Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017 Ran by Дом (09-01-2017 09:31:49) Running from D:\Downloads Windows 7 Professional Service Pack 1 (X64) (2016-03-11 15:01:44) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= UpdatusUser (S-1-5-21-121066890-694077553-4032108578-1001 - Limited - Enabled) => C:\Users\UpdatusUser Администратор (S-1-5-21-121066890-694077553-4032108578-500 - Administrator - Disabled) Гость (S-1-5-21-121066890-694077553-4032108578-501 - Limited - Disabled) Дом (S-1-5-21-121066890-694077553-4032108578-1000 - Administrator - Enabled) => C:\Users\Дом ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "Русский язык. 4 класс" (В.П. Канакина, В.Г. Горецкий) (HKLM-x32\...\{40022986-EAE6-4016-A027-BBC4A7973FFD}}_is1) (Version: - НП "Телешкола") "Технология. 4 класс" (Н.И. Роговцева и др.) (HKLM-x32\...\{19F21A7E-36B8-4690-889A-D6E56419251E}}_is1) (Version: - ЗАО "Образование-Медиа") µTorrent (HKU\S-1-5-21-121066890-694077553-4032108578-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.) 2ГИС 3.16.3.0 (HKLM-x32\...\{7A4DAA49-F574-4186-8085-BFC8CF0BAA2F}) (Version: 3.16.3.0 - ООО "ДубльГИС") 360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 9.0.0.1069 - 360 Security Center) AIMP2 (HKLM-x32\...\AIMP2) (Version: - AIMP DevTeam) AkelPad (HKLM-x32\...\Akelpad) (Version: 4.5.6.0 - AkelSoft) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.106.2015.1203 - Alps Electric) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.0.707 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Foxit Phantom 2.2.4.0225 (HKLM-x32\...\Foxit Phantom 2.2.4.0225) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\GTA San Andreas_is1) (Version: - ) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation) K-Lite Mega Codec Pack 7.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - ) KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.0.3 - PandoraTV) KMPlayer, версия 3.0.0.1439 (HKLM-x32\...\KMPlayer_is1) (Version: 3.0.0.1439 - Pandora.TV) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) MyPublicWiFi 5.1 (HKLM-x32\...\{C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1) (Version: - TRUE Software) NVIDIA Графический драйвер 296.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.01 - NVIDIA Corporation) NVIDIA Системное программное обеспечение PhysX 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation) Opera Stable 42.0.2393.94 (HKLM-x32\...\Opera 42.0.2393.94) (Version: 42.0.2393.94 - Opera Software) Pulse++K r503-x64 build 18404 (HKLM\...\Pulse++K x64_is1) (Version: 7.7.503.18404 - Pulse++K Team) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.) San Andreas Multiplayer 0.3.7 Setup 0.3.7 (HKLM-x32\...\San Andreas Multiplayer 0.3.7 Setup 0.3.7) (Version: 0.3.7 - Advance RolePlay) Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Total Commander 7.56a (HKLM-x32\...\Total Commander 7.56a) (Version: - ) Unity Web Player (HKU\S-1-5-21-121066890-694077553-4032108578-1000\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) World of Tanks (HKU\S-1-5-21-121066890-694077553-4032108578-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ru}_is1) (Version: - Wargaming.net) Архиватор WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Данные 2ГИС г.Барнаул 01.01.2017 (HKLM-x32\...\{35C99120-50A0-4FE5-B802-33E40654D4E1}) (Version: 143.0.0 - ООО "ДубльГИС") Математика. 4 класс (М. И. Моро и др.) (HKLM-x32\...\Издательство Просвещение_Математика. 4 класс (М. И. Моро и др.)) (Version: - ) Окружающий мир. 4 класс (Плешаков А.А.) (HKLM-x32\...\{B4D57397-D166-454A-8008-DD274868D8F1}) (Version: 1.00.0000 - Prosveshcheniye/Sanoma Learning) Панель управления NVIDIA 296.01 (Version: 296.01 - NVIDIA Corporation) Hidden ПО Intel® PROSet/Wireless WiFi (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {09146B2D-D3B0-4D01-BDF0-4D44D7C919DD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12] (Google Inc.) Task: {1EDEB8BF-FFD2-4137-BD28-B5CF866078B8} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION Task: {367BBC3B-88C5-406F-A7A7-D23CB9F1417A} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\Windows\system32\aitagent.exe [2010-11-21] (Корпорация Майкрософт (Microsoft Corp.)) Task: {AD32753F-8977-441B-BC2F-71BB13B8DEA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12] (Google Inc.) Task: {B72B0D64-06F5-4CAB-A559-6D42C74B5FE9} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION Task: {B86C8D98-6C75-4616-8FFE-B11E5622B6BA} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION Task: {DD32C1D1-0F53-41C4-A87E-8C5737DA436D} - \TaskSched -> No File <==== ATTENTION Task: {F877774E-E91C-43DA-9C69-8A8AEABAEDAB} - System32\Tasks\Opera scheduled Autoupdate 1457755004 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Дом\Links\Музыка.lnk -> C:\Users\Дом\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms () <===== Cyrillic Shortcut: C:\Users\Дом\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Деинсталлировать World of Tanks.lnk -> C:\Games\World_of_Tanks\unins000.exe () <===== Cyrillic Shortcut: C:\Users\Дом\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Официальный сайт игры.lnk -> C:\Games\World_of_Tanks\website.url () <===== Cyrillic Shortcut: C:\Users\Дом\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Последние изменения.lnk -> C:\Games\World_of_Tanks\readme.url () <===== Cyrillic Shortcut: C:\Users\Дом\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Руководство по игре.lnk -> C:\Games\World_of_Tanks\game_manual.url () <===== Cyrillic Shortcut: C:\Users\Дом\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Энциклопедия.lnk -> C:\Games\World_of_Tanks\wiki.url () <===== Cyrillic Shortcut: C:\Users\Дом\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Руководство по консольной версии RAR.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt () <===== Cyrillic Shortcut: C:\Users\Дом\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Справка WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm () <===== Cyrillic Shortcut: C:\Users\Дом\AppData\Roaming\Microsoft\Windows\SendTo\Передача файлов через Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <===== Cyrillic Shortcut: C:\Users\Public\Desktop\Математика. 4 класс (М. И. Моро и др.).lnk -> C:\Program Files (x86)\Издательство Просвещение\Математика. 4 класс (М. И. Моро и др.)\start.exe () <===== Cyrillic Shortcut: C:\Users\Public\Desktop\Окружающий мир. 4 класс (Плешаков А.А.).lnk -> C:\Users\Дом\Desktop\машина 2107\data\start.exe (Adobe Systems, Inc.) <===== Cyrillic Shortcut: C:\Users\Public\Desktop\Русский язык. 4 класс (В.П. Канакина, В.Г. Горецкий).lnk -> C:\Program Files (x86)\Издательство Просвещение\Русский язык. 4 класс (В.П. Канакина, В.Г. Горецкий)\russian_language04.exe () <===== Cyrillic Shortcut: C:\Users\Public\Desktop\Технология. 4 класс (Н.И. Роговцева и др.).lnk -> C:\Program Files (x86)\Образование-Медиа\Технология. 4 класс (Н.И. Роговцева и др.)\technology04.exe () <===== Cyrillic ShortcutWithArgument: C:\Users\Дом\Desktop\Skype - Ярлык.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /secondary <===== Cyrillic ==================== Loaded Modules (Whitelisted) ============== 2016-03-12 10:54 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2016-03-12 11:03 - 2016-11-25 19:35 - 00782248 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll 2017-01-07 22:36 - 2017-01-07 22:36 - 00240640 _____ () C:\Program Files (x86)\Ghostery Storage Server\ghstore.exe 2016-11-19 14:57 - 2013-04-03 15:09 - 00756224 _____ () C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe 2016-03-12 11:03 - 2016-11-25 19:35 - 00099240 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll 2016-03-11 23:02 - 2015-02-17 00:33 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2016-11-19 22:45 - 2016-12-08 22:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-11-19 22:45 - 2016-09-01 08:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-11-19 22:45 - 2016-09-01 08:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-11-19 22:45 - 2016-09-01 08:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-11-19 22:45 - 2016-12-20 09:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll 2016-11-19 22:45 - 2016-01-27 14:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-11-19 22:45 - 2016-01-27 14:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-11-19 22:45 - 2016-01-27 14:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-11-19 22:45 - 2016-01-27 14:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-11-19 22:45 - 2016-01-27 14:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-11-19 22:45 - 2016-12-20 09:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-11-19 22:45 - 2016-07-05 05:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-03-12 11:03 - 2016-11-25 19:35 - 00584616 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll 2016-12-13 23:44 - 2016-12-05 23:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2016-11-19 22:45 - 2016-12-20 09:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll 2016-11-19 22:45 - 2015-09-25 06:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\7A7A4D03.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\7A7A4D03.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 09:34 - 2016-11-27 14:50 - 00000913 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 bandicam.com 127.0.0.1 ssl.bandisoft.