Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-08-2017 Ran by Welkom (07-08-2017 18:58:30) Running from F:\ Microsoft Windows 7 Профессиональная Service Pack 1 (X86) (2014-04-10 17:35:40) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Welkom (S-1-5-21-643831639-2576656661-3454533316-1000 - Administrator - Enabled) => C:\Users\Welkom Администратор (S-1-5-21-643831639-2576656661-3454533316-500 - Administrator - Disabled) Гость (S-1-5-21-643831639-2576656661-3454533316-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1} AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-643831639-2576656661-3454533316-1000\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0419-0000-0000000FF1CE}_POWERPOINT_{06BBE4EF-FA0F-43D4-8DE6-12B15AE6DC8F}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0419-0000-0000000FF1CE}_WORD_{06BBE4EF-FA0F-43D4-8DE6-12B15AE6DC8F}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_EXCEL_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_POWERPOINT_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_VISPRO_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_WORD_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_EXCEL_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_POWERPOINT_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_WORD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0419-0000-0000000FF1CE}_EXCEL_{EFE123B8-9F0A-4C50-A67B-0BADF3CB00DC}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0419-0000-0000000FF1CE}_POWERPOINT_{EFE123B8-9F0A-4C50-A67B-0BADF3CB00DC}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0419-0000-0000000FF1CE}_VISPRO_{EFE123B8-9F0A-4C50-A67B-0BADF3CB00DC}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0419-0000-0000000FF1CE}_WORD_{EFE123B8-9F0A-4C50-A67B-0BADF3CB00DC}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0422-0000-0000000FF1CE}_EXCEL_{E23630A0-8B0D-4145-9CEA-9B4967CDDC0E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0422-0000-0000000FF1CE}_POWERPOINT_{E23630A0-8B0D-4145-9CEA-9B4967CDDC0E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0422-0000-0000000FF1CE}_VISPRO_{E23630A0-8B0D-4145-9CEA-9B4967CDDC0E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0422-0000-0000000FF1CE}_WORD_{E23630A0-8B0D-4145-9CEA-9B4967CDDC0E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0419-0000-0000000FF1CE}_EXCEL_{8D43357C-7ED3-4E4C-9804-DB84C67823BC}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0419-0000-0000000FF1CE}_POWERPOINT_{8D43357C-7ED3-4E4C-9804-DB84C67823BC}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0419-0000-0000000FF1CE}_VISPRO_{8D43357C-7ED3-4E4C-9804-DB84C67823BC}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0419-0000-0000000FF1CE}_WORD_{8D43357C-7ED3-4E4C-9804-DB84C67823BC}) (Version: - Microsoft) Hidden 3D Ripper DX v1.8.2 (HKLM\...\3D Ripper DX_is1) (Version: - Roman Lut) Adobe Dreamweaver CC (HKLM\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated) Adobe Flash Player 26 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Update Management Tool (HKLM\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 7.0 - PainteR) Aida64 Extreme Edition 2.85.2400.0 (HKLM\...\Aida64 Extreme Edition 2.85.2400.0) (Version: - ) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden Armored Warfare (HKU\S-1-5-21-643831639-2576656661-3454533316-1000\...\Armored Warfare) (Version: 1.30 - ) ArtMoney PRO v7.43 (HKLM\...\ArtMoney PRO_is1) (Version: 7.43 - System SoftLab) Assassin's Creed 2 v1.01 Rus (HKLM\...\Assassin's Creed 2_is1) (Version: - ) Assassin's Creed 3.Deluxe Edition.v 1.05 + 5 DLC (HKLM\...\Assassin's Creed 3.Deluxe Edition.v 1.05 + 5 DLC_is1) (Version: Assassin's Creed 3.Deluxe Edition.v 1.05 + 5 DLC - RiP by Fenixx (21.05.2013)) Bandicam (HKLM\...\Bandicam) (Version: - Bandisoft) Battlefield 3™ (HKLM\...\{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}) (Version: 1.6.0.0 - Electronic Arts) Battlefield 3™ (HKLM\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Blender (HKLM\...\Blender) (Version: 2.70a - Blender Foundation) Car Mechanic Simulator 2015 v.1.0.4 (HKLM\...\Car Mechanic Simulator 2015_is1) (Version: - ) CCleaner 4.0.0.4064 (HKLM\...\CCleaner) (Version: v 4.0.0.4064 - oszone.net) Cities XL (HKLM\...\Cities XL_is1) (Version: - Martin) City Car Driving (HKLM\...\Steam App 493490) (Version: - Forward Development, Ltd.) CodeBlocks (HKU\S-1-5-21-643831639-2576656661-3454533316-1000\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) CodeVisionAVR V2.03.4 (HKLM\...\CodeVisionAVR C Compiler_is1) (Version: - ) ColorMania 3.0 (HKLM\...\ColorMania_is1) (Version: 3.0 - Blacksun Software) Counter-Strike 1.6 (HKLM\...\Counter-Strike 1.6) (Version: 1.6 - GetCS16.ru) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Default (HKLM\...\{6AC438CD-EA08-487B-B858-B86241B7260C}) (Version: 1.0.0.1 - Default Company Name) Hidden Driver.San Francisco.v 1.04.1114 (HKLM\...\Driver.San Francisco.v 1.04.1114_is1) (Version: Driver.San Francisco.v 1.04.1114 - Fenixx--Repack--(22.01.2012)) Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software) F1 2010 (HKLM\...\{35EFD5D7-C3F9-4C2E-AB4E-A5F6D9EA9CDC}_is1) (Version: - ) F1 2011 (HKLM\...\F1 2011_is1) (Version: - ) Farming Simulator 15 v.1.1.0.0 (HKLM\...\Farming Simulator 15_is1) (Version: - ) FastStone Capture (HKLM\...\FastStone Capture) (Version: - FastStone Soft) Fishing Planet (HKLM\...\Steam App 380600) (Version: - Fishing Planet LLC) Google Chrome (HKLM\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden GTA San Andreas (HKLM\...\{C78D1D90-D347-47BA-AB87-13863FF16D36}_is1) (Version: - ) HashTab v5.1.0.23 (HKLM\...\HashTab) (Version: 5.1.0.23 - Implbits Software) Heroes & Generals (HKLM\...\Steam App 227940) (Version: - Reto-Moto) Java 8 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation) Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 9.8.0 (HKLM\...\KLiteCodecPack_is1) (Version: 9.8.0 - ) Life Is Strange (HKLM\...\Life Is Strange_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Mafia II (HKLM\...\Mafia II_is1) (Version: - R.G. Mechanics, DANTE2050) Malwarebytes, версия 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Metro 2033 (HKLM\...\Metro 2033_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office PowerPoint 2007 (HKLM\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft) Microsoft Office Visio Профессиональный 2007 (HKLM\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Word 2007 (HKLM\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office профессиональный плюс 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-643831639-2576656661-3454533316-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation) mikroC PRO for PIC (remove only) (HKLM\...