Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01 Ran by иар (03-12-2018 18:10:03) Running from C:\Users\иар\Desktop Windows 7 Home Basic Service Pack 1 (X64) (2012-10-31 17:07:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= UpdatusUser (S-1-5-21-4020304659-3910671362-1857818088-1000 - Limited - Enabled) => C:\Users\UpdatusUser Администратор (S-1-5-21-4020304659-3910671362-1857818088-500 - Administrator - Disabled) Гость (S-1-5-21-4020304659-3910671362-1857818088-501 - Limited - Disabled) иар (S-1-5-21-4020304659-3910671362-1857818088-1001 - Administrator - Enabled) => C:\Users\иар ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Файервол (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "ГАРАНТ аэро" (Рабочая) Текущий Пользователь (HKU\S-1-5-21-4020304659-3910671362-1857818088-1001\...\GARANT-Student) (Version: - ООО НПП "ГАРАНТ-СЕРВИС-УНИВЕРСИТЕТ") µTorrent (HKU\S-1-5-21-4020304659-3910671362-1857818088-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.) ABBYY FineReader 9.0 Professional Edition (HKLM-x32\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.724.5507 - ABBYY) Acapela multimedia Russian (255 channels) (HKLM-x32\...\{0ACD6BC8-0568-4286-86A2-D337F371D42B}) (Version: 5.1. - Acapela) Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation) Acer Crystal Eye Webcam (HKLM-x32\...\{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.) Hidden Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.) Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer Instant Update Service (HKLM\...\{682EC6E8-A300-45FD-8F09-0F3A6EA334D6}) (Version: 1.00.3004 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated) Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_0_0) (Version: 14.0.0 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated) Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.153 - Adobe Systems Incorporated) Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated) Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated) Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated) Adobe Reader XI - Russian (HKLM-x32\...\{AC76BA86-7AD7-1049-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-7d5df66c-f235-424d-b921-7d6129bfefcb) (Version: 2.2.0.98 - WildTangent) Hidden AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1492, 24.04.2015 - AIMP DevTeam) Alpha Ball 2 (HKLM-x32\...\Alpha Ball 21.0) (Version: 1.0 - ParmaPcDoc) AntiPlagiarism.NET (HKLM-x32\...\{CE1D6E53-0E6C-4819-978D-D9905F58079F}_is1) (Version: 4.70 - ООО "Инет-Трейд") Any Video Converter Professional (HKLM-x32\...\{5A0025BA-1867-49A8-8EEB-DE08666F0D20}) (Version: 5.6.4.0 - AnvSoft) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.) AusLogics BoostSpeed 8.0.2.0 (HKLM-x32\...\AusLogics BoostSpeed_is1) (Version: 8.0.2.0 - l-rePack®) Auslogics Disk Defrag Professional (HKLM-x32\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.7.0.0 - Auslogics Software Pty Ltd) AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - ) Backup Manager V3 (HKLM-x32\...\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation) Hidden Bejeweled 3 (HKLM-x32\...\WTA-33e0210c-5b23-41e1-a071-99910930abec) (Version: 2.2.0.98 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation) Bitrate Viewer 2.3 (HKLM-x32\...\Bitrate Viewer) (Version: 2.3 - EDV & Astro Service) BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.50.56.2506 - BlueStack Systems, Inc.) Chuzzle Deluxe (HKLM-x32\...\WTA-94fb87d2-9576-4fb6-b2a6-762aadbe33c0) (Version: 2.2.0.95 - WildTangent) Hidden clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.00.3004 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3004 - Acer Incorporated) clear.fi SDK - MVP 2 (HKLM-x32\...\{A3AD65CC-B2CE-49da-AE4E-CC2ECF4EC0F8}) (Version: 2.0.1505 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (HKLM-x32\...\{DAF7BB88-6392-40aa-A714-8392C4BDBD2C}) (Version: 2.0.1502 - CyberLink Corp.) Hidden Clive Barker's Undying Eternal Audamn (HKLM-x32\...\Clive Barker's Undying EA_is1) (Version: 1.0.0.0 - Cheshire28) CoreAVC Professional Edition (remove only) (HKLM-x32\...\CoreAVC Professional Edition) (Version: - ) Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - ) CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd) Discord (HKU\S-1-5-21-4020304659-3910671362-1857818088-1001\...\Discord) (Version: 0.0.298 - Discord Inc.) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc) Download Master version 6.16.1.1595 (HKLM-x32\...\Download Master_is1) (Version: 6.16.1.1595 - WestByte) Dragon UnPACKer 5 (HKLM-x32\...\DragonUnPACKer5_is1) (Version: 5.7.0 Beta - Alexandre Devilliers (aka Elbereth)) DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - ) eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM) ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.) ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.) Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.) FATE (HKLM-x32\...\WTA-01be12a4-9f6f-44fc-bbb4-413470908dd1) (Version: 2.2.0.97 - WildTangent) Hidden FictionBook Editor Release v2.6.6 (build 06 Apr) (HKLM-x32\...\FictionBook Editor) (Version: Release v2.6.6 (build 06 Apr) - FBE Team) Final Drive: Nitro (HKLM-x32\...\WTA-bb9391ee-5598-4143-9537-0cfcdc6993ec) (Version: 2.2.0.95 - WildTangent) Hidden Fooz Kids (HKLM-x32\...\{FCDB0EF3-673C-FDCE-6498-750F51391660}) (Version: 3.1.2 - FUHU, Inc.) Hidden FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time) Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group) Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden GreyLink DC++ 5.96 (x64) (HKLM-x32\...\GreyLink DC++ 5.96 (x64)) (Version: - ) HandySaw DS 4.6 (HKLM-x32\...\HandySaw DS) (Version: 4.6 - Davis Software) HandySaw DS. Русский языковой пакет 4.6 (HKLM-x32\...\HandySaw DS. Русский языковой пакет) (Version: 4.6 - Davis Software) Hard Truck: 18 стальных колес (HKLM-x32\...\{9D0A0509-BC63-4D81-88E4-8E86D6FF8116}) (Version: - ) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Insaniquarium Deluxe (HKLM-x32\...\WTA-788fd2b2-c709-4321-bb9c-865f0a7de5b3) (Version: 2.2.0.97 - WildTangent) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Jewel Match 3 (HKLM-x32\...\WTA-0e6c464f-a4ba-4cb3-b527-1a9905548d77) (Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-c2c84a32-5aa2-4593-86a0-b5f72fcdfdbe) (Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (HKLM-x32\...