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-121066890-694077553-4032108578-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Дом\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 82.200.47.179 - 81.1.192.20 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [{D49B8D39-064D-44BE-8DF2-54C15AAA2AF2}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{C32FF326-0382-4282-AFAD-C0ED14AE6CDF}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{E1EB667A-17F8-413B-BBFE-00791F54A2BD}] => C:\Program Files (x86)\360\Total Security\softmgr\InstantSetup.exe FirewallRules: [{D391BF46-7FD2-48A2-A499-0BC8EE1EDBCA}] => C:\Program Files (x86)\360\Total Security\softmgr\InstantSetup.exe FirewallRules: [{BD722E48-73B3-46B4-B4B7-9CDF4BD4F8CC}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{C76AB36C-F32A-4A1D-BDC0-239F579E74CB}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{26AFC5C1-FBD8-4758-8B31-631C4A331B21}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{34429646-B683-47C2-8D63-9785C2B2EFA2}] => C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe FirewallRules: [{D55F48CC-726C-4D66-8754-2C333757CD78}] => C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe FirewallRules: [{8E68D4EB-871D-4BE5-815A-FE3D7F723EBC}] => C:\Users\Дом\AppData\Local\MediaGet2\mediaget.exe FirewallRules: [{43519359-0547-4CDB-BA25-48B3BB252CDF}] => C:\Users\Дом\AppData\Local\MediaGet2\mediaget.exe FirewallRules: [{CAA675C6-48EC-436B-B2D0-E1BB046522D0}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{627714DF-82B1-4C06-9C4E-CB47E43C717E}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1402D3DC-D89C-46D3-BBAB-C18481E1E042}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{9BB53458-2206-400A-9460-C48031C1B721}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{DB916458-5B28-4F4E-8140-08D5E05C98B5}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8FA8ABDF-3B28-4C83-B416-44ED2B6D9844}] => C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{8DA9F1C2-F0FE-48F9-9A72-6DA5ADD93953}] => C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{9FAFC073-2A98-4042-90BB-1868BF2D7A6A}] => C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{53D93CEB-7EF2-4FDA-9E2E-5968A632101E}] => C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{A446400E-8AD8-4918-9494-6DA2C4B1C87A}] => C:\Program Files\Pulse++K_x64\TTKPulse_x64.exe FirewallRules: [{44B24DA6-9F13-4C1D-8DB1-8F400AC0B694}] => C:\Program Files\Pulse++K_x64\TTKPulse_x64.exe FirewallRules: [{172D9666-417A-448B-B351-9B496F0C31BC}] => C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{3FF6B879-8FB2-4DC1-AA94-03F57DE3420C}] => C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe FirewallRules: [{B0C018EF-7AEB-4675-97C4-C8509876F91F}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{7D38ADB8-FD96-4A4F-89B6-BBA8497FCD18}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{02A96CAB-3758-42C1-8BB4-267DC11E3436}C:\games\arma iii\arma3.exe] => C:\games\arma iii\arma3.exe FirewallRules: [UDP Query User{E857F332-6C7B-4088-B9F2-AC9777902406}C:\games\arma iii\arma3.exe] => C:\games\arma iii\arma3.exe FirewallRules: [{68FB1FF7-B699-4D35-8843-5C8DE7F1E9AF}] => C:\Users\Дом\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3A9D7C4A-4D02-4513-B5EA-0AA39C084FC4}] => C:\Users\Дом\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EE0F521D-3745-4C0C-B005-2E47E14F414B}] => C:\Users\Дом\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7A944A7B-D0D1-4EAA-A59E-CAF1F93DDB51}] => C:\Users\Дом\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EEAF3D2B-614E-404C-96E3-113BB583BC46}] => C:\Users\Дом\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DE87100C-AD1A-4587-93BE-D94B333811C5}] => C:\Users\Дом\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{228EF9C3-0EB8-47B5-9894-B69AD41C6A36}C:\games\полный привод 3. последний поход\binaries\win32\shippingpc-pp3workgame.exe] => C:\games\полный привод 3. последний поход\binaries\win32\shippingpc-pp3workgame.exe FirewallRules: [UDP Query User{4BBD77AF-1BE5-4D28-BED3-3828A961D5B4}C:\games\полный привод 3. последний поход\binaries\win32\shippingpc-pp3workgame.exe] => C:\games\полный привод 3. последний поход\binaries\win32\shippingpc-pp3workgame.exe FirewallRules: [TCP Query User{2CC4426C-F182-463E-9315-6FB7EF5561C6}C:\program files\pulse++k_x64\ttkpulse_x64.exe] => C:\program files\pulse++k_x64\ttkpulse_x64.exe FirewallRules: [UDP Query User{D09E7AAC-0D16-4797-87AE-63BBB32E60AA}C:\program files\pulse++k_x64\ttkpulse_x64.exe] => C:\program files\pulse++k_x64\ttkpulse_x64.exe FirewallRules: [{B58551B5-DB3C-4956-A40A-EAD2F48F19A9}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{24C68FEB-A6E6-4C18-9F8A-E8F2FF1E2616}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{8FE0550E-9B6E-47D0-B54F-B5A3C5553DBB}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{F6BFEAD2-57A1-45F3-8715-0EE7CC539C1D}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{7F1A8016-1FB8-49C9-A125-F39670B93947}] => C:\Users\Дом\AppData\Local\Amigo\Application\amigo.exe FirewallRules: [{170F9CDC-4776-47FE-85ED-FC1B7C6D9E11}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{15C0183A-741B-42AD-B888-1E98A38E5AC9}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ==================== Restore Points ========================= 19-12-2016 19:28:29 Installed 2GIS 3.16.3.0 19-12-2016 19:30:26 Установлено: Данные 2ГИС г.Барнаул 01.12.2016 23-12-2016 00:06:31 Установлено: Microsoft Visual C++ 2005 Redistributable ==================== Faulty Device Manager Devices ============= Name: PCI-контроллер Simple Communications Description: PCI-контроллер Simple Communications Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: SM контроллер шины Description: SM контроллер шины Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/09/2017 09:26:57 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/09/2017 09:06:50 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Имя сбойного приложения: mbamservice.exe, версия: 3.1.0.388, отметка времени: 0x58320f73 Имя сбойного модуля: CleanControllerImpl.dll, версия: 3.1.0.235, отметка времени 0x583c5497 Код исключения: 0xc00000fd Смещение ошибки: 0x000000000024cbf7 Идентификатор сбойного процесса: 0x13b0 Время запуска сбойного приложения: 0x01d26a1cad7b25c3 Путь сбойного приложения: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe Путь сбойного модуля: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CleanControllerImpl.dll Код отчета: 47a2a554-d610-11e6-922c-50b7c31d7a98 Error: (01/09/2017 09:01:18 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/09/2017 08:53:40 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/08/2017 01:43:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/08/2017 09:34:42 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/07/2017 10:51:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/07/2017 07:02:43 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Программа csgo.exe версии 0.0.0.0 прекратила взаимодействие с Windows и была закрыта. Чтобы узнать, имеются ли дополнительные сведения о проблеме, проверьте историю проблемы в Центре поддержки в панели управления. ИД процесса: 125c Время запуска: 01d268d3ee49a925 Время завершения: 244 Путь приложения: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ИД отчета: Error: (01/07/2017 01:29:35 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/06/2017 07:15:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (01/09/2017 09:20:07 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Диспетчер управления службами пытался выполнить исправляющее действие (Перезапуск службы) после непредвиденного завершения службы Служба шлюза уровня приложения, но при этом произошла следующая ошибка: Одна копия службы уже запущена. Error: (01/09/2017 09:18:39 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Диспетчер управления службами пытался выполнить исправляющее действие (Перезапуск службы) после непредвиденного завершения службы Windows Search, но при этом произошла следующая ошибка: Одна копия службы уже запущена. Error: (01/09/2017 09:18:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 5000 мсек: Перезапуск службы. Error: (01/09/2017 09:18:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 60000 мсек: Перезапуск службы. Error: (01/09/2017 09:18:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Служба "Steam Client Service" неожиданно прервана. Это произошло (раз): 1. Error: (01/09/2017 09:18:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Windows Search была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 30000 мсек: Перезапуск службы. Error: (01/09/2017 09:18:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Служба общих сетевых ресурсов проигрывателя Windows Media была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 30000 мсек: Перезапуск службы. Error: (01/09/2017 09:18:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Служба шлюза уровня приложения была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 120000 мсек: Перезапуск службы. Error: (01/09/2017 09:18:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Updater.Mail.Ru была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 0 мсек: Перезапуск службы. Error: (01/09/2017 09:18:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Служба "MyPublicWiFi Service" неожиданно прервана. Это произошло (раз): 1. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz Percentage of memory in use: 20% Total physical RAM: 7971.54 MB Available physical RAM: 6307.92 MB Total Virtual: 15941.26 MB Available Virtual: 14237.35 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:237 GB) (Free:145.02 GB) NTFS Drive d: () (Fixed) (Total:461.54 GB) (Free:48.64 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: DD67CDBD) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=237 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=461.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================