\mikroC PRO for PIC) (Version: 6.6.1.0 - mikroElektronika) Minecraft 1.8.3 (HKLM\...\{2F512BCC-42E6-41FF-815D-368253533C97}}_is1) (Version: - ) Modem YOTA 4G LTE (HKLM\...\Modem YOTA 4G LTE) (Version: 1.0.0.0 - Yota Devices Ltd.) Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM\...\{E668DD34-04FA-4A11-B07A-8CBA2119401B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) mySize (HKLM\...\{AB4B58C5-363E-4EC1-B7AF-FE5255555F6D}) (Version: 1.0.0 - Anishsoft) Nero 12 Full Repack (HKLM\...\NMMS12) (Version: - ) Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team) NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation) NVIDIA PhysX (HKLM\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation) NVIDIA Аудиодрайвер HD 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA Графический драйвер 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation) NVIDIA Драйвер 3D Vision 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation) NVIDIA Драйвер контроллера 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Системное программное обеспечение PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OpenAL (HKLM\...\OpenAL) (Version: - ) Origin (HKLM\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Plague Inc - Evolved (HKLM\...\Plague Inc - Evolved_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden Pro Evolution Soccer 2014 v.1.13 (HKLM\...\Pro Evolution Soccer 2014_is1) (Version: - ) Pro Evolution Soccer 2016 (HKLM\...\Pro Evolution Soccer 2016_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm) PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) Punto Switcher 3.3.1 (HKLM\...\{57B1BFB9-44BD-4190-954C-37ABB193A557}) (Version: 3.3.1.364 - Яндекс) Rapture3D 2.4.4 Game (HKLM\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) S.K.I.L.L. - Special Force 2 (HKLM\...\Steam App 286940) (Version: - ) Saints Row The Third (HKLM\...\Saints Row The Third_is1) (Version: - RePack by [R.G.UniGamers]) Scarface - The World Is Yours (HKLM\...\Scarface - The World Is Yours_is1) (Version: - ) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden Skype™ 7.34 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.) Spintires (HKLM\...\Spintires_is1) (Version: 1.0 - Decepticon) Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Street Legal Racing Pre-release IV (HKLM\...\Street Legal Racing Pre-release IV_is1) (Version: Street Legal Racing Pre-release IV - Jack) Test Drive Unlimited 2 (HKLM\...\Test Drive Unlimited 2_is1) (Version: - Atari) The Sims 4 (HKLM\...\The Sims 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm) Total Commander 8.01 (HKLM\...\Total Commander 8.01) (Version: - ) Unity Web Player (HKU\S-1-5-21-643831639-2576656661-3454533316-1000\...\UnityWebPlayer) (Version: 5.3.8f1 - Unity Technologies ApS) Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Uplay (HKLM\...\Uplay) (Version: 4.7 - Ubisoft) Vegas Pro 10.0 (HKLM\...\{5AC11070-A1CB-11E0-A0DC-0013D3D69929}) (Version: 10.0.737 - Sony) VIA Диспетчер устройств платформы (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) War Thunder Launcher 1.0.1.467 (HKLM\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) Warface (HKU\S-1-5-21-643831639-2576656661-3454533316-1000\...\Warface) (Version: 1.209 - Mail.Ru) WinRAR 4.10 (32-разрядная) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH) World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812RU}_is1) (Version: - Wargaming.net) Yandex (HKU\S-1-5-21-643831639-2576656661-3454533316-1000\...\YandexBrowser) (Version: 17.7.0.1544 - ООО «ЯНДЕКС») Глаз.ТВ (HKLM\...\GlazTV) (Version: 1.0 - www.glaz.tv) ДругВокруг 2.0 (HKLM\...\ДругВокруг) (Version: 2.0 - ООО 'MoCo Media') Игровой центр (HKU\S-1-5-21-643831639-2576656661-3454533316-1000\...\GameCenterMailRu) (Version: 3.1153 - ООО "Мэйл.Ру Геймз") Обновление Microsoft Outlook Social Connector (KB2289116) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{75F91382-920C-4AE1-B9E6-FFFCEDA797E8}) (Version: - Microsoft) Обновление Microsoft Outlook Social Connector (KB2289116) (HKLM\...\{90140000-001A-0419-0000-0000000FF1CE}_Office14.PROPLUS_{5D773FAE-C0F8-439C-9713-D331F0977065}) (Version: - Microsoft) Обновления NVIDIA 25.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.0.0.0 - NVIDIA Corporation) Hidden Основные компоненты Windows Live (HKLM\...\{D177E45E-2BA3-42C1-8570-CCA2217B958C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Основные компоненты Windows Live (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Панель управления NVIDIA 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.53 - NVIDIA Corporation) Hidden Почта Windows Live (HKLM\...\{C325D201-108B-410F-98F7-F3F1B3CA555A}) (Version: 16.4.3528.0331 - Корпорация Майкрософт) Hidden Фотоальбом (HKLM\...\{B27EB36C-9860-42FD-AA90-23648E49F15C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Фотографии (общедоступная версия) (HKLM\...\{7D6C9057-7F50-4CAB-A557-A68A7932B48E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Яндекс.Диск (HKU\S-1-5-21-643831639-2576656661-3454533316-1000\...\YandexDisk) (Version: 1.4.16.5331 - Яндекс) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{19170A69-A883-40D5-AF97-F6DC41495F15}\InprocServer32 -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{2D6BD2F0-5F84-4a06-924F-AEE0598B6272}\InprocServer32 -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{33A431BB-FF15-4047-8FEC-F82FD3523A00}\localserver32 -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe (Яндекс) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{63D48440-63AB-44D0-B323-4731DFCDE9E9}\InprocServer32 -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0}\InprocServer32 -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{97836AB9-12C5-4C30-A128-B75196DD1787}\InprocServer32 -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (MicrosoftCorporation) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{AF8D197E-7022-4c3d-BD88-68AD35C9C169}\InprocServer32 -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (MicrosoftCorporation) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (MicrosoftCorporation) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{E36606FE-036A-4dd0-ABA9-A58F409803F0}\InprocServer32 -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (MicrosoftCorporation) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (MicrosoftCorporation) CustomCLSID: HKU\S-1-5-21-643831639-2576656661-3454533316-1000_Classes\CLSID\{FB2FE984-05F5-4512-9D9B-69D3DE61F6D9}\InprocServer32 -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Яндекс) ShellIconOverlayIdentifiers: [ YndCase0Sync] -> {63D48440-63AB-44D0-B323-4731DFCDE9E9} => C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2017-05-22] (Яндекс) ShellIconOverlayIdentifiers: [ YndCase1Modified] -> {7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0} => C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2017-05-22] (Яндекс) ShellIconOverlayIdentifiers: [ YndCase2Error] -> {FB2FE984-05F5-4512-9D9B-69D3DE61F6D9} => C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2017-05-22] (Яндекс) ShellIconOverlayIdentifiers: [ YndCase3Shared] -> {AF8D197E-7022-4c3d-BD88-68AD35C9C169} => C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2017-05-22] (Яндекс) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [2014-08-08] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [2014-08-08] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [2014-08-08] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [Offline Files] -> {4E77131D-3629-431c-9818-C5679DC83E81} => C:\Windows\System32\cscui.dll [2010-11-21] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2014-05-12] () ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => C:\Windows\system32\syncui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2014-08-22] (КорпорацияМайкрософт) ContextMenuHandlers1: [Open With] -> {09799AFB-AD67-11d1-ABCD-00C04FC30936} => C:\Windows\system32\shell32.dll [2014-03-25] (MicrosoftCorporation) ContextMenuHandlers1: [Open With EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\Windows\system32\shell32.dll [2014-03-25] (MicrosoftCorporation) ContextMenuHandlers1: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (AlexanderRoshal) ContextMenuHandlers1: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (MicrosoftCorporation) ContextMenuHandlers2: [EnhancedStorageShell] -> {2854F705-3548-414C-A113-93E27C808C85} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (MicrosoftCorporation) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2014-08-22] (КорпорацияМайкрософт) ContextMenuHandlers2: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers3: [CopyAsPathMenu] -> {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} => C:\Windows\system32\shell32.dll [2014-03-25] (MicrosoftCorporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers3: [SendTo] -> {7BA4C740-9E81-11CF-99D3-00AA004AE837} => C:\Windows\system32\shell32.dll [2014-03-25] (MicrosoftCorporation) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] () ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (MicrosoftCorporation) ContextMenuHandlers4: [EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\Windows\system32\shell32.dll [2014-03-25] (MicrosoftCorporation) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2014-08-22] (КорпорацияМайкрософт) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => C:\Windows\System32\cscui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers4: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (AlexanderRoshal) ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (MicrosoftCorporation) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => C:\Program Files\Windows Sidebar\sbdrop.dll [2009-07-14] (MicrosoftCorporation) ContextMenuHandlers5: [New] -> {D969A300-E7FF-11d0-A93B-00A0C90F2719} => C:\Windows\system32\shell32.dll [2014-03-25] (MicrosoftCorporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-08] (NVIDIACorporation) ContextMenuHandlers5: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (MicrosoftCorporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => C:\Windows\system32\syncui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers6: [Library Location] -> {3dad6c5d-2167-4cae-9914-f99e41c12cfa} => C:\Windows\system32\shell32.dll [2014-03-25] (MicrosoftCorporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => C:\Windows\System32\cscui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] () ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (AlexanderRoshal) ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (MicrosoftCorporation) ContextMenuHandlers1_S-1-5-21-643831639-2576656661-3454533316-1000: [ SkyDriveEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [2014-08-08] (MicrosoftCorporation) ContextMenuHandlers1_S-1-5-21-643831639-2576656661-3454533316-1000: [Yandex.Disk] -> {97836AB9-12C5-4C30-A128-B75196DD1787} => C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll [2017-05-22] (Яндекс) ContextMenuHandlers4_S-1-5-21-643831639-2576656661-3454533316-1000: [ SkyDriveEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [2014-08-08] (MicrosoftCorporation) ContextMenuHandlers4_S-1-5-21-643831639-2576656661-3454533316-1000: [Yandex.Disk] -> {97836AB9-12C5-4C30-A128-B75196DD1787} => C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll [2017-05-22] (Яндекс) ContextMenuHandlers5_S-1-5-21-643831639-2576656661-3454533316-1000: [ SkyDriveEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [2014-08-08] (MicrosoftCorporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1092F868-D3B1-4BBB-952D-28A6D62F0F6F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIACorporation) Task: {1338B6A1-5CD6-4EEB-A8CB-BCF079908B56} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-21] (MicrosoftCorporation) Task: {199B6218-EC6B-4A7D-AAED-0E5CC444EF3E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {1A353D5E-DED3-4D09-B8A2-EACEAB3EC3EB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe [2010-11-21] (MicrosoftCorporation) Task: {1DDE2678-4693-45F6-BCCB-181B800F3E92} - System32\Tasks\AdobeAAMUpdater-1.0-WelPC-Welkom => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (AdobeSystemsIncorporated) Task: {2375F586-1009-41FB-B54E-30D8AF2B781D} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [2009-07-14] (MicrosoftCorporation) Task: {25B44308-9B1F-4654-8CDB-817D9D8F25B0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {2A255105-FDA4-48AF-8D52-5830867FA95B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2010-11-21] (MicrosoftCorporation) Task: {33958525-7615-4AF1-B102-D87EB2602622} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION Task: {35C733B5-E455-4C9A-9BF5-AFE7F0122BA7} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2014-08-22] (MicrosoftCorporation) Task: {3613CE8B-0AE4-4D1D-BB72-A51B71368748} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2017-05-03] (NVIDIACorporation) Task: {365E106C-38AD-41C5-901B-3B757B20DE7B} - System32\Tasks\Обновление Браузера Яндекс => C:\Users\Welkom\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2017-07-13] (YANDEXLLC) Task: {39AA679C-E872-4C54-ACCD-290AF23BC316} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIACorporation) Task: {49F19BD1-5A31-413D-8304-E0BA9FD1DE2F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {53C53B87-EC9A-4E82-83BE-5A9B52ECEFB3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe [2010-11-21] (MicrosoftCorporation) Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe [2010-11-21] (MicrosoftCorporation) Task: {60158C7A-6808-42CD-95EE-AFD9A57925DB} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [2009-07-14] (MicrosoftCorporation) Task: {64D148E1-A3BE-4D59-AE65-9F9439DABB4B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2010-11-21] (MicrosoftCorporation) Task: {6730069D-C089-4DFF-B342-39A7880FA133} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {6B7AC694-8D6D-481B-9DD8-2A3A741ADA6D} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => C:\Windows\System32\powercfg.exe [2009-07-14] (MicrosoftCorporation) Task: {6CC40A6C-EE7E-4E8B-A9E1-EF94942520D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {6EF33248-11A8-40C5-B39A-4CE889AE30FE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIACorporation) Task: {6F6049CC-8904-47EA-B01D-D81A216D2EBF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2017-05-03] (NVIDIACorporation) Task: {7280EB64-C0CC-4942-9110-A78B8FFC12C5} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2009-07-14] (MicrosoftCorporation) Task: {731E9C62-95B5-4C8C-AB64-4CC591C9FF5B} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2009-07-14] (MicrosoftCorporation) Task: {747015F4-A732-4BC7-B72A-983D36877B12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-21] (GoogleInc.) Task: {7991B5B3-AEEE-4BC9-ABCA-C96C89872DD5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {79BEFF47-E003-4784-BA7D-EC0EB59F9435} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {7D3C7871-A917-4EF0-82E8-5F0A96423051} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-07-14] (MicrosoftCorporation) Task: {852CCF17-BB2D-4787-B106-4C229AB58322} - \adobe-updater-startup-utility-ru -> No File <==== ATTENTION Task: {86CA70FF-68B8-4FD5-BB17-153B7390D77C} - System32\Tasks\Microsoft\Windows\MUI\Mcbuilder => C:\Windows\System32\mcbuilder.exe [2010-11-21] (MicrosoftCorporation) Task: {86E7C310-2C29-4552-81BE-5C0038CACBD1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {8AF07E9B-EA1E-40EF-A510-CDEF4D643B8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12] (AdobeSystemsIncorporated) Task: {8BC71AD6-1767-4537-9714-1F4B532E6BF4} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (MicrosoftCorporation) Task: {8E18527E-C090-4305-9F1A-11354019B3CC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe [2010-11-21] (MicrosoftCorporation) Task: {94C594F3-AFB8-42ED-9BD8-9996A8CB9601} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIACorporation) Task: {A2CFB6F3-B3AE-4971-8E29-C415BE22D2E5} - \Microsoft\Windows\Maintenance\WinSAT -> No File <==== ATTENTION Task: {A2DAA6A5-169A-4FE2-B3F3-28427769BFC4} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {A6394592-54CE-4E93-8D64-1A068F462632} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2010-11-21] (MicrosoftCorporation) Task: {A977553B-DFD1-4B6C-B09E-524FC4C8C4A6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {AB2604CC-F8F2-4D26-B776-ABD17944570B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {ADBF2620-5A0D-4498-8418-65679DAF07F4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIACorporation) Task: {B9BEE219-C29E-4310-819C-147A5A0E045E} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2009-07-14] (MicrosoftCorp.) Task: {BBEDE3F0-0CC1-40F9-BA22-B68131B0EBB5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {C90440A0-6D8F-423F-8F42-83EEF05CE708} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [2009-07-14] (MicrosoftCorporation) Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\Windows\system32\aitagent.exe [2010-11-21] (КорпорацияМайкрософт(MicrosoftCorp.)) Task: {D510B714-20B6-4201-B152-7032E3F4189B} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION Task: {DD97E66E-3DAD-4BF2-BBF7-B00E64662214} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2009-07-14] (MicrosoftCorporation) Task: {E243F71A-1BAD-4776-8E3E-2BC188EE05CC} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION Task: {E5756242-ED8D-4C82-9725-7255DA9C8798} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-21] (GoogleInc.) Task: {E7B599A5-90F0-4192-B418-0394B31FA930} - \Uninstaller_SkipUac_Welkom -> No File <==== ATTENTION Task: {F048EACC-49E9-4DDD-BCBC-77BEA5B2587C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (MicrosoftCorporation) Task: {F4E2B7AA-28E2-4897-B5BF-01BD281E40B1} - \kbrowser-updater-utility -> No File <==== ATTENTION Task: {F69A05C8-5CD7-4A23-ADFA-1AC59CB5A7B1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIACorporation) Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotifications.exe [2009-07-14] (MicrosoftCorporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Обновление Браузера Яндекс.job => C:\Users\Welkom\AppData\Local\Yandex\YandexBrowser\Application\browser.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Welkom\Saved Games\Links\Яндекс.Диск.lnk -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe (Яндекс) <==== Cyrillic Shortcut: C:\Users\Welkom\Desktop\Скриншоты в Яндекс.Диске.lnk -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskScreenshotEditor.exe (Яндекс) <==== Cyrillic Shortcut: C:\Users\Welkom\Desktop\флешка\то\Lab 3\AIDA64 Business Portable\AIDA64Portable as Администратор.Lnk -> \\192.168.4.1\tasks\Бобаренко\КСК 4 курс ( 47 )\ТО\Lab 2\AIDA64 Business Portable\AIDA64Portable.exe <==== Cyrillic Shortcut: C:\Users\Welkom\Desktop\Programm\Глаз.ТВ.lnk -> C:\Program Files\Glaz.TV\GlazTV.exe () <==== Cyrillic Shortcut: C:\Users\Welkom\Desktop\Programm\ДругВокруг.lnk -> C:\Users\Welkom\AppData\Roaming\ДругВокруг\drugvokrug.exe () <==== Cyrillic Shortcut: C:\Users\Welkom\Desktop\Programm\Игровой центр@Mail.Ru.lnk -> C:\Users\Welkom\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe (No File) <==== Cyrillic Shortcut: C:\Users\Welkom\Desktop\Programm\Настройки Pro Evolution Soccer 2014.lnk -> D:\Games\Pro Evolution Soccer 2014\settings.exe (Konami Digital Entertainment Co., Ltd.) <==== Cyrillic Shortcut: C:\Users\Welkom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс.Диск\Скриншоты в Яндекс.Диске.lnk -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskScreenshotEditor.exe (Яндекс) <==== Cyrillic Shortcut: C:\Users\Welkom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ДругВокруг\ДругВокруг.lnk -> C:\Users\Welkom\AppData\Roaming\ДругВокруг\drugvokrug.exe () <==== Cyrillic Shortcut: C:\Users\Welkom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Глаз.