\WTA-0ed11278-40b6-4315-8d03-a2517afd976d) (Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 12.0.1 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.0.1 - KLCP) Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Acer Inc.) Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software) Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (Русский) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.7.03062 - Корпорация Майкрософт) Microsoft Office 365 ProPlus - ru-ru (HKLM\...\O365ProPlusRetail - ru-ru) (Version: 16.0.11029.20079 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4020304659-3910671362-1857818088-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MKVToolNix 7.7.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.7.0 - Moritz Bunkus) Mozilla Firefox 49.0.1 (x86 ru) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 ru)) (Version: 49.0.1 - Mozilla) Mozilla Firefox 61.0.1 (x64 ru) (HKLM\...\Mozilla Firefox 61.0.1 (x64 ru)) (Version: 61.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) msxml4 (HKLM-x32\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name) MyWinLocker (HKLM\...\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}) (Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker 4 (HKLM-x32\...\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}) (Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.) Nero 2019 Full Repack (HKLM\...\NMMS20) (Version: - ) newsXpresso (HKLM-x32\...\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) Hidden newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NTI Media Maker 9 (HKLM-x32\...\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation) Hidden NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation) NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA Графический драйвер 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0419-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden OlimpCourse (HKLM-x32\...\{471EA650-E2AC-49EE-9179-A0FE45C23CCE}) (Version: 0.0.0000 - Termika) Opera Stable 56.0.3051.116 (HKLM-x32\...\Opera 56.0.3051.116) (Version: 56.0.3051.116 - Opera Software) Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation) Panasonic Easy Print Utility (HKLM-x32\...\{47D884A9-7354-4034-A663-81544A68B386}) (Version: 1.00.0000 - Panasonic System Networks Co., Ltd.) Panasonic V1.14.00RU Статус устройства (HKLM-x32\...\{5061C9FB-BA2D-4498-92B6-5459A0E2F6E3}) (Version: 1.00 - Panasonic System Networks Co., Ltd.) Penguins! (HKLM-x32\...\WTA-a4b887d7-d1f9-4216-9295-4dee1acbe6d0) (Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-dc99b99e-16c8-4e2d-961a-752294a95c71) (Version: 2.2.0.98 - WildTangent) Hidden Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polar Bowler (HKLM-x32\...\WTA-1af2b8ec-d715-4ff2-a8ab-47e21ecb3d8f) (Version: 2.2.0.97 - WildTangent) Hidden Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Qualcomm Atheros Direct Connect (HKLM-x32\...\{21DD6041-7251-40FA-9D06-C5EB30268E0F}) (Version: 3.1 - Qualcomm Atheros) Hidden Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros) Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.) ScenalyzerLive (remove) (HKLM-x32\...\ScenalyzerLive) (Version: - ) ScummVM (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team) Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Sierra Wireless QMI Driver Package (HKLM-x32\...\SWIQMIDrvInstaller) (Version: 1.0.34.0 - Sierra Wireless Inc.) Skype, версия 8.32 (HKLM-x32\...\Skype_is1) (Version: 8.32 - Skype Technologies S.A.) Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) Slingo Deluxe (HKLM-x32\...\WTA-13fbdbc5-f6c2-4639-8d16-a140392fa581) (Version: 2.2.0.95 - WildTangent) Hidden SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.22.9634 - SoftEther VPN Project) Sonic Foundry Soft Encode 1.0 - Dolby Digital 5.1 (HKLM-x32\...\SFTENCDD) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Telegram Desktop version 1.4 (HKU\S-1-5-21-4020304659-3910671362-1857818088-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.4 - Telegram Messenger LLP) TestStudio (HKLM-x32\...\TestStudio) (Version: - ) The Elder Scrolls 5.Skyrim.Legendary Edition.v 1.9.32.0.8 + 4 DLC (HKLM-x32\...\The Elder Scrolls 5.Skyrim.Legendary Edition.v 1~9BB15F4B_is1) (Version: The Elder Scrolls 5.Skyrim.Legendary Edition.v 1.9.32.0.8 + 4 DLC - Repack by Fenixx (11.07.2013)) TNod User & Password Finder (HKLM\...\TNod) (Version: 1.6.4.0 - Tukero[X]Team) Torchlight (HKLM-x32\...\WTA-d842327a-07c2-48af-8e4e-21bb2fb7c627) (Version: 2.2.0.98 - WildTangent) Hidden UltraISO Premium v9.6.5.3237 (HKLM-x32\...\UltraISO_is1) (Version: 9.6.5.3237 - EZB Systems, Inc.) UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.7.3.0 - ) <==== ATTENTION Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) Vegas Pro 13.0 (64-bit) (HKLM\...\{3814DB30-091D-11E4-BDE0-F04DA23A5C58}) (Version: 13.0.373 - Sony) Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-8210a36d-e3e9-4378-acbc-bd4f76e2dcf6) (Version: 2.2.0.97 - WildTangent) Hidden Vit Registry Fix 9.5.9 (remove only) (HKLM\...\Vit Registry Fix) (Version: - VITSOFT) VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN) Wedding Dash (HKLM-x32\...\WTA-737b8c3f-d939-49bc-aa06-537a45113f65) (Version: 2.2.0.95 - WildTangent) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated) WhatsApp (HKU\S-1-5-21-4020304659-3910671362-1857818088-1001\...\WhatsApp) (Version: 0.3.1409 - WhatsApp) Wi-Fi Modem Yota 4G LTE (HKLM-x32\...\Wi-Fi Modem Yota 4G LTE) (Version: 1.0.0.0 - YOTA) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.1.1.47 - WildTangent) Hidden WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 4.5.0.160 - WildTangent) Hidden Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies) WinRAR 4.00 (32-разрядная) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) XFont Manager (HKU\S-1-5-21-4020304659-3910671362-1857818088-1001\...\XFontManager) (Version: - ) XviD MPEG4 Video Codec (remove only) (HKLM-x32\...\XviD MPEG4 Video Codec) (Version: - ) XviD4PSP 5.10.346.0 (HKLM-x32\...\XviD4PSP5_is1) (Version: - Winnydows & fcp team) Zuma Deluxe (HKLM-x32\...\WTA-5387ed3c-6746-4863-82cc-21d1452ea6f2) (Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Аура (HKLM-x32\...\Aura) (Version: - Александр Глазков) Древо Жизни 4 (HKLM-x32\...\Древо Жизни 4) (Version: 4.7 - Genery Software) Жукодром (HKLM-x32\...\ITE_Autorun_2001PCG) (Version: - ) Космическая федерация II. Звёзды страха (HKLM-x32\...\Космическая федерация II. Звёзды страха) (Version: - ) Кузя - Новый Год (HKLM-x32\...