-11 12:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 08:12 - 2016-11-11 12:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 08:12 - 2016-11-11 12:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 08:12 - 2016-11-11 12:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 08:12 - 2016-11-11 12:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 08:12 - 2016-11-11 12:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 08:12 - 2016-11-11 12:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 08:12 - 2016-11-11 12:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 08:12 - 2016-11-11 12:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 08:12 - 2016-11-11 12:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 08:12 - 2016-11-11 12:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 08:12 - 2016-11-11 12:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 08:12 - 2016-11-11 12:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 08:12 - 2016-11-11 12:10 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-10 08:12 - 2016-11-11 12:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 08:12 - 2016-11-11 12:08 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-10 08:12 - 2016-11-11 12:08 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-10 08:12 - 2016-11-11 12:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 08:12 - 2016-11-11 12:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 08:12 - 2016-11-11 12:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 08:12 - 2016-11-11 12:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 08:12 - 2016-11-11 12:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 08:12 - 2016-11-11 12:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 08:12 - 2016-11-11 12:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 08:12 - 2016-11-11 12:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 08:12 - 2016-11-11 12:04 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-10 08:12 - 2016-11-11 12:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 08:12 - 2016-11-11 12:04 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-10 08:12 - 2016-11-11 12:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 08:12 - 2016-11-11 12:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 08:12 - 2016-11-11 12:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 08:12 - 2016-11-11 12:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 08:12 - 2016-11-11 12:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 08:12 - 2016-11-11 12:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 08:12 - 2016-11-11 12:03 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-10 08:12 - 2016-11-11 12:03 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-10 08:12 - 2016-11-11 12:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 08:12 - 2016-11-11 12:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 08:12 - 2016-11-11 12:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 08:12 - 2016-11-11 12:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 08:12 - 2016-11-11 12:02 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-10 08:12 - 2016-11-11 12:01 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-10 08:11 - 2016-11-11 13:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 08:11 - 2016-11-11 13:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 08:11 - 2016-11-11 13:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 08:11 - 2016-11-11 13:10 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-10 08:11 - 2016-11-11 13:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 08:11 - 2016-11-11 13:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 08:11 - 2016-11-11 13:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 08:11 - 2016-11-11 13:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 08:11 - 2016-11-11 13:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 08:11 - 2016-11-11 13:01 - 02189152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-10 08:11 - 2016-11-11 13:01 - 00658264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-10 08:11 - 2016-11-11 13:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 08:11 - 2016-11-11 13:01 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-10 08:11 - 2016-11-11 12:59 - 02913136 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-10 08:11 - 2016-11-11 12:59 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-10 08:11 - 2016-11-11 12:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 08:11 - 2016-11-11 12:57 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-10 08:11 - 2016-11-11 12:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 08:11 - 2016-11-11 12:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 08:11 - 2016-11-11 12:56 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-10 08:11 - 2016-11-11 12:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 08:11 - 2016-11-11 12:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 08:11 - 2016-11-11 12:56 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-10 08:11 - 2016-11-11 12:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 08:11 - 2016-11-11 12:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 08:11 - 2016-11-11 12:31 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-10 08:11 - 2016-11-11 12:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 08:11 - 2016-11-11 12:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 08:11 - 2016-11-11 12:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 08:11 - 2016-11-11 12:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 08:11 - 2016-11-11 12:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 08:11 - 2016-11-11 12:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 08:11 - 2016-11-11 12:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 08:11 - 2016-11-11 12:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 08:11 - 2016-11-11 12:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 08:11 - 2016-11-11 12:24 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-10 08:11 - 2016-11-11 12:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 08:11 - 2016-11-11 12:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 08:11 - 2016-11-11 12:23 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-10 08:11 - 2016-11-11 12:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 08:11 - 2016-11-11 12:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 08:11 - 2016-11-11 12:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 08:11 - 2016-11-11 12:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 08:11 - 2016-11-11 12:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 08:11 - 2016-11-11 12:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 08:11 - 2016-11-11 12:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 08:11 - 2016-11-11 12:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 08:11 - 2016-11-11 12:20 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-10 08:11 - 2016-11-11 12:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 08:11 - 2016-11-11 12:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 08:11 - 2016-11-11 12:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 08:11 - 2016-11-11 12:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 08:11 - 2016-11-11 12:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 08:11 - 2016-11-11 12:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 08:11 - 2016-11-11 12:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 08:11 - 2016-11-11 12:17 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-10 08:11 - 2016-11-11 12:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 08:11 - 2016-11-11 12:14 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-10 08:11 - 2016-11-11 12:14 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-10 