Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Предполагаем злонамерен софтуер. Компютърът ми е бавен и засича.


Препоръчан отговор


Здравейте,
Предполагам, че може да съм си натряскал някой вирус не знайно как, защото компютърът ми стана бавен и на моменти засича. Прикачвам файловете по долу.

 

Addition.txt FRST.txt

Линк към този отговор
Сподели в други сайтове

Здравейте отново..! Мнението ми е че тук не става въпрос за проблем причинен от зловреден софтуер ..! Все пак се виждат някои неща които заслужават внимание ....!!!

 

Фикс с Farbar Recovery Scan Tool
 
icon13.gif Изтеглете прикачения файл  
fixlist.txt  и  го запазете там, където сте свалили FRST.exe
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.
 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt

 

Линк към този отговор
Сподели в други сайтове

Линк към този отговор
Сподели в други сайтове

Рестартирайте вашия компютър  и ми кажете има ли промяна ..?

 

...след това :

 

Изтеглете  ESET Online Scanner и го запишете на вашия работен плот.
  •     Щракнете с десния бутон върху esetonlinescanner_enu.exe и изберете  Run as Administrator  ( Изпълни като администратор).
  •     Когато инструментът се отвори, щракнете върху  Get Started ( Започнете).
  •     Прочетете и приемете лицензионното споразумение.
  •     В прозореца  Welcome to ESET Online Scanner щракнете върху Get Started (Започнете).
  •     Изберете дали искате да изпратите анонимни данни на ESET.
  •     Забележка: Ако видите екрана Welcome Back to ESET Online Scanner"  (Добре дошли в онлайн скенера на ESET) , щракнете върху  Computer Scan  ( Сканиране на компютър ) > Full Scan  (Пълно сканиране).
  •     Кликнете върху опцията за Full Scan ( Пълно сканиране).
  •     Изберете Enable ESET to detect and remove potentially unwanted applications  (Активиране на ESET, за да открие и премахне потенциално нежелани приложения), след което щракнете върху Start scan  (Старт на сканиране).
  •     ESET  ще започне да сканира вашия компютър. Това може да отнеме известно време.
  •     Когато сканирането приключи и ако са открити заплахи, изберете Save scan log (Запазване на дневника на сканиране). Запазете го на работния плот като eset.txt. Кликнете върху Continue  (Продължи).
  •     ESET Онлайн скенер може да попита дали искате да включите функцията за периодично сканиране. Кликнете върху  Continue ( Продължи).
  •     На следващия екран можете да оставите отзиви за програмата, ако желаете. Поставете отметка в квадратчето за  Delete application data on closing ( изтриване на данни от приложението при затваряне). Ако оставите обратна връзка, щракнете върху Submit and continue (Изпращане и продължете). Ако не, Close without feedback (Затворете без обратна връзка).
  •   Отворете дневника от сканирането от вашия работен плот (eset.txt) и копирайте и поставете съдържанието му в следващия си отговор.

============================================================================================================================================

В следващия си отговор, моля, включете:

  •  eset.txt
Линк към този отговор
Сподели в други сайтове

Рестартирах го още след 2рата стъпка с FIX-файла, защото програмата сама го рестартира. Като чели има малка разлика но мога и да си втълпявам.

eset2.txt

Линк към този отговор
Сподели в други сайтове

Здравейте..! Както и предполагах не виждам признаци на активни зарази ...! Да направим последна проверка:

 

FRST сканиране

    Щракнете двукратно върху FRST.exe / FRST64.exe, за да го стартирате.
    Натиснете бутона за image.png.e4ea07ecfc9acbc1a7ac79c624db8810.png сканиране.
    Когато приключи, той ще създаде  два лог файла с името FRST.txt и Addition.txt, в същата директория, от която е стартиран инструментът.
    Моля, копирайте и поставете журналите в следващия си отговор.

