R2 ihctrl32; C:\Windows\SysWOW64\ihctrl32.dll [603648 2017-03-08] () [File not signed]
S2 wsaudio; C:\Windows\SysWOW64\wsaudio.dll [251392 2017-05-12] () [File not signed]
2017-06-25 15:31 - 2017-05-12 21:03 - 00251392 _____ C:\Windows\SysWOW64\wsaudio.dll
2017-04-12 20:44 - 2017-03-08 07:22 - 00603648 _____ C:\Windows\SysWOW64\ihctrl32.dll


EmptyTemp:
Reboot: 

;uVS v4.0.5 [http://dsrt.dyndns.org]
;Target OS: NTv6.1
v400c
OFFSGNSAVE

delref KERNCAP.VBS

restart

  


Task: {08FD72A8-A77C-4F38-841E-5B998ECB0E9E} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION
Task: {11F89253-2ACA-4C25-BA7E-CBCBACF61834} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION
Task: {2A36DF93-F511-4C31-B338-7529ED29149C} - \{42CE8D5C-F970-44F1-A0D1-C9738B855F42} -> No File <==== ATTENTION
Task: {A4997311-7561-42FD-BD5A-ABF104314754} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION
Task: {A869581D-7DB6-4BE2-9B21-AF2023697174} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION
Task: {DBC8F8D2-4E1B-492A-9D20-E368090342F2} - \GameNet -> No File <==== ATTENTION
HKLM-x32\...\Run: [] => [X]
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
OPR Extension: (SearchWay) - C:\Users\Сергей\AppData\Roaming\Opera Software\Opera Stable\Extensions\fgldnknlljnfcfgchdijbjmmkdkmnabn [2017-01-19]

EmptyTemp:
Reboot: 

;uVS v4.0.5 [http://dsrt.dyndns.org]
;Target OS: NTv6.1
v400c
OFFSGNSAVE
uidel  MsiExec.exe /X{16793295-2366-40F7-A045-A3E42A81365E}
deltmp
;---------command-block---------
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DBGBGNHMFBCIFPKJOFOOJFPLMFKMAIADN%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DBPGANGMFFJCOFIKNIBCMFJIONICOHFGJ%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DICANJJKADCEEBMHANPEKKOFDHCLNOIJL%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DNBIFDKMDOJGMPMOPDEBNJCOBEKGDONCN%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DOJLCEBDKBPJDPILIGKDBBKDKFJMCHBFD%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTP://WWW.BING.COM/SEARCH?Q={SEARCHTERMS}&SRC=IE-SEARCHBOX&FORM=IESR02
delref %Sys32%\WINMSGBALLOONSERVER.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\QGNA\QGNA.EXE
delref {23E5D772-327A-42F5-BDEE-C65C6796BB2A}\[CLSID]
delref {177AFECE-9599-46CF-90D7-68EC9EEB27B4}\[CLSID]
delref {CEF51277-5358-477B-858C-4E14F0C80BF7}\[CLSID]
delref {59116E30-02BD-4B84-BA1E-5D77E809B1A2}\[CLSID]
delref %SystemDrive%\USERS\СЕРГЕЙ\DESKTOP\BOOSTSPEED\BOOSTSPEED.EXE
delref %SystemRoot%\SYSWOW64\PEERDISTSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS
delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL
delref %SystemRoot%\SYSWOW64\UMPO.DLL
delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL
delref %SystemRoot%\SYSWOW64\CSCSVC.DLL
delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS
delref %SystemRoot%\SYSWOW64\LSM.EXE
delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID]
delref {166B1BCA-3F9C-11CF-8075-444553540000}\[CLSID]
delref {233C1507-6A77-46A4-9443-F871F945D258}\[CLSID]
delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID]
delref {444785F1-DE89-4295-863A-D46C3A781394}\[CLSID]
delref %SystemDrive%\USERS\СЕРГЕЙ\DESKTOP\НОВАЯ ПАПКА\ASTERIOS\MSXML4.DLL
delref {8AD9C840-044E-11D1-B3E9-00805F499D93}\[CLSID]
delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID]
delref %SystemRoot%\SYSWOW64\WIN32K.SYS
delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID]
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\57.0.2987.133\INSTALLER\CHRMSTP.EXE
delref %SystemRoot%\SYSWOW64\BLANK.HTM
delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID]
delref %Sys32%\MSSPELLCHECKINGFACILITY.DLL
delref %Sys32%\BLANK.HTM
delref HELPSVC\[SERVICE]
delref SACSVR\[SERVICE]
delref TBS\[SERVICE]
delref VMMS\[SERVICE]
delref MESSENGER\[SERVICE]
delref RDSESSMGR\[SERVICE]
delref %Sys32%\DRIVERS\EAGLEX64.SYS
delref %SystemDrive%\PROGRAM FILES (X86)\GAMES\GARENA PLUS\ROOM\SAFEDRV.SYS
delref %Sys32%\DRIVERS\PORTTALK.SYS
delref %Sys32%\PSXSS.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.26.9\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.1\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.3\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.15\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.32.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.27.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.1\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.30.3\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.25.11\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.13\PSMACHINE_64.DLL
delref %Sys32%\SHAREMEDIACPL.CPL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.31.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.26.9\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.1\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.3\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.15\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.32.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.27.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.1\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.30.3\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.25.11\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.13\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.31.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\SKYPE\UPDATER\UPDATER.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.5\PSMACHINE.DLL
delref J:\SETUP.EXE
apply

restart