ТВ\Глаз.ТВ.lnk -> C:\Program Files\Glaz.TV\GlazTV.exe () <==== Cyrillic Shortcut: C:\Users\Welkom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Глаз.ТВ\Удалить (Uninstall).lnk -> C:\Program Files\Glaz.TV\Uninstall.exe () <==== Cyrillic Shortcut: C:\Users\Welkom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Руководство по консольной версии RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () <==== Cyrillic Shortcut: C:\Users\Welkom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Справка WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () <==== Cyrillic Shortcut: C:\Users\Welkom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Деинсталлировать War Thunder.lnk -> D:\Games\WarThunder\unins000.exe () <==== Cyrillic ShortcutWithArgument: C:\Users\Welkom\Desktop\Игры Alawar.lnk -> C:\Users\Welkom\AppData\Local\Alawar\urlrun.exe () -> /URL "hxxp://www.alawar.ru/?utm_source=desktop&utm_medium=alawar_ru&utm_campaign=alawargames" ShortcutWithArgument: C:\Users\Welkom\Desktop\Programm\Панель запуска приложений Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Welkom\Desktop\Programm\Яндекс.Диск.lnk -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskStarter.exe (Яндекс) -> -desktop <==== Cyrillic ShortcutWithArgument: C:\Users\Welkom\AppData\Local\Google\Chrome\User Data\Панель запуска приложений Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Welkom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс.Диск\Яндекс.Диск.lnk -> C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\YandexDiskStarter.exe (Яндекс) -> -desktop <==== Cyrillic ShortcutWithArgument: C:\Users\Welkom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Панель запуска приложений Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Welkom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Панель запуска приложений Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ==================== Loaded Modules (Whitelisted) ============== 2010-01-30 02:41 - 2010-01-30 02:41 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-08-07 19:07 - 2016-08-07 19:06 - 000008192 _____ () C:\Windows\system32\srvany.exe 2016-08-07 19:07 - 2016-08-07 19:07 - 000151622 _____ () C:\Windows\kmsem\KMService.exe 2016-08-07 19:07 - 2016-08-07 19:06 - 000032768 _____ () C:\Windows\kmsem\Shadow.KMS 2017-01-02 14:37 - 2017-05-03 23:21 - 001040504 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2014-04-10 23:07 - 2010-08-11 10:32 - 000080496 ____R () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll 2014-04-10 23:07 - 2010-08-11 10:32 - 000113264 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll 2014-04-10 23:07 - 2010-08-11 10:32 - 000100976 ____R () C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll 2014-04-10 23:07 - 2010-08-11 10:32 - 064663664 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll 2017-05-24 17:53 - 2017-05-22 18:08 - 000271680 _____ () C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\libpng14-14.dll 2017-05-24 17:53 - 2017-05-22 18:08 - 000158016 _____ () C:\Users\Welkom\AppData\Roaming\Yandex\YandexDisk\zlib1.dll 2014-04-23 05:43 - 2014-07-22 23:25 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe 2016-08-12 11:35 - 2016-08-12 11:35 - 040523480 _____ () C:\Program Files\Common Files\Adobe\AdobeGCClient\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData:NT [40] AlternateDataStreams: C:\ProgramData:NT2 [432] AlternateDataStreams: C:\Users\All Users:NT [40] AlternateDataStreams: C:\Users\All Users:NT2 [432] AlternateDataStreams: C:\Users\Welkom:Heroes & Generals [38] AlternateDataStreams: C:\Users\Все пользователи:NT [40] AlternateDataStreams: C:\Users\Все пользователи:NT2 [432] AlternateDataStreams: C:\ProgramData\Application Data:NT [40] AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432] AlternateDataStreams: C:\ProgramData\TEMP:10D14739 [490] AlternateDataStreams: C:\ProgramData\TEMP:41ADDB8A [151] AlternateDataStreams: C:\ProgramData\TEMP:472FBBAF [472] AlternateDataStreams: C:\Users\Welkom\Application Data:NT [40] AlternateDataStreams: C:\Users\Welkom\Application Data:NT2 [432] AlternateDataStreams: C:\Users\Welkom\Local Settings:wa [146] AlternateDataStreams: C:\Users\Welkom\AppData\Local:wa [146] AlternateDataStreams: C:\Users\Welkom\AppData\Roaming:NT [40] AlternateDataStreams: C:\Users\Welkom\AppData\Roaming:NT2 [432] AlternateDataStreams: C:\Users\Welkom\AppData\Local\Application Data:wa [146] AlternateDataStreams: C:\Users\Все пользователи\Application Data:NT [40] AlternateDataStreams: C:\Users\Все пользователи\Application Data:NT2 [432] AlternateDataStreams: C:\Users\Все пользователи\MTA San Andreas All:NT [40] AlternateDataStreams: C:\Users\Все пользователи\MTA San Andreas All:NT2 [432] AlternateDataStreams: C:\Users\Все пользователи\TEMP:10D14739 [490] AlternateDataStreams: C:\Users\Все пользователи\TEMP:41ADDB8A [151] AlternateDataStreams: C:\Users\Все пользователи\TEMP:472FBBAF [472] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-09-18 14:22 - 2016-09-18 14:22 - 000000000 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-643831639-2576656661-3454533316-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Welkom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{DD6716EC-293A-4F8F-BACD-0BE6C666FDE3}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{6F93FC82-F359-4471-B824-5DF0DFFFF6BE}] => (Allow) C:\Windows\System32\PnkBstrA.exe FirewallRules: [{65776C2E-406E-4AE1-BB2A-4C8E194C114F}] => (Allow) C:\Windows\System32\PnkBstrA.exe FirewallRules: [{5FE1AFA0-94BD-419B-8F83-676D3DED33C3}] => (Allow) C:\Windows\System32\PnkBstrB.exe FirewallRules: [{59F2766F-5A49-4567-8487-E840E76CF650}] => (Allow) C:\Windows\System32\PnkBstrB.exe FirewallRules: [{3BB8B3D3-AC89-4818-ADC4-367E52003061}] => (Allow) D:\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{A0B76C88-EFEE-4BD1-91F7-3CFABC6CB66B}] => (Allow) D:\Origin Games\Battlefield 3\bf3.exe FirewallRules: [TCP Query User{412E53C0-9DC3-4991-B43C-C7AB4A564068}D:\program files\data\nfsw.exe] => (Allow) D:\program files\data\nfsw.exe FirewallRules: [UDP Query User{18787384-EADD-480F-B841-3B1D22D49621}D:\program files\data\nfsw.exe] => (Allow) D:\program files\data\nfsw.exe FirewallRules: [{39BEA390-B084-4696-A91F-7C72D37E8759}] => (Allow) C:\Windows\System32\PnkBstrA.exe FirewallRules: [{8B9F84A2-D76D-4C46-82E6-6E3C9964321C}] => (Allow) C:\Windows\System32\PnkBstrA.exe FirewallRules: [{EDAC6737-6EEB-491A-AC91-C6E130CD9FA8}] => (Allow) C:\Windows\System32\PnkBstrB.exe FirewallRules: [{0F43BED1-43D0-47CF-8B4C-876ADB19FC1F}] => (Allow) C:\Windows\System32\PnkBstrB.exe FirewallRules: [TCP Query User{D5B26E6B-43C6-41E8-AF56-3B98CCC588A8}D:\games\pro evolution soccer 2014\pes2014.exe] => (Allow) D:\games\pro evolution soccer 2014\pes2014.exe FirewallRules: [UDP Query User{12CF623F-8114-405C-8928-80436C175454}D:\games\pro evolution soccer 2014\pes2014.exe] => (Allow) D:\games\pro evolution soccer 2014\pes2014.exe FirewallRules: [{75937F66-DB35-4590-AB8C-2FA3B48CA041}] => (Allow) C:\Users\Welkom\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{038FF410-0111-4DBF-9149-A01673DEFEBA}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{610BD830-4873-414C-BA9F-1635E9CC0220}] => (Allow) LPort=2869 FirewallRules: [{4FFDFE1C-61B9-4675-A98E-A67683310543}] => (Allow) LPort=1900 FirewallRules: [{904359A7-AA1C-4D9B-A17A-E567F7951270}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{00B91C6A-0D05-4365-8A8C-6323C5F465CA}] => (Block) %ProgramFiles%\Bandicam\bdcam.exe FirewallRules: [{19FD0253-8753-467D-ADA7-AE8CE549C01A}] => (Allow) C:\Users\Welkom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8A959C36-935A-4109-AB81-B27355770F41}] => (Allow) C:\Users\Welkom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6F058971-A148-4B8F-9769-59E2F7AB3546}] => (Allow) D:\Games\F1 2010\F1_2010_game.exe FirewallRules: [{A77E4011-56F0-479D-8487-2758B35834E5}] => (Allow) D:\Games\F1 2010\F1_2010_game.exe FirewallRules: [{49FEEEB0-B4C8-4249-89F7-EBCABAE9B8F8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{429080E7-EAD7-44E7-97A2-4598EE817221}D:\games\atari\tdu2\uplauncher.exe] => (Allow) D:\games\atari\tdu2\uplauncher.exe FirewallRules: [UDP Query User{C9ED400F-7947-4CF8-9E1D-8354C27D885A}D:\games\atari\tdu2\uplauncher.exe] => (Allow) D:\games\atari\tdu2\uplauncher.exe FirewallRules: [TCP Query User{DA387230-F175-4321-A5A0-E8D9E2C20256}D:\games\atari\tdu2\uplauncher.exe] => (Allow) D:\games\atari\tdu2\uplauncher.exe FirewallRules: [UDP Query User{589A0808-1264-4C63-89A2-1FD41B3239E1}D:\games\atari\tdu2\uplauncher.exe] => (Allow) D:\games\atari\tdu2\uplauncher.exe FirewallRules: [TCP Query User{3658721E-8D6D-4ADE-8575-DE7EF4F75832}D:\games\atari\tdu2\testdrive2.exe] => (Allow) D:\games\atari\tdu2\testdrive2.exe FirewallRules: [UDP Query User{CF0E8650-0A47-488F-9155-1A52C81BC3C0}D:\games\atari\tdu2\testdrive2.exe] => (Allow) D:\games\atari\tdu2\testdrive2.exe FirewallRules: [TCP Query User{08DBBE88-C533-4984-8B5F-333F07AFCDC4}D:\games\atari\tdu2\testdrive2.exe] => (Allow) D:\games\atari\tdu2\testdrive2.exe FirewallRules: [UDP Query User{B8E4AAF0-9B41-43B6-A6FE-1D68C3B899D3}D:\games\atari\tdu2\testdrive2.exe] => (Allow) D:\games\atari\tdu2\testdrive2.exe FirewallRules: [{125616E7-4EE0-4C6A-9EB0-3A560453F40E}] => (Allow) D:\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{9F8925DB-00FC-4AE2-8FF9-6AC20BC53E62}] => (Allow) D:\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{B9FAE684-1925-4B76-A322-E7FB3CF5EF30}] => (Allow) D:\Games\WarThunder\launcher.exe FirewallRules: [{81B67E69-40E5-46AC-B0C1-C6EA5282D355}] => (Allow) D:\Games\WarThunder\launcher.exe FirewallRules: [{0A16D7FF-78A4-4242-89E6-8FFC9D597B80}] => (Allow) LPort=80 FirewallRules: [{643FC2D1-AAAF-4852-BC26-75DE18A0849F}] => (Allow) LPort=443 FirewallRules: [{7723663E-DF35-42C9-9666-C419DB053AE9}] => (Allow) LPort=20010 FirewallRules: [{31050476-4ABC-404D-B0AC-4D04945CE945}] => (Allow) LPort=3478 FirewallRules: [{E2C9D97B-A4F0-456A-9C7D-0784FA07B61C}] => (Allow) LPort=7850 FirewallRules: [{D6A0CBA9-100B-4B72-93D0-095EEC81EF2D}] => (Allow) LPort=7852 FirewallRules: [{E9A6551B-0A54-418E-8A1E-02C023DE2286}] => (Allow) LPort=7853 FirewallRules: [{EDAC2504-8B69-4465-9C49-2EEB3F03F2B8}] => (Allow) LPort=27022 FirewallRules: [{F5B2D487-497B-4224-9FE0-B98A5242ABB0}] => (Allow) LPort=6881 FirewallRules: [{99581551-90C1-4397-A8AC-6B9E52745FB7}] => (Allow) LPort=33333 FirewallRules: [{A792206E-48BE-4652-AF03-A142F3D24F3A}] => (Allow) LPort=20443 FirewallRules: [{F39A166D-9E6E-4D58-A861-908BD14D50B5}] => (Allow) LPort=8090 FirewallRules: [TCP Query User{879DB15C-0134-429E-AD5D-6F901B816F03}D:\games\warthunder\aces.exe] => (Allow) D:\games\warthunder\aces.exe FirewallRules: [UDP Query User{BB1A44D2-E9E1-4B57-95E1-BF52B77A0F99}D:\games\warthunder\aces.exe] => (Allow) D:\games\warthunder\aces.exe FirewallRules: [{31FCB05C-3C9C-4EB7-85E2-FDAC50634AF5}] => (Allow) D:\Program Files\Steam\Steam.exe FirewallRules: [{BEE49844-E4A2-4BD5-98F4-F4BD79610545}] => (Allow) D:\Program Files\Steam\Steam.exe FirewallRules: [{D6867CBA-4E22-4C83-97FC-8A8188EF18A1}] => (Allow) D:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{7629BEE1-4DB8-4BCE-8348-E6886D75C75B}] => (Allow) D:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{B1FE599A-55D1-4983-9F05-E1D64532293C}C:\program files\java\jre1.8.0_20\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\java.exe FirewallRules: [UDP Query User{B0D24F15-1949-4891-BC4B-B886F6CD41DE}C:\program files\java\jre1.8.0_20\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\java.exe FirewallRules: [TCP Query User{17D37927-CAC9-4AB7-AD8F-425ED43EFB4F}D:\games\saints row the third\saintsrowthethird_dx11.exe] => (Allow) D:\games\saints row the third\saintsrowthethird_dx11.exe FirewallRules: [UDP Query User{1B0744B7-8BF6-4556-A2DF-128270D58F0A}D:\games\saints row the third\saintsrowthethird_dx11.exe] => (Allow) D:\games\saints row the third\saintsrowthethird_dx11.exe FirewallRules: [TCP Query User{113BBB7B-89B3-49D5-81BF-2750DCD0202D}D:\games\saints row the third\saintsrowthethird_dx11.exe] => (Allow) D:\games\saints row the third\saintsrowthethird_dx11.exe FirewallRules: [UDP Query User{CF16B13F-E7A5-45A9-BBC6-419D0C10C071}D:\games\saints row the third\saintsrowthethird_dx11.exe] => (Allow) D:\games\saints row the third\saintsrowthethird_dx11.exe FirewallRules: [TCP Query User{D08E7EF9-DBB4-4AFE-8957-99886DF055B3}D:\games\counter-strike 1.6\hl.exe] => (Allow) D:\games\counter-strike 1.6\hl.exe FirewallRules: [UDP Query User{846B4868-3EF6-4D16-8677-C46F14F24E38}D:\games\counter-strike 1.6\hl.exe] => (Allow) D:\games\counter-strike 1.6\hl.exe FirewallRules: [{8A252757-DDFF-4DEC-9D51-05A0759016BC}] => (Allow) D:\Program Files\Steam\steamapps\common\SKILL\DFUBG.exe FirewallRules: [{837A524D-7B7E-4A1A-AC9D-00A6ADB7F93C}] => (Allow) D:\Program Files\Steam\steamapps\common\SKILL\DFUBG.exe FirewallRules: [TCP Query User{5D12DA68-F921-4738-B763-E406CD3256C7}D:\games\driver.san francisco.v 1.04.1114\driver.exe] => (Allow) D:\games\driver.san francisco.v 1.04.1114\driver.exe FirewallRules: [UDP Query User{6912C22A-CD55-44D2-878D-E2CDF54CD88E}D:\games\driver.san francisco.v 1.04.1114\driver.exe] => (Allow) D:\games\driver.san francisco.v 1.04.1114\driver.exe FirewallRules: [TCP Query User{389CE77D-97F6-48BE-9508-642F04DCD283}D:\games\counter-strike 1.6\hl.exe] => (Allow) D:\games\counter-strike 1.6\hl.exe FirewallRules: [UDP Query User{28C30DA3-95C1-4DF5-A20C-EA7406AEE434}D:\games\counter-strike 1.6\hl.exe] => (Allow) D:\games\counter-strike 1.6\hl.exe FirewallRules: [{F10B36F5-2DD2-49D3-98AD-2A7BED430798}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{99C1AA0C-7DE4-4035-9419-D05E3C95035A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{B2881945-08BC-43EA-B98F-B49EE786D164}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4E06E9C2-4844-49C9-8F2C-84F8B90D370D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{EB83CFF0-CE26-4B0F-AF55-9EFB8A4E99E1}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{855C4B0E-AA4D-4285-9C25-99FFD6B6619A}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{0F3837AB-E662-4FD5-9741-4148866232A3}D:\gamesmailru\armored warfare\bin32\armoredwarfare.exe] => (Allow) D:\gamesmailru\armored warfare\bin32\armoredwarfare.exe FirewallRules: [UDP Query User{83CE8E44-63E3-462E-B7CF-00A05C08056D}D:\gamesmailru\armored warfare\bin32\armoredwarfare.exe] => (Allow) D:\gamesmailru\armored warfare\bin32\armoredwarfare.exe FirewallRules: [{38E2AD30-49AE-4214-ACF2-94A8DBAC226F}] => (Allow) D:\WOT\WoTLauncher.exe FirewallRules: [{9291CE95-69D1-4D53-954E-C67E02A1CCC5}] => (Allow) D:\WOT\WoTLauncher.exe FirewallRules: [{0F971B07-BA25-41DF-A2CB-F228899D758D}] => (Allow) D:\WOT\worldoftanks.exe FirewallRules: [{F53CC454-A250-4379-9B4D-F161B28451E1}] => (Allow) D:\WOT\worldoftanks.exe FirewallRules: [{052EB3BF-832E-4224-8FDF-5B44B5FE8C7E}] => (Allow) D:\WOT\WorldOfTanks.exe FirewallRules: [{ABDA9347-CE19-4168-ADBF-908A98769E12}] => (Allow) D:\WOT\WorldOfTanks.exe FirewallRules: [{3528C42C-A513-4095-873D-2010F7D3028D}] => (Allow) D:\WOT\WoTLauncher.exe FirewallRules: [{36B9D923-7827-49A9-9F3B-1CD64121776A}] => (Allow) D:\WOT\WoTLauncher.exe FirewallRules: [{381B1DA1-A74E-4E7A-AE2A-8A4FAFA5D25E}] => (Allow) D:\Program Files\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe FirewallRules: [{C8970A40-0CF1-4896-B41D-B31262258BE6}] => (Allow) D:\Program Files\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe FirewallRules: [TCP Query User{1F7A93BC-569A-4079-8781-795474D4C40E}D:\games\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\games\pro evolution soccer 2016\pes2016.exe FirewallRules: [UDP Query User{43ED9B75-17AB-4432-98DE-703675C5E1B3}D:\games\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\games\pro evolution soccer 2016\pes2016.exe FirewallRules: [{5B045FEC-9191-48B0-81AD-DB738A9F8A41}] => (Allow) D:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe FirewallRules: [{6FD06E46-DA8C-4E3C-B89B-CBB85DA4D825}] => (Allow) D:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe FirewallRules: [TCP Query User{373AAB60-C765-42CF-8560-C54FBB88E13B}D:\games\f1 2011\f1_2011.exe] => (Allow) D:\games\f1 2011\f1_2011.exe FirewallRules: [UDP Query User{512BDC53-6E05-4237-B78A-EA0CA7D0272E}D:\games\f1 2011\f1_2011.exe] => (Allow) D:\games\f1 2011\f1_2011.exe FirewallRules: [TCP Query User{9EF5AA9E-CA00-4087-930B-42D03599EBE0}D:\games\assassin's creed 2\server.exe] => (Allow) D:\games\assassin's creed 2\server.exe FirewallRules: [UDP Query User{1BCA1328-C315-40E9-A763-0E576EFB211A}D:\games\assassin's creed 2\server.exe] => (Allow) D:\games\assassin's creed 2\server.exe FirewallRules: [{85A51D05-D8CD-48BF-82C9-CF38723B6BA3}] => (Allow) D:\Program Files\Steam\steamapps\common\City Car Driving\bin\win32\Starter.exe FirewallRules: [{1F281282-467A-402A-8EA9-E2DFA8E0427E}] => (Allow) D:\Program Files\Steam\steamapps\common\City Car Driving\bin\win32\Starter.exe FirewallRules: [{E84D56F0-B38D-4D7C-9A5E-079CB3776549}] => (Allow) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{625B60C8-4D98-4444-8795-7560F0534AA4}] => (Allow) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{1797EF71-9E99-42BC-9FEE-98AC9A070DCB}] => (Allow) D:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe FirewallRules: [{2DFBEB18-5CF1-4A91-8754-E0D416DAA177}] => (Allow) D:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe FirewallRules: [{63818441-2530-4346-A440-D795F1E580A5}] => (Allow) D:\Program Files\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{37F74B78-4BE9-48DB-9282-8556D6436988}] => (Allow) D:\Program Files\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{94D57492-059B-4843-B44F-1AEB31D9FDF8}] => (Allow) D:\Program Files\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{0063839D-7F37-40A5-B3B0-D974108A6B69}] => (Allow) D:\Program Files\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{B8B23840-374C-4573-B6BB-BABF70DF0E9D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [TCP Query User{68C9FFC6-5120-456D-B8DB-1D9DB0C072DF}D:\games\assassin's creed 3.deluxe edition.v 1.05 + 5 dlc\ac3sp.exe] => (Block) D:\games\assassin's creed 3.deluxe edition.v 1.05 + 5 dlc\ac3sp.exe FirewallRules: [UDP Query User{358831A8-0545-4C21-B093-348C83D0A69C}D:\games\assassin's creed 3.deluxe edition.v 1.05 + 5 dlc\ac3sp.exe] => (Block) D:\games\assassin's creed 3.deluxe edition.v 1.05 + 5 dlc\ac3sp.exe FirewallRules: [TCP Query User{34FE5306-4558-4AF3-877F-8765FE0D8DC2}C:\users\welkom\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Allow) C:\users\welkom\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe FirewallRules: [UDP Query User{1D6BF8F1-BAE8-4117-A1D3-E91BF3457B54}C:\users\welkom\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Allow) C:\users\welkom\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe FirewallRules: [TCP Query User{AD8C574A-F067-47DC-ADF7-1DF326027967}D:\games\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\games\pro evolution soccer 2016\pes2016.exe FirewallRules: [UDP Query User{A8D7CF4F-667C-43C4-8EF8-8CDE700B1102}D:\games\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\games\pro evolution soccer 2016\pes2016.exe FirewallRules: [TCP Query User{70655091-C964-43A7-9713-68034B8811D9}D:\games\driver.san francisco.v 1.04.1114\driver.exe] => (Allow) D:\games\driver.san francisco.v 1.04.1114\driver.exe FirewallRules: [UDP Query User{8699DFA0-0707-493B-992E-9574EC606D5C}D:\games\driver.san francisco.v 1.04.1114\driver.exe] => (Allow) D:\games\driver.san francisco.v 1.04.1114\driver.exe FirewallRules: [{6EC0BF7F-99A7-4B65-8819-7071A9D1F2B5}] => (Allow) D:\Program Files\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe FirewallRules: [{DCB7ADFC-CA96-44C5-ADA6-C15C2484DEDD}] => (Allow) D:\Program Files\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe FirewallRules: [{69167FE2-39AA-4EA6-AD7F-AECCF1FE6D8E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{0B4CBB71-DACB-4AF1-A430-3481E1BAD929}] => (Allow) D:\Program Files\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{5CF6CE56-6252-49AF-9C37-0EFB1055B530}] => (Allow) D:\Program Files\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe ==================== Restore Points ========================= 08-07-2017 17:58:58 Центр обновления Windows 12-07-2017 18:18:05 Центр обновления Windows 15-07-2017 18:52:21 Центр обновления Windows 19-07-2017 13:05:23 Центр обновления Windows 23-07-2017 09:53:04 Центр обновления Windows 23-07-2017 20:16:07 Установлен DirectX 26-07-2017 22:37:00 Центр обновления Windows 31-07-2017 10:15:18 Центр обновления Windows 31-07-2017 16:03:19 Installed Microsoft Fix it 50123 02-08-2017 20:19:21 Installed Microsoft Fix it 50123 02-08-2017 20:41:53 Installed Microsoft Fix it 50123 02-08-2017 21:42:44 Installed Microsoft Fix it 50123 07-08-2017 18:44:16 Installed Microsoft Fix it 50123 ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Туннельный адаптер Microsoft Teredo Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/07/2017 06:56:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/07/2017 06:42:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/06/2017 10:16:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/06/2017 08:50:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/02/2017 08:18:44 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/02/2017 08:00:44 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/31/2017 03:53:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/31/2017 03:13:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/31/2017 01:00:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/31/2017 12:27:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (08/07/2017 06:55:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: При попытке обновления сигнатур программа Microsoft Antimalware обнаружила ошибку. Новая версия сигнатур: Предыдущая версия сигнатур: 117.2.0.0 Источник обновления: Центр Майкрософт по защите от вредоносных программ Этап обновления: Найти Путь к источнику: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x86&eng=2.1.13804.0&sig=117.2.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Тип сигнатур: Система проверки сети Тип обновления: Полное Пользователь: NT AUTHORITY\NETWORK SERVICE Текущая версия ядра: Предыдущая версия ядра: 2.1.13804.0 Код ошибки: 0x80072ee7 Описание ошибки: Не удается разрешить имя или адрес сервера Error: (08/07/2017 06:55:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: При попытке обновления сигнатур программа Microsoft Antimalware обнаружила ошибку. Новая версия сигнатур: Предыдущая версия сигнатур: 1.249.450.0 Источник обновления: Центр Майкрософт по защите от вредоносных программ Этап обновления: Найти Путь к источнику: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.14003.0&avdelta=1.249.450.0&asdelta=1.249.450.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Тип сигнатур: AntiSpyware Тип обновления: Полное Пользователь: NT AUTHORITY\NETWORK SERVICE Текущая версия ядра: Предыдущая версия ядра: 1.1.14003.0 Код ошибки: 0x80072ee7 Описание ошибки: Не удается разрешить имя или адрес сервера Error: (08/07/2017 06:55:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: При попытке обновления сигнатур программа Microsoft Antimalware обнаружила ошибку. Новая версия сигнатур: Предыдущая версия сигнатур: 1.249.450.0 Источник обновления: Центр Майкрософт по защите от вредоносных программ Этап обновления: Найти Путь к источнику: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.14003.0&avdelta=1.249.450.0&asdelta=1.249.450.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Тип сигнатур: AntiVirus Тип обновления: Полное Пользователь: NT AUTHORITY\NETWORK SERVICE Текущая версия ядра: Предыдущая версия ядра: 1.1.14003.0 Код ошибки: 0x80072ee7 Описание ошибки: Не удается разрешить имя или адрес сервера Error: (08/07/2017 06:55:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: При попытке обновления сигнатур программа Microsoft Antimalware обнаружила ошибку. Новая версия сигнатур: Предыдущая версия сигнатур: 1.249.450.0 Источник обновления: Сервер Центра обновления Майкрософт Этап обновления: Найти Путь к источнику: http://www.microsoft.com Тип сигнатур: AntiVirus Тип обновления: Полное Пользователь: NT AUTHORITY\система Текущая версия ядра: Предыдущая версия ядра: 1.1.14003.0 Код ошибки: 0x8024402c Описание ошибки: Произошла неожиданная ошибка при проверке наличия обновлений. Дополнительные сведения об установке и диагностике обновлений можно найти в центре справки и поддержки. Error: (08/07/2017 06:55:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Сбой при запуске службы "Origin Web Helper Service" из-за ошибки Служба не ответила на запрос своевременно. Error: (08/07/2017 06:55:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Превышение времени ожидания (30000 мс) при ожидании подключения службы "Origin Web Helper Service". Error: (08/07/2017 06:53:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Служба "Adobe Genuine Software Integrity Service" неожиданно прервана. Это произошло (раз): 1. Error: (08/07/2017 06:53:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба NVIDIA Telemetry Container была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 1000 мсек: Перезапуск службы. Error: (08/07/2017 06:53:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба NVIDIA LocalSystem Container была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 6000 мсек: Перезапуск службы. Error: (08/07/2017 06:53:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Установщик Windows была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 120000 мсек: Перезапуск службы. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz Percentage of memory in use: 44% Total physical RAM: 2039.11 MB Available physical RAM: 1127.27 MB Total Virtual: 4078.22 MB Available Virtual: 3040.67 MB ==================== Drives ================================ Drive c: (Sys) (Fixed) (Total:199.87 GB) (Free:94.58 GB) NTFS Drive d: (Doc) (Fixed) (Total:265.79 GB) (Free:15.96 GB) NTFS Drive f: () (Removable) (Total:7.48 GB) (Free:3.05 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 53EC098B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=199.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=265.8 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 7.5 GB) (Disk ID: D4B47812) Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B) ==================== End of Addition.txt ============================