 

pfNZP4A.png&key=0a487e0a7cff89c690a32d13  Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (копирате цялото съдържание)
Линк към този отговор
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-05-2020 01
Ran by Pepi (administrator) on PEPI-PC (01-06-2020 20:36:11)
Running from C:\Users\Pepi\Desktop
Loaded Profiles: Pepi
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-457837091-790192093-1598045625-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91667312 2020-05-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-457837091-790192093-1598045625-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31867792 2020-05-19] (Epic Games Inc. -> Epic Games, Inc.)
HKLM\...\Print\Monitors\WSD Port: C:\Windows\system32\WSDMon.dll [224768 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\Installer\chrmstp.exe [2020-05-27] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {126D28D6-A598-4569-A732-8C22ED701C3C} - System32\Tasks\{9C0E0CAF-FB9A-4EEF-A847-9EDE15B2CE58} => C:\Windows\system32\pcalua.exe -a E:\Driver\Win7\Setup.exe -d E:\Driver\Win7
Task: {28E199FB-B4EE-49B0-94D3-F171D29E54C3} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {36AA0C1D-2295-4E6D-A32A-2FCC535BC642} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Pepi\Desktop\esetonlinescanner.exe [14665312 2020-05-31] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {404107CC-A799-4D20-B695-2B17CEF0C609} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-29] (Google Inc -> Google Inc.)
Task: {49346005-6B91-4237-B031-8542663AA38C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {58574339-8942-4989-87C9-8ED0BF7BC3AB} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57736 2018-12-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {58D9ED45-6A1F-4BC8-851D-C7DF1CC9DB3F} - System32\Tasks\Opera scheduled Autoupdate 1564990397 => C:\Users\Pepi\AppData\Local\Programs\Opera\launcher.exe
Task: {6C66CED3-A41B-4405-B197-B0524B4313E5} - System32\Tasks\Opera scheduled assistant Autoupdate 1564990401 => C:\Users\Pepi\AppData\Local\Programs\Opera\launcher.exe
Task: {8FEC77DD-AE8D-43FD-85A3-F16C0E7C403A} - System32\Tasks\Opera scheduled assistant Autoupdate 1564990758 => C:\Users\Pepi\AppData\Local\Programs\Opera\launcher.exe
Task: {9767F813-1C06-40A7-91A0-7567CBE0EB70} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2018-12-07] (Advanced Micro Devices, Inc.) [File not signed]
Task: {97E51F9C-2852-4DDB-8335-22A9FDB1C439} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2018-12-07] (Advanced Micro Devices, Inc.) [File not signed]
Task: {9DE80DA6-C043-4619-A294-C8D528570C26} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57736 2018-12-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A979CD79-6411-4628-A595-0F524C422705} - System32\Tasks\AdobeAAMUpdater-1.0-Pepi-PC-Pepi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C5EC5D69-8EBB-4110-985C-3B26C8B19D91} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Pepi\Desktop\esetonlinescanner.exe [14665312 2020-05-31] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {DD5956D0-13E0-464A-B31C-6A0908BF742E} - System32\Tasks\Opera scheduled Autoupdate 1564990757 => C:\Users\Pepi\AppData\Local\Programs\Opera\launcher.exe
Task: {EC0378C3-6DAF-41F9-A06D-0665D8342AFD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-29] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8EEDA96B-4AB3-47FE-9231-44C39ABAF4F2}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

