Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016 Ran by Виктор (11-12-2016 22:51:44) Running from C:\Users\Виктор\Desktop Windows 8 Pro (X64) (2013-11-27 03:07:48) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Администратор (S-1-5-21-1751769309-1090466125-2972610818-500 - Administrator - Disabled) Виктор (S-1-5-21-1751769309-1090466125-2972610818-1001 - Administrator - Enabled) => C:\Users\Виктор Гость (S-1-5-21-1751769309-1090466125-2972610818-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1751769309-1090466125-2972610818-1001\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.00.900 Beta 3 - AIMP DevTeam) AMD Catalyst Install Manager (HKLM\...\{45324571-83B7-307A-6114-DAE65A50DC8E}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.4.1430 - CDBurnerXP) Daum PotPlayer 1.4.20906 (DXVA+CUDA+SVP) (HKLM-x32\...\Daum PotPlayer 1.4.20906 (DXVA+CUDA+SVP)_is1) (Version: - ©7sh3. [Сборка от 22.05.2010]) Diablo II+ Lord of destruction (HKLM-x32\...\Diablo II+ Lord of destruction_is1) (Version: - ) FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production) Foxit Reader 4.3.1.218 (HKLM-x32\...\Foxit Reader) (Version: v4.3.1.218 - oszone.net) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation) Java(TM) 6 Update 23 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle) K-Lite Codec Pack 11.9.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP) Malwarebytes, версия 3.0.4.1269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.4.1269 - Malwarebytes) Microsoft Office стандартный 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Radiocent 3.4.0.70 (HKLM-x32\...\{F3B2A229-1959-44BD-8D16-408CE1E654F6}}_is1) (Version: - iTVA LLC.) RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.2.12972.172 - raidcall.com.ru) Ralink Bluetooth Stack64 (HKLM\...\{95DF815D-BE2D-9118-F549-39794C5869CF}) (Version: 9.0.725.0 - Название организации) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) Reg Organizer 4.10 (HKLM-x32\...\Reg Organizer_is1) (Version: - ) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Stardock Start8 (HKLM\...\Start8_is1) (Version: 1.31 - Stardock Software, Inc.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer) Total Commander MicroLair 2010.11 (HKLM-x32\...\Total Commander MicroLair 2010.11) (Version: - ) UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 2.0.0.0 - Manuel Hoefs (Zottel)) Unity Web Player (HKU\S-1-5-21-1751769309-1090466125-2972610818-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony) Warcraft (rus) 1.24c (HKLM-x32\...\Warcraft (rus) 1.24c) (Version: - ) XnView 2.03 (HKLM-x32\...\XnView_is1) (Version: 2.03 - Gougelet Pierre-e) Архиватор WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Поддержка программ Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Расчет смет (HKLM-x32\...\Помощник инженера сметчика_is1) (Version: 1.12.9 - СТ ООО "Техносервисцентр") Русификатор для Reg Organizer 4.10 (HKLM-x32\...\Русификатор для Reg Organizer_is1) (Version: - ) Языковой пакет Microsoft Visual Studio 2010 Tools для среды выполнения Office (x64) - RUS (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - RUS) (Version: 10.0.50903 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0885FB0F-5919-484E-968A-B71C708F031D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-11-09] (Microsoft Corporation) Task: {17DB362B-AA1F-4429-9D53-927FB80A9657} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-01-29] () Task: {2334B944-D3B6-4D82-8915-045E4E88904C} - \Microsoft\Windows\Servicing\StartComponentCleanup -> No File <==== ATTENTION Task: {49272A16-5A93-4E30-B072-EBCD3E9D8457} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation) Task: {71DDD060-3B4D-40E5-86AA-FF199A61532E} - \Opera scheduled Autoupdate 1441263143 -> No File <==== ATTENTION Task: {720D9862-8BE3-46F0-8B83-7D145FA29C52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-10] (Adobe Systems Incorporated) Task: {7A0389DD-4BB5-4FBA-825E-FBC0F28C0376} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] () Task: {80DB62B3-A55F-4317-8391-7F6EA1B2D933} - \Opera scheduled Autoupdate 1385523924 -> No File <==== ATTENTION Task: {D852DCEB-AA58-4B62-A247-E6A4F6C58D1D} - \Microsoft\Windows\Maintenance\WinSAT -> No File <==== ATTENTION Task: {D92BFC80-2CB7-4BAD-A5BB-1EA081710231} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-10] (Adobe Systems Incorporated) Task: {D94D70BB-F364-4838-B094-0239AC95AB42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {DE114872-D52D-4651-9921-41900149090B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {EB79D628-6868-4EC4-8E70-A2A715A78421} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Виктор\Desktop\Расчет по НРР.lnk -> C:\Program Files (x86)\Smeta\Smeta12.exe () <===== Cyrillic Shortcut: C:\Users\Виктор\Desktop\Расчет смет.lnk -> C:\Program Files (x86)\Smeta\Smeta.exe () <===== Cyrillic Shortcut: C:\Users\Виктор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Корзина.lnk -> 0x4C0000000114020000000000C0000000000000468100000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000160014001F7840F05F6481501B109F0800AA002F954E0000BB000000090000A0AF0000003153505355284C9F799F394BA8D0E1D42DE1D5F3110000000900000000030000000100000011000000120000000003000000020000007100000005000000001F0000002F0000007B00340036003600420041003000380032002D0038003800420046002D0034003800300034002D0042003500320035002D003100330038004400360041004400300042004200430034007D005C001A043E044004370438043D04300400000000000000000000000000000000 <===== Cyrillic Shortcut: C:\Users\Виктор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Руководство по консольной версии RAR.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt () <===== Cyrillic Shortcut: C:\Users\Виктор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Справка WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm () <===== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Удалить Movavi Конвертер Видео 15.lnk -> C:\Program Files (x86)\Movavi Video Converter 15\uninst.exe (Movavi) <===== Cyrillic ==================== Loaded Modules (Whitelisted) ============== 2012-09-19 17:37 - 2012-09-19 17:37 - 00029960 _____ () C:\Windows\system32\BsTrace.dll 2013-11-27 06:33 - 2010-03-15 10:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2012-11-22 19:21 - 2010-07-15 07:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2013-11-27 10:52 - 2009-07-13 22:18 - 00071096 _____ () C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe 2016-12-11 12:05 - 2016-11-29 06:27 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2012-09-19 17:37 - 2012-09-19 17:37 - 00017160 _____ () C:\Windows\system32\BsHelpCSps.dll 2012-08-23 15:07 - 2012-08-23 15:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-11-27 06:48 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe 2014-10-23 22:19 - 2014-10-23 22:19 - 00042496 _____ () C:\Program Files\CCleaner\lang\lang-1049.dll 2012-09-19 17:37 - 2012-09-19 17:37 - 00029960 _____ () C:\Windows\SYSTEM32\BsTrace.dll 2012-09-19 17:37 - 2012-09-19 17:37 - 00017160 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll 2012-09-19 17:37 - 2012-09-19 17:37 - 00062216 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll 2013-11-27 06:48 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll 2016-11-15 12:26 - 2016-11-08 23:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll 2016-11-15 12:26 - 2016-11-08 23:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-1751769309-1090466125-2972610818-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 08:26 - 2012-07-26 08:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1751769309-1090466125-2972610818-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Виктор\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 194.158.204.238 - 82.209.195.12 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "SynTPEnh" HKLM\...\StartupApproved\Run32: => "BtTray" HKLM\...\StartupApproved\Run32: => "StartCCC" HKU\S-1-5-21-1751769309-1090466125-2972610818-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-1751769309-1090466125-2972610818-1001\...\StartupApproved\Run: => "BitMaster" HKU\S-1-5-21-1751769309-1090466125-2972610818-1001\...\StartupApproved\Run: => "Skype" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{3657E9F5-250C-4C00-BEB3-E46942F1ABA7}] => C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{EB0AF26E-ABE3-417B-B017-16CAA473AE06}] => C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{37AC040A-6380-4330-8B3B-69A28C9E13DF}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{848505D2-5BD7-4CF9-A71D-7BBDC5ADEAD8}] => C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe FirewallRules: [{8C571F62-EC69-4620-9B83-048FB7298CC3}] => C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe FirewallRules: [{EB2E34CE-51E7-489D-BFFB-86380AB67CA9}] => C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe FirewallRules: [{B30F4B25-FD8A-4AF7-BD0A-CAB4EFAC4B66}] => C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe FirewallRules: [{F6A49052-A0D5-4996-A80E-465CD12E6F47}] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{1450DB86-D61F-45E1-A454-C1748915C180}] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{585DCFD6-75B8-471C-B5BF-B7BEBAF0B411}] => C:\Users\Виктор\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A8D1E46F-DDDB-4503-AECB-3B846602F815}] => C:\Users\Виктор\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{026196EA-1DB7-4645-85F5-8C0F6DDD2E45}G:\warcraft 1.24c\war3.exe] => G:\warcraft 1.24c\war3.exe FirewallRules: [UDP Query User{154BFEC8-6813-4AB2-8F67-6EC2E2A6CD9D}G:\warcraft 1.24c\war3.exe] => G:\warcraft 1.24c\war3.exe FirewallRules: [{CE8560B8-A31A-4770-9C3A-E3B3527DDA56}] => G:\warcraft 1.24c\war3.exe FirewallRules: [{85C57D6B-96F1-48DB-83B9-02B5D68B8F16}] => G:\warcraft 1.24c\war3.exe FirewallRules: [{D4174687-8B38-4BF1-BD1A-DB88F991AEB8}] => C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{766A5C5B-2E20-4BA9-A3A4-B406A85B6E87}] => C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{024F4587-CBD5-43BA-B4FA-2CE96E31368B}] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{58BEC425-D5A9-453D-8CAD-5DD9D26C53BE}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 22-11-2016 18:59:08 Запланированная контрольная точка 30-11-2016 08:58:26 Запланированная контрольная точка 06-12-2016 20:49:54 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 ==================== Faulty Device Manager Devices ============= Name: Туннельный адаптер Microsoft Teredo Description: Туннельный адаптер Microsoft Teredo Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (12/11/2016 10:45:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки: hr=0x8007007B Аргументы командной строки: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable Error: (12/11/2016 10:45:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки: hr=0x8007007B Аргументы командной строки: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (12/11/2016 10:37:29 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки: hr=0x8007007B Аргументы командной строки: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable Error: (12/11/2016 10:37:27 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки: hr=0x8007007B Аргументы командной строки: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=3 Error: (12/11/2016 07:30:24 PM) (Source: ATIeRecord) (EventID: 16388) (User: ) Description: ATI EEU Client event error Error: (12/11/2016 06:36:58 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки: hr=0x8007007B Аргументы командной строки: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable Error: (12/11/2016 06:36:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки: hr=0x8007007B Аргументы командной строки: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (12/11/2016 01:46:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки: hr=0x8007007B Аргументы командной строки: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable Error: (12/11/2016 01:46:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки: hr=0x8007007B Аргументы командной строки: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (12/11/2016 12:08:31 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Не удалось создать контекст архивации для "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsSMSEditor.exe". Ошибка в файле манифеста или политики "" в строке . Версия компонента, требуемая для приложения, конфликтует с другой, уже активной версией. Конфликтующие компоненты: Компонент 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest. Компонент 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest. System errors: ============= Error: (12/11/2016 10:44:45 PM) (Source: DCOM) (EventID: 10016) (User: Admin) Description: Параметры разрешений для конкретного приложения не дают разрешения Локально Запуск для приложения COM-сервера с CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} и APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} пользователю Admin\Виктор с ИД безопасности (S-1-5-21-1751769309-1090466125-2972610818-1001) и адресом LocalHost (с использованием LRPC), выполняемого в контейнере приложения Недоступно с ИД безопасности (Недоступно). Это разрешение безопасности можно изменить с помощью средства администрирования служб компонентов. Error: (12/11/2016 10:43:17 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Диспетчер управления службами пытался выполнить исправляющее действие (Перезапуск службы) после непредвиденного завершения службы Windows Search, но при этом произошла следующая ошибка: Одна копия службы уже запущена. Error: (12/11/2016 10:42:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Установщик Windows была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 120000 мсек: Перезапуск службы. Error: (12/11/2016 10:42:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Windows Search была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 30000 мсек: Перезапуск службы. Error: (12/11/2016 10:42:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Служба "Malwarebytes Service" неожиданно прервана. Это произошло (раз): 1. Error: (12/11/2016 10:42:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Служба "HP Service" неожиданно прервана. Это произошло (раз): 1. Error: (12/11/2016 10:42:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Служба "BsHelpCS" неожиданно прервана. Это произошло (раз): 1. Error: (12/11/2016 10:42:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Служба политики провайдера безопасности аккаунта была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 0 мсек: Перезапуск службы. Error: (12/11/2016 10:42:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Служба "NMSAccessU" неожиданно прервана. Это произошло (раз): 1. Error: (12/11/2016 10:42:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Служба "BlueSoleilCS" неожиданно прервана. Это произошло (раз): 1. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Percentage of memory in use: 29% Total physical RAM: 3975.48 MB Available physical RAM: 2785.03 MB Total Virtual: 5063.48 MB Available Virtual: 3855.35 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:100.12 GB) (Free:60.69 GB) NTFS Drive g: () (Fixed) (Total:299.12 GB) (Free:36.69 GB) NTFS Drive h: () (Fixed) (Total:299.04 GB) (Free:40.88 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 0004CAE1) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=598.2 GB) - (Type=OF Extended) ==================== End of Addition.txt ============================