\Кузя - Новый Год) (Version: - ) Кузя Суперагент (HKLM-x32\...\ITE_Autorun_2008PCG) (Version: - ) Монитор технологии Intel(R) Turbo Boost 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel) Обновления NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Панель управления NVIDIA 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 327.02 - NVIDIA Corporation) Hidden Поддержка программ Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Программное обеспечение Panasonic Multi-Function Station (HKLM-x32\...\{53DE4FAD-F853-44F3-AC39-AD2940E5DD53}) (Version: 1.00 - Panasonic System Networks Co., Ltd.) Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Часы ТВС /unofficial/ (HKLM-x32\...\TVSClock3plus_is1) (Version: 3.0 - Erwin) Языковой пакет Microsoft Visual Studio 2010 Tools для среды выполнения Office (x64) - RUS (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - RUS) (Version: 10.0.50903 - Microsoft Corporation) Яндекс.Диск (HKU\S-1-5-21-4020304659-3910671362-1857818088-1001\...\YandexDisk) (Version: 1.4.21.5510 - Яндекс) גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{19170A69-A883-40D5-AF97-F6DC41495F15}\InprocServer32 -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{2D6BD2F0-5F84-4a06-924F-AEE0598B6272}\InprocServer32 -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{33A431BB-FF15-4047-8FEC-F82FD3523A00}\localserver32 -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe (Яндекс) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{63D48440-63AB-44D0-B323-4731DFCDE9E9}\InprocServer32 -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0}\InprocServer32 -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{8932AEFE-9DB6-4f43-AFB2-5682F55E773A}\InprocServer32 -> C:\Program Files (x86)\Microsoft Virtual PC\VPCShExH.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{940E26B7-4644-BEF5-0EA7-85A3F0E2A8DD}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{97836AB9-12C5-4C30-A128-B75196DD1787}\InprocServer32 -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{AF8D197E-7022-4c3d-BD88-68AD35C9C169}\InprocServer32 -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{E36606FE-036A-4dd0-ABA9-A58F409803F0}\InprocServer32 -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Яндекс) CustomCLSID: HKU\S-1-5-21-4020304659-3910671362-1857818088-1001_Classes\CLSID\{FB2FE984-05F5-4512-9D9B-69D3DE61F6D9}\InprocServer32 -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Яндекс) ShellIconOverlayIdentifiers: [ YndCase0Sync] -> {63D48440-63AB-44D0-B323-4731DFCDE9E9} => C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2018-08-29] (Яндекс) ShellIconOverlayIdentifiers: [ YndCase1Modified] -> {7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0} => C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2018-08-29] (Яндекс) ShellIconOverlayIdentifiers: [ YndCase2Error] -> {FB2FE984-05F5-4512-9D9B-69D3DE61F6D9} => C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2018-08-29] (Яндекс) ShellIconOverlayIdentifiers: [ YndCase3Shared] -> {AF8D197E-7022-4c3d-BD88-68AD35C9C169} => C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2018-08-29] (Яндекс) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2015-05-13] (AIMP DevTeam) ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-03-08] (Atheros Commnucations) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-11-19] (ESET) ContextMenuHandlers1-x32: [FineReader9ContextMenu] -> {59A3380E-5305-4cea-BD99-4F2FF510C91F} => C:\Program Files (x86)\ABBYY FineReader 9.0\FRIntegration.dll [2007-12-07] (ABBYY Software Ltd) ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] () ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-07] (Alcohol Soft Development Team) ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-07] (Alcohol Soft Development Team) ContextMenuHandlers2-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-11-19] (ESET) ContextMenuHandlers2-x32: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\IsoShl64.dll [2015-07-23] (EZB Systems, Inc.) ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-03-08] (Atheros Commnucations) ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2011-06-22] (Egis Technology Inc. ) ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-30] (Egis Technology Inc.) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] () ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2015-05-13] (AIMP DevTeam) ContextMenuHandlers4-x32: [FictionBook] -> {FDABCF3B-57BE-4110-94B5-4EF8EE3C6A62} => C:\Program Files (x86)\FictionBook Editor\FBShell.dll [2012-04-06] () ContextMenuHandlers4-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers4-x32: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\IsoShl64.dll [2015-07-23] (EZB Systems, Inc.) ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] () ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers5-x32: [FictionBook] -> {FDABCF3B-57BE-4110-94B5-4EF8EE3C6A62} => C:\Program Files (x86)\FictionBook Editor\FBShell.dll [2012-04-06] () ContextMenuHandlers5-x32: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-14] (Intel Corporation) ContextMenuHandlers5-x32: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-08-30] (NVIDIA Corporation) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-11-19] (ESET) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\IsoShl64.dll [2015-07-23] (EZB Systems, Inc.) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] () ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-03-02] () ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers1_S-1-5-21-4020304659-3910671362-1857818088-1001: [Yandex.Disk] -> {97836AB9-12C5-4C30-A128-B75196DD1787} => C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll [2018-08-29] (Яндекс) ContextMenuHandlers4_S-1-5-21-4020304659-3910671362-1857818088-1001: [Yandex.Disk] -> {97836AB9-12C5-4C30-A128-B75196DD1787} => C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll [2018-08-29] (Яндекс) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0A7B53F1-A099-45B8-94E3-2A13387DB8A5} - System32\Tasks\{08DE10C4-6B56-4844-BC01-7569A370E2DA} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{CDB4B708-B3A5-42E5-AA46-68678D1313FF}\setup.exe" -c -runfromtemp -l0x0409 Task: {13E934C1-3D75-451C-86AC-C071A897BB5C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-12-02] (Microsoft Corporation) Task: {2601A980-F9D9-4829-8851-7C0BBD3FB9C1} - System32\Tasks\{7839D120-FAE5-419B-828D-11D35709FBE4} => C:\Windows\system32\pcalua.exe -a "E:\Проги\Pinnacle 14\HFX\hfxVolume1Full.exe" -d "E:\Проги\Pinnacle 14\HFX" Task: {267D5849-F055-4894-941E-245086793920} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-20] (Adobe Systems Incorporated) Task: {2BFA2C3A-5ECB-44CB-9B6A-90D9E61C3C2F} - System32\Tasks\{4C8A4A44-4472-4627-BF64-9C08DDE41222} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.1.66.129/ru/abandoninstall?page=tsProgressBar Task: {2D17940F-68C3-4498-AD7F-61CAA3BCA817} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab878773cda1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-07] (Google Inc.) Task: {3718F5DA-5F77-4F46-A2F2-AE1EBF143065} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan Task: {46EED3D0-D738-420F-8CB1-E034C149DECF} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2016-06-08] (Acer Incorporated) Task: {52688558-6662-4392-9CAD-5B0FB5B26A30} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20] (Adobe Systems Incorporated) Task: {5B2FC790-38D2-40B1-912F-43184912CC21} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-02] (Microsoft Corporation) Task: {5D2507C0-B209-47B6-AD0A-2A70F2841A49} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ab878723b0a5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-07] (Google Inc.) Task: {5D462537-F82C-4582-94BB-1393EC724237} - System32\Tasks\Auslogics\Disk Defrag Prof\Task {00000001-F84B-431C-849A-A84CDE43F32B} for иар => C:\Program Files (x86)\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2015-09-08] (Auslogics) Task: {5D599F6A-964C-48A4-9E89-9DB3D82B0F6A} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e97c41731274 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-07] (Google Inc.) Task: {651D45F7-6AA0-4E1E-95C8-F82FD0DAC255} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-12-02] (Microsoft Corporation) Task: {6D4EC61A-CA87-448D-9ABF-5D2EFF94A511} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink) Task: {75242164-30B9-4222-92F5-B7E5470E0D6E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-12-02] (Microsoft Corporation) Task: {7EC11509-DF78-4F05-83CC-CB65DFA563FF} - System32\Tasks\Launch ASUS Sync Loader => C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe Task: {7FBE62E8-7A5F-4ADA-964B-BD20E6B5A3A6} - System32\Tasks\Opera scheduled Autoupdate 1511833799 => C:\Program Files\Opera\launcher.exe [2018-11-26] (Opera Software) Task: {97BA5757-5607-4F82-ACB8-1473E83AA60A} - System32\Tasks\AdobeGCInvoker-1.0-иар-ПК-иар => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated) Task: {A6624BC6-57CB-42FC-8382-44DB45CE9E0E} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e97c3c77d278 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-07] (Google Inc.) Task: {A90585BD-A341-45A9-A17B-88F9B5538326} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-07] (Google Inc.) Task: {B1D7E0D3-E5B9-4146-959C-3D7146B8A328} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-07] (Google Inc.) Task: {B57584DA-56C2-4DFC-9370-5F58DC3D74DC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-12-02] (Microsoft Corporation) Task: {BA7ABC4C-A69A-46CA-AAA5-7DDD4E99EA7D} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {BBAB3F8F-ABA7-42A9-BBCD-687B18834D4B} - \hajprrm -> No File <==== ATTENTION Task: {BF57046D-4848-44D9-BB21-280F99679F51} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-12-02] (Microsoft Corporation) Task: {C527AF4B-4F83-4137-8F89-89C3988D625E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe [2018-11-20] (Adobe Systems Incorporated) Task: {C69F05E8-5ACB-4156-AA66-F5D64835DC16} - \Программа онлайн-обновления Adobe. -> No File <==== ATTENTION Task: {C9B516EE-787B-49F1-BACA-90978026EA51} - System32\Tasks\{446D14CB-1639-4BFE-BBE2-96616A3FB6C8} => C:\Windows\system32\pcalua.exe -a "E:\Проги\Pinnacle 14\HFX\hfxVolume2Full.exe" -d "E:\Проги\Pinnacle 14\HFX" Task: {CE1FFAB5-24C1-44D4-B5C4-DA5445B57A19} - System32\Tasks\{9A6053A6-E5D3-4451-9845-7C1D7CE183A8} => C:\Windows\system32\pcalua.exe -a "F:\С компа\Downloads\Программы\setup_basic_2436.exe" -d "F:\С компа\Downloads\Программы" Task: {CF8C3406-B483-472A-8B20-C1E049F819D2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-02] (Microsoft Corporation) Task: {D1CA6676-1A7D-46B3-A44A-3AAB201D65DD} - System32\Tasks\Auslogics\Disk Defrag Prof\Task {00000001-8E97-4B56-BFE8-7E59FEA8F6A4} for иар => C:\Program Files (x86)\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2015-09-08] (Auslogics) Task: {D763DC11-904D-461D-9180-A35523D7C956} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-15] (Microsoft Corporation) Task: {E61DB832-C486-4520-B90D-E8C36CDC0247} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-15] (Microsoft Corporation) Task: {EE7F5F95-8667-4FBA-AEDC-308F33E3E95B} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab878723b0a5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1ab878773cda1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\иар\Links\Загрузки.lnk -> C:\Users\иар\Downloads () <==== Cyrillic Shortcut: C:\Users\иар\Links\Яндекс.Диск.lnk -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe (Яндекс) <==== Cyrillic Shortcut: C:\Users\иар\Desktop\Проги\Аура.lnk -> C:\Program Files (x86)\Aura\aura.exe (A's Freeware) <==== Cyrillic Shortcut: C:\Users\иар\Desktop\Проги\Браузер Opera.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) <==== Cyrillic Shortcut: C:\Users\иар\Desktop\Проги\Древо Жизни 4.lnk -> C:\Program Files (x86)\Genery Software\Drevo 4\drevo4.exe (Genery Software) <==== Cyrillic Shortcut: C:\Users\иар\Desktop\Проги\Программное обеспечение Multi-Function Station.lnk -> C:\Program Files (x86)\Panasonic\MFStation\PcMFStation.exe (Panasonic System Networks Co., Ltd. ) <==== Cyrillic Shortcut: C:\Users\иар\Desktop\Проги\Сканированные файлы Panasonic.lnk -> C:\Program Files (x86)\Panasonic\MFStation\OpenScanf.exe (Panasonic System Networks Co., Ltd. ) <==== Cyrillic Shortcut: C:\Users\иар\Desktop\Проги\Скриншоты в Яндекс.Диске.lnk -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskScreenshotEditor.exe (Яндекс) <==== Cyrillic Shortcut: C:\Users\иар\Desktop\игры\The Elder Scrolls 5.Skyrim.(Лаунчер).lnk -> C:\Program Files (x86)\The Elder Scrolls 5.Skyrim.Legendary Edition.v 1.9.32.0.8 + 4 DLC\SkyrimLauncher.exe (Bethesda Softworks) <==== Cyrillic Shortcut: C:\Users\иар\Desktop\игры\Космическая федерация II. Звёзды страха.lnk -> C:\Program Files (x86)\Snowball.ru\Космическая федерация II. Звёзды страха\Twilight\GC2TwilightOfTheArnor.exe (Stardock Entertainment) <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Еxрlоrer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс.Диск\Скриншоты в Яндекс.Диске.lnk -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskScreenshotEditor.exe (Яндекс) <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Игры TopDownoads\Игры TopDownloads.lnk -> C:\Program Files (x86)\GamesTopDownloads\url1.url () <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XFontManager\Удалить (Uninstall).lnk -> C:\Users\иар\AppData\Local\XFontManager\Удаление (Uninstall).exe () <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Руководство по консольной версии RAR.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt () <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Справка WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm () <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Деинсталлировать Telegram.lnk -> C:\Users\иар\AppData\Roaming\Telegram Desktop\unins000.exe () <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Virtual PC\Virtual Machines\Винда 98.lnk -> C:\Users\иар\Documents\My Virtual Machines\Винда 98\Винда 98.vmc () <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Virtual PC\Virtual Machines\Новая виртуальная машина.lnk -> C:\Users\иар\Documents\My Virtual Machines\Новая виртуальная машина\Новая виртуальная машина.vmc () <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Браузер Opera.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Браузер Opera.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) <==== Cyrillic Shortcut: C:\Users\иар\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Intеrnеt Ехрlorеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Браузер Opera.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) <==== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Оpеra.lnk -> C:\Program Files (x86)\Opera\launcher.exe (No File) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Hard Truck 18 стальных колес.lnk -> C:\Program Files (x86)\Buka\Hard Truck 18 Wheel of Steel\Hard Truck 18 Wheels of Steel.exe () <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Обновить лицензию NOD32.lnk -> C:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) <==== Cyrillic ShortcutWithArgument: C:\Users\иар\Desktop\Защита банковской оплаты.lnk -> C:\Program Files\ESET\ESET Smart Security\ecmd.exe (ESET) -> /startprotectedbrowser <==== Cyrillic ShortcutWithArgument: C:\Users\иар\Desktop\Яндекс.Диск.lnk -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskStarter.exe (Яндекс) -> -desktop <==== Cyrillic ShortcutWithArgument: C:\Users\иар\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс.Диск\Яндекс.Диск.lnk -> C:\Users\иар\AppData\Roaming\Yandex\YandexDisk\YandexDiskStarter.exe (Яндекс) -> -desktop <==== Cyrillic ShortcutWithArgument: C:\Users\иар\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Eхplоrer (Nо Аdd-оns).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff <==== Cyrillic ShortcutWithArgument: C:\Users\иар\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Eurosport Player.lnk -> C:\Program Files\Preload\Eurosport\StartURL.exe () -> hxxp://eurosportplayer.com/pc/std.shtml ShortcutWithArgument: C:\Users\иар\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Public\Desktop\ESET Защита банковской оплаты.lnk -> C:\Program Files\ESET\ESET Smart Security\ecmd.exe (ESET) -> /startprotectedbrowser <==== Cyrillic ==================== Loaded Modules (Whitelisted) ============== 2012-08-28 06:25 - 2013-08-30 03:43 - 000097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-09-05 01:36 - 2013-09-05 01:36 - 000013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2017-01-14 00:10 - 2017-01-14 00:10 - 000052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2012-04-20 22:00 - 2012-02-14 06:53 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2018-11-28 17:41 - 2018-11-16 10:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll 2018-11-28 17:41 - 2018-11-16 10:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll 2012-04-07 08:29 - 2012-04-07 08:29 - 000040552 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe 2012-04-07 08:29 - 2012-04-07 08:29 - 000022120 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe 2012-01-06 02:22 - 2012-01-06 02:22 - 000465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2012-01-06 02:22 - 2012-01-06 02:22 - 001081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2012-01-06 02:22 - 2012-01-06 02:22 - 000125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2018-11-15 04:08 - 2018-11-15 04:08 - 000172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\318f4e270844db14015db593913440b1\IsdiInterop.ni.dll 2012-04-20 21:20 - 2011-11-30 08:00 - 000059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-08-28 06:27 - 2011-12-16 07:39 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:07BF512B [143] AlternateDataStreams: C:\ProgramData\Temp:41ADDB8A [282] AlternateDataStreams: C:\ProgramData\Temp:890CC2F3 [127] AlternateDataStreams: C:\ProgramData\Temp:FB1B13D8 [185] AlternateDataStreams: C:\Users\Public\DRM:احتضان [48] AlternateDataStreams: C:\Users\Все пользователи\Temp:07BF512B [143] AlternateDataStreams: C:\Users\Все пользователи\Temp:41ADDB8A [282] AlternateDataStreams: C:\Users\Все пользователи\Temp:890CC2F3 [127] AlternateDataStreams: C:\Users\Все пользователи\Temp:FB1B13D8 [185] AlternateDataStreams: C:\Users\иар\Downloads\An Actual Playable Tortilla Record Etched with a Laser Cutter.mp4:.gltth [13554] AlternateDataStreams: C:\Users\иар\Downloads\Aura.zip:.gltth [19170] AlternateDataStreams: C:\Users\иар\Downloads\BlueStacks-Installer_BS3_native.exe:.gltth [24306] AlternateDataStreams: C:\Users\иар\Downloads\drw_free.exe:.gltth [12546] AlternateDataStreams: C:\Users\иар\Downloads\Levi.ppt:.gltth [21426] AlternateDataStreams: C:\Users\иар\Downloads\tsetup.1.3.14.exe:.gltth [17058] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 07:34 - 2018-02-09 15:59 - 000000932 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 platform.wondershare.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4020304659-3910671362-1857818088-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\иар\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.100.