Chrome: 
=======
CHR Profile: C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default [2020-06-01]
CHR Notifications: Default -> hxxps://csgoroll.com; hxxps://fanfishka.ru; hxxps://www.facebook.com; hxxps://www.faceit.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Презентации) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-29]
CHR Extension: (Документи) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-29]
CHR Extension: (Google Диск) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-29]
CHR Extension: (YouTube) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-29]
CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Таблици) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-29]
CHR Extension: (Video Downloader PLUS) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2020-05-20]
CHR Extension: (Google Документи офлайн) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Pinterest Save Button) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-05-12]
CHR Extension: (Social Video Downloader) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2020-05-09]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Pepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499080 2018-12-07] (Advanced Micro Devices, Inc. -> AMD)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2018-12-06] (AMD) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Rockstar Service; D:\Launcher\RockstarService.exe [1314448 2020-03-11] (Rockstar Games, Inc. -> Rockstar Games)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2607104 2016-05-14] (Microsoft Windows -> Microsoft Corporation)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52739464 2018-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581000 2018-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2019-01-20] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2019-01-20] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] (Intel(R) Smart Connect software -> )
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] (Intel(R) Smart Connect software -> )
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] (Intel(R) Smart Connect software -> )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-01 20:36 - 2020-06-01 20:36 - 000000000 ____D C:\Users\Pepi\Desktop\FRST-OlderVersion
2020-05-31 22:18 - 2020-05-31 22:18 - 000003698 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2020-05-31 22:18 - 2020-05-31 22:18 - 000003258 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2020-05-31 22:18 - 2020-05-31 22:18 - 000000646 _____ C:\Users\Pepi\Desktop\eset2.txt
2020-05-31 20:35 - 2020-05-31 20:35 - 014665312 _____ (ESET spol. s r.o.) C:\Users\Pepi\Desktop\esetonlinescanner.exe
2020-05-31 20:35 - 2020-05-31 20:35 - 000000551 _____ C:\Users\Pepi\Desktop\ESET Online Scanner.lnk
2020-05-31 20:35 - 2020-05-31 20:35 - 000000000 ____D C:\Users\Pepi\AppData\Local\ESET
2020-05-31 20:22 - 2020-05-31 20:23 - 000010136 _____ C:\Users\Pepi\Desktop\Fixlog.txt
2020-05-31 18:49 - 2020-05-31 18:50 - 000037618 _____ C:\Users\Pepi\Desktop\Addition.txt
2020-05-31 18:48 - 2020-06-01 20:37 - 000014183 _____ C:\Users\Pepi\Desktop\FRST.txt
2020-05-31 18:48 - 2020-06-01 20:37 - 000000000 ____D C:\FRST
2020-05-31 18:48 - 2020-06-01 20:36 - 002289152 _____ (Farbar) C:\Users\Pepi\Desktop\FRST64.exe
2020-05-31 18:24 - 2020-05-31 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Processor Diagnostic Tool 64bit