08:11 - 2016-11-11 12:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 08:11 - 2016-11-11 12:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 08:11 - 2016-11-11 12:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 08:11 - 2016-11-11 12:11 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-10 08:11 - 2016-11-11 12:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 08:11 - 2016-11-11 12:10 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-10 08:11 - 2016-11-11 12:09 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-10 08:11 - 2016-11-11 12:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 08:11 - 2016-11-11 12:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 08:11 - 2016-11-11 12:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 08:11 - 2016-11-11 12:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 08:11 - 2016-11-11 12:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 08:11 - 2016-11-11 12:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 08:11 - 2016-11-11 12:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 08:11 - 2016-11-11 12:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 08:11 - 2016-11-11 12:05 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-10 08:11 - 2016-11-11 12:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 08:11 - 2016-11-11 12:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 08:11 - 2016-11-11 12:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 08:11 - 2016-11-11 12:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 08:11 - 2016-11-11 12:04 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-10 08:11 - 2016-11-11 12:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 08:11 - 2016-11-11 12:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 08:11 - 2016-11-11 12:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 08:11 - 2016-11-11 12:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 08:11 - 2016-11-11 12:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 08:11 - 2016-11-11 12:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 08:11 - 2016-11-11 12:03 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-10 08:11 - 2016-11-11 12:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 08:10 - 2016-11-11 13:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 08:10 - 2016-11-11 13:09 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-10 08:10 - 2016-11-11 13:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 08:10 - 2016-11-11 13:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 08:10 - 2016-11-11 12:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 08:10 - 2016-11-11 12:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 08:10 - 2016-11-11 12:51 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-10 08:10 - 2016-11-11 12:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 08:10 - 2016-11-11 12:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 08:10 - 2016-11-11 12:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 08:10 - 2016-11-11 12:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 08:10 - 2016-11-11 12:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 08:10 - 2016-11-11 12:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 08:10 - 2016-11-11 12:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 08:10 - 2016-11-11 12:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 08:10 - 2016-11-11 12:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 08:10 - 2016-11-11 12:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 08:10 - 2016-11-11 12:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-10 08:10 - 2016-11-11 12:18 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-10 08:10 - 2016-11-11 12:17 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-10 08:10 - 2016-11-11 12:17 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-10 08:10 - 2016-11-11 12:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 08:10 - 2016-11-11 12:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 08:10 - 2016-11-11 12:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 08:10 - 2016-11-11 12:07 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-10 08:10 - 2016-11-11 12:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 08:10 - 2016-11-11 12:06 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-10 08:10 - 2016-11-11 12:03 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-10 08:10 - 2016-11-11 12:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-09 21:25 - 2016-12-09 21:25 - 00000000 ____D C:\Users\бонькать\AppData\Local\Blizzard Entertainment
2016-12-09 21:24 - 2016-12-11 21:10 - 00000000 ____D C:\Users\бонькать\AppData\Local\Battle.net
2016-12-09 21:24 - 2016-12-09 21:24 - 00000000 ____D C:\Users\Все пользователи\Blizzard Entertainment
2016-12-09 21:24 - 2016-12-09 21:24 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-12-09 21:22 - 2016-12-09 21:22 - 00000962 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-12-09 21:21 - 2016-12-09 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-12-09 21:18 - 2016-12-11 15:09 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-12-09 21:17 - 2016-12-11 15:13 - 00000000 ____D C:\Users\бонькать\AppData\Roaming\Battle.net
2016-12-09 21:16 - 2016-12-09 21:17 - 00000000 ____D C:\Users\Все пользователи\Battle.net
2016-12-09 21:16 - 2016-12-09 21:17 - 00000000 ____D C:\ProgramData\Battle.net
2016-12-05 21:33 - 2016-12-03 13:38 - 00047032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-12-05 21:33 - 2016-12-01 23:02 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 10354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 09158432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 08762072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 02954808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 00683824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-05 21:33 - 2016-12-01 23:02 - 00573072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-11-28 21:51 - 2016-11-17 16:45 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-11-28 21:51 - 2016-11-17 16:45 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-11-14 17:51 - 2016-11-14 17:51 - 00000219 _____ C:\Users\бонькать\Desktop\Counter-Strike Global Offensive.url
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-13 17:29 - 2015-10-25 19:34 - 00000000 ____D C:\Users\бонькать\AppData\Local\VirtualStore
2016-12-13 17:25 - 2015-10-25 19:48 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-13 17:23 - 2016-09-07 22:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-13 17:23 - 2016-09-07 21:35 - 00000000 ____D C:\Users\Все пользователи\NVIDIA
2016-12-13 17:23 - 2016-09-07 21:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-13 17:22 - 2016-07-16 09:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-13 17:19 - 2015-10-27 14:10 - 00000000 ____D C:\Users\бонькать\AppData\Roaming\Skype
2016-12-13 16:36 - 2016-09-07 21:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-13 16:31 - 2016-07-16 14:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-13 16:31 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-13 12:10 - 2016-07-16 14:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-13 07:33 - 2016-02-06 22:48 - 00000000 ____D C:\Users\бонькать\Desktop\ПАПКА ГОША
2016-12-13 07:33 - 2015-10-25 19:41 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-13 07:25 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-13 00:35 - 2016-10-28 19:56 - 00000000 ____D C:\Users\бонькать\AppData\Local\fupdate
2016-12-13 00:26 - 2016-02-13 21:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-12 23:27 - 2016-08-21 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2016-12-12 23:17 - 2016-03-29 16:24 - 00000000 ____D C:\Users\бонькать\AppData\Local\Microsoft Help
