запуск Хрома с smartinf.ru

1 июля, 2015

Проблема с автозапуском браузеров с smartinf.ru плюс не могу изменить поисковую систему в хроме.

CollectionLog-2015.06.30-20.43.zip

1 июля, 2015

Выполните скрипт в AVZ

begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
  begin
   SearchRootkit(true, true);
   SetAVZGuardStatus(True);
  end;
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
QuarantineFile('C:\Users\Bakhtier\appdata\local\kometa\kometaup.exe','');
QuarantineFile('C:\Users\Bakhtier\AppData\Local\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Users\Bakhtier\AppData\Roaming\GKSWKV.exe','');
QuarantineFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe','');
QuarantineFile('C:\Program Files (x86)\Crazy Deals\crazy_deals_helper_service.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-7.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-6.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-5.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-3.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-10.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-1-7.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-1-6.exe','');
DeleteService('BdSandBox');
DeleteService('BDMWrench_x64');
DeleteService('BDFileDefend');
DeleteService('BDEnhanceBoost');
DeleteService('bd0002');
SetServiceStart('BDMNetMon', 4);
DeleteService('BDMNetMon');
SetServiceStart('BDArKit', 4);
DeleteService('BDArKit');
SetServiceStart('bd0004', 4);
DeleteService('bd0004');
SetServiceStart('bd0003', 4);
DeleteService('bd0003');
QuarantineFile('C:\Users\Bakhtier\AppData\Roaming\TaobaoProtect\TBSecSvc.exe','');
QuarantineFile('C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\secbizsrv.exe','');
SetServiceStart('BDSGRTP', 4);
DeleteService('BDSGRTP');
QuarantineFile('c:\users\bakhtier\appdata\roaming\taobaoprotect\tbsecsvc.exe','');
TerminateProcessByName('c:\users\bakhtier\appdata\roaming\acewebextension\updater\ace_web_extension.exe');
DeleteFile('c:\users\bakhtier\appdata\roaming\acewebextension\updater\ace_web_extension.exe','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0003.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0004.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\BDArKit.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\BDMNetMon.sys','32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\BaiduProtect.exe','32');
DeleteFile('globalUpdate.sys','32');
DeleteFile('globalUpdatem.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\BdSandBox.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\BDMWrench_x64.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\BDFileDefend.sys','32');
DeleteFile('C:\Windows\system32\drivers\BDEnhanceBoost.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0002.sys','32');
DeleteFile('C:\Users\Bakhtier\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-1-6.exe','32');
DeleteFile('C:\Windows\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-1-6.job','64');
DeleteFile('C:\Windows\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-1-7.job','64');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-10.exe','32');
DeleteFile('C:\Windows\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-10_user.job','64');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-3.exe','32');
DeleteFile('C:\Windows\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-3.job','64');
DeleteFile('C:\Windows\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-5.job','64');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-5.exe','32');
DeleteFile('C:\Windows\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-5_user.job','64');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-6.exe','32');
DeleteFile('C:\Windows\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-6.job','64');
DeleteFile('C:\Windows\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-7.job','64');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV12.04\22971831-d857-4e91-b0c5-c6b81f6ca45b-7.exe','32');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job','64');
DeleteFile('C:\Windows\Tasks\crazy_deals_helper_service.job','64');
DeleteFile('C:\Program Files (x86)\Crazy Deals\crazy_deals_helper_service.exe','32');
DeleteFile('C:\Windows\Tasks\Crossbrowse.job','64');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe','32');
DeleteFile('C:\Users\Bakhtier\AppData\Roaming\GKSWKV.exe','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job','64');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job','64');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe','32');
DeleteFile('C:\Windows\Tasks\Update Service for Torrent Search.job','64');
DeleteFile('C:\Windows\Tasks\Update Service for Torrent Search2.job','64');
DeleteFile('C:\Windows\system32\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-1-6','64');
DeleteFile('C:\Windows\system32\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-1-7','64');
DeleteFile('C:\Windows\system32\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-10_user','64');
DeleteFile('C:\Windows\system32\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-3','64');
DeleteFile('C:\Windows\system32\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-5','64');
DeleteFile('C:\Windows\system32\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-5_user','64');
DeleteFile('C:\Windows\system32\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-6','64');
DeleteFile('C:\Windows\system32\Tasks\22971831-d857-4e91-b0c5-c6b81f6ca45b-7','64');
DeleteFile('C:\Windows\system32\Tasks\crazy_deals_helper_service','64');
DeleteFile('C:\Windows\system32\Tasks\Crossbrowse','64');
DeleteFile('C:\Windows\system32\Tasks\SmartWeb Upgrade Trigger Task','64');
DeleteFile('C:\Users\Bakhtier\AppData\Local\SmartWeb\SmartWebHelper.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Update Service for Torrent Search','64');
DeleteFile('C:\Windows\system32\Tasks\Update Service for Torrent Search2','64');
DeleteFile('C:\Users\Bakhtier\appdata\local\kometa\kometaup.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.

Компьютер перезагрузится.

Выполните скрипт в AVZ

begin
CreateQurantineArchive('c:\quarantine.zip');
end.

c:\quarantine.zip отправьте по адресу newvirus@kaspersky.com

Полученный ответ сообщите здесь (с указанием номера KLAN)

Сделайте НОВЫЕ логи ПО ПРАВИЛАМ

1 июля, 2015

Отправил.... правда не знал что написать в теле письма. Подожду что ответят.

"Ответ на моё письмо":

Здравствуйте,

Это сообщение сформировано автоматической системой приёма писем. Сообщение содержит информацию о том, какие вердикты на файлы (если таковые есть в письме) выносит Антивирус с последними обновлениями.

crazy_deals_helper_service.exe
secbizsrv.exe,
TBSecSvc.exe

Получен набор неизвестных файлов, они будут переданы в Вирусную Лабораторию.

С уважением, Лаборатория Касперского

"125212, Россия, Москва, Ленинградское шоссе, д.39А, стр.3 Тел./факс: + 7 (495) 797 8700 http://www.kaspersky.ru http://www.viruslist.ru"

Hello,

This message has been generated by an automatic message response system. The message contains details about verdicts that have been returned by Anti-Virus in response to the files (if any are included in the message) with the latest updates installed.

crazy_deals_helper_service.exe
secbizsrv.exe,
TBSecSvc.exe

A set of unknown files has been received. They will be sent to the Virus Lab.

Best Regards, Kaspersky Lab

"39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com http://www.viruslist.com"

--------------------------------------------------------------------------------
Sent: 7/1/2015 11:11:17 AM
To: newvirus@kaspersky.com
Subject: http://forum.kasperskyclub.ru/

Добрый день.

Во вложении архив который сгенерировал AVZ. Обратиться к вам с данным вложением рекомендовал модератор с форума из темы письма. Как-то сумбурно я всё объяснил.

Спасибо.

1 июля, 2015

Сделайте НОВЫЕ логи ПО ПРАВИЛАМ

2 июля, 2015

Добрый день.

Всё сделал по шагам как написано, в http://[url=http://forum.kasperskyclub.ru/index.php?showtopic=43640]Порядок оформления запроса о помощи[/url].

Может есть более новая инструкция по сбору логов? Подскажите, пожалуйста, что делаю не так.

Спасибо.

CollectionLog-2015.07.02-15.59.zip

2 июля, 2015

Подскажите, пожалуйста, что делаю не так.

Все делаете правильно, хоть и после напоминания.

Сделайте лог полного сканирования МВАМ

3 июля, 2015

Сделал. Лог во вложении.

MBAM.txt

3 июля, 2015

выберите Карантин для всего найденного в MBAm (можете оставить Ваши любимые ломалки для прог).
новый лог приложите

4 июля, 2015

Лог во вложении. Вроде ничего не найдено.

MBAM1.txt

4 июля, 2015

Скачайте Farbar Recovery Scan Tool

и сохраните на Рабочем столе.

Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.

Запустите программу двойным щелчком. Когда программа запустится, нажмите Yes для соглашения с предупреждением.

Убедитесь, что в окне Optional Scan отмечены "List BCD" и "Driver MD5".

Нажмите кнопку Scan.

После окончания сканирования будет создан отчет (FRST.txt) в той же папке, откуда была запущена программа. Пожалуйста, прикрепите отчет в следующем сообщении.

Если программа была запущена в первый раз, будет создан отчет (Addition.txt). Пожалуйста, прикрепите его в следующем сообщении.

5 июля, 2015

Не загружается файл FRST.txt (ошибка403)

пытался его загрузить с Chrom и Firefox -результат один ошибка 403

Содержимое файла frst.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-07-2015
Ran by Bakhtier (administrator) on HP on 05-07-2015 10:30:08
Running from C:\Users\Bakhtier\Desktop
Loaded Profiles: Bakhtier (Available Profiles: Bakhtier)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Русский (Россия)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(????????????????) C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\BaiduProtect.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Device Health\DhMachineSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgr.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(MDL Forum, mod by Ratiborus) C:\ProgramData\KMSAuto\bin\KMSSS.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(Alipay.com Inc. ) C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\pcas.exe
(ProQuest Business Solutions) C:\Program Files (x86)\BHPS\Pmap1\bin\MapperMonService.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\BHPS\JRE160\bin\javaw.exe
(Alipay.com Inc. ) C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\secbizsrv.exe
(Macrovision Corporation) C:\Program Files (x86)\BHPS\lic\bin\lmgrd.exe
(Macrovision Corporation) C:\Program Files (x86)\BHPS\lic\bin\lmgrd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(????(??)????) C:\Users\Bakhtier\AppData\Roaming\TaobaoProtect\TBSecSvc.exe
(Generic) C:\Windows\SysWOW64\ufdsvc.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\LEsrv.exe
(Snap-on Business Solutions) C:\Program Files (x86)\BHPS\MAPU\bin\DBMONSERVICE.EXE
(Transaction Software, D 81829 Munich) C:\Program Files (x86)\BHPS\MAPU\bin\TBMUX32.EXE
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Alipay.com Inc. ) C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\aliwssv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Alibaba (China) Co., Ltd.) C:\Program Files (x86)\TradeManager\AliIM.exe
() C:\Users\Bakhtier\AppData\Roaming\ACEStream\engine\ace_engine.exe
(Ghisler Software GmbH) C:\totalcmd_IT\TOTALCMD.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Users\Bakhtier\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Яндекс) C:\Users\Bakhtier\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ООО Яндекс) C:\Program Files (x86)\Yandex\Punto Switcher\punto.exe
(Ilja Herlein) C:\Program Files (x86)\NetSetMan\netsetman.exe
() C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe
(????(??)????) C:\Users\Bakhtier\AppData\Roaming\TaobaoProtect\TaobaoProtect.exe
(ООО Яндекс) C:\Program Files (x86)\Yandex\Punto Switcher\ps64ldr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Яндекс) C:\Users\Bakhtier\AppData\Roaming\Yandex\YandexDisk\wow64\YandexDiskStarter.exe
(Яндекс) C:\Users\Bakhtier\AppData\Roaming\Yandex\YandexDisk\YandexDiskStarter.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Alipay.com Inc. ) C:\ProgramData\alipay\Alipaybsm.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\totalcmd_IT\TCMDX64.EXE
(ООО АДСЛ Клуб) C:\Program Files (x86)\IP-TV Player\IpTvPlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Snapon Business Solutions) C:\Program Files (x86)\BHPS\MAPU\bin\QLinkService.exe
(Transaction Software, D 81829 Munich) C:\Program Files (x86)\BHPS\MAPU\bin\TBKERN32.EXE
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-06-03] (IDT, Inc.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-04-21] (Synaptics Incorporated)
HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [4124360 2014-09-24] (ESET)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe --silent
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [NetSetMan] => C:\Program Files (x86)\NetSetMan\netsetman.exe [5972648 2014-06-03] (Ilja Herlein)
HKLM-x32\...\Run: [sCX4623_Scan2Pc] => C:\Windows\Twain_32\Samsung\SCX4623\Scan2pc.exe [2043392 2012-03-13] ()
HKLM-x32\...\Run: [4623 Scan2PC] => C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe [2043392 2012-03-13] ()
HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl)
HKLM-x32\...\Run: [sTO Backup Service] => C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [199800 2012-09-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [sTO Launcher Service] => C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [405624 2012-09-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Timestasks] => "C:\Program Files (x86)\Zaxar\timetasks.exe"
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [43871968 2015-06-26] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\Run: [aliim] => C:\Program Files (x86)\TradeManager\AliIM.exe [295416 2015-04-07] (Alibaba (China) Co., Ltd.)
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\Run: [AceStream] => C:\Users\Bakhtier\AppData\Roaming\ACEStream\engine\ace_engine.exe [23984 2014-12-07] ()
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\Run: [Totalcmd IT] => C:\totalcmd_IT\totalcmd.exe [4065648 2014-04-30] (Ghisler Software GmbH)
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\Run: [OneDrive] => C:\Users\Bakhtier\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664 2015-05-22] (Microsoft Corporation)
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\Run: [4B7C9DB66ACEABEE7729E67F7D219E76D6D6AA42._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\Run: [syncManPath] => C:\Users\Bakhtier\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe [22591776 2015-05-06] (Яндекс)
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\Run: [GoogleChromeAutoLaunch_36BE03A6E20B87235794FC88EE741CE3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\MountPoints2: {48890ec5-ad2e-11e4-adbc-101f740d5bba} - H:\AutoRun.exe
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\...\MountPoints2: {92b2f087-5aad-11e4-a66e-ccaf78fe983c} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\autorun.exe /auto
Startup: C:\Users\Bakhtier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Punto Switcher.lnk [2015-06-23]
ShortcutTarget: Punto Switcher.lnk -> C:\Program Files (x86)\Yandex\Punto Switcher\punto.exe (ООО Яндекс)
ShellIconOverlayIdentifiers: [ 00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => No File
ShellIconOverlayIdentifiers: [ 00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => No File
ShellIconOverlayIdentifiers: [ 00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => No File
ShellIconOverlayIdentifiers: [ 00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => No File
ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => C:\Users\Bakhtier\AppData\Local\Temp\mcse64_00.dll [2015-04-10] ()
ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => C:\Users\Bakhtier\AppData\Local\Temp\mcse64_00.dll [2015-04-10] ()
ShellIconOverlayIdentifiers: [ MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => C:\Users\Bakhtier\AppData\Local\Temp\mcse64_00.dll [2015-04-10] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Bakhtier\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Bakhtier\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Bakhtier\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [0YndCase0Sync] -> {63D48440-63AB-44D0-B323-4731DFCDE9E9} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll [2014-08-27] ()
ShellIconOverlayIdentifiers: [0YndCase1Modified] -> {7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll [2014-08-27] ()
ShellIconOverlayIdentifiers: [0YndCase2Error] -> {FB2FE984-05F5-4512-9D9B-69D3DE61F6D9} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll [2014-08-27] ()
ShellIconOverlayIdentifiers: [0YndCase3Shared] -> {AF8D197E-7022-4c3d-BD88-68AD35C9C169} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll [2014-08-27] ()
ShellIconOverlayIdentifiers: [Обработчик значков цифровых подписей AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => No File
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => No File
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => No File
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => No File
ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => C:\Users\Bakhtier\AppData\Local\Temp\mcse32_00.dll [2015-04-10] ()
ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => C:\Users\Bakhtier\AppData\Local\Temp\mcse32_00.dll [2015-04-10] ()
ShellIconOverlayIdentifiers-x32: [ MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => C:\Users\Bakhtier\AppData\Local\Temp\mcse32_00.dll [2015-04-10] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Bakhtier\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Bakhtier\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Bakhtier\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
GroupPolicy-x32: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ru-ru/?ocid=iehp
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://spacesearch.ru/?ri=1&rsid=49c0b9b6bab6187a5120e911374d5c4b&q={searchTerms}
HKU\S-1-5-21-3976988410-595758751-1470289915-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://spacesearch.ru/?ri=1&rsid=49c0b9b6bab6187a5120e911374d5c4b&q={searchTerms}
URLSearchHook: [s-1-5-21-3976988410-595758751-1470289915-1000] ATTENTION ==> Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-3976988410-595758751-1470289915-1000 - (No Name) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3976988410-595758751-1470289915-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = http://spacesearch.ru/?ri=1&rsid=49c0b9b6bab6187a5120e911374d5c4b&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3976988410-595758751-1470289915-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = http://spacesearch.ru/?ri=1&rsid=49c0b9b6bab6187a5120e911374d5c4b&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3976988410-595758751-1470289915-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = http://spacesearch.ru/?ri=1&rsid=49c0b9b6bab6187a5120e911374d5c4b&q=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-06-02] (Oracle Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26] (HP)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2013-09-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2013-09-13] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-06-02] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-07-10] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-02] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26] (HP)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-06-02] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2013-09-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-09-13] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-02] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
DefaultPrefix-x32: => http://spacesearch.ru/?ri=1&rsid=49c0b9b6bab6187a5120e911374d5c4b&q=<==== ATTENTION
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B1DF5530-7537-4D3D-81C1-A1B023D8C5FA}: [NameServer] 10.78.62.245 10.78.83.245
Tcpip\..\Interfaces\{D36F2448-03A4-4BDC-BB60-53EC3956441A}: [NameServer] 91.223.98.6,8.8.8.8
Tcpip\..\Interfaces\{DA21C585-FE03-40F1-9591-4255C71D6E5F}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Bakhtier\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF DefaultSearchEngine: РџРѕРёСЃРє@Mail.Ru
FF SelectedSearchEngine: Поиск@Mail.Ru
FF Homepage: hxxp://ovsemko.ru/?utm_source=startpage03&utm_content=4f910667796aabf2c95cb9f7aef6366b
FF Keyword.URL: hxxp://go.mail.ru/search?fr=ntg&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-24] ()
FF Plugin: @alipay.com/npalicert -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalicdo64.dll [2015-03-23] (alipay.com)
FF Plugin: @alipay.com/npAliInetHealth -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAlipaydhc64.dll [2015-03-23] (Alipay.com Inc. )
FF Plugin: @alipay.com/npAliSecCtrl -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAliSecCtrl64.dll [2015-03-23] (Alipay.com Inc. )
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-06-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 -> C:\Program Files (x86)\TradeManager\nptrademanager.dll [2015-03-31] ( )
FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\TradeManager\npwangwang.dll [2015-03-31] ( )
FF Plugin-x32: @alipay.com/npalicert -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalicdo.dll [2015-03-23] (alipay.com)
FF Plugin-x32: @alipay.com/npalidcp -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npalidcp.dll [2014-07-03] (Alipay.com co.,ltd)
FF Plugin-x32: @alipay.com/npaliedit -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npaliedit.dll [2014-07-03] (Alipay.com co.,ltd)
FF Plugin-x32: @alipay.com/npAliInetHealth -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAlipaydhc.dll [2015-03-23] (Alipay.com Inc. )
FF Plugin-x32: @alipay.com/npAliSecCtrl -> C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\npAliSecCtrl.dll [2015-03-23] (Alipay.com Inc. )
FF Plugin-x32: @alipay.com/NPComBrg701,version=1.0.2011.701 -> C:\Windows\system32\itruscert\NPComBrg701.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-10] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wiz.cn/Wiz np plugin,version=1.0 -> C:\Program Files (x86)\WizNote\NPWizWebCapture.dll [2015-06-19] (AmazingNote.com)
FF Plugin HKU\S-1-5-21-3976988410-595758751-1470289915-1000: @acestream.net/acestreamplugin,version=3.0.3 -> C:\Users\Bakhtier\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-07] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3976988410-595758751-1470289915-1000: @alibaba.com/npAliSSOLogin;version=1.0 -> C:\Program Files (x86)\TradeManager\npAliSSOLogin.dll [2014-04-29] (Alibaba software (Shanghai) Corporation.)
FF Plugin HKU\S-1-5-21-3976988410-595758751-1470289915-1000: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" No File
FF Plugin HKU\S-1-5-21-3976988410-595758751-1470289915-1000: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" No File
FF Plugin HKU\S-1-5-21-3976988410-595758751-1470289915-1000: @hola.org/vlc,version=1.8.369 -> C:\Users\Bakhtier\AppData\Local\Hola\firefox\app\vlc No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-07-10] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Bakhtier\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-135824.xml [2014-10-24]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mailru.xml [2015-05-14]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ozonru.xml [2015-05-14]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\priceru.xml [2015-05-14]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yandex-slovari.xml [2015-05-14]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yandex.xml [2015-05-14]
FF Extension: openbookmarkintabpirosakuranejp - C:\Users\Bakhtier\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\openbookmarkintab@piro.sakura.ne.jp [2015-05-28]
FF Extension: Универсальный перевод для FireFox - C:\Users\Bakhtier\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\translator@zoli.bod [2015-06-22]
FF Extension: Crazy Deals - C:\Users\Bakhtier\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\YBuH4d@gmail.com [2015-05-28]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2014-10-24]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-23]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (QR Creator) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2014-10-23]
CHR Extension: (Torrent Search) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2014-10-23]
CHR Extension: (Google Docs) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-23]
CHR Extension: (Google Drive) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-23]
CHR Extension: (TV) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-10-23]
CHR Extension: (YouTube) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-23]
CHR Extension: (Adblock Plus) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-28]
CHR Extension: (QR Code) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjkdaecefklmlnefmjpiigkphphobhm [2014-10-23]
CHR Extension: (Pushbullet) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2014-10-23]
CHR Extension: (Google Search) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-23]
CHR Extension: (Tampermonkey) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-12-12]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-10-23]
CHR Extension: (Ebay Search PopUp) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmalimdmohhmidnkgkfgecclacbponkn [2014-10-23]
CHR Extension: (Dropbox for Gmail) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-07-01]
CHR Extension: (Google Play Music) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-10-23]
CHR Extension: (Google Sheets) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-23]
CHR Extension: (Print Selection) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkdpdnociibpkkpjgmcmdlnjlebpajk [2014-10-23]
CHR Extension: (Save to Google Drive) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-10-23]
CHR Extension: (Marqueed Web App) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbbhliifccolgoaijmaielecailmjnoo [2014-10-23]
CHR Extension: (Amazon ships to you) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\hegokfkepcpmjbdgjhooigbilhmoegpp [2014-10-23]
CHR Extension: (Tiny Gallery) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlioliaiebmgachfiaainnbohikbpjko [2014-10-23]
CHR Extension: (Reedy) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbdojmggkmjbhfflnchljfkgdhokffj [2014-10-23]
CHR Extension: (Instant Translate) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2014-10-23]
CHR Extension: (WizNote Web Clipper) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfanfpmalehkemdiiebjljddhgojhfab [2015-06-25]
CHR Extension: (Readability Redux) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggheggpdocamneaacmfoipeehedigia [2014-10-23]
CHR Extension: (Blackball Pool) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjkhefodfbgjpcmahghmfggbcpjabnag [2014-10-23]
CHR Extension: (Speed Dial 2 (ru)) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\joejifmlepfojlkjdehljakdmhlpnlfo [2014-10-23]
CHR Extension: (Поиск на Яндекс.Маркет) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcajglmkmpjbgmhkndelbkljpffblood [2014-10-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Skype Click to Call) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-10]
CHR Extension: (friGate CDN - access to sites) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbacbcfdfaapbcnlnbmciiaakomhkbkb [2015-06-22]
CHR Extension: (Pocket) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2014-10-23]
CHR Extension: (Search on Aliexpress) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfafmhchkpnmndepjgjkeakfojecnbij [2014-10-23]
CHR Extension: (No Name) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-07-01]
CHR Extension: (Google Wallet) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-23]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-02-26]
CHR Extension: (chromeIPass) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2015-05-25]
CHR Extension: (Evernote Web Clipper) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-10-23]
CHR Extension: (Gmail) - C:\Users\Bakhtier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-23]
CHR HKU\S-1-5-21-3976988410-595758751-1470289915-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM-x32\...\Chrome\Extension: [hhjmihalfdochhinhfogciaafppfgpjj] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ilamgbdaebkbpkkmfmmfbnaamkhijdek] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [mofcklffffgbdgnoipdokcclbhomkpie] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ofdgafmdegfkhfdfkmllfefmcmcjllec] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnooffjhclkocplopffdbcdghmiffhji] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R2 BDSGRTP; C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\BaiduProtect.exe [1935976 2015-04-12] (????????????????)
R2 Bluetooth Low Energy Service; C:\Program Files\Motorola\Bluetooth\LEsrv.exe [591920 2011-07-20] (Motorola Solutions, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Корпорация Майкрософт)
R2 DeviceHealth; C:\Program Files (x86)\Microsoft Device Health\DhMachineSvc.exe [196760 2015-01-30] (Microsoft Corporation)
R2 DeviceHealthPluginMgr; C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgr.exe [244376 2015-01-30] (Microsoft Corporation)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [41672 2014-09-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1029704 2014-09-24] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [190152 2014-09-24] (ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-10-24] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2014-10-24] (Macrovision Europe Ltd.) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
S2 iobroker.exe; D:\ioBroker\daemon\iobroker.exe [36352 2015-03-29] (CloudBees, Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 KMSEmulator; C:\ProgramData\KMSAuto\bin\KMSSS.exe [297472 2014-05-20] (MDL Forum, mod by Ratiborus) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8919 2015-01-12] () [File not signed]
R2 pcas; C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\pcas.exe [592856 2015-03-23] (Alipay.com Inc. )
R2 pqeauto.database.dbmonitor.MAPU; C:\Program Files (x86)\BHPS\MAPU\bin\DBMonService.exe [73728 2015-06-03] (Snap-on Business Solutions) [File not signed]
R2 pqeauto.energy.mappermonitor; C:\Program Files (x86)\BHPS\Pmap1\bin\MapperMonService.exe [69632 2015-06-03] (ProQuest Business Solutions) [File not signed]
R2 QLinkService.MAPU; C:\Program Files (x86)\BHPS\MAPU\bin\QLinkService.exe [126976 2015-06-03] (Snapon Business Solutions) [File not signed]
R2 secbizsrv; C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\secbizsrv.exe [594904 2015-03-23] (Alipay.com Inc. )
R2 Snap-on Product License Manager; C:\Program Files (x86)\BHPS\lic\\bin\lmgrd.exe [1423440 2015-06-03] (Macrovision Corporation) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [333824 2013-06-03] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-04-21] (Synaptics Incorporated)
R2 TBSecSvc; C:\Users\Bakhtier\AppData\Roaming\TaobaoProtect\TBSecSvc.exe [203232 2015-06-30] (????(??)????)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-02-09] (Microsoft Corporation) [File not signed]
R2 UFDSVC; C:\Windows\SysWOW64\ufdsvc.exe [69632 2006-02-15] (Generic) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-02-08] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Корпорация Майкрософт)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Корпорация Майкрософт)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [181072 2015-04-12] (Baidu)
R1 bd0004; C:\Windows\System32\DRIVERS\bd0004.sys [169288 2015-04-12] (Baidu)
R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2015-04-12] (Baidu Technology)
R1 BDMWrench; C:\Windows\System32\DRIVERS\BDMWrench.sys [56648 2015-04-12] (Baidu)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2014-11-24] (www.winchiphead.com)
S3 CisUtMonitor; C:\Windows\System32\DRIVERS\CisUtMonitor.sys [33360 2014-05-29] (CrystalIdea Software)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219696 2014-08-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155896 2014-08-19] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [198096 2014-08-19] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [40512 2014-08-19] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [59064 2014-09-10] (ESET)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2015-06-25] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Корпорация Майкрософт)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-21] (Synaptics Incorporated)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 utewodax; C:\Windows\SysWOW64\Drivers\utewodax.sys [7168 2015-07-02] () [File not signed]
S1 vdewodax; C:\Windows\SysWOW64\Drivers\vdewodax.sys [13312 2015-07-01] () [File not signed]
S3 VGPU; No ImagePath
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Корпорация Майкрософт)
S1 bd0002; system32\DRIVERS\bd0002.sys [X]
S1 BDMWrench_x64; system32\DRIVERS\BDMWrench_x64.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Accelerometer.sys 1CFFE9C06E66A57DAE1452E449A58240
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys A87FC6E3670DB55788184FE3A3808712
C:\Windows\System32\DRIVERS\atikmpag.sys 971F3B12C24BB83B48F8CCA2ED019906
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bd0001.sys F75F5F5703182987905AE13CC18E72EA
C:\Windows\System32\DRIVERS\bd0004.sys 65EC0634B16B2A9C0686F45490F5A00F
C:\Windows\System32\DRIVERS\BDArKit.sys AC5C57F6C95C5B2EE4FE78C7C93372A5
C:\Windows\System32\DRIVERS\BDMWrench.sys A5B8889940B7CDD723E5DB8E370BA99C
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\Drivers\btmcom.sys 3B5B2F6067D1962041ED3C5460C073CB
C:\Windows\System32\Drivers\btmusb.sys 952D2EA2CDE458CE44E409324DDE784B
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\Drivers\CH341S64.SYS C58EC27035731337ADD1326880086B16
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CisUtMonitor.sys 887A9970E711232E2C93F0FD343A1C9D
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys 50F92C943F18B070F166D019DFAB3D9A
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\System32\DRIVERS\E1G6032E.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\eamonm.sys 1EA0DFA4EC20CED836285C75D39AF4E0
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ehdrv.sys A4373003F512679B91629ED78FE6CA3D
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\epfw.sys ED83978FAB0A80CE461120A5CBBF455F
C:\Windows\System32\DRIVERS\EpfwLWF.sys E4B5F1A05D6A1AF01F68A7476C27FAC4
C:\Windows\System32\DRIVERS\epfwwfp.sys 7C611CB30DC6DC7D0125E9BB71CD22C8
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbwwan.sys 664A3BA4FACA13819CDCEFB771CC4D0C
C:\Windows\System32\DRIVERS\ew_hwusbdev.sys 7230F4CF9F20DCD1DBF4BB3296EEED68
C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys 5222D99C7E3245882E864D2EA7011387
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\drivers\ftdibus.sys 0B0E36E669B47E256BE7BDB66D76CCCF
C:\Windows\System32\drivers\ftser2k.sys F1544BBC7E08BB5B9E9E97996C3FA04B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hpdskflt.sys 05712FDDBD45A5864EB326FAABC6A4E3
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ew_jubusenum.sys D49D4E7B70AD6B1D04771AC1F7DB79C7
C:\Windows\System32\DRIVERS\ewusbmdm.sys 7C24AD1FC015CD4D1B64959D13640EC3
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 0143C860F0D09B8465AE803FDDB47BE9
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys E489D12FF435AEEF4A5474C47D329590
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LEqdUsb.Sys 5EA1731968F2FD0E950DDCE6D36C5134
C:\Windows\System32\DRIVERS\LHidEqd.Sys 50AC0930F05DFB996F085B49E112E5C9
C:\Windows\System32\DRIVERS\LHidFilt.Sys 96EB043E2843B5A87A486D0BC6921094
C:\Windows\System32\DRIVERS\libusb0.sys 16E18CED459B1824234890386EE66CD5
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LMouFilt.Sys A5C1DA229B3B660BBF3BDC30ADBFBB61
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\Drivers\LUsbFilt.Sys 9659AA75AC920EF6393B8CF77E21D1B9
C:\Windows\system32\drivers\mbam.sys A8D28D5B3E2A528D1EF0E338E44F2820
C:\Windows\system32\drivers\mwac.sys AE757332EA130E94E646621CC695B52A
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TeeDriverx64.sys A37A2ED3321A7A7BC85FA05221051A7F
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28x.sys 9B3387C31AD3E2BD5467B5EA59BD9DED
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys B01C1E6D7477961D6D1CBDCD44AF3E67
C:\Windows\System32\DRIVERS\nusb3xhc.sys 796BAE22DD827DB8AD7AE7C3F775E92F
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\RtsPStor.sys D23399622ED6692BF6AA1D30322345FC
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 7B486E26DCA97766F3617A395690E76A
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys B71EF473D8B90A2C4DC76B03E382DEE6
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\Drivers\SSPORT.sys 0211AB46B73A2623B86C1CFCB30579AB
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys 51D4D3CBC37DB243AE80378B8BA5ADA2
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\Synth3dVsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\DRIVERS\SynTP.sys CDA92383EFB52846B7894280A559C330
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys EF4469AB69EB15E5D3754E6AEAFBCD3D
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\system32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbser.sys B57B4F0BEC4270A281B9F8537EB2FA04
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\SysWOW64\Drivers\utewodax.sys 524D8D450622DB4A7875B111C299A76B
C:\Windows\SysWOW64\Drivers\vdewodax.sys 8698843A69A239FF023AEC6CAF3939CC
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUSB.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 10:30 - 2015-07-05 10:30 - 00070167 _____ C:\Users\Bakhtier\Desktop\FRST.txt
2015-07-05 10:29 - 2015-07-05 10:30 - 00000000 ____D C:\FRST
2015-07-05 10:28 - 2015-07-05 10:28 - 02112512 _____ (Farbar) C:\Users\Bakhtier\Desktop\FRST64.exe
2015-07-04 09:50 - 2015-07-04 09:50 - 00001239 _____ C:\Users\Bakhtier\Desktop\MBAM1.txt
2015-07-04 09:16 - 2015-07-04 09:16 - 00001961 _____ C:\Users\Public\Desktop\IP-TV Player.lnk
2015-07-04 09:16 - 2015-07-04 09:16 - 00000000 ____D C:\Users\Все пользователи\IP-TV Player
2015-07-04 09:16 - 2015-07-04 09:16 - 00000000 ____D C:\ProgramData\IP-TV Player
2015-07-04 06:30 - 2015-07-04 06:30 - 00004967 _____ C:\Users\Bakhtier\Desktop\tv-torrent.org.Ed1Hi4ka.2015.O.WEB-DL.1080p.mkv.torrent
2015-07-04 05:43 - 2015-07-04 05:43 - 00287856 _____ C:\Windows\Minidump\070415-22276-01.dmp
2015-07-03 18:59 - 2015-07-03 19:00 - 10172305 _____ C:\Users\Bakhtier\Downloads\Phantom+update+tools.zip.part
2015-07-03 17:05 - 2015-07-03 17:05 - 00059625 _____ C:\Users\Bakhtier\Desktop\MBAM.txt
2015-07-03 11:32 - 2015-07-04 05:51 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-03 11:32 - 2015-07-03 11:32 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-03 11:32 - 2015-07-03 11:32 - 00000000 ____D C:\Users\Все пользователи\Malwarebytes
2015-07-03 11:32 - 2015-07-03 11:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-03 11:32 - 2015-07-03 11:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-03 11:32 - 2015-07-03 11:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-03 11:32 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-03 11:32 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-03 11:32 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-03 11:27 - 2015-07-03 11:28 - 00001529 _____ C:\Users\Bakhtier\Desktop\TOTALCMD.lnk
2015-07-02 15:49 - 2015-07-02 15:49 - 00007168 _____ C:\Windows\SysWOW64\Drivers\utewodax.sys
2015-07-01 13:58 - 2015-07-01 13:58 - 00708253 _____ C:\quarantine.zip
2015-07-01 13:13 - 2015-07-01 13:13 - 02873872 _____ C:\Users\Bakhtier\Downloads\uvs_v385.zip
2015-07-01 12:37 - 2015-07-01 12:41 - 00000000 ____D C:\AdwCleaner
2015-07-01 08:23 - 2014-06-17 12:09 - 00098400 _____ (http://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll
2015-07-01 08:23 - 2014-06-17 12:09 - 00083552 _____ (http://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusbK.dll
2015-07-01 08:07 - 2006-02-15 14:37 - 00069632 _____ (Generic) C:\Windows\SysWOW64\ufdsvc.exe
2015-06-30 19:26 - 2015-06-30 19:25 - 00176315 _____ C:\Users\Bakhtier\Desktop\ClearLNK.zip
2015-06-30 19:03 - 2015-07-01 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-30 18:05 - 2015-06-30 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SixaxisPairTool
2015-06-30 18:05 - 2015-06-30 18:05 - 00000000 ____D C:\Program Files (x86)\SixaxisPairTool
2015-06-30 16:12 - 2015-06-30 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-30 16:10 - 2015-06-30 16:10 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\Dropbox
2015-06-30 16:07 - 2015-07-05 10:12 - 00001104 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-06-30 16:07 - 2015-07-04 16:12 - 00001100 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-06-30 16:07 - 2015-07-04 05:49 - 00000000 ____D C:\Users\Bakhtier\AppData\Local\Dropbox
2015-06-30 16:07 - 2015-06-30 16:13 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-06-30 16:07 - 2015-06-30 16:07 - 00004100 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-06-30 16:07 - 2015-06-30 16:07 - 00003848 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-06-30 16:07 - 2015-06-30 16:07 - 00000000 ____D C:\Users\Все пользователи\Dropbox
2015-06-30 16:07 - 2015-06-30 16:07 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-25 15:51 - 2015-07-04 05:43 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-06-25 15:42 - 2015-06-25 15:42 - 00000000 ____D C:\Users\Bakhtier\Downloads\Hola
2015-06-25 15:42 - 2015-06-25 15:42 - 00000000 ____D C:\Users\Bakhtier\AppData\Local\Macromedia
2015-06-25 15:40 - 2015-06-25 15:40 - 00001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2015-06-25 13:44 - 2015-06-25 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WizNote
2015-06-25 13:43 - 2015-06-25 13:44 - 00000000 ____D C:\Program Files (x86)\WizNote
2015-06-24 10:12 - 2015-06-24 10:12 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-06-23 15:58 - 2015-07-01 13:50 - 00013312 _____ C:\Windows\SysWOW64\Drivers\vdewodax.sys
2015-06-23 14:50 - 2015-06-23 14:50 - 00000000 ____D C:\Users\Все пользователи\Doctor Web
2015-06-23 14:50 - 2015-06-23 14:50 - 00000000 ____D C:\ProgramData\Doctor Web
2015-06-23 14:29 - 2015-06-23 14:33 - 00000000 ____D C:\Users\Bakhtier\Doctor Web
2015-06-23 14:12 - 2015-06-23 14:12 - 00000000 ____D C:\Users\Все пользователи\DesktopIcons
2015-06-23 14:12 - 2015-06-23 14:12 - 00000000 ____D C:\ProgramData\DesktopIcons
2015-06-23 14:02 - 2015-06-23 14:04 - 00000105 ____H C:\firefox.bat
2015-06-23 14:02 - 2015-05-14 07:01 - 00376944 ____H (Mozilla Corporation) C:\firеfох.bаt.exe
2015-06-23 14:01 - 2015-06-23 14:01 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-06-23 13:59 - 2015-06-23 14:00 - 03098125 _____ C:\Users\Bakhtier\Downloads\2015-03_1426011934_aktivaciya-spyhunter.zip
2015-06-23 13:56 - 2015-07-03 17:10 - 00000000 ____D C:\Users\Bakhtier\Downloads\SpyHunter 4.17.6.4336_[tfile.me]
2015-06-23 13:45 - 2015-06-23 14:16 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\Enigma Software Group
2015-06-23 13:45 - 2015-06-23 13:45 - 00000000 _____ C:\autoexec.bat
2015-06-22 12:54 - 2015-06-22 12:54 - 00000000 ____D C:\Users\Bakhtier\AppData\Local\Вoйти в Интeрнет
2015-06-22 12:50 - 2015-07-04 09:28 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\IP-TV Player
2015-06-22 12:47 - 2015-06-22 12:47 - 00000000 ____D C:\Users\Bakhtier\AppData\Local\Поиcк в Интeрнете
2015-06-22 12:46 - 2015-07-04 09:16 - 00001973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP-TV Player.lnk
2015-06-22 12:46 - 2015-07-04 09:16 - 00000000 ____D C:\Program Files (x86)\IP-TV Player
2015-06-22 12:45 - 2015-06-22 12:45 - 06137984 _____ (OOO ADSL Club) C:\Users\Bakhtier\Downloads\ip-tv player.exe
2015-06-22 12:45 - 2015-06-22 12:45 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\MailProducts
2015-06-22 11:22 - 2015-06-22 11:22 - 00000000 ____D C:\Program Files\DIFX
2015-06-22 11:21 - 2015-06-22 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amlogic
2015-06-22 11:21 - 2015-06-22 11:21 - 00000000 ____D C:\Program Files (x86)\Amlogic
2015-06-19 14:01 - 2015-06-22 13:13 - 00003946 _____ C:\Users\Bakhtier\Documents\кухня.sto
2015-06-19 14:01 - 2015-06-19 14:01 - 00000868 _____ C:\Users\Bakhtier\Documents\кухня.~sto
2015-06-16 10:07 - 2015-06-24 15:07 - 18411184 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-16 10:03 - 2015-07-05 10:07 - 00000896 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-16 10:03 - 2015-06-24 15:34 - 00003834 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-14 09:26 - 2015-07-04 09:14 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\vlc
2015-06-14 09:25 - 2015-06-19 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-06-14 09:25 - 2015-06-14 09:25 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-06-14 09:21 - 2015-06-14 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-14 09:21 - 2015-06-14 09:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-14 09:21 - 2015-06-14 09:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-14 09:17 - 2015-06-14 09:32 - 00000000 ____D C:\Program Files (x86)\RusTV Player
2015-06-12 13:16 - 2015-06-12 13:16 - 00002156 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-12 08:31 - 2015-06-22 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lanmisoft
2015-06-12 08:31 - 2015-06-22 13:08 - 00000000 ____D C:\Program Files (x86)\Lanmisoft
2015-06-12 08:31 - 2015-06-12 08:31 - 00000000 ____D C:\Users\Все пользователи\Lanmisoft
2015-06-12 08:31 - 2015-06-12 08:31 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\Lanmisoft
2015-06-12 08:31 - 2015-06-12 08:31 - 00000000 ____D C:\ProgramData\Lanmisoft
2015-06-12 08:18 - 2015-06-12 08:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stamp 0.85
2015-06-12 08:18 - 2015-06-12 08:18 - 00000000 ____D C:\Program Files (x86)\Stamp
2015-06-12 08:16 - 2015-06-12 08:16 - 00850209 _____ (www.PHILka.RU ) C:\Users\Bakhtier\Downloads\Stamp_0.85_[tfile.ru].exe
2015-06-12 08:06 - 2015-06-12 08:06 - 00000000 ____D C:\Windows\Downloaded Installations
2015-06-12 08:06 - 2015-06-12 08:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Штамп
2015-06-12 08:06 - 2015-06-12 08:06 - 00000000 ____D C:\Program Files (x86)\GRM
2015-06-11 12:33 - 2015-06-11 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-06-09 14:48 - 2015-06-11 15:07 - 00019408 _____ C:\Users\Bakhtier\AppData\Local\mbt-actwiz.log
2015-06-09 14:47 - 2015-06-09 14:47 - 00002419 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2015-06-09 14:45 - 2015-06-09 14:45 - 00000000 ____D C:\Windows\system32\appmgmt
2015-06-09 14:25 - 2015-06-09 14:47 - 00000000 ____D C:\Windows\WindowsMobile
2015-06-07 05:26 - 2015-07-03 17:13 - 00000000 ____D C:\Users\Все пользователи\DeviceHealth
2015-06-07 05:26 - 2015-07-03 17:13 - 00000000 ____D C:\ProgramData\DeviceHealth

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 10:30 - 2014-10-24 11:46 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\uTorrent
2015-07-05 10:27 - 2014-12-31 16:53 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\Skype
2015-07-05 10:26 - 2015-06-02 01:06 - 00000464 _____ C:\Windows\Tasks\????????????.job
2015-07-05 10:19 - 2015-05-28 11:30 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\TaobaoProtect
2015-07-05 10:14 - 2014-10-23 15:53 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-05 09:51 - 2015-05-15 09:46 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08edacf4786b0.job
2015-07-05 09:51 - 2015-05-15 09:46 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08edacecd99f7.job
2015-07-05 09:51 - 2015-02-08 00:09 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0431a551c31f4.job
2015-07-05 09:51 - 2014-10-23 15:53 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-05 09:48 - 2015-05-28 11:30 - 00000458 _____ C:\Windows\Tasks\????????????.job
2015-07-05 07:33 - 2014-11-05 12:05 - 00000000 ____D C:\Program Files (x86)\TradeManager
2015-07-04 23:48 - 2014-10-23 16:40 - 00011716 _____ C:\Windows\SysWOW64\Gms.log
2015-07-04 05:57 - 2009-07-14 07:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-04 05:56 - 2014-10-23 15:13 - 01930988 _____ C:\Windows\WindowsUpdate.log
2015-07-04 05:55 - 2009-07-14 07:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-04 05:45 - 2014-11-05 12:05 - 00000000 ____D C:\Users\Все пользователи\boost_interprocess
2015-07-04 05:45 - 2014-11-05 12:05 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-04 05:43 - 2015-06-02 01:06 - 00000442 _____ C:\Windows\Tasks\????????????.job
2015-07-04 05:43 - 2015-01-01 19:47 - 763790329 _____ C:\Windows\MEMORY.DMP
2015-07-04 05:43 - 2015-01-01 19:47 - 00000000 ____D C:\Windows\Minidump
2015-07-04 05:43 - 2014-10-23 15:07 - 00209636 _____ C:\Windows\PFRO.log
2015-07-04 05:43 - 2014-02-09 08:59 - 00038155 _____ C:\Windows\setupact.log
2015-07-04 05:43 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-03 17:11 - 2014-11-20 10:08 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\KeePass
2015-07-03 11:28 - 2011-04-12 16:26 - 00736518 _____ C:\Windows\system32\perfh019.dat
2015-07-03 11:28 - 2011-04-12 16:26 - 00156200 _____ C:\Windows\system32\perfc019.dat
2015-07-03 11:28 - 2009-07-14 08:13 - 01682990 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-01 13:51 - 2009-07-14 08:08 - 00032516 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-01 13:50 - 2015-05-28 09:06 - 00000000 ____D C:\Program Files (x86)\Crazy Deals
2015-07-01 13:01 - 2015-05-25 09:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-01 12:56 - 2014-11-29 11:55 - 00000398 __RSH C:\Users\Все пользователи\ntuser.pol
2015-07-01 12:56 - 2014-11-29 11:55 - 00000398 __RSH C:\ProgramData\ntuser.pol
2015-07-01 12:40 - 2014-10-23 15:12 - 00000000 ____D C:\Users\Bakhtier
2015-07-01 12:37 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\tracing
2015-07-01 08:24 - 2014-10-23 16:15 - 00017330 _____ C:\Windows\DPINST.LOG
2015-06-30 18:16 - 2014-10-23 15:53 - 00000000 ____D C:\Users\Bakhtier\AppData\Local\Google
2015-06-30 18:15 - 2014-12-31 16:53 - 00000000 ____D C:\Users\Все пользователи\Skype
2015-06-30 18:15 - 2014-12-31 16:53 - 00000000 ____D C:\ProgramData\Skype
2015-06-30 18:06 - 2014-02-09 08:30 - 00000000 ____D C:\Users\Все пользователи\Package Cache
2015-06-30 18:06 - 2014-02-09 08:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-25 16:44 - 2014-03-14 17:24 - 00076384 _____ (http://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2015-06-25 16:44 - 2014-03-14 17:24 - 00067680 _____ (http://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2015-06-25 16:44 - 2014-03-14 17:24 - 00052832 _____ (http://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2015-06-25 13:51 - 2015-02-26 11:10 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\Wiz
2015-06-24 15:07 - 2014-11-05 12:09 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-24 15:07 - 2014-11-05 12:09 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-23 15:58 - 2014-10-23 15:53 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-23 14:07 - 2015-05-25 09:58 - 00002069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2015-06-23 14:07 - 2015-05-25 09:58 - 00002057 _____ C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2015-06-23 14:04 - 2015-04-12 05:47 - 00000008 __RSH C:\Users\Bakhtier\ntuser.pol
2015-06-23 10:56 - 2014-10-23 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-22 13:13 - 2014-10-29 14:16 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\AIMP3
2015-06-22 13:10 - 2015-01-13 10:04 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-06-22 13:08 - 2015-06-03 17:08 - 00000000 ____D C:\Program Files (x86)\BHPS
2015-06-22 12:41 - 2014-11-23 16:42 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\.ACEStream
2015-06-22 12:40 - 2014-11-23 16:42 - 00000000 ___HD C:\_acestream_cache_
2015-06-17 10:48 - 2014-11-13 11:44 - 00000072 _____ C:\Users\Public\LMDebug.log
2015-06-09 14:48 - 2014-10-24 08:22 - 00000000 ____D C:\Users\Все пользователи\FLEXnet
2015-06-09 14:48 - 2014-10-24 08:22 - 00000000 ____D C:\ProgramData\FLEXnet
2015-06-09 10:54 - 2015-01-29 09:37 - 00000000 ____D C:\Users\Bakhtier\AppData\Local\EvernoteNW
2015-06-09 02:55 - 2015-05-08 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-07 06:26 - 2015-06-04 13:23 - 00000000 ____D C:\Users\Bakhtier\AppData\Roaming\Kodi

==================== Files in the root of some directories =======

2015-01-13 10:03 - 2015-01-13 10:30 - 0040787 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2015-04-12 05:41 - 2015-04-12 05:41 - 0000114 ____H () C:\Program Files (x86)\diary.bat
2015-04-12 05:41 - 2015-02-04 13:35 - 0291128 ____H (ООО Яндекс) C:\Program Files (x86)\diаry.bаt.exe
2015-04-12 05:41 - 2015-04-12 05:41 - 0000116 ____H () C:\Program Files (x86)\layouts.bat
2015-04-12 05:41 - 2015-02-04 13:35 - 0034104 ____H (ООО Яндекс) C:\Program Files (x86)\lаyоuts.bаt.exe
2015-04-12 05:41 - 2015-04-12 05:41 - 0000111 ____H () C:\Program Files (x86)\ps.bat
2015-04-12 05:41 - 2015-02-04 13:35 - 1626424 ____H (ООО Яндекс) C:\Program Files (x86)\puntо.bаt.exe
2015-04-12 05:41 - 2015-04-12 05:41 - 0000117 ____H () C:\Program Files (x86)\WelcomeToPunto.bat
2014-11-21 16:01 - 2014-11-21 16:01 - 0000024 _____ () C:\Users\Bakhtier\AppData\Roaming\DueToday.db
2014-12-29 16:39 - 2014-12-30 14:56 - 0000600 _____ () C:\Users\Bakhtier\AppData\Roaming\winscp.rnd
2015-04-12 05:41 - 2015-03-31 19:00 - 0200992 ____H (Яндекс) C:\Users\Bakhtier\AppData\Roaming\YаndехDiskStаrtеr.bаt.exe
2015-04-12 05:41 - 2015-03-31 19:00 - 3989280 ____H (Яндекс) C:\Users\Bakhtier\AppData\Roaming\YаndехDiskSсrееnshоtЕditоr.bаt.exe
2015-03-25 14:19 - 2015-03-25 14:34 - 0037206 _____ () C:\Users\Bakhtier\AppData\Roaming\Значения, разделенные запятыми.ADR
2015-06-03 17:18 - 2015-06-03 17:18 - 0000096 _____ () C:\Users\Bakhtier\AppData\Local\fusioncache.dat
2015-06-09 14:48 - 2015-06-11 15:07 - 0019408 _____ () C:\Users\Bakhtier\AppData\Local\mbt-actwiz.log
2014-12-30 10:46 - 2015-01-01 14:32 - 0000600 _____ () C:\Users\Bakhtier\AppData\Local\PUTTY.RND
2015-03-18 13:28 - 2015-03-18 13:28 - 0000054 _____ () C:\ProgramData\.bf45c81f8dc8abfeecf09.dat

Files to move or delete:
====================
C:\ProgramData\.bf45c81f8dc8abfeecf09.dat
C:\Users\Все пользователи\.bf45c81f8dc8abfeecf09.dat

Some files in TEMP:
====================
C:\Users\Bakhtier\AppData\Local\Temp\0y7WIFdlKrZ9.exe
C:\Users\Bakhtier\AppData\Local\Temp\7za.exe
C:\Users\Bakhtier\AppData\Local\Temp\AcDeltree.exe
C:\Users\Bakhtier\AppData\Local\Temp\BaiduAn.Setup.1117.4.0.0.516_1050102107.exe
C:\Users\Bakhtier\AppData\Local\Temp\Baidusd.Setup.3.0.0.4609.youqian_1050102107.exe
C:\Users\Bakhtier\AppData\Local\Temp\converter.exe
C:\Users\Bakhtier\AppData\Local\Temp\cRbW463LhR3W.exe
C:\Users\Bakhtier\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Bakhtier\AppData\Local\Temp\downloader.exe
C:\Users\Bakhtier\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcllztb.dll
C:\Users\Bakhtier\AppData\Local\Temp\esg_cleanup.exe
C:\Users\Bakhtier\AppData\Local\Temp\GKqOFAvtenTpW802GlEk.dll
C:\Users\Bakhtier\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.8.369.exe
C:\Users\Bakhtier\AppData\Local\Temp\installapi.exe
C:\Users\Bakhtier\AppData\Local\Temp\installer_x64.exe
C:\Users\Bakhtier\AppData\Local\Temp\installer_x86.exe
C:\Users\Bakhtier\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Bakhtier\AppData\Local\Temp\kernal.dll
C:\Users\Bakhtier\AppData\Local\Temp\kernal32.dll
C:\Users\Bakhtier\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Bakhtier\AppData\Local\Temp\MailRuUpdater.exe
C:\Users\Bakhtier\AppData\Local\Temp\mcse32_00.dll
C:\Users\Bakhtier\AppData\Local\Temp\mcse32_01.dll
C:\Users\Bakhtier\AppData\Local\Temp\mcse64_00.dll
C:\Users\Bakhtier\AppData\Local\Temp\mcse64_01.dll
C:\Users\Bakhtier\AppData\Local\Temp\o1425370737x0000.exe
C:\Users\Bakhtier\AppData\Local\Temp\PQJREIUU.exe
C:\Users\Bakhtier\AppData\Local\Temp\Quarantine.exe
C:\Users\Bakhtier\AppData\Local\Temp\raptrpatch.exe
C:\Users\Bakhtier\AppData\Local\Temp\raptr_stub.exe
C:\Users\Bakhtier\AppData\Local\Temp\ResetDevice.exe
C:\Users\Bakhtier\AppData\Local\Temp\sender.exe
C:\Users\Bakhtier\AppData\Local\Temp\Setup-punto.exe
C:\Users\Bakhtier\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Bakhtier\AppData\Local\Temp\sqlite3.dll
C:\Users\Bakhtier\AppData\Local\Temp\tmpF4C9.exe
C:\Users\Bakhtier\AppData\Local\Temp\unicows.dll
C:\Users\Bakhtier\AppData\Local\Temp\Uninstall.exe
C:\Users\Bakhtier\AppData\Local\Temp\w4lfQP0uYiDc.exe
C:\Users\Bakhtier\AppData\Local\Temp\yupdate-exec-punto.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

„ЁбЇҐвзҐа § Јаг§ЄЁ Windows
--------------------
Ё¤ҐвЁдЁЄ в®а {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale ru-RU
inherit {globalsettings}
default {current}
resumeobject {7883ec96-5ab5-11e4-902e-c8612664ec8c}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

‡ Јаг§Є Windows
-------------------
Ё¤ҐвЁдЁЄ в®а {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale ru-RU
inherit {bootloadersettings}
recoverysequence {7883ec98-5ab5-11e4-902e-c8612664ec8c}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {7883ec96-5ab5-11e4-902e-c8612664ec8c}
nx OptIn

‡ Јаг§Є Windows
-------------------
Ё¤ҐвЁдЁЄ в®а {7883ec98-5ab5-11e4-902e-c8612664ec8c}
device ramdisk=[C:]\Recovery\7883ec98-5ab5-11e4-902e-c8612664ec8c\Winre.wim,{7883ec99-5ab5-11e4-902e-c8612664ec8c}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\7883ec98-5ab5-11e4-902e-c8612664ec8c\Winre.wim,{7883ec99-5ab5-11e4-902e-c8612664ec8c}
systemroot \windows
nx OptIn
winpe Yes

‚ле®¤ Ё§ аҐ¦Ё¬ ЈЁЎҐа жЁЁ
--------------------------
Ё¤ҐвЁдЁЄ в®а {7883ec96-5ab5-11e4-902e-c8612664ec8c}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale ru-RU
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Џа®ўҐаЄ Ї ¬пвЁ Windows
---------------------
Ё¤ҐвЁдЁЄ в®а {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description „Ё Ј®бвЁЄ Ї ¬пвЁ
locale ru-RU
inherit {globalsettings}
badmemoryaccess Yes

Џ а ¬Ґвал EMS
-------------
Ё¤ҐвЁдЁЄ в®а {emssettings}
bootems Yes

Џ а ¬Ґвал ®в« ¤зЁЄ
-------------------
Ё¤ҐвЁдЁЄ в®а {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

„ҐдҐЄвл Ћ‡“
-----------
Ё¤ҐвЁдЁЄ в®а {badmemory}

ѓ«®Ў «млҐ Ї а ¬Ґвал
--------------------
Ё¤ҐвЁдЁЄ в®а {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Џ а ¬Ґвал § Јаг§зЁЄ
--------------------
Ё¤ҐвЁдЁЄ в®а {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Џ а ¬Ґвал ЈЁЇҐаўЁ§®а
-------------------
Ё¤ҐвЁдЁЄ в®а {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Џ а ¬Ґвал § Јаг§зЁЄ ў®ббв ®ў«ҐЁп
-----------------------------------
Ё¤ҐвЁдЁЄ в®а {resumeloadersettings}
inherit {globalsettings}

Џ а ¬Ґвал гбва®©бвў
-------------------
Ё¤ҐвЁдЁЄ в®а {7883ec99-5ab5-11e4-902e-c8612664ec8c}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\7883ec98-5ab5-11e4-902e-c8612664ec8c\boot.sdi

LastRegBack: 2015-07-03 00:28

==================== End of log ============================

Addition.txt

5 июля, 2015

Не загружается файл FRST.txt (ошибка403)

Заархивируйте

5 июля, 2015

Заархивировал.

FRST.rar

5 июля, 2015

Baidu удаляем?

5 июля, 2015

не желательно...

запуск Хрома с smartinf.ru

Рекомендуемые сообщения

bober777

Ссылка на комментарий

Поделиться на другие сайты

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

bober777

thyrex

Ссылка на комментарий

Поделиться на другие сайты

bober777

Ссылка на комментарий

Поделиться на другие сайты

Roman_Five

Ссылка на комментарий

Поделиться на другие сайты

bober777

Ссылка на комментарий

Поделиться на другие сайты

thyrex

Ссылка на комментарий

Поделиться на другие сайты

bober777

Ссылка на комментарий

Поделиться на другие сайты

Roman_Five

Ссылка на комментарий

Поделиться на другие сайты

bober777

Ссылка на комментарий

Поделиться на другие сайты

thyrex

Ссылка на комментарий

Поделиться на другие сайты

bober777

Ссылка на комментарий

Поделиться на другие сайты

thyrex

Ссылка на комментарий

Поделиться на другие сайты

bober777

Ссылка на комментарий

Поделиться на другие сайты

Roman_Five

Ссылка на комментарий

Поделиться на другие сайты

bober777

Ссылка на комментарий

Поделиться на другие сайты

Пожалуйста, войдите, чтобы комментировать

Похожий контент

Сайт

Активность

Магазин

Поддержка

Kaspersky Support Forum