2020-05-31 18:24 - 2020-05-31 18:24 - 000000000 ____D C:\Program Files\Intel Corporation
2020-05-31 18:23 - 2020-05-31 18:23 - 009994876 _____ () C:\Users\Pepi\Desktop\IPDT_Installer_4.1.4.36_64bit.exe
2020-05-31 12:54 - 2020-05-31 12:54 - 057015253 _____ C:\Users\Pepi\Desktop\One of the reasons why our items still not moving after weeks  Aliexpress.mp4
2020-05-30 22:42 - 2020-05-30 22:42 - 000012812 _____ C:\Users\Pepi\Downloads\Sonic.The.Hedgehog.2020.2160p.HDR.x265.WEB-DL.AC3-WAR.torrent
2020-05-30 21:47 - 2020-05-30 21:47 - 000012823 _____ C:\Users\Pepi\Downloads\Extraction.2020.1080p.NF.WEB-DL.x264.torrent
2020-05-30 21:22 - 2020-05-30 21:22 - 000040126 _____ C:\Users\Pepi\Downloads\The.Gentlemen.2020.1080p.AMZN.WEBRip.DDP5.1.x264-TEPES.torrent
2020-05-30 21:21 - 2020-05-30 21:21 - 000228865 _____ C:\Users\Pepi\Desktop\Untitled-2.psd
2020-05-30 20:15 - 2020-05-30 21:21 - 012652803 _____ C:\Users\Pepi\Desktop\antonovauto.psd
2020-05-30 20:15 - 2020-05-30 20:15 - 000000000 ____D C:\Users\Pepi\Desktop\realistic-metallic-car-logo
2020-05-30 20:14 - 2020-05-30 20:15 - 000976067 _____ C:\Users\Pepi\Desktop\realistic-metallic-car-logo.zip
2020-05-30 20:00 - 2020-05-30 20:32 - 000000132 _____ C:\Users\Pepi\AppData\Roaming\Adobe PNG Format CS5 Prefs
2020-05-30 19:41 - 2020-05-30 19:41 - 008388900 _____ C:\Users\Pepi\Desktop\cocogoose.zip
2020-05-30 19:41 - 2020-05-30 19:41 - 000000000 ____D C:\Users\Pepi\Desktop\cocogoose
2020-05-30 19:40 - 2020-05-30 19:40 - 000018334 _____ C:\Users\Pepi\Desktop\kroftsmann.zip
2020-05-30 19:40 - 2020-05-30 19:40 - 000000000 ____D C:\Users\Pepi\Desktop\kroftsmann
2020-05-30 19:32 - 2020-05-30 19:32 - 000003498 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-Pepi-PC-Pepi
2020-05-30 19:28 - 2020-05-30 19:28 - 000087314 _____ C:\Users\Pepi\Desktop\rounded_elegance.zip
2020-05-30 19:28 - 2020-05-30 19:28 - 000032911 _____ C:\Users\Pepi\Desktop\bignoodletitling.zip
2020-05-30 19:28 - 2020-05-30 19:28 - 000000000 ____D C:\Users\Pepi\Desktop\rounded_elegance
2020-05-30 19:28 - 2020-05-30 19:28 - 000000000 ____D C:\Users\Pepi\Desktop\bignoodletitling
2020-05-30 19:26 - 2020-05-30 19:26 - 000000000 ____D C:\Users\Pepi\Desktop\car_service_D
2020-05-30 19:26 - 2020-05-30 19:26 - 000000000 ____D C:\Users\Pepi\AppData\LocalLow\Adobe
2020-05-30 19:23 - 2020-05-30 19:23 - 000000951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1 (64 Bit).lnk
2020-05-30 19:22 - 2020-05-30 19:23 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-05-30 19:22 - 2020-05-30 19:22 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1.lnk
2020-05-30 19:22 - 2020-05-30 19:22 - 000000868 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
2020-05-30 19:21 - 2020-05-30 19:21 - 000000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
2020-05-30 19:20 - 2020-05-30 19:20 - 000001551 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
2020-05-30 19:20 - 2020-05-30 19:20 - 000001024 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
2020-05-30 19:20 - 2020-05-30 19:20 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-05-30 19:20 - 2020-05-30 19:20 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-05-30 19:18 - 2020-05-30 19:18 - 000000000 ____D C:\Program Files\New folder
2020-05-30 18:54 - 2020-05-30 18:54 - 000016206 _____ C:\Users\Pepi\Downloads\Adobe Photoshop CS5.1 v12.10 Extended.torrent