2016-12-12 23:11 - 2016-07-31 18:56 - 00000000 ____D C:\Users\бонькать\AppData\Roaming\CyberLink
2016-12-12 23:11 - 2015-10-25 21:40 - 00000000 ____D C:\Users\Все пользователи\Lenovo
2016-12-12 23:11 - 2015-10-25 21:40 - 00000000 ____D C:\ProgramData\Lenovo
2016-12-12 23:11 - 2015-10-25 19:36 - 00000000 ____D C:\Users\бонькать\AppData\Roaming\Lenovo
2016-12-12 23:07 - 2016-09-07 21:42 - 00000000 ____D C:\Users\бонькать
2016-12-12 23:07 - 2016-01-16 14:31 - 00000000 ____D C:\Users\бонькать
2016-12-12 22:51 - 2015-10-25 19:34 - 00000000 ____D C:\Users\бонькать\AppData\Local\Packages
2016-12-12 22:12 - 2016-10-24 20:47 - 00000440 _____ C:\Users\бонькать\Desktop\Этот компьютер - Ярлык.lnk
2016-12-12 21:28 - 2015-10-25 20:20 - 00000000 ____D C:\Users\бонькать\AppData\Local\CrashDumps
2016-12-12 21:10 - 2016-09-07 21:32 - 00360936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-12 21:06 - 2016-03-29 16:24 - 00000000 ____D C:\Users\Все пользователи\Microsoft Help
2016-12-12 21:04 - 2013-03-17 21:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-12 21:03 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-12 21:02 - 2016-07-31 19:17 - 00000000 ____D C:\Users\бонькать\AppData\Roaming\DAEMON Tools Lite
2016-12-12 20:32 - 2016-10-28 21:30 - 00000000 ____D C:\Users\бонькать\AppData\Local\Unity
2016-12-12 20:12 - 2016-10-28 21:30 - 00000000 ____D C:\Users\бонькать\AppData\LocalLow\Unity
2016-12-12 20:09 - 2013-08-22 18:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-11 21:17 - 2013-03-17 21:19 - 00000000 ____D C:\Users\Все пользователи\McAfee
2016-12-11 21:17 - 2013-03-17 21:19 - 00000000 ____D C:\ProgramData\McAfee
2016-12-11 21:11 - 2016-02-06 17:41 - 00000000 ____D C:\Users\бонькать\AppData\Roaming\Origin
2016-12-11 21:08 - 2015-10-30 06:48 - 00000000 ____D C:\Users\бонькать\AppData\Local\VKMusic 4
2016-12-11 20:29 - 2016-07-16 14:47 - 00000000 ____D C:\Users\Все пользователи\regid.1991-06.com.microsoft
2016-12-11 20:29 - 2016-07-16 14:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-11 20:27 - 2016-02-13 20:56 - 00000000 ____D C:\WINDOWS\ShellNew
2016-12-11 20:25 - 2013-08-22 16:25 - 00000076 _____ C:\WINDOWS\win.ini
2016-12-11 20:22 - 2016-07-16 09:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-11 20:21 - 2016-09-07 22:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-12-11 13:48 - 2016-11-04 23:21 - 00000000 ____D C:\Users\бонькать\Documents\Assassin's Creed IV Black Flag
2016-12-11 13:48 - 2016-11-04 23:20 - 00000000 ____D C:\Users\бонькать\AppData\Local\Ubisoft Game Launcher
2016-12-11 11:52 - 2016-07-17 02:08 - 02173872 _____ C:\WINDOWS\system32\perfh019.dat
2016-12-11 11:52 - 2016-07-17 02:08 - 00601672 _____ C:\WINDOWS\system32\perfc019.dat
2016-12-11 11:52 - 2016-04-11 23:50 - 04717130 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-10 23:27 - 2016-02-06 17:35 - 00000000 ____D C:\Users\Все пользователи\Origin
2016-12-10 23:27 - 2016-02-06 17:35 - 00000000 ____D C:\ProgramData\Origin
2016-12-10 23:14 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-10 23:14 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-10 23:14 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-10 23:14 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-10 23:14 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-10 23:14 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-10 23:14 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-10 23:14 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-10 23:14 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-10 23:14 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-10 22:25 - 2016-07-16 14:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-10 17:21 - 2016-02-06 17:33 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-10 17:17 - 2016-02-12 16:13 - 00000000 ____D C:\Users\бонькать\AppData\Local\ElevatedDiagnostics
2016-12-09 19:38 - 2016-07-16 14:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-05 21:38 - 2016-03-26 23:16 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-01 23:02 - 2016-07-28 23:00 - 03934320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-01 23:02 - 2016-07-28 23:00 - 03474064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-01 23:02 - 2016-07-28 23:00 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-01 20:33 - 2016-11-05 21:16 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-01 20:32 - 2016-09-07 21:35 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-01 20:32 - 2016-09-07 21:35 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-01 20:32 - 2016-09-07 21:35 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-01 20:32 - 2016-09-07 21:35 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-01 20:32 - 2016-09-07 21:35 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-01 20:32 - 2016-09-07 21:35 - 00147000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-12-01 20:32 - 2016-09-07 21:35 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-01 20:32 - 2016-09-07 21:35 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-11-30 12:34 - 2016-09-07 21:35 - 07607057 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-11-28 21:54 - 2016-11-05 21:18 - 00003924 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 21:54 - 2016-09-07 21:34 - 00000000 ____D C:\Users\Все пользователи\NVIDIA Corporation
2016-11-28 21:54 - 2016-09-07 21:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-28 21:52 - 2016-11-05 21:16 - 00003988 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 21:52 - 2016-11-05 21:16 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 21:52 - 2016-11-05 21:16 - 00003898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 21:52 - 2016-11-05 21:16 - 00003736 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 21:52 - 2016-11-05 21:16 - 00003694 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-28 21:52 - 2016-09-07 21:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-28 21:52 - 2016-09-07 21:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-17 16:45 - 2016-11-05 21:18 - 01854400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-11-17 16:45 - 2016-11-05 21:18 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-11-17 16:45 - 2016-11-05 21:18 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-11-17 16:45 - 2016-11-05 21:18 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-11-17 16:45 - 2016-11-05 21:18 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-11-17 16:45 - 2016-07-28 22:32 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-11-16 18:12 - 2015-10-27 14:10 - 00000000 ____D C:\Users\Все пользователи\Skype
2016-11-16 18:12 - 2015-10-27 14:10 - 00000000 ____D C:\ProgramData\Skype
2016-11-16 18:11 - 2015-12-08 08:27 - 00000000 ___RD C:\Program Files (x86)\Skype
==================== Files in the root of some directories =======
2016-08-11 16:53 - 2016-08-11 16:53 - 0000234 _____ () C:\Users\бонькать\AppData\Roaming\del.bat
2016-12-12 20:15 - 2016-12-12 20:15 - 0000324 _____ () C:\Users\бонькать\AppData\Local\expand.ini
2016-09-07 21:36 - 2016-09-07 21:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\бонькать\AppData\Local\Temp\115D.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\161F.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\28FF.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\3C3C.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\5509.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\5529.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\634E.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\6A36.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\8D96.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\8E72.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\9E31.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\A068.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\A0UiVnHaeXwG.exe
C:\Users\бонькать\AppData\Local\Temp\B1D6.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\B60B.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\BfIKgn3wERP0.exe
C:\Users\бонькать\AppData\Local\Temp\BRgktmK1dqeb.exe
C:\Users\бонькать\AppData\Local\Temp\CC69.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\coi1634.exe
C:\Users\бонькать\AppData\Local\Temp\EA06.tmp.exe
C:\Users\бонькать\AppData\Local\Temp\Erk5XdGVuDYm.exe
C:\Users\бонькать\AppData\Local\Temp\HLFwi4IryGzp.exe
C:\Users\бонькать\AppData\Local\Temp\Quarantine.exe
C:\Users\бонькать\AppData\Local\Temp\uEZo3d5SjRKl.exe
C:\Users\бонькать\AppData\Local\Temp\Wi6iTxWGurvu.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-04 12:17
==================== End of FRST.txt ============================
Start your code hereAdditional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by police (13-12-2016 17:51:03)
Running from C:\Users\бонькать\Downloads
Windows 10 Home Single Language Version 1607 (X64) (2016-09-07 19:16:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
DefaultAccount (S-1-5-21-3611519387-3624931759-1378339320-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3611519387-3624931759-1378339320-1006 - Limited - Enabled)
police (S-1-5-21-3611519387-3624931759-1378339320-1002 - Administrator - Enabled) => C:\Users\бонькать
Администратор (S-1-5-21-3611519387-3624931759-1378339320-500 - Administrator - Disabled)
Гость (S-1-5-21-3611519387-3624931759-1378339320-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Ansel (Version: 376.19 - NVIDIA Corporation) Hidden
Assassin's Creed IV Black Flag (HKLM\...\Steam App 242050) (Version: - Ubisoft Montreal)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version: - Relic Entertainment)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.5 - Lenovo)
Energy Management (x32 Version: 8.0.2.5 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\dda9ca0b023f4c56) (Version: 1.6.3.5 - Lenovo)
Lenovo Solution Center (HKLM\...\{4386A5EF-BD23-49F4-9DAD-CD76B4F6A8BF}) (Version: 2.8.006.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware, версия 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version: - The Creative Assembly)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Графический драйвер 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.19 - NVIDIA Corporation)
NVIDIA Системное программное обеспечение PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.210 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
ScreenUp (HKLM-x32\...\ScreenUp) (Version: 1.7 - ScreenUP LLC)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
World of Tanks (HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ru}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814ru}_is1) (Version: - Wargaming.net)
Обновления NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Пакет драйверов Windows - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Пакет драйверов Windows - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Панель управления NVIDIA 376.19 (Version: 376.19 - NVIDIA Corporation) Hidden
Плагин пользователя систем электронного правительства (версия 2.0.6) x64 (HKLM\...\{E25F6DBC-745E-4EBB-84B1-76CBC83C809F}) (Version: 2.0.6.0 - Rostelecom)
Руководство пользователя (x32 Version: 1.0.0.9 - Lenovo) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3611519387-3624931759-1378339320-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3611519387-3624931759-1378339320-1002_Classes\CLSID\{CD207EA4-DC2F-55B7-A06A-F6F4D087406A}\InprocServer32 -> C:\Users\бонькать\AppData\Roaming\Rostelecom\IFCPlugin\2.0.6.0\x64\npIFCPlugin64.dll (Rostelecom)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03777C47-32DA-4758-BF40-32BBC6C9A994} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {07A32013-4706-4A93-A378-B30D4203BEEB} - System32\Tasks\Trusted Language Manager => C:\Users\бонькать\AppData\Local\Trusted Language Manager.exe
Task: {086959C8-11EB-48C1-8604-D5D9CB8C5660} - \WPD\SqmUpload_S-1-5-21-3611519387-3624931759-1378339320-1002 -> No File <==== ATTENTION
Task: {08A71DF6-899C-45E8-944C-0BD87BA9D839} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {0CED7F59-AC01-455B-94C3-C21169835E0D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {14A9FC9D-0896-4177-A2BF-A11878BE37CA} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {18C47ED2-22AA-4CE9-BA5D-B060223F5677} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {2248CAC0-0765-433C-9059-A623916247C2} - \Lenovo\Lenovo Service Bridge\S-1-5-21-3611519387-3624931759-1378339320-1002 -> No File <==== ATTENTION
Task: {28C5653E-659F-4D9D-B4F0-62D0300FA1BF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {31DBAD6A-4ACE-4F32-B500-B771155BEAAF} - System32\Tasks\InternetDA => Chrome.exe hxxp://nbsallastar.com/kentucky
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {359A3C43-B275-4B2E-A032-FAFA4C47D1CC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3AFC612C-D787-403D-9728-792E3383B9BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-13] (Google Inc.)
Task: {450139AF-F9D3-4378-80CF-A0274A681DD3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-09] (Microsoft Corporation)
Task: {4FC591F9-3A89-4BA6-964C-93749216DEE5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {51ECEBC7-7F52-4472-9D16-59BD15AE7D9C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5BC5BDF9-BA14-44EB-9513-9C2FCE3C3D2E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo)
Task: {601E2451-0CD9-43C9-AF5F-730DB60E0F22} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {60B6EDF7-9C7A-4FBD-9CB8-6CA781AE96BC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {638DDE28-2E76-4C1E-BC9D-17236CB00349} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-12-10] (Lenovo)
Task: {6B32140C-ECDB-411E-B16F-B4B8F404DDDC} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {70993C22-9045-4EC4-87FC-3560A29980EB} - System32\Tasks\RunTime Base Manager => C:\Program Files (x86)\ScreenUp\future_helper.exe [2016-12-12] ( )
Task: {70C32832-9DA8-4B0A-B2F6-093F93025CBD} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {71779BDF-626F-4725-A6F7-5234BABAD71D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {7B54D16D-59D6-40C1-A82E-9B3E4E4F6941} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8113DD23-E18E-4DAC-B7E4-915C82D9F14E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {8C3428E4-DCB1-4CAC-AF7C-DFEF93C5F7D7} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-12-10] (Lenovo)
Task: {8EC69D97-3507-4BAC-A929-8917918675F6} - System32\Tasks\Root Private Manager => C:\Users\бонькать\AppData\Local\FilterStart\FilterStart.exe
Task: {8F4652B5-3B73-4133-B972-BB5E143AC338} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {90BBD7E2-766F-4E8B-A7E3-2FB21CB23A4F} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {92226208-034B-4DCD-828A-2F3E7F98EF1B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {92514D3F-A28E-4707-82A5-5F9662242D02} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {97BC6555-D637-4CD2-97E3-A88501F91411} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9ECB208A-09C7-493D-9FE1-29B05708B5CF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AB4B5581-1FBD-41DE-BAAA-E9815FB73C88} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {CB3371F7-6898-40F6-B4BB-391F35E2581C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {CCF37E72-D8A0-401C-B0F0-9C7634B0BD04} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {DEE71FE5-309F-4BBE-8A41-0B072037F967} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E6D2F890-6CD3-4298-A64A-10555405025E} - System32\Tasks\бонькать => /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v бонькать /t REG_SZ /d "explorer.exe hxxp://kb-ribaki.org" <==== ATTENTION
Task: {EB51BA13-04D9-4CB0-A994-1835401D72AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-13] (Google Inc.)
Task: {EBCCAA38-53A3-49BB-8E13-A3CAED8FB8D7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F3B289F3-0195-444E-80D3-182C698DDDAD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\бонькать\Desktop\Администрирование.lnk -> L ᐁ À 䘀 @瀟٨⛮ꀊ䓗熓낾쥤莆ↄ㧞 聱 ꓡ툎㥗ᇒத倌删十 ŏ ꀀ 匱卐뜥䟯ယ怂麌곫5
ἀ ሀ က㐄㰄㠄㴄㠄䄄䈄䀄㠄䀄㸄㈄〄㴄㠄㔄 Ѐ Системная папка Á 匱卐檦⡣锽ᇒ횵쀀�퀘¥ ἀ 䨀 䌀㨀尀倀爀漀最爀愀洀䐀愀琀愀尀䴀椀挀爀漀猀漀昀琀尀圀椀渀搀漀眀猀尀匀琀愀爀琀 䴀攀渀甀尀倀爀漀最爀愀洀猀尀䄀搀洀椀渀椀猀琀爀愀琀椀瘀攀 吀漀漀氀猀 <===== Cyrillic
Shortcut: C:\Users\бонькать\Desktop\Этот компьютер - Ярлык.lnk -> L ᐁ À 䘀 借俠⃐㫪ၩ�〫鴰 Ő ꀀ~ 匱卐뜥䟯ယ怂麌곫1
ἀ ༀ ⴀ䈄㸄䈄 㨀㸄㰄㼄䰄丄䈄㔄䀄 Ѐ Системная папка 匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀ 䐀 㐀䘀䔀 ⴀ㌀䄀䔀䄀ⴀ 㘀㤀ⴀ䄀㈀䐀㠀ⴀ 㠀 ㈀䈀㌀ ㌀ 㤀䐀紀 䔀 偓龅鱗桏⬀댧⧙ Ԁ ဟ
Компьютер <===== Cyrillic
Shortcut: C:\Users\бонькать\Desktop\Хлам\Руководство пользователя.lnk -> C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe (Lenovo) <===== Cyrillic
Shortcut: C:\Users\бонькать\Desktop\ПАПКА ОТЦА\Карьер\1 001.jpg - Ярлык.lnk -> C:\Users\бонькать\Desktop\ПАПКИ ОТЦА\1 001.jpg (No File) <===== Cyrillic
Shortcut: C:\Users\бонькать\Desktop\ПАПКА ОТЦА\Карьер\Договор о намерениях Скорина.docx - Ярлык.lnk -> F:\Договор о намерениях Скорина.docx (No File) <===== Cyrillic
Shortcut: C:\Users\бонькать\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships\Деинсталлировать World of Warships.lnk -> C:\Games\World_of_Warships\unins000.exe () <===== Cyrillic
Shortcut: C:\Users\бонькать\AppData\Roaming\Microsoft\Windows\SendTo\МойМир@Mail.ru.lnk -> C:\Users\бонькать\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe (No File) <===== Cyrillic
Shortcut: C:\Users\бонькать\AppData\Roaming\Microsoft\Windows\SendTo\Передача файлов через Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <===== Cyrillic
ShortcutWithArgument: C:\Users\бонькать\AppData\Roaming\Microsoft\Windows\SendTo\Получатель факса.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo <===== Cyrillic
ShortcutWithArgument: C:\Users\бонькать\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811008"
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 14:42 - 2016-07-16 14:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-10 08:11 - 2016-11-11 13:10 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-12 19:53 - 2016-12-12 19:53 - 00243712 _____ () C:\Program Files (x86)\Ghostery Storage Server\ghstore.exe
2016-11-05 21:16 - 2016-11-17 16:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-05 21:16 - 2016-11-17 16:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-05 21:18 - 2016-11-17 16:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-07 21:35 - 2016-12-01 20:32 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-10 08:11 - 2016-11-11 13:10 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-10 22:58 - 2016-09-10 22:58 - 01864384 _____ () C:\Users\бонькать\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-09-17 21:18 - 2016-09-07 07:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-10 08:12 - 2016-11-11 12:23 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 09:09 - 2016-11-02 13:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 09:09 - 2016-11-02 13:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 09:09 - 2016-11-02 13:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 09:09 - 2016-11-02 13:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 09:09 - 2016-11-02 13:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-13 07:34 - 2016-12-08 11:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-13 07:34 - 2016-12-08 11:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-08-26 21:25 - 2016-08-26 21:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1049.dll
2016-12-13 07:36 - 2016-12-11 12:41 - 31164504 _____ () C:\Users\бонькать\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
2016-11-17 07:37 - 2016-11-17 07:37 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 07:37 - 2016-11-17 07:37 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 07:37 - 2016-11-17 07:37 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-10 17:21 - 2016-11-24 11:53 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-11-03 00:45 - 2016-11-17 16:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-05 21:16 - 2016-11-17 16:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-05 21:16 - 2016-11-17 16:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-05 21:17 - 2016-11-17 13:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-05 21:17 - 2016-11-17 13:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-05 21:17 - 2016-11-17 13:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-05 21:17 - 2016-11-17 13:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-05 21:17 - 2016-11-17 13:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-05 21:17 - 2016-11-17 13:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-05 21:17 - 2016-11-17 13:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2015-10-25 19:51 - 2016-12-08 18:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-10-25 19:51 - 2016-09-01 04:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-10-25 19:51 - 2016-12-09 23:48 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2015-10-25 19:51 - 2016-09-01 04:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-10-25 19:51 - 2016-09-01 04:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-10-25 19:51 - 2016-01-27 10:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-10-25 19:51 - 2016-01-27 10:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-10-25 19:51 - 2016-01-27 10:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-10-25 19:51 - 2016-01-27 10:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-10-25 19:51 - 2016-01-27 10:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-10-25 19:51 - 2016-12-09 23:48 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-18 11:06 - 2016-07-05 01:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-03-17 21:22 - 2012-07-12 15:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2016-11-13 19:23 - 2016-12-05 19:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-10-25 19:51 - 2016-12-09 23:48 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-10-25 19:51 - 2015-09-25 02:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2013-03-17 20:46 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 16:25 - 2013-08-22 16:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\бонькать\Downloads\mountains_Nissan_Wallpaper_1366x768_www.wall321.com.jpg
DNS Servers: 94.26.128.3 - 94.26.128.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Dolby Advanced Audio v2"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SmartAudio"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "MediaGet2"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "World of Warships"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "archApplication"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "amigo"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "Host Service"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "MailRuUpdater"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "speeddialmaker_delete_self"
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\StartupApproved\Run: => "**<*>"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{C6F6B9FC-1AEB-452F-BA14-40159DBC59BB}] => C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{209CC885-FC64-42C3-A646-4C2ABE6BCD57}] => C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C2584952-65CE-435F-B7E5-42AF8B8ABFAC}] => C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{E67817EA-7320-416E-AB78-CE547B38DD0B}] => C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{DB6BE591-8026-4DC5-9EC5-F62C056201EF}] => C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{5433F2E9-CFA9-4FFE-BA7A-E008DEFEC62F}] => C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{07965B61-6174-4FC3-844A-266C0FA5B709}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4180932E-FE04-440F-A8F0-8ECE12EFA67F}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{867DCE5F-FC41-4D5C-9B01-0078BE1BCFB2}] => C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{D32DC9A6-52E2-44B9-A868-0ABAB9B952B6}] => C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{FD3F371A-ABDE-49F8-96C7-AF09FFB6C719}] => C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{75CDF4B1-0504-428D-B2CF-C3A406280224}] => C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{A63B80E6-C42E-4DE6-8B77-A69A4F5C95AD}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C451E664-5140-4EFB-BD22-1F215B40C8A1}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3F76F951-F2BB-4A2D-BA0D-3A6DD889CAA9}] => C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{F395516F-0BB0-4211-987B-25CD710FC909}] => C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{F61386AA-5872-446B-AC1B-8168FF89A50E}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{E543906A-13DA-4602-A23D-4974C601CDD2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6A4EDE90-B867-480B-8F45-CB94E244A90C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DC36B7AF-2B0F-4699-884F-1BDEA1543416}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7D61B02B-93CA-4EA3-8411-66B61DCB0F97}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F2B467BE-419A-4E2B-B0A0-E00EC844C4CF}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7F38BA1E-5091-4790-9BB9-C5C04A7BC8CC}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{546D2265-5943-4BC4-A9C5-EEB31250996D}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{75654C67-BB65-4CFD-B1C6-62D5BFB3AF98}] => %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{36F88E47-3FC7-45DB-A70C-159533C381A7}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{3D54DA73-DC8A-4135-A9BB-6B9978556D84}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{DAA426F6-C441-4E98-9E1B-B2BE655118F8}] => C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{36ECEC58-A3BE-4EA2-B5E6-7B102D83B172}] => C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{74DC652B-5CE9-45E7-812C-64B6F3675318}] => C:\Users\бонькать\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{1EE30F07-8EBD-461D-9F50-3B32519FF8FA}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{A3A1DBF3-A1FE-43A7-A519-CA3D32DFCE5B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{E4F64D9C-F9A5-47D2-AA53-C179050D6CA9}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4E6BB1E3-E5D5-4ED4-A7E7-C80A660507AA}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2DCBF030-D67B-49EF-9C42-317C9EDB1255}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7160AC24-5C49-4BEB-B3CA-A64F85D4003B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1DF46673-2036-44A7-A595-44909F847994}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{45E61ED1-4646-421F-AA84-9AAB084DE41C}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{09931A8F-F856-4E6A-BD5F-95E9330B58F3}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{63DFB8FE-9E20-4F22-932D-2B0FED1510AB}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{62F929A2-D8C6-4FB4-B0A4-711CC11D401C}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{076B06C8-58C2-451B-9B14-8FE9C2282C65}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{71EE7583-4C5B-4685-886B-11B40F679C61}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C613F7AD-591A-4151-9B1D-E4F82B7D642E}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E63A4E31-E205-49D9-AD1E-7EF784AF6A75}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8EC23984-732A-4379-BF7F-BAC52EBF471C}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{679334C6-9C9D-4207-8293-8A6C33D8C0DE}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5BBD24FC-E0A6-4AAC-B846-40D4048D1A79}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AE080A6-2B51-489F-8424-4CB4624AA74F}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7D691476-A48C-46EB-B246-009964512795}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C99CF011-710D-4971-89C5-5EC3F8C72499}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{847A2131-8D05-45B7-A0D9-09D8EBF2421C}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8E0B3EEA-3A9E-4EE2-9A96-A25D8198115D}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F4E2B6E5-BDB9-43EC-83AB-2B7CEEF625CF}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{24025A2F-E070-4D05-A3DA-5F14959184FA}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AF927C98-CF6C-4B0E-806A-0AF0A1E535DF}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4BB633E1-8FC1-4B24-A1A3-EBDFB37CFD35}] => C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{5CDF2DD8-B67F-495B-917C-3BD473CBFDE8}] => C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{7FAD641C-95B1-4A51-B2B4-9CB7846F69FA}] => C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{45A08E0E-15C0-425E-9C8A-34FD114FA23E}] => C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{5EFD9BFC-BE9F-40AC-8CCA-FD66CDABD162}] => C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{EB46C625-7188-4D4B-B61E-52D043907BBD}] => C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{260E5CB1-839C-4DD0-88DF-C74283A5C542}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5F379C1E-AC2D-441F-8B23-6663D159A16E}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC75597C-E5A6-444B-9BBE-D4FC7F585FE5}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DA1FACC3-5B90-4357-BAB3-4552A7798E98}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A45BE876-7530-4F59-B5CF-6ABF0A553FF5}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{09A8FE76-CF3E-42A5-B479-02C142A1DEFE}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{09969D5A-E57F-4707-82E1-F96B2770F53F}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6EC06AFF-0468-4884-9B8A-62E96067D4B4}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1479DA2B-1DC6-4D77-B1E4-61C2FBF27264}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7DAB3FFD-5219-4D38-94EE-E822927C3BBE}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{40CB1AFC-37B3-4646-A937-4729B4B917DC}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{ADB9AEFB-5BE3-48EF-BC93-C87223D66934}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4563BB00-9ED5-40C4-931E-B34E51F5C19B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4B98CCD-3A97-485C-9AF1-E2DCA5BD852A}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1053173A-FBB6-4CE9-96F8-6CC71C8AC132}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E12EB061-33FD-4EF5-835F-4BEC3AA367BE}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4EAA219B-B2A3-46D9-B1DE-0A82D2BEC6FC}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2112F3F3-7C9F-4163-A4BD-7FC14E188ECC}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3087890D-19B9-44C7-8DD3-7444D3D27EF7}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{762195C0-6CC8-42BA-8803-6FE0E3CF3509}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C3ED3CBB-CC20-47A3-A445-9CA32524344A}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF677E72-1E19-4BCD-892B-3688B31F17E6}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6D8D2EF5-253E-4083-8AC7-D6207045DB23}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4B43ED40-2B21-4A10-8ED8-068D52203A41}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EDE5512C-CE93-49FB-A140-5B7929766CF8}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6F12B8C4-EB38-4E53-A691-B3FB563B97BD}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E88DB85E-E38E-46AD-84E3-D84BC92EEB6B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{58483D92-6D7F-4128-9B45-7EBBE2E8DEC0}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5E658343-7DBE-401B-96F9-8862C40AC04D}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AF7FEF68-D882-4A6B-8BAB-978905408F5E}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AA4A31E8-4C31-4806-A071-89C78E37CFF7}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7DCDF06A-4154-4CEB-B792-EB08A7B0CA3B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6B7B08B7-5020-4007-92BB-FFEB382E85AD}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{776B366F-7C8C-4097-933C-A6DDC8B013C8}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{206C9813-B7CC-4E08-B520-3AE2B1DFCDEF}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8823C0BF-EE4D-451E-8676-84DAA208A00B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2BCDF9E5-B9DE-4C06-A8E6-7220BDF2F76B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{75E42FB4-CB01-43B8-8E70-097774F9BB66}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7D067CC6-9BA4-4ABE-904B-19C742DC843D}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{08D16F46-843C-42A2-9010-646AA951667D}C:\program files (x86)\hearthstone\hearthstone.exe] => C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7FB610A1-7B55-4BA2-A913-59EAD11788D1}C:\program files (x86)\hearthstone\hearthstone.exe] => C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [0x54435020517565727920557365727B37354536363530372D433734352D343843382D383532322D3638413844384237454343377D433A5C75736572735C2A2A442044C045C617070646174615C726F616D696E675C75746F7272656E745C75746F7272656E742E657865<*>] => C:\users\бонькать\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [0x55445020517565727920557365727B33354245413238312D443837412D344130312D394535412D3446394233443532423739387D433A5C75736572735C2A2A442044C045C617070646174615C726F616D696E675C75746F7272656E745C75746F7272656E742E657865<*>] => C:\users\бонькать\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{2E1304F0-29FC-456C-A28F-D525926C60ED}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{E7027524-6B09-408F-8F03-B1606FEFDCE6}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{094FEF2D-2395-488F-AE16-7936744CC3B8}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DC08AF1C-088E-40D0-BBC0-7BD445BAF4F1}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B591EE8F-445C-4FD2-AF3B-73321CC9D8E9}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4996103B-1AAF-4A81-854E-54B450A30611}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8BE56F48-0BF2-4886-B4D8-804C18CFD4A6}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
==================== Restore Points =========================
10-12-2016 22:14:32 Центр обновления Windows
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/13/2016 11:43:50 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Ошибка в процедуре открытия службы "BITS" из библиотеки "C:\Windows\System32\bitsperf.dll". Данные производительности не будут доступны для этой службы. Первые четыре байта (DWORD) в разделе данных содержат код ошибки.
Error: (12/12/2016 11:35:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Сбой активации приложения Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub. Ошибка: -2144927141. Дополнительные сведения см. в журнале Microsoft-Windows-TWinUI/Operational.
Error: (12/12/2016 11:35:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Сбой активации приложения microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1. Ошибка: -2144927141. Дополнительные сведения см. в журнале Microsoft-Windows-TWinUI/Operational.
Error: (12/12/2016 11:35:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Сбой активации приложения Microsoft.People_8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x. Ошибка: -2147024865. Дополнительные сведения см. в журнале Microsoft-Windows-TWinUI/Operational.
Error: (12/12/2016 11:35:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Сбой активации приложения Microsoft.People_8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x. Ошибка: -2144927141. Дополнительные сведения см. в журнале Microsoft-Windows-TWinUI/Operational.
Error: (12/12/2016 11:35:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Сбой активации приложения Microsoft.WindowsAlarms_8wekyb3d8bbwe!App. Ошибка: -2144927141. Дополнительные сведения см. в журнале Microsoft-Windows-TWinUI/Operational.
Error: (12/12/2016 11:35:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Сбой активации приложения Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo. Ошибка: -2144927141. Дополнительные сведения см. в журнале Microsoft-Windows-TWinUI/Operational.
Error: (12/12/2016 10:57:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Сбой активации приложения Microsoft.WindowsMaps_8wekyb3d8bbwe!App. Ошибка: -2144927148. Дополнительные сведения см. в журнале Microsoft-Windows-TWinUI/Operational.
Error: (12/12/2016 10:47:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Сбой активации приложения Microsoft.WindowsMaps_8wekyb3d8bbwe!App. Ошибка: -2144927148. Дополнительные сведения см. в журнале Microsoft-Windows-TWinUI/Operational.
Error: (12/12/2016 10:42:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Сбой активации приложения Microsoft.WindowsMaps_8wekyb3d8bbwe!App. Ошибка: -2144927148. Дополнительные сведения см. в журнале Microsoft-Windows-TWinUI/Operational.
System errors:
=============
Error: (12/13/2016 05:23:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы "ServiceMgr" из-за ошибки
Не удается найти указанный файл.
Error: (12/13/2016 05:23:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Служба "CDPUserSvc_41591" завершена из-за ошибки
Неопознанная ошибка
Error: (12/13/2016 05:23:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы "SAService" из-за ошибки
Не удается найти указанный файл.
Error: (12/13/2016 07:36:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Служба "Защита программного обеспечения" зависла при запуске.
Error: (12/13/2016 07:33:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы "ServiceMgr" из-за ошибки
Не удается найти указанный файл.
Error: (12/13/2016 07:31:36 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Служба "CDPUserSvc_40945" завершена из-за ошибки
Неопознанная ошибка
Error: (12/13/2016 07:31:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы "SAService" из-за ошибки
Не удается найти указанный файл.
Error: (12/13/2016 07:30:20 AM) (Source: NetBT) (EventID: 4300) (User: )
Description: Не удается создать драйвер.
Error: (12/13/2016 07:30:20 AM) (Source: NetBT) (EventID: 4300) (User: )
Description: Не удается создать драйвер.
Error: (12/13/2016 07:30:08 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Служба "Служба хранилища" не завершила работу должным образом после получения управления для выполнения предзавершающих операций.
CodeIntegrity:
===================================
Date: 2016-12-13 11:20:44.892
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_a41d83955b423dff\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-13 11:20:44.496
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-12 22:26:45.109
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_a41d83955b423dff\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-12 22:26:44.690
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 15:17:20.450
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_fe7c040832a3bf1e\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 15:17:19.082
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-10 07:46:51.844
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_fe7c040832a3bf1e\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-10 07:46:47.791
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-09 10:21:59.371
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_fe7c040832a3bf1e\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-09 10:21:58.990
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 72%
Total physical RAM: 3961.77 MB
Available physical RAM: 1098.32 MB
Total Virtual: 7161.77 MB
Available Virtual: 3612 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:417.94 GB) (Free:155.21 GB) NTFS ==>[system with boot components (obtained from drive)]Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:20.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D17974E2)
Partition: GPT.
==================== End of Addition.txt ============================
1 ответ
Admin Админ. ответил 8 лет назад
Запустите программу Блокнот и вставьте в открытое окно следующий текст
CreateRestorePoint:
HKU\S-1-5-21-3611519387-3624931759-1378339320-1002\...\Run: [**<*>] => explorer.exe hxxp://kb-ribaki.org <===== ATTENTION (Value Name with invalid characters)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
SearchScopes: HKU\S-1-5-21-3611519387-3624931759-1378339320-1002 -> {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3611519387-3624931759-1378339320-1002 -> {B77D0045-7176-48BD-B2A9-3B5F5019F1DC} URL =
CHR HKLM-x32\...\Chrome\Extension: [icanjjkadceebmhanpekkofdhclnoijl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
Task: {31DBAD6A-4ACE-4F32-B500-B771155BEAAF} - System32\Tasks\InternetDA => Chrome.exe hxxp://nbsallastar.com/kentucky
Task: {03777C47-32DA-4758-BF40-32BBC6C9A994} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {086959C8-11EB-48C1-8604-D5D9CB8C5660} - \WPD\SqmUpload_S-1-5-21-3611519387-3624931759-1378339320-1002 -> No File <==== ATTENTION
Task: {0CED7F59-AC01-455B-94C3-C21169835E0D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {2248CAC0-0765-433C-9059-A623916247C2} - \Lenovo\Lenovo Service Bridge\S-1-5-21-3611519387-3624931759-1378339320-1002 -> No File <==== ATTENTION
Task: {28C5653E-659F-4D9D-B4F0-62D0300FA1BF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {359A3C43-B275-4B2E-A032-FAFA4C47D1CC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4FC591F9-3A89-4BA6-964C-93749216DEE5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {51ECEBC7-7F52-4472-9D16-59BD15AE7D9C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {601E2451-0CD9-43C9-AF5F-730DB60E0F22} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7B54D16D-59D6-40C1-A82E-9B3E4E4F6941} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {DEE71FE5-309F-4BBE-8A41-0B072037F967} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {EBCCAA38-53A3-49BB-8E13-A3CAED8FB8D7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
EmptyTemp:
Reboot:
Сохраните полученный файл в папку где находится программа FRST/FRST64 под именем fixlist
Запустите программу FRST и нажмите кнопку Fix.
Когда программа закончит работу появиться сообщение «Fix completed». Нажмите OK.
Откроется блокнот с содержимым файла fixlog.txt. Вставьте содержимое этого файла в ваш ответ.
После этого выполните новую проверку программой FRST (перед нажатием клавиши Scan поставьте галочку в пункте Addition.txt) и оба её лога прикрепите к вашему сообщению в новой теме на нашем форуме. Ссылку на эту тему добавьте сюда.