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BitComet => "C:\Program Files\BitComet\BitComet.exe" /tray MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D04CDC80-29AD-4551-82E4-09AA142D9F52}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{4972DD90-5B54-45D4-BF8D-AC0049915B79}] => (Allow) LPort=2869 FirewallRules: [{E1FE88C7-8A08-4AE2-A9AD-63624AE1BF8E}] => (Allow) LPort=1900 FirewallRules: [{3B31E935-FF42-4C96-AE84-E4EFD2454B6D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{93FDB781-BF35-4112-AC96-A7A8D93E77AE}] => (Allow) C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe FirewallRules: [{BF76AC4E-AEC5-4DB2-BBD4-93530943285A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{9C19F5B5-D10B-4584-AB35-8675F71E8002}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{6C5F7865-E99D-45E4-8417-B934775CC52C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{8FE7F305-EE06-40B0-A566-FF54F1430272}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{FD54B2ED-2425-4CE8-B168-0DC963B808CB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{33072F44-F8C8-4343-9E90-8B8492335247}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{75DB4258-4621-4064-8272-56795D41258A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{1D56C4D8-3C9D-4DE1-9E20-3109AA1564EB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{4BDB84EB-A3DD-4F2C-8381-45EFA0C99A78}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\VideoPlayer.exe FirewallRules: [{C6403091-D366-4337-94C6-D9910ABECE23}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\MusicPlayer.exe FirewallRules: [TCP Query User{2883923C-5BE8-481E-AF34-278B68F18CF6}C:\users\иар\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Allow) C:\users\иар\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe FirewallRules: [UDP Query User{8D6E941D-70D3-4178-BBAE-0B2E3976029D}C:\users\иар\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Allow) C:\users\иар\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe FirewallRules: [TCP Query User{EBB79A53-818C-40BF-9E1D-264DF70060ED}C:\users\иар\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Block) C:\users\иар\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe FirewallRules: [UDP Query User{821B51F1-D7DA-45B7-BFFE-CCADE601145F}C:\users\иар\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Block) C:\users\иар\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe FirewallRules: [{8EA13B7C-0F18-43A0-9807-BEAA3FFCCCE3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{8A597A84-E7D9-4DC4-BF65-ADFC29F81EBF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [TCP Query User{C1F6620B-02B9-45E4-B0BD-0E0B62BB3529}C:\program files (x86)\oldsource russia\oldsource cssv34\hl2.exe] => (Allow) C:\program files (x86)\oldsource russia\oldsource cssv34\hl2.exe FirewallRules: [UDP Query User{D516C177-37D7-4FE1-8348-9625B94DC4AC}C:\program files (x86)\oldsource russia\oldsource cssv34\hl2.exe] => (Allow) C:\program files (x86)\oldsource russia\oldsource cssv34\hl2.exe FirewallRules: [{72894E7E-A2FC-4B3E-8F9A-4FFFB3D14F00}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{02330FB8-4DD6-48A8-BB6B-852605CD590A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{A63F0D89-0AAA-49C3-88CD-B50BC0CB131A}] => (Allow) C:\Users\иар\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4B92FC81-BF51-4BA1-AF45-A8614A69475A}] => (Allow) C:\Users\иар\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C5C55D78-7EC5-4636-9EC7-5E2BACDA8AD6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{624E69A7-2BB3-4093-A1AA-3AEEF6F54ED3}C:\program files (x86)\oldsource russia\oldsource cssv34\hl2.exe] => (Block) C:\program files (x86)\oldsource russia\oldsource cssv34\hl2.exe FirewallRules: [UDP Query User{2064D1E4-56FB-487B-A97E-165CFBB11A64}C:\program files (x86)\oldsource russia\oldsource cssv34\hl2.exe] => (Block) C:\program files (x86)\oldsource russia\oldsource cssv34\hl2.exe FirewallRules: [TCP Query User{90D3EBC0-85A7-48D5-A5D8-D9A0D663B0A7}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Block) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe FirewallRules: [UDP Query User{1A8912EC-321A-4119-9DC7-38519EFCB4B1}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Block) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe FirewallRules: [{E34BFE20-7612-4B51-A8B4-154451359724}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [TCP Query User{802B04E2-8F33-40E5-BB58-07693D978E63}C:\program files (x86)\greylink dc++\greylink-x64.exe] => (Allow) C:\program files (x86)\greylink dc++\greylink-x64.exe FirewallRules: [UDP Query User{D3C5D447-5AC7-4B23-83A6-8B3972591763}C:\program files (x86)\greylink dc++\greylink-x64.exe] => (Allow) C:\program files (x86)\greylink dc++\greylink-x64.exe FirewallRules: [{B7486951-84EA-4A0D-87EE-E35C800C4B21}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{39F17C55-B6CB-4DC8-BA34-F0D3246C8BC6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{57A83F61-261E-4311-A470-903E878D4093}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{679F257B-BB16-4B69-A500-4D04F42B50F4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{776754A5-4F97-4919-8767-40EAFA095DA0}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [UDP Query User{4677A662-94FC-4BC4-901E-F13A9A2B0DDD}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [TCP Query User{0EEF4932-D7D7-4239-A34D-046DC958A76A}C:\program files (x86)\stronghold 3\bin\win32_release\stronghold3.exe] => (Allow) C:\program files (x86)\stronghold 3\bin\win32_release\stronghold3.exe FirewallRules: [UDP Query User{C6AA45DC-5AE3-4428-9493-841F303D1F00}C:\program files (x86)\stronghold 3\bin\win32_release\stronghold3.exe] => (Allow) C:\program files (x86)\stronghold 3\bin\win32_release\stronghold3.exe FirewallRules: [{03E40E92-D3CF-4E03-BD70-82EB22002405}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{1EED7B95-37A6-44B2-BCC1-78BA575FB9C1}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [TCP Query User{E5CD849A-31D7-481A-AB3F-F02E459DC63A}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe FirewallRules: [UDP Query User{F831072C-9D87-42D8-919E-0D90B09C328F}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe FirewallRules: [TCP Query User{B8B2EA1B-6E82-4C77-A74B-CCA0192A9FBD}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [UDP Query User{F3890E0E-C44B-4313-A5C0-8863223A348D}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [TCP Query User{5C072536-FDCF-46FF-BDBB-8C68D7CE467F}C:\program files (x86)\croteam\serious sam\bin\serioussam.exe] => (Allow) C:\program files (x86)\croteam\serious sam\bin\serioussam.exe FirewallRules: [UDP Query User{1C67ADEC-F617-4697-9FE2-A80396B09E8C}C:\program files (x86)\croteam\serious sam\bin\serioussam.exe] => (Allow) C:\program files (x86)\croteam\serious sam\bin\serioussam.exe FirewallRules: [{44FD1B76-74A5-4150-A2DF-DB333AF5A69E}] => (Block) C:\program files (x86)\croteam\serious sam\bin\serioussam.exe FirewallRules: [{D0BE7D61-F32C-4950-8DE7-8CEF42CEB66F}] => (Block) C:\program files (x86)\croteam\serious sam\bin\serioussam.exe FirewallRules: [TCP Query User{71EA4E0E-6220-4293-8F44-7A63B2376FCA}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe FirewallRules: [UDP Query User{6E00AEB6-2577-4814-89FD-7157742FE763}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe FirewallRules: [{8D8264D1-6B53-44D5-ACCD-9A84743E5FD6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8CE96264-D387-4167-83BC-A96FD23F5276}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{90DB3C84-680F-4E57-AD34-691C089D74D8}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{BF46FF78-9E77-4A43-8F96-FE5ACD669F98}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{71D7AA09-CD77-442E-903E-BE5EF8E24D9A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe FirewallRules: [{EA8E16DB-505F-4DD8-B9A6-BACA935EBF76}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe FirewallRules: [{C55A4A3A-3A3C-4CE7-9F0D-7E826410F39C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe FirewallRules: [{3DF4152C-B125-4BCA-A420-5DE3125FE48C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe FirewallRules: [{33B8F3D3-1591-4D16-8D3E-C229B4371C39}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe FirewallRules: [{A018F5AC-26A5-4D61-A758-6D549C5C8089}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe FirewallRules: [{15FBFDED-34A3-4757-B905-3C2F3CB839BB}] => (Allow) LPort=58172 FirewallRules: [{B360001E-12B0-434E-B086-C2E99A6E2368}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{CF79F36E-0B01-44F1-8CB0-918273865ECB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{5B68241E-0C56-4E33-BA09-99FC55A8D040}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{029AA1B8-E380-44CB-9120-6B575BA083DF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{5123B6E6-26AF-407E-9699-D0B0A5770784}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe FirewallRules: [{02564ABE-D22E-4DA4-99C8-1A0CE868FE67}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe FirewallRules: [{138D13AF-C6A1-40CE-9208-BA2E05924EF1}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe FirewallRules: [{0B79F3F5-3614-4CDD-89A6-C0573F032A20}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe FirewallRules: [{BACE21B3-8169-4DCF-B9EF-9201AF21D7B1}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe FirewallRules: [{9979FEA6-073E-4AA4-AEEB-6077C39EFAE0}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe FirewallRules: [{5F0BD67C-31A2-4A7A-8995-A4BFC4E3105A}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe FirewallRules: [{0CDB535F-AFC2-4C17-9212-14A09CFEEA3E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{360FE390-C9C0-4503-83FB-26A2B7CB1814}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{92B8708E-D01F-42C0-9DD7-A69E65FA7EF5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{3471AFAF-05EB-4643-BC52-280FFE24D115}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{00C02BC3-6342-48B8-A0C9-EFEAA0ED1570}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{5CAF06E6-D0CF-45F9-B3D6-F80FD09197F6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{683BCD2E-14AF-4525-8C80-EA9DE65FBC61}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{8ABAB84F-8220-40EB-90F8-303F2D431962}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe FirewallRules: [{46765D33-93DA-463A-9E7E-61FEA045F007}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe FirewallRules: [{CD07251D-589B-4505-8199-60548550B628}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe FirewallRules: [{D48B896A-2866-44CB-B703-D97FC7845C22}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe FirewallRules: [{F797D429-D187-4D04-825C-9E4121AB124E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe FirewallRules: [{E4A93932-57D1-4491-BAB4-2CB5778DEC4A}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{DB5E9C61-F747-43D7-B91F-6D1DF507ABDC}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{7AB43351-A262-4996-8700-17D0495894FC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{70D0CD91-5A6B-412C-8FE7-92DAD31B65D3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{EC6035B5-B7C9-4C56-ADBE-8837D0DF1602}] => (Allow) C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe FirewallRules: [{490999C1-A969-4D92-8926-FF6AEC900D14}] => (Allow) C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe FirewallRules: [{0ACD2399-2B00-48B4-ACBB-84A6AF587A99}] => (Allow) C:\Program Files (x86)\Panasonic\Device Monitor\DMList.exe FirewallRules: [{AB99A9C0-B934-4B55-87D6-882E6107C84E}] => (Allow) C:\Program Files (x86)\Panasonic\Device Monitor\DMList.exe FirewallRules: [{7FDFF5D0-34CB-4666-BEF3-54962109AFA1}] => (Allow) C:\Program Files\Opera\56.0.3051.104\opera.exe FirewallRules: [{FEA2E226-5CC2-4D06-B786-5899EE4B7170}] => (Allow) C:\Program Files\Opera\56.0.3051.116\opera.exe FirewallRules: [{FBE7E100-85A8-4A73-8328-6B2AE77B456F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 29-11-2018 12:24:08 Центр обновления Windows ==================== Faulty Device Manager Devices ============= Name: Адаптер Microsoft ISATAP #12 Description: Адаптер Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Адаптер Microsoft ISATAP #13 Description: Адаптер Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Адаптер Microsoft ISATAP #16 Description: Адаптер Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Teredo Tunneling Pseudo-Interface Description: Туннельный адаптер Microsoft Teredo Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: VirtualBox Host-Only Ethernet Adapter Description: VirtualBox Host-Only Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Oracle Corporation Service: VBoxNetAdp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: archlp Description: archlp Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: archlp Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Адаптер Microsoft 6to4 Description: Адаптер Microsoft 6to4 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Адаптер Microsoft ISATAP Description: Адаптер Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Адаптер Microsoft ISATAP #7 Description: Адаптер Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (12/03/2018 05:44:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/03/2018 03:36:00 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (12/03/2018 02:21:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/03/2018 12:48:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/02/2018 03:35:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (12/02/2018 12:08:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/02/2018 11:32:21 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/02/2018 12:37:51 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (12/03/2018 05:50:07 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: Служба "WMPNetworkSvc" не была запущена, так как функция CoCreateInstance(CLSID_UPnPDeviceFinder) обнаружила ошибку "0x80070422". Убедитесь, что служба UPnPHost запущена и компонент Windows UPnPHost правильно установлен. Error: (12/03/2018 05:49:27 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Служба "NVIDIA Update Service Daemon" зависла при запуске. Error: (12/03/2018 05:45:14 PM) (Source: sptd) (EventID: 4) (User: ) Description: Обнаружена внутренняя ошибка в структуре данных драйвера для . Error: (12/03/2018 05:45:14 PM) (Source: sptd) (EventID: 4) (User: ) Description: Обнаружена внутренняя ошибка в структуре данных драйвера для . Error: (12/03/2018 05:45:14 PM) (Source: sptd) (EventID: 4) (User: ) Description: Обнаружена внутренняя ошибка в структуре данных драйвера для . Error: (12/03/2018 05:45:14 PM) (Source: sptd) (EventID: 4) (User: ) Description: Обнаружена внутренняя ошибка в структуре данных драйвера для . Error: (12/03/2018 05:45:11 PM) (Source: sptd) (EventID: 4) (User: ) Description: Обнаружена внутренняя ошибка в структуре данных драйвера для . Error: (12/03/2018 05:45:11 PM) (Source: sptd) (EventID: 4) (User: ) Description: Обнаружена внутренняя ошибка в структуре данных драйвера для . Windows Defender: =================================== Date: 2018-02-09 15:59:17.985 Description: Защитник Windows обнаружила программу-шпион или другую потенциально нежелательную программу. Дополнительные сведения см. ниже: http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Adload!rfn&threatid=213866 Имя:TrojanDownloader:Win32/Adload!rfn ИД:213866 Серьезность:Высокий Категория:Загрузчик троянов Путь к:file:C:\Users\иар\Downloads\Wondershare Filmora v8.5.1.4 Final (x64) Ml_Rus\keygen tPORt\KeyGen.exe;process:pid:5212 Тип обнаружения:Конкретный Источник обнаружения:Защита в реальном времени: Состояние:Неизвестно Пользователь:\ Имя процесса: Date: 2017-11-19 00:27:47.327 Description: Защитник Windows обнаружила программу-шпион или другую потенциально нежелательную программу. Дополнительные сведения см. ниже: http://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Sofolview&threatid=240761 Имя:Misleading:Win32/Sofolview ИД:240761 Серьезность:Высокий Категория:Нежелательная программа Путь к:file:C:\Users\иар\Downloads\Setup_FileViewPro_2015.exe Тип обнаружения:Конкретный Источник обнаружения:Защита в реальном времени: Состояние:Неизвестно Пользователь:\ Имя процесса: Date: 2018-10-15 00:46:36.439 Description: При попытке Защитник Windows загрузить подписи произошла ошибка; будет предпринята попытка отката к последнему работающему набору подписей. Использованные подписи:Текущий Код ошибки:0x8050800d Описание ошибки:Не удается отобразить некоторые записи журнала. Повторите попытку через несколько минут. Если это не поможет, очистите журнал и вновь повторите попытку. Версия подписей:1.277.1042.0 Версия подсистемы:1.1.15300.6 Date: 2018-07-04 15:17:05.567 Description: При попытке Защитник Windows обновить подпись произошла ошибка. Новая версия подписи:1.271.442.0 Предыдущая версия подписи:1.269.1974.0 Источник обновления:Пользователь Тип подписи:Антишпионская программа Тип обновления:Разностное Пользователь:NT AUTHORITY\система Текущая версия подсистемы:1.1.15000.2 Предыдущая версия подсистемы:1.1.14901.4 Код ошибки:0x80070666 Описание ошибки:Уже установлена другая версия этого продукта. Продолжение установки невозможно. Для настройки конфигурации или удаления существующей версии продукта используйте значок "Установка и удаление программ" на панели управления . Date: 2018-07-04 15:17:05.567 Description: При попытке Защитник Windows обновить подсистему произошла ошибка. Новая версия подсистемы:1.1.15000.2 Предыдущая версия подсистемы:1.1.14901.4 Источник обновления:Пользователь Пользователь:NT AUTHORITY\система Код ошибки:0x80070666 Описание ошибки:Уже установлена другая версия этого продукта. Продолжение установки невозможно. Для настройки конфигурации или удаления существующей версии продукта используйте значок "Установка и удаление программ" на панели управления . CodeIntegrity: =================================== Date: 2018-08-07 00:10:03.304 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-07 00:10:03.042 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-07 00:10:02.762 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-07 00:10:02.505 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-07 00:10:01.580 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system. Date: 2018-08-07 00:10:01.243 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\eagleGet.sys because the set of per-page image hashes could not be found on the system. Date: 2018-08-07 00:10:00.859 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\EagleGet\eagleGet_x64.sys because the set of per-page image hashes could not be found on the system. Date: 2018-08-07 00:10:00.573 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\EagleGet\eagleGet_x64.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz Percentage of memory in use: 47% Total physical RAM: 8030.36 MB Available physical RAM: 4183.7 MB Total Virtual: 16058.85 MB Available Virtual: 12340.82 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:915.91 GB) (Free:133.46 GB) NTFS Drive j: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:41.37 GB) NTFS \\?\Volume{9f924fc5-f0ad-11e1-8ad9-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS \\?\Volume{9f924fc4-f0ad-11e1-8ad9-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:15.5 GB) (Free:0.99 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 542C51D9) Partition 1: (Not Active) - (Size=15.5 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=915.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 13C0E5E2) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================