2020-05-30 18:46 - 2020-05-30 18:46 - 000023612 _____ C:\Users\Pepi\Downloads\Adobe Photoshop 2020 v21.0.3.91 (x64) [Activated].torrent
2020-05-30 18:30 - 2020-05-30 19:31 - 000000000 ____D C:\Users\Pepi\AppData\Local\Adobe
2020-05-30 18:30 - 2020-05-30 18:30 - 024417685 _____ C:\Users\Pepi\Desktop\car_service_D.zip
2020-05-30 18:29 - 2020-05-30 19:26 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-05-30 18:22 - 2020-05-31 12:11 - 000000000 ____D C:\ProgramData\Adobe
2020-05-30 18:22 - 2020-05-30 18:22 - 000000000 ____D C:\Users\Pepi\AppData\Roaming\Macromedia
2020-05-30 18:12 - 2020-05-30 18:12 - 000020122 _____ C:\Users\Pepi\Downloads\Adobe.Photoshop.CS6.v13.0.Pre.Release.Incl.Keymaker-CORE.torrent
2020-05-30 18:11 - 2020-05-30 18:11 - 000138018 _____ C:\Users\Pepi\Downloads\Adobe Photoshop CS6 13.0.1 Final  Multilanguage (cracked dll) [ChingLiu].torrent
2020-05-28 23:55 - 2020-05-28 23:55 - 000029415 _____ C:\Users\Pepi\Downloads\The.Bad.Batch.2016.BRRip.XviD.AC3-EVO.torrent
2020-05-28 23:50 - 2020-05-28 23:50 - 000015559 _____ C:\Users\Pepi\Downloads\Destination.Wedding.2018.720p.BluRay.x264-DiN.torrent
2020-05-27 23:25 - 2020-05-27 23:25 - 000082840 _____ C:\Users\Pepi\Downloads\Beyond.The.Law.2019.720p.BluRay.x264-LATENCY.mkv.torrent
2020-05-27 23:24 - 2020-05-27 23:24 - 000039113 _____ C:\Users\Pepi\Downloads\Beyond.The.Law.2019.1080p.BluRay.REMUX.AVC.DTS-HD.MA.5.1-FGT.torrent
2020-05-27 00:00 - 2020-05-27 00:00 - 000023222 _____ C:\Users\Pepi\Downloads\NOMANSLAND.torrent
2020-05-25 21:54 - 2020-05-31 22:44 - 000000000 ____D C:\Users\Pepi\AppData\Roaming\vlc
2020-05-25 21:53 - 2020-05-25 21:53 - 000029751 _____ C:\Users\Pepi\Downloads\John.Wick.3.2019.720p.Bluray.X264-EVO.torrent
2020-05-24 22:37 - 2020-05-24 22:37 - 000013981 _____ C:\Users\Pepi\Downloads\John.Wick.Chapter.3.Parabellum.2019.720p.BluRay.x265-DiN.torrent
2020-05-23 23:25 - 2020-05-23 23:25 - 000448221 _____ C:\Users\Pepi\Downloads\John.Wick.Chapter.2.2017.720p.BluRay.x264-SPARKS.torrent
2020-05-23 23:13 - 2020-05-23 23:13 - 000016550 _____ C:\Users\Pepi\Downloads\John.Wick.Chapter.2.2017.720p.BluRay.x265.HEVC.DTS-WAR.torrent
2020-05-23 19:53 - 2020-05-23 19:53 - 000013061 _____ C:\Users\Pepi\Downloads\John.Wick.2014.576p.BDRip.x264.Ac3-HUD.torrent
2020-05-19 19:44 - 2020-05-19 19:44 - 000000281 _____ C:\Users\Pepi\Desktop\Grand Theft Auto V.url
2020-05-19 18:32 - 2020-05-19 18:32 - 000000000 ____D C:\Users\Pepi\AppData\Local\UnrealEngineLauncher
2020-05-19 18:32 - 2020-05-19 18:32 - 000000000 ____D C:\Users\Pepi\AppData\Local\UnrealEngine
2020-05-19 18:32 - 2020-05-19 18:32 - 000000000 ____D C:\Users\Pepi\AppData\Local\EpicGamesLauncher
2020-05-19 18:31 - 2020-05-19 18:33 - 000000000 ____D C:\ProgramData\Epic
2020-05-19 18:31 - 2020-05-19 18:31 - 044081152 _____ C:\Users\Pepi\Desktop\EpicInstaller-10.15.2.msi
2020-05-19 18:31 - 2020-05-19 18:31 - 000001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2020-05-19 18:31 - 2020-05-19 18:31 - 000001230 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2020-05-19 18:31 - 2020-05-19 18:31 - 000001230 _____ C:\ProgramData\Desktop\Epic Games Launcher.lnk
2020-05-19 18:31 - 2020-05-19 18:31 - 000000000 ____D C:\Program Files (x86)\Epic Games
2020-05-19 14:13 - 2020-05-19 14:13 - 000000000 ____D C:\Users\Pepi\AppData\LocalLow\Intel
