Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
Ran by Зверь (administrator) on VOVIK-ПК (06-09-2015 03:23:29)
Running from C:\Users\Зверь\Desktop
Loaded Profiles: Зверь (Available Profiles: Зверь & Администратор)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Русский (Россия)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(KernelPro Software) C:\Windows\System32\drivers\AvcpService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Innova Co S.a r.l.) C:\Program Files (x86)\4game\3.5.6.155\4game-service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
() C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
(TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2015-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-02-25] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [428280 2013-01-30] (IVT Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4288463071-884830653-3710113563-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-21] (Piriform Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175880 2015-04-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dl,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-04-09] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} =>  No File
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} =>  No File
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} =>  No File
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} =>  No File
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk *  

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 8.8.8.8
Tcpip\..\Interfaces\{2B8A19B2-09A1-406A-A7EB-C83D9831C4DE}: [DhcpNameServer] 192.168.10.1 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-03] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-09] (Oracle Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-03] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-09] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-03] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-03] (Kaspersky Lab ZAO)
BHO-x32: Promt IE Helper -> {1F13CE11-4FAC-49A9-8155-D4F3F0F91A33} -> C:\Program Files (x86)\PRMT9\PRMTIE\prmtie.dll [2012-06-27] (PROMT Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-19] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-30] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-03] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-19] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-03] (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Переводчик PROMT - {C7DDDD27-F303-42A5-B979-51559F7DC0F0} - C:\Program Files (x86)\PRMT9\PRMTIE\prmtie.dll [2012-06-27] (PROMT Ltd.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-09] (Oracle Corporation)
FF Plugin-x32: @4game.com/plugin -> C:\Program Files (x86)\4game\3.5.6.155\npplugin4game.dll [2015-08-03] (Innova Co S.a r.l.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-19] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-25] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-25] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-25] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ozonru.xml [2015-01-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\priceru.xml [2015-01-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yandex-slovari.xml [2015-01-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yandex.xml [2015-01-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-25]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-25]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-25]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-02]
CHR Extension: (Google Drive) - C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-02]
CHR Extension: (YouTube) - C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-02]
CHR Extension: (Google Search) - C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-02]
CHR Extension: (Kaspersky Protection) - C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-02-10]
CHR Extension: (Google Docs Offline) - C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Переводчик PROMT) - C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgboejbmiiehdijdmbpbfejninhlpbhc [2015-04-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-10]
CHR Extension: (Gmail) - C:\Users\Зверь\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-02]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [hgboejbmiiehdijdmbpbfejninhlpbhc] - C:\Program Files (x86)\PRMT9\Chrome\Chrome Extension.crx [2011-11-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 4game-service; C:\Program Files (x86)\4game\3.5.6.155\4game-service.exe [1506440 2015-08-03] (Innova Co S.a r.l.)
R2 AdvancedVirtualCOMportService; C:\Windows\System32\DRIVERS\AvcpService.exe [855296 2014-09-15] (KernelPro Software)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] ()
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [3220728 2013-01-29] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [207096 2013-01-08] (IVT Corporation)
S2 BsMobileCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [273656 2013-01-08] (IVT Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Корпорация Майкрософт)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [24576 2013-11-03] (The OpenVPN Project) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-09] (Electronic Arts)
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2153336 2011-12-12] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-06-10] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-08] (Nokia.) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Корпорация Майкрософт)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Корпорация Майкрософт)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdvancedVirtualComPort; C:\Windows\System32\DRIVERS\AdvancedVirtualComPort.sys [295520 2014-09-15] (KernelPro Software)
S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [41208 2012-12-24] (IVT Corporation)
S3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [41208 2012-12-24] (IVT Corporation)
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [22240 2011-12-21] (IVT Corporation.)
S3 BTCOM; C:\Windows\System32\DRIVERS\btcomport.sys [28456 2014-10-16] (IVT Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [43128 2012-12-25] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [25056 2011-12-21] (IVT Corporation.)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-06-20] ()
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S2 COMPT; C:\Windows\SysWow64\Drivers\COMPT.sys [44031 2008-11-22] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-11-21] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-06] (Glarysoft Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-08] (REALiX(tm))
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2014-11-21] (Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
R3 IvtComBusSrv; C:\Windows\System32\Drivers\btcombus.sys [25720 2013-01-05] (IVT Corporation.)
R3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
R3 KernelProBus; C:\Windows\System32\DRIVERS\KernelProBus.sys [178400 2014-09-15] (KernelPro Software)
R3 keyboard; C:\Windows\System32\Drivers\keyboard.sys [18536 2015-01-08] (Oblita)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-12-03] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-12-03] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R4 KProcessHacker2; C:\Program Files\Process Hacker 2\kprocesshacker.sys [39576 2013-11-13] (wj32)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-02-25] (Intel Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [95088 2012-02-10] (Корпорация Майкрософт)
R3 mouse; C:\Windows\System32\Drivers\mouse.sys [18536 2015-01-08] (Oblita)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R0 oem-drv64; C:\Windows\System32\DRIVERS\oem-drv64.sys [42496 2015-09-06] (secr9tos) [File not signed]
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20032 2009-11-04] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39488 2009-11-04] (Deon van der Westhuysen)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-11-21] (Synaptics Incorporated)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117080 2012-09-07] (Oracle Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363904 2012-02-10] (Корпорация Майкрософт)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-23] (Microsoft Corporation)
S1 aqIPD7; \??\C:\Windows\system32\drivers\aqIPD7.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S2 spd3ssl; \??\C:\Program Files (x86)\Spyware Process Detector\spd323.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-06 03:23 - 2015-09-06 03:24 - 00028628 _____ C:\Users\Зверь\Desktop\FRST.txt
2015-09-06 03:23 - 2015-09-06 03:23 - 00000000 ____D C:\FRST
2015-09-06 03:22 - 2015-09-06 03:22 - 02188800 _____ (Farbar) C:\Users\Зверь\Desktop\FRST64.exe
2015-09-06 03:17 - 2015-09-06 03:18 - 00000000 ____D C:\AdwCleaner
2015-09-06 03:10 - 2015-09-06 03:10 - 00967601 _____ C:\Users\Зверь\Downloads\ProcessMonitor.zip
2015-09-06 03:10 - 2015-05-26 09:38 - 02046608 _____ (Sysinternals - www.sysinternals.com) C:\Users\Зверь\Desktop\Procmon.exe
2015-09-06 03:08 - 2006-09-07 07:15 - 00348160 _____ (MadMan's Software) C:\Users\Зверь\Desktop\NtRegEdit.exe
2015-09-06 02:39 - 2015-09-06 02:39 - 00000798 _____ C:\Users\Зверь\Desktop\Шифрование.lnk
2015-09-06 02:37 - 2015-09-06 02:37 - 00000913 _____ C:\Users\Зверь\Desktop\Project2 - Ярлык.lnk
2015-09-06 01:33 - 2015-09-06 01:34 - 00000006 _____ C:\Users\Зверь\Desktop\Новый текстовый документ.txt
2015-09-06 00:44 - 2015-09-06 00:44 - 00403629 _____ C:\Users\Зверь\Downloads\NtRegEdit_all_demos.zip
2015-09-05 23:59 - 2015-09-05 23:59 - 03161355 _____ C:\Users\Зверь\Downloads\zf_d15_660.zip
2015-09-05 22:20 - 2015-09-05 22:20 - 00414290 _____ C:\Users\Зверь\Downloads\minibox_usa.rar
2015-09-05 22:17 - 2015-09-05 22:18 - 09011774 _____ C:\Users\Зверь\Downloads\28_maps.rar
2015-09-05 02:54 - 2015-09-05 02:54 - 00000000 ____D C:\Users\Зверь\AppData\Roaming\NVIDIA
2015-09-05 02:54 - 2015-09-05 02:54 - 00000000 ____D C:\Users\Зверь\AppData\Local\Adobe
2015-09-05 02:53 - 2015-09-05 02:54 - 00000000 ____D C:\Users\Зверь\AppData\Roaming\Adobe
2015-09-04 21:23 - 2015-09-04 21:23 - 00000000 ____D C:\Users\Зверь\Documents\Arduino
2015-09-04 21:23 - 2015-09-04 21:23 - 00000000 ____D C:\Users\Зверь\AppData\Roaming\Arduino15
2015-09-04 21:23 - 2015-09-04 21:23 - 00000000 ____D C:\Users\Зверь\.jssc
2015-09-04 21:21 - 2015-09-04 21:21 - 00000000 ____D C:\Users\Зверь\AppData\Roaming\Process Hacker 2
2015-09-04 21:19 - 2015-09-04 21:19 - 00000000 ____D C:\Users\Зверь\AppData\Local\Steam
2015-09-04 21:19 - 2015-09-04 21:19 - 00000000 ____D C:\Users\Зверь\AppData\Local\CEF
2015-09-04 21:17 - 2015-09-04 21:17 - 00000000 ____D C:\Users\Зверь\AppData\Roaming\Subversion
2015-09-04 21:15 - 2015-09-04 21:15 - 00000000 ____D C:\Users\Зверь\AppData\Roaming\NuGet
2015-09-04 21:12 - 2015-09-06 00:42 - 00000000 ____D C:\Users\Зверь\Documents\Visual Studio 2012
2015-09-04 21:10 - 2015-09-04 21:10 - 00000000 ____D C:\Users\Зверь\AppData\Roaming\ProductData
2015-09-04 21:08 - 2015-09-04 21:08 - 00348480 _____ C:\Windows\Minidump\090415-27596-01.dmp
2015-09-04 20:57 - 2015-09-04 20:57 - 00066688 _____ C:\Users\Администратор\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-04 20:57 - 2015-09-04 20:57 - 00000000 ____D C:\Users\Администратор\AppData\Local\NVIDIA Corporation
2015-09-04 20:56 - 2015-09-04 20:56 - 00002290 _____ C:\Users\Администратор\Desktop\Безопасные платежи.lnk
2015-09-04 20:56 - 2015-09-04 20:56 - 00001393 _____ C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-09-04 20:56 - 2015-09-04 20:56 - 00001387 _____ C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-04 20:56 - 2015-09-04 20:56 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\DAEMON Tools Pro
2015-09-04 20:56 - 2015-09-04 20:56 - 00000000 ____D C:\Users\Администратор\AppData\Local\NVIDIA
2015-09-04 20:56 - 2015-09-04 20:56 - 00000000 ____D C:\Users\Администратор\AppData\Local\Google
2015-09-04 20:56 - 2015-09-04 20:56 - 00000000 ____D C:\Users\Администратор\AppData\Local\bluesoleil
2015-09-04 20:55 - 2015-09-04 20:55 - 00000020 ___SH C:\Users\Администратор\ntuser.ini
2015-09-04 20:55 - 2015-09-04 20:55 - 00000000 _SHDL C:\Users\Администратор\Шаблоны
2015-09-04 20:55 - 2015-09-04 20:55 - 00000000 _SHDL C:\Users\Администратор\Мои документы
2015-09-04 20:55 - 2015-09-04 20:55 - 00000000 _SHDL C:\Users\Администратор\Главное меню
2015-09-04 20:55 - 2015-09-04 20:55 - 00000000 _SHDL C:\Users\Администратор\Documents\Моя музыка
2015-09-04 20:55 - 2015-09-04 20:55 - 00000000 _SHDL C:\Users\Администратор\Documents\Мои рисунки
2015-09-04 20:55 - 2015-09-04 20:55 - 00000000 _SHDL C:\Users\Администратор\Documents\Мои видеозаписи
2015-09-04 20:55 - 2015-09-04 20:55 - 00000000 _SHDL C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
2015-09-04 20:55 - 2015-09-04 20:55 - 00000000 ____D C:\Users\Администратор
2015-09-04 20:55 - 2015-03-25 13:21 - 00000000 ____D C:\Users\Администратор\AppData\Roaming\IObit
2015-09-04 20:55 - 2009-07-14 08:54 - 00000000 ___RD C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-04 20:55 - 2009-07-14 08:49 - 00000000 ___RD C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-04 20:47 - 2015-09-04 20:47 - 00000000 ____D C:\Users\Public\Documents\RAD Studio
2015-09-04 20:02 - 2015-09-06 02:59 - 00005496 _____ C:\Users\Зверь\sanct.log
2015-09-04 20:02 - 2015-09-04 20:02 - 00000000 ____D C:\Users\Зверь\Documents\RAD Studio
2015-09-04 20:02 - 2015-09-04 20:02 - 00000000 ____D C:\Users\Зверь\AppData\Roaming\Embarcadero
2015-09-04 20:02 - 2015-09-04 20:02 - 00000000 ____D C:\Users\Зверь\AppData\Roaming\AutomatedQA
2015-09-04 20:02 - 2015-09-04 20:02 - 00000000 ____D C:\Users\Зверь\AppData\Local\Embarcadero
2015-09-04 20:02 - 2015-09-04 20:02 - 00000000 ____D C:\Users\Зверь\AppData\Local\AutomatedQA
2015-09-04 18:38 - 2015-09-04 18:38 - 00000000 ____D C:\Users\Public\Documents\FinalBuilder 7 Projects
2015-09-04 18:38 - 2015-09-04 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalBuilder 7 Embarcadero Edition
2015-09-04 18:28 - 2015-09-04 18:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embarcadero RAD Studio XE
2015-09-04 18:24 - 2015-09-04 18:24 - 00000000 ____D C:\Program Files (x86)\Embarcadero
2015-09-04 18:23 - 2015-09-04 18:33 - 00000000 ___HD C:\Users\Все пользователи\{A61EFC3F-D4AB-4744-85FD-E9663BA16167}
2015-09-04 18:23 - 2015-09-04 18:33 - 00000000 ___HD C:\ProgramData\{A61EFC3F-D4AB-4744-85FD-E9663BA16167}
2015-09-04 17:18 - 2015-09-04 17:18 - 00003146 _____ C:\Windows\System32\Tasks\{B72B3EF6-35A3-4B1E-A868-1821361C0654}
2015-09-04 00:14 - 2015-09-06 03:19 - 00001736 _____ C:\Windows\setupact.log
2015-09-04 00:14 - 2015-09-04 00:14 - 00000000 _____ C:\Windows\setuperr.log
2015-09-04 00:13 - 2015-09-04 16:38 - 00010962 _____ C:\Windows\PFRO.log
2015-09-03 22:55 - 2015-09-03 22:55 - 00000000 ____H C:\asc_rdflag
2015-09-03 22:37 - 2015-09-03 22:37 - 00000000 ____D C:\RAD Studio
2015-09-03 22:32 - 2015-09-04 18:33 - 00000000 __HDC C:\Users\Все пользователи\{DE30B245-ED11-4615-A96C-E16B51AC0D47}
2015-09-03 22:32 - 2015-09-04 18:33 - 00000000 __HDC C:\ProgramData\{DE30B245-ED11-4615-A96C-E16B51AC0D47}
2015-09-03 16:45 - 2015-09-03 16:45 - 00000000 ____D C:\Users\Все пользователи\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-03 16:45 - 2015-09-03 16:45 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-03 16:42 - 2015-09-03 16:42 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2015-09-02 14:32 - 2015-09-02 14:32 - 00000000 ____D C:\ProgramDataIObit
2015-09-02 01:04 - 2015-09-06 02:37 - 00000000 __RHD C:\Windows\driver32
2015-08-19 02:34 - 2015-08-19 02:34 - 00000000 _____ C:\Windows\NtRegEdit.INI
2015-08-19 02:13 - 2015-09-06 00:40 - 00000000 ____D C:\NtRegEdit
2015-08-18 17:07 - 2015-09-02 15:54 - 00000028 _____ C:\test.txt
2015-08-18 03:46 - 2015-08-18 03:31 - 00000102 _____ C:\q - копия - копия.txt
2015-08-18 02:57 - 2015-08-18 02:56 - 00006656 _____ C:\Project4.exe
2015-08-12 14:54 - 2015-08-12 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2015-08-12 14:54 - 2015-08-12 14:54 - 00000000 ____D C:\Program Files (x86)\Lavalys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-06 03:21 - 2015-02-02 12:56 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-09-06 03:20 - 2014-12-25 00:12 - 00000000 ____D C:\Users\Все пользователи\Kaspersky Lab
2015-09-06 03:20 - 2014-12-25 00:12 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-06 03:20 - 2014-11-22 17:26 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-06 03:19 - 2015-01-31 18:02 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-09-06 03:19 - 2015-01-09 14:32 - 00000000 ____D C:\Users\Все пользователи\NVIDIA
2015-09-06 03:19 - 2015-01-09 14:32 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-06 03:19 - 2014-11-21 05:03 - 00042496 _____ (secr9tos) C:\Windows\system32\Drivers\oem-drv64.sys
2015-09-06 03:19 - 2013-01-30 18:27 - 00001277 _____ C:\Windows\SysWOW64\bscs.ini
2015-09-06 03:19 - 2009-07-14 09:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-06 03:04 - 2009-07-14 08:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-06 03:04 - 2009-07-14 08:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-06 02:39 - 2014-11-22 17:26 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-06 02:32 - 2015-02-02 09:33 - 00000000 ____D C:\Users\Зверь\AppData\Roaming\Notepad++
2015-09-06 01:57 - 2015-02-02 12:56 - 00000896 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-06 00:37 - 2015-06-25 03:47 - 00000000 ____D C:\Users\Зверь\AppData\Local\CrashDumps
2015-09-06 00:00 - 2015-07-27 00:20 - 00402432 _____ () C:\Windows\SysWOW64\vclZipForged15.bpl
2015-09-05 15:18 - 2009-07-14 09:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-09-05 02:58 - 2014-12-28 18:49 - 01702607 _____ C:\Windows\WindowsUpdate.log
2015-09-04 22:05 - 2009-07-14 08:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-04 21:23 - 2015-02-02 04:22 - 00000000 ____D C:\Users\Зверь
2015-09-04 21:20 - 2015-02-13 15:27 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-04 21:20 - 2015-02-10 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2015-09-04 21:08 - 2014-12-03 02:08 - 00000000 ____D C:\Windows\Minidump
2015-09-04 21:05 - 2015-06-25 03:40 - 00002290 _____ C:\Users\Зверь\Desktop\Безопасные платежи.lnk
2015-09-04 20:41 - 2014-11-21 05:03 - 00000000 ____D C:\Users\vovik
2015-09-04 20:29 - 2015-04-18 21:53 - 00000000 ____D C:\Users\Все пользователи\TEMP
2015-09-04 20:29 - 2015-04-18 21:53 - 00000000 ____D C:\ProgramData\TEMP
2015-09-04 20:05 - 2014-11-21 06:13 - 00002854 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (vovik)
2015-09-04 18:38 - 2014-11-21 20:08 - 00000000 ____D C:\Program Files (x86)\FinalBuilder 7 EE
2015-09-04 17:01 - 2015-01-28 01:12 - 00000942 _____ C:\Users\Public\Desktop\Opera.lnk
2015-09-04 17:01 - 2015-01-25 02:46 - 00002121 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-09-04 17:01 - 2014-12-12 18:30 - 00001965 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-09-04 17:01 - 2014-12-07 04:11 - 00001966 _____ C:\Users\Public\Desktop\SoundWire Server.lnk
2015-09-04 17:01 - 2014-12-03 03:07 - 00001953 _____ C:\Users\Public\Desktop\OpenVPN GUI.lnk
2015-09-04 17:01 - 2014-12-03 00:19 - 00001646 _____ C:\Users\Public\Desktop\SMAC 2.7.lnk
2015-09-04 17:01 - 2014-12-02 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Platinum Hide IP
2015-09-04 17:01 - 2014-11-21 19:50 - 00001892 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2015-09-04 16:40 - 2014-11-22 17:26 - 00002139 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-04 16:36 - 2014-11-21 05:34 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-03 22:55 - 2015-02-25 16:47 - 100605952 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-09-03 22:55 - 2015-02-25 16:47 - 04177920 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-09-03 22:55 - 2015-02-25 16:47 - 00065536 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-09-03 22:55 - 2015-02-25 16:47 - 00028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-09-03 22:03 - 2014-11-21 19:53 - 00000000 ___HD C:\Users\Все пользователи\~1
2015-09-03 22:03 - 2014-11-21 19:53 - 00000000 ___HD C:\ProgramData\~1
2015-09-03 18:50 - 2014-11-21 06:11 - 00000000 ____D C:\Users\Все пользователи\ProductData
2015-09-03 18:50 - 2014-11-21 06:11 - 00000000 ____D C:\ProgramData\ProductData
2015-09-03 16:45 - 2014-11-21 06:11 - 00000000 ____D C:\Users\Все пользователи\IObit
2015-09-03 16:45 - 2014-11-21 06:11 - 00000000 ____D C:\ProgramData\IObit
2015-09-03 16:31 - 2015-02-27 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney PRO
2015-09-03 16:31 - 2015-01-15 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargame Red Dragon
2015-08-31 14:34 - 2014-11-22 17:26 - 00003966 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-31 14:34 - 2014-11-22 17:26 - 00003714 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 16:25 - 2010-11-21 16:28 - 00723606 _____ C:\Windows\system32\perfh019.dat
2015-08-28 16:25 - 2010-11-21 16:28 - 00150258 _____ C:\Windows\system32\perfc019.dat
2015-08-28 16:25 - 2009-07-14 09:13 - 01645420 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-23 15:56 - 2009-07-14 09:08 - 00032532 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-23 00:37 - 2015-02-21 16:19 - 00032768 _____ C:\Windows\system32\persistent_q.db-shm
2015-08-23 00:37 - 2015-02-21 16:19 - 00003072 _____ C:\Windows\system32\persistent_q.db
2015-08-19 14:57 - 2014-12-02 12:19 - 00000000 ____D C:\Users\Все пользователи\Package Cache
2015-08-19 14:57 - 2014-12-02 12:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-19 13:47 - 2014-12-17 17:09 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416533683
2015-08-17 23:03 - 2015-07-07 17:24 - 00000000 __RHD C:\AionCheat
2015-08-12 16:25 - 2015-04-01 00:06 - 00001190 _____ C:\Users\Public\Desktop\Aion.lnk
2015-08-12 16:25 - 2014-11-25 21:22 - 00000000 ____D C:\Program Files (x86)\4game
2015-08-12 00:58 - 2015-02-02 12:56 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 00:58 - 2015-02-02 12:56 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 00:58 - 2015-02-02 12:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-08-12 00:58 - 2015-02-02 12:56 - 00003834 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 04:15 - 2015-01-10 15:45 - 00000000 ____D C:\KMPlayer

==================== Files in the root of some directories =======

2014-11-21 06:27 - 2014-11-21 06:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\ProgramData\C__Users_vovik_Downloads_WAR_Platinum Hide IP v3.1.1.6_crack_PlatinumHideIP.exe
C:\Users\Все пользователи\C__Users_vovik_Downloads_WAR_Platinum Hide IP v3.1.1.6_crack_PlatinumHideIP.exe


Some files in TEMP:
====================
C:\Users\Зверь\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION


LastRegBack: 2015-08-22 20:38

==================== End of FRST.txt ============================