6. Скопируйте приведенный ниже текст в Блокнот и сохраните файл как fixlist.txt в ту же папку откуда была запущена утилита Farbar Recovery Scan Tool:
Запустите FRST и нажмите один раз на кнопку Fix и подождите. Программа создаст лог-файл (Fixlog.txt). Пожалуйста, прикрепите его в следующем сообщении!

[CODE]Task: {0226791C-1BDF-4E33-973D-DF4F67323A98} - \Microsoft\Windows\KRBUUS\KRB Updater Utility Service -> No File <==== ATTENTION
Task: {10601294-832E-47F3-95B2-125F20E95B66} - \GoogleUpdateTaskMachineCore1d0e253b30ceb45 -> No File <==== ATTENTION
Task: {16C58476-78F4-4C2D-A5F8-0FA7A7224C1F} - \BczwkImNQjHpdk -> No File <==== ATTENTION
Task: {2E530D41-DB89-4012-87C5-35DBEADC7B8B} - \{770E1C90-35CC-2559-8E3D-82BF6396ED25} -> No File <==== ATTENTION
Task: {3E4B3696-8C9D-43F1-889C-AC9AD6A850E7} - \chrome5 -> No File <==== ATTENTION
Task: {4947FE87-FEA3-4B7E-AC9A-5EED170077B2} - \Scheduler Update-S-1-8-22 -> No File <==== ATTENTION
Task: {53CE1BB5-A8C7-42AB-9F77-F52D7728A7ED} - System32\Tasks\Optimize Menu Cache Files-S-1-5-21-2417506075-2436599668-3818488206v2 => C:\Users\User\AppData\Local\comd\semi.vbs [2018-05-24] ()
Task: {5D546468-9787-4F86-9F95-B1695558CEC5} - \Vkmusicdownloader -> No File <==== ATTENTION
Task: {6716E42F-DDCC-47FC-9AC0-35026F4DC53D} - \Safebrowser -> No File <==== ATTENTION
Task: {9FAD7C4D-5C5F-45DF-B669-657DBAEE4B43} - \RestoreSearch -> No File <==== ATTENTION
Task: {ABEB0161-4520-45F4-B011-2BBA5C7FCB38} - \USXLHQDASYoYWeJUbkx2 -> No File <==== ATTENTION
Task: {AC42637C-DD75-49A7-8686-72666BC05C82} - \FmSTsAdangechII2 -> No File <==== ATTENTION
Task: {BA7C6D29-F4A2-4645-B5CD-CCB37F7A66C7} - \chrome5_logon -> No File <==== ATTENTION
Task: {BD8453E7-3A3D-4ACA-8B63-4C4F299E9126} - \Opera scheduled Autoupdate 1431170514 -> No File <==== ATTENTION
Task: {BF2989E6-5D50-4797-BE3F-74F981B75674} - \GoogleUpdateTaskMachineUA1d0efd94b2b8bd9 -> No File <==== ATTENTION
Task: {EB232CB1-BA35-44D2-943F-91113A1ABBEC} - \Windows Protect -> No File <==== ATTENTION
Task: {EBA637EE-8D6E-46BA-AEBB-EF6E468A995B} - \UOpTLhTZiCBelLTWk2 -> No File <==== ATTENTION
Task: {ED9E3523-4A80-4290-8506-116ECE64BB6A} - \lzvGQNeTRKNce2 -> No File <==== ATTENTION
Task: {FE366CD7-9351-4166-8330-4A2DDABD6CCF} - \GameNet -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\User:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B [262]
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
AlternateDataStreams: C:\Users\User\Application Data:NT [40]
AlternateDataStreams: C:\Users\User\Application Data:NT2 [432]
AlternateDataStreams: C:\Users\User\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\User\AppData\Roaming:NT2 [432]
AlternateDataStreams: C:\Users\Все пользователи\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\Users\Все пользователи\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\Все пользователи\TEMP:07BF512B [262]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2417506075-2436599668-3818488206-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HomePage: DFLTUSER -> hxxps://newtab.club/
CHR StartupUrls: DFLTUSER -> "hxxp://mail.ru/cnt/10445?gp=newcustom15"
CHR NewTab: DFLTUSER ->  Not-active:"chrome-extension://nolfchbaajenmoghacolnbilmdfjeabi/index.html"
CHR Extension: (Блокировщик…) - C:\Users\User\AppData\Local\Google\Chrome\User Data\DFLTUSER\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-09-11]
CHR Extension: (SL for Google Chrome™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\DFLTUSER\Extensions\eignhdfgaldabilaaegmdfbajngjmoke [2015-04-08]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\User\AppData\Local\Google\Chrome\User Data\DFLTUSER\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-09-15]
CHR Extension: (Скачать музыку с Вк (Vk)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\DFLTUSER\Extensions\hhgedphalloaonpimmodkbpmlcjpilkh [2017-11-14]
CHR Extension: (Auto Refresh) - C:\Users\User\AppData\Local\Google\Chrome\User Data\DFLTUSER\Extensions\ifooldnmmcmlbdennkpdnlnbgbmfalko [2018-07-09]
CHR Extension: (Super wheather) - C:\Users\User\AppData\Local\Google\Chrome\User Data\DFLTUSER\Extensions\ipmgmkkfjeaipdikbojheommjbcfhccf [2018-06-08]
CHR Extension: (Discord Screen Sharing) - C:\Users\User\AppData\Local\Google\Chrome\User Data\DFLTUSER\Extensions\lcbhdgefieegnkbopmgklhlpjjdgmbog [2018-04-26]
CHR Extension: (FOCUS) - C:\Users\User\AppData\Local\Google\Chrome\User Data\DFLTUSER\Extensions\nolfchbaajenmoghacolnbilmdfjeabi [2017-10-27]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\User\AppData\Local\Google\Chrome\User Data\DFLTUSER\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-09-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
OPR Extension: (Super wheather) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipmgmkkfjeaipdikbojheommjbcfhccf [2018-07-03]
EmptyTemp:
Reboot:[/CODE]

2.удалите все найденное в малваребайт
перегрузите систему
далее,
3.сделайте проверку в АдвКлинере
http://forum.esetnod32.ru/forum9/topic7084/

*****
4.в АдвКлинере, после завершения проверки,
в секции [b]Папки[/b] снимите галки с записей mail.ru, yandex (если есть такие)
остальное удалите по кнопке [b]Очистить[/b]
далее,

5.сделайте проверку в FRST
http://forum.esetnod32.ru/forum9/topic2798/

+
добавьте новый образ автозапуска актуальной версией uVs
эта не содержит новые полезные функции
uVS v4.0 [http://dsrt.dyndns.org]: Windows 7 Ultimate x64 (NT v6.1 SP1) build 7601 Service Pack 1 [C:\WINDOWS]

выполняем скрипт в uVS:
- скопировать содержимое кода в буфер обмена;
- стартуем uVS(start.exe), далее выбираем: текущий пользователь, меню - скрипты - выполнить скрипт из буфера обмена;
- закрываем все браузеры перед выполнением скрипта;
при деинсталляции программ - соглашаемся на деинсталляцию_удаление подтверждаем "да"
[code]

;uVS v4.0.16 [http://dsrt.dyndns.org]
;Target OS: NTv6.1
v400c
OFFSGNSAVE
;------------------------autoscript---------------------------

setdns Подключение по локальной сети\4\{44CC6430-4DAA-4358-8330-25C928F33215}\8.8.8.8,8.8.4.4
deldirex %SystemDrive%\USERS\USER\APPDATA\LOCALLOW\UNITY\WEBPLAYER\LO­ADER

delref HTTPS://NEWTAB.CLUB
delall %SystemDrive%\PROGRAM FILES (X86)\ZNZDCAQALSTCLFCXVZR\AZQVYKE.DLL
delall %SystemDrive%\PROGRAM FILES (X86)\SNDOQSECEZDJC\CDYUTZY.DLL
delall %SystemDrive%\PROGRAM FILES (X86)\BXRRTRDAU\DAHVKB.DLL
delall %SystemDrive%\PROGRAMDATA\OXHDTRJAFHQMISVB\RPQIJRN.WSF
delall %SystemDrive%\PROGRAM FILES (X86)\RFGYFJBNYWLU2\VDJARHSVHKXBG.DLL
delref HTTP://EZELEN.RU
delref HTTP://SEWEING.ORG/CJUPOLTHOWZS.FEP
delref HTTP://SEWEING.ORG/GIX0B90DKNDE.HIK
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DBGCIFLJFAPBHGIEHKJLCKFJMGEOJIJCB%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DCCFIFBOJENKENPKMNBNNDEADPFDIFFOF%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DEIODDFAEPDOEIFBHJPHFEFGIPCJCDIEO%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DHCADGIJMEDBFGCIEGJOMFPJCDCHLHNIF%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DIFLPPBJNPNEIIGCBDFJPNKEBIDMKJMOI%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DILAMGBDAEBKBPKKMFMMFBNAAMKHIJDEK%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DLBJJFIIHGFEGNIOLCKPHPNFAOKDKBMDM%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DLHEMECHCANJMILLLMCCJBJLDONMNNJJJ%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DMFMJPFOGGIKOLKFILOFBPGCNHDCGAHIB%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DNBIFDKMDOJGMPMOPDEBNJCOBEKGDONCN%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DOELPKEPJLGMEHAJEHFEICFBJDIOBDKFJ%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DOFDGAFMDEGFKHFDFKMLLFEFMCMCJLLEC%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DOGCBDLIMAFBFGBJIFJLAFEGCBPPHOKOC%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DOJLCEBDKBPJDPILIGKDBBKDKFJMCHBFD%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPFJGIBHMCGNCMJHDODPAOLFBJPJJAJAL%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPGAIDLFGJKMEENDHKNAFAHPPLLBNIEJM%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DPNOOFFJHCLKOCPLOPFFDBCDGHMIFFHJI%26INSTALLSOURCE%3D­ONDEMAND%26UC
delref %Sys32%\THEMCTRL.DLL
delref %Sys32%\WBIOSRVP.DLL
delref %SystemDrive%\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DFLTUSER\EXTENSIONS\BGCIFLJFAPBHGIEHKJLCKFJMGEOJIJCB\7.0.25_0\ПОИСК MAIL.RU
delref %SystemDrive%\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DFLTUSER\EXTENSIONS\EIODDFAEPDOEIFBHJPHFEFGIPCJCDIEO\7.0.2_0\ПОИСК MAIL.RU
delref %SystemDrive%\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DFLTUSER\EXTENSIONS\ILAMGBDAEBKBPKKMFMMFBNAAMKHIJDEK\4.0.5_0\ПОИСК MAIL.RU
delref %SystemDrive%\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DFLTUSER\EXTENSIONS\NBIFDKMDOJGMPMOPDEBNJCOBEKGDONCN\4.0.5_0\ПОИСК MAIL.RU
delref %SystemDrive%\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DFLTUSER\EXTENSIONS\OJLCEBDKBPJDPILIGKDBBKDKFJMCHBFD\12­.0.12_0\ПОИСК MAIL.RU
delref %SystemDrive%\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DFLTUSER\EXTENSIONS\PFJGIBHMCGNCMJHDODPAOLFBJPJJAJAL\3.0.2_0\ПОИСК MAIL.RU
delref HTTP://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DDHDGFFKKEBHMKFJOJEJMPBLDMPOBFKFO%26INSTALLSOURCE%3D­ONDEMAND%26UC
apply

regt 27
deltmp
delref %SystemDrive%\PROGRAMDATA\NVIDIA\DISPLAYSESSIONCONTAINER%D.LOG
delref %SystemDrive%\PROGRAMDATA\NVIDIA\NVCONTAINERUSER%DSPUSER.LOG
delref %SystemDrive%\PROGRAMDATA\NVIDIA\NVCONTAINERUSER%D.LOG
delref %SystemDrive%\PROGRAM FILES (X86)\QGNA\QGNA.EXE
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICE15\OLICENSEHEARTBEAT.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\OPERA\LAUNCHER.EXE
delref %SystemDrive%\USERS\USER\APPDATA\ROAMING\HARD DISK SENTINEL\REALTEK HD\RTHDCPL.EXE
delref %SystemRoot%\SYSWOW64\TBSSVC.DLL
delref %SystemRoot%\SYSWOW64\PEERDISTSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS
delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL
delref %SystemRoot%\SYSWOW64\UMPO.DLL
delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL
delref %SystemRoot%\SYSWOW64\CSCSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\RDVGKMD.SYS
delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS
delref %SystemRoot%\SYSWOW64\LSM.EXE
delref {8BE8AA63-D7EA-54DF-9E39-FF673A43B3A8}\[CLSID]
delref {EBA7A1E6-E69D-4BA5-B291-95782A004604}\[CLSID]
delref %SystemDrive%\PROGRAM FILES (X86)\4GAME\3.6.2.265\NPPLUGIN4GAME.DLL
delref D:\PROGRAM FILES (X86)\PLAYKEY\NPPLAYKEYPLUGINAPP_I386.DLL
delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID]
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\57.0.2987.133\INSTALLER\CHRMSTP.EXE
delref %SystemRoot%\SYSWOW64\BLANK.HTM
delref {05187161-5C36-4324-A734-22BF37509F2D}\[CLSID]
delref {05A1D945-A794-44EF-B41A-2F851A117155}\[CLSID]
delref {1A184982-D79E-44C7-BDE4-686552E67B44}\[CLSID]
delref {1F3EFFE4-0E70-47C7-9C48-05EB99E20011}\[CLSID]
delref {3376086C-D6F9-4CE4-8B89-33CD570106B5}\[CLSID]
delref {5C769985-C3E1-4F95-BEE7-1101C465F5FC}\[CLSID]
delref {5C94FE86-B93B-467F-BFC3-BD6C91416F9B}\[CLSID]
delref {6DDA37BA-0553-499A-AE0D-BEBA67204548}\[CLSID]
delref {7036C2FE-A209-464C-97AB-95B9260EDBF7}\[CLSID]
delref {7605E26C-DE38-4B82-ADD8-FE2568CC0B25}\[CLSID]
delref {77E3A6A3-2A24-43FA-B929-00747E4B560B}\[CLSID]
delref {AD83011E-01D1-4623-91FD-6B75F183C5A9}\[CLSID]
delref {C9361F5A-3282-4944-9899-6D99CDC5370B}\[CLSID]
delref {ED3110F0-5211-11DF-94AF-0026B977EEAA}\[CLSID]
delref {ED3110F3-5211-11DF-94AF-0026B977EEAA}\[CLSID]
delref {ED3110F5-5211-11DF-94AF-0026B977EEAA}\[CLSID]
delref {ED3110F8-5211-11DF-94AF-0026B977EEAA}\[CLSID]
delref %Sys32%\DRIVERS\RDVGKMD.SYS
delref D:\PROGRAM FILES (X86)\PLAYKEY\NPPLAYKEYPLUGINAPP_X86_64.DLL
delref %Sys32%\BLANK.HTM
delref %SystemDrive%\PROGRAM FILES (X86)\BLUESTACKS\HD-HYPERVISOR-AMD64.SYS
delref %SystemDrive%\PROGRAM FILES (X86)\BLUESTACKS\BSTKDRV.SYS
delref %Sys32%\DRIVERS\EW_HWUSBDEV.SYS
delref %Sys32%\DRIVERS\EW_USBENUMFILTER.SYS
delref %Sys32%\DRIVERS\EW_JUCDCACM.SYS
delref %Sys32%\DRIVERS\EW_JUBUSENUM.SYS
delref %Sys32%\DRIVERS\EW_JUEXTCTRL.SYS
delref %Sys32%\DRIVERS\EW_JUWWANECM.SYS
delref %Sys32%\DRIVERS\EWUSBMDM.SYS
delref %SystemDrive%\PROGRAMDATA\NVIDIA\NVCONTAINERNETWORKSERVICE.LOG
delref %SystemDrive%\PROGRAM FILES\UBAR\UBARDRIVER.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\X6VA062
delref %SystemRoot%\SYSWOW64\DRIVERS\X6VA063
delref %Sys32%\PSXSS.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.1\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.32.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.27.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.15\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.1\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.3\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.13\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.31.5\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.30.3\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.1\PSMACHINE.DLL
delref E:\ACCESSIBLEMARSHAL.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.32.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.27.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.15\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.1\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.3\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES\NVIDIA CORPORATION\INSTALLER2\INSTALLER.{698E01A4-D4C6-4962-B289-8D262E578E92}\NVI2.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.28.13\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.29.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.31.5\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.30.3\PSMACHINE.DLL
delref {898EA8C8-E7FF-479B-8935-AEC46303B9E5}\[CLSID]
delref {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\[CLSID]
delref H:\AUTORUN.EXE
delref {5A8FF410-F3CE-4844-B31B-F18D911239E8}\[CLSID]
delref {7AEFE841-DCA1-4A95-80CB-BE935D020300}\[CLSID]
delref {7AEFE841-DCA1-4A95-80CB-BE935D020701}\[CLSID]
delref {8DCB7100-DF86-4384-8842-8FA844297B3F}\[CLSID]
delref {D2CE3E00-F94A-4740-988E-03DC2F38C34F}\[CLSID]
;-------------------------------------------------------------

restart
[/code]
перезагрузка, пишем о старых и новых проблемах.
------------
далее,
сделайте дополнительно быструю проверку системы в малваребайт
http://forum.esetnod32.ru/forum9/topic10688/

сорри,
скрипт был написан под другому образу автзапуска.
переделаю сейчас скрипт по новому образу.

добавьте образ автозапуска,
(можно сделать из безопасного режима системы, )

значит и "Барак Обама" уже по "бессарабии" кочует

далее,
3.сделайте проверку в АдвКлинере
http://forum.esetnod32.ru/forum9/topic7084/

*****
4.в АдвКлинере, после завершения проверки,
в секции [b]Папки[/b] снимите галки с записей mail.ru, yandex (если есть такие)
остальное удалите по кнопке [b]Очистить[/b]
далее,

5.сделайте проверку в FRST
http://forum.esetnod32.ru/forum9/topic2798/

[QUOTE]Олександр Мишалов написал:
Это сделал[/QUOTE]
лог сканирования добавьте

[QUOTE]Олександр Мишалов написал:
Спасибо, теперь похоже что все нормализовалось[/QUOTE]
все таки выполните наши все рекомендации по очистке системы

[QUOTE]далее,
сделайте дополнительно быструю проверку системы в малваребайт
http://forum.esetnod32.ru/forum9/topic10688/[/QUOTE]