2020-05-08 23:38 - 2020-05-08 23:40 - 000000000 ____D C:\Users\Pepi\AppData\Local\paint.net
2020-05-08 23:38 - 2020-05-08 23:38 - 000001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2020-05-08 23:38 - 2020-05-08 23:38 - 000000000 ____D C:\Program Files\paint.net
2020-05-04 23:09 - 2020-05-04 23:09 - 000011590 _____ C:\Users\Pepi\Downloads\Murder.On.The.Orient.Express.2017.576p.BRRip.x264.AC3-HUD.torrent
2020-05-04 21:44 - 2020-05-04 21:44 - 000013735 _____ C:\Users\Pepi\Downloads\Fifty Shades Freed.2018.720p.HDRip.X264.AC3-EVO.mkv.torrent
2020-05-04 18:57 - 2020-05-04 18:57 - 000014282 _____ C:\Users\Pepi\Downloads\Fifty.Shades.Freed.2018.1080p.BRRip.x265.AC3-Freebee.torrent
2020-05-03 18:10 - 2020-05-03 18:10 - 000028458 _____ C:\Users\Pepi\Downloads\Suicide.Squad.2016.EXTENDED.720p.BluRay.x264-SPARKS.torrent
2020-05-02 23:42 - 2020-05-06 18:27 - 000000492 _____ C:\Users\Pepi\Desktop\LFS.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-01 20:07 - 2009-07-14 07:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-01 20:07 - 2009-07-14 07:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-01 19:59 - 2009-07-14 08:13 - 000781654 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-01 19:59 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2020-06-01 19:55 - 2020-03-23 19:02 - 000003098 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2020-06-01 19:55 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-31 22:46 - 2018-12-30 22:09 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-05-31 18:24 - 2018-12-30 19:11 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-31 18:06 - 2009-07-14 07:45 - 004917440 _____ C:\Windows\system32\FNTCACHE.DAT
2020-05-31 16:08 - 2018-12-29 22:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-05-31 16:06 - 2018-12-30 18:55 - 000000000 ____D C:\Windows\Minidump
2020-05-31 16:02 - 2018-12-29 22:43 - 000063536 _____ C:\Users\Pepi\AppData\Local\GDIPFONTCACHEV1.DAT
2020-05-31 15:59 - 2009-07-14 08:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-05-31 15:58 - 2019-09-15 10:23 - 000000000 ____D C:\Users\Pepi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-05-31 15:58 - 2019-09-15 10:23 - 000000000 ____D C:\Users\Pepi\AppData\Local\Discord
2020-05-31 15:57 - 2018-12-30 21:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-05-31 00:21 - 2018-12-30 00:12 - 000000000 ____D C:\Users\Pepi\AppData\Roaming\Azureus
2020-05-30 19:26 - 2018-12-29 22:31 - 000000000 ____D C:\Users\Pepi\AppData\Roaming\Adobe
2020-05-27 22:48 - 2018-12-29 23:07 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-27 22:48 - 2018-12-29 23:07 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-27 22:48 - 2018-12-29 23:07 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-25 21:54 - 2019-10-02 18:54 - 000000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-05-25 21:54 - 2019-10-02 18:54 - 000000871 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-05-19 14:16 - 2018-12-29 22:51 - 000000000 ____D C:\Program Files (x86)\Intel
2020-05-19 14:13 - 2018-12-29 23:08 - 000000000 ____D C:\ProgramData\Intel
2020-05-19 14:12 - 2019-12-04 16:51 - 000000000 ____D C:\Users\Pepi\AppData\Roaming\Skype
2020-05-19 14:12 - 2019-12-04 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-05-03 19:59 - 2019-05-30 22:03 - 000000000 ____D C:\Users\Pepi\AppData\Local\CrashDumps

==================== Files in the root of some directories ========

2018-12-29 23:07 - 2018-12-29 23:08 - 007895040 _____ () C:\Program Files (x86)\GUT9868.tmp
2019-02-11 21:41 - 2019-02-11 21:41 - 000000006 _____ () C:\Users\Pepi\AppData\Roaming\.nfe_lock
2020-05-30 20:00 - 2020-05-30 20:32 - 000000132 _____ () C:\Users\Pepi\AppData\Roaming\Adobe PNG Format CS5 Prefs
2018-12-30 14:25 - 2018-12-30 14:25 - 000007602 _____ () C:\Users\Pepi\AppData\Local\Resmon.ResmonCfg
2018-12-29 23:10 - 2018-12-29 23:10 - 000000003 _____ () C:\Users\Pepi\AppData\Local\user_data.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-05-28 11:43
==================== End of FRST.txt ========================

Линк към този отговор
Сподели в други сайтове

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-05-2020 01
Ran by Pepi (01-06-2020 20:37:51)
Running from C:\Users\Pepi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-12-29 19:31:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-457837091-790192093-1598045625-500 - Administrator - Disabled)
Guest (S-1-5-21-457837091-790192093-1598045625-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-457837091-790192093-1598045625-1002 - Limited - Enabled)
Pepi (S-1-5-21-457837091-790192093-1598045625-1000 - Administrator - Enabled) => C:\Users\Pepi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.12.2 - Advanced Micro Devices, Inc.)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.10.0001 - Bloody)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.63.1070 - AB Team, d.o.o.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.7.0 - DivX, LLC)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.61 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Intel Processor Diagnostic Tool 64bit (HKLM-x32\...\{d23ef847-2a5d-49ad-a6b5-7ffc8f255179}) (Version: 4.1.4.36 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
paint.net (HKLM\...\{15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC}) (Version: 4.2.10 - dotPDN LLC)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.19.234 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 12.1.7 - Shark007)
Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 12.1.7 - Shark007)
Skype version 8.60 (HKLM-x32\...\Skype_is1) (Version: 8.60 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VIVA Trucking Tracker (HKLM-x32\...\{D0882995-EC40-4B9E-9BE5-C4CEB0E92A62}_is1) (Version: 4.5.3 - VIVA Trucking & LaxZ)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.5) (Version: 1.3.5 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-12-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2017-12-08] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\system32\x264vfw.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.x265] => C:\Windows\system32\x265vfw.dll [28414044 2019-02-26] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [2231296 2013-04-06] () [File not signed]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.x265] => C:\Windows\SysWOW64\x265vfw.dll [6418389 2019-02-26] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2019-11-20 18:32 - 2015-02-27 11:35 - 000489984 _____ ( (Newtonsoft) [File not signed])  [File is in use ] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\Newtonsoft.Json.dll
2019-11-20 18:32 - 2017-06-21 10:24 - 000087552 _____ ( (Wondershare) [File not signed])  [File is in use ] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCollect.dll
2019-11-20 18:32 - 2017-06-21 10:24 - 000198144 _____ ( (Wondershare) [File not signed])  [File is in use ] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCommon.dll
2020-05-19 18:32 - 2020-05-19 18:32 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2020-05-19 18:32 - 2020-05-19 18:32 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2020-05-19 18:32 - 2020-05-19 18:32 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-12-04 16:51 - 2020-05-12 18:39 - 001899520 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-12-04 16:51 - 2020-05-12 18:39 - 000115712 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-12-04 16:51 - 2020-05-12 18:39 - 006668800 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-06-27 22:19 - 2018-06-27 22:19 - 002552832 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2018-12-31 00:18 - 2018-12-30 10:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-05-19 18:32 - 2020-05-19 18:32 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000502272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 001412608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-12-06 20:46 - 2018-12-06 20:46 - 005812224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 006321152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 003559424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 003700224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000359936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 076160000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 005603840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000187904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 002822144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000053248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000059904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000328192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-06-27 22:19 - 2018-06-27 22:19 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:34 - 2009-06-11 00:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-457837091-790192093-1598045625-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pepi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Pepi\AppData\Local\Discord\app-0.0.306\Discord.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: IntelSBA => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{532D187A-0121-480C-8B5C-F8A7BC3C8F5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FD9F2D21-152A-41BE-BBDE-04E6ECF685BA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F971A71F-55F9-4BD9-AB77-9AD11C18DB8F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{BE20D920-BA11-4374-ABFF-E3412CF5C2A8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{17AE9052-B9DF-4F50-B2F6-05754F4C1B3B}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{1619B31D-0BDA-4935-93A3-B374DD7F6CEC}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{56C04739-9383-4351-A360-6EB2253AF908}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{2A628A89-74BF-41DE-8C87-86EF5E638575}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{08C129E0-6C1D-4763-A157-79D1A75C33A7}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3C6A1858-CC84-4458-BFED-79435B063D35}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{34D9A4D7-BD47-4BBA-A7F1-F72EF5786D23}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{02D3E554-3885-484D-9EBF-802264C3383B}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [TCP Query User{42A9F469-4F51-4466-8FFC-E3F18041FDD1}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{B351CC39-25DE-4822-9B68-FFCF29255060}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{75923A60-EF86-4B3F-B36F-906477497F87}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{75A98B47-E6C2-4E80-92A9-2353A5FE6662}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0FF6EAF5-78DB-44AE-A884-E9F987E16F14}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{5CDD8CF0-285B-4467-A663-A278E1AC0988}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A7C90579-11B8-456F-BDEC-EABA653FA898}] => (Allow) LPort=25555
FirewallRules: [{570A866E-0C42-4192-89FF-D047C5D089BD}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{6178F003-76DA-48C9-85F4-195A7F614F3D}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{66C13CDB-11E2-4F17-B583-CD0ABB1CA280}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1E1FCE03-09DC-4523-B4AE-DF3C58993428}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{E42C5893-9A45-4CED-A002-5F78E9B9D362}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{824FF9A6-E1B4-4E03-84A2-8D750B041009}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{723703BA-4392-4DE1-A506-212D9451A7CE}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D44ED0C3-94F1-48D9-B3FC-4987425B171D}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{64804B41-A8B5-41D3-AA18-41857DB0D2A1}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{CA1F204E-26C9-4EB5-8184-469833424239}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{81DA035F-31D6-4B20-9FFB-14403F991EC8}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{34B78D04-58E6-426B-9003-AEFADFB223A7}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{DE34AD7D-EFE0-4D47-A741-6598D76F4FCF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2A8AA8DF-0848-4D4C-ACD7-3BCA9447794D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{98546952-6237-4980-B9EE-00D19A8ACC4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-05-2020 11:50:32 Scheduled Checkpoint
31-05-2020 15:59:06 Removed The Sims 3
31-05-2020 16:07:55 Configured ASUS GPU Tweak
31-05-2020 18:24:04 Intel Processor Diagnostic Tool 64bit
31-05-2020 20:22:35 Restore Point Created by FRST

==================== Faulty Device Manager Devices ============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: DAEMON Tools Lite Virtual USB Bus
Description: DAEMON Tools Lite Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtliteusbbus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/01/2020 07:57:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/31/2020 08:25:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/31/2020 08:22:35 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2b513277-bee3-4644-8905-2d27c013f04c}

Error: (05/31/2020 06:07:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/31/2020 12:02:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/30/2020 05:19:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/29/2020 11:08:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/28/2020 10:31:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/01/2020 07:55:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Wondershare Driver Install Service service failed to start due to the following error: 
The system cannot find the file specified.

Error: (05/31/2020 10:46:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD User Experience Program Launcher service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/31/2020 08:38:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading

Error: (05/31/2020 08:38:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Pepi\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (05/31/2020 08:38:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading

Error: (05/31/2020 08:38:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Pepi\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (05/31/2020 08:38:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading

Error: (05/31/2020 08:38:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Pepi\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Windows Defender:
===================================
Date: 2018-12-30 20:33:36.721
Description: 
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.15500.2
Previous Engine Version:1.1.6402.0
Update Source:User
Error Code:0x8050800c
Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 

==================== Memory info =========================== 

BIOS: American Megatrends Inc. P1.00 07/30/2012
Motherboard: ASRock B75M-DGS
Processor: Intel(R) Core(TM) i3-3210 CPU @ 3.20GHz
Percentage of memory in use: 48%
Total physical RAM: 8140.81 MB
Available physical RAM: 4163.25 MB
Total Virtual: 16279.77 MB
Available Virtual: 10197.9 MB

==================== Drives ================================

Drive 😄 () (Fixed) (Total:94.29 GB) (Free:34.97 GB) NTFS
Drive d: () (Fixed) (Total:370.94 GB) (Free:39.32 GB) NTFS

\\?\Volume{444b4547-0b9f-11e9-a8e2-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{444b4549-0b9f-11e9-a8e2-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 428D349C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=94.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=370.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Линк към този отговор
Сподели в други сайтове

Фикс с Farbar Recovery Scan Tool
 
icon13.gif Изтеглете прикачения файл  
 fixlist.txt   и  го запазете там, където сте свалили FRST.exe
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.
 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt
Линк към този отговор
Сподели в други сайтове

..и проверката на системните файлове не показа проблем....! Може ли по подробно в какво се  изразява  бавната система ..? При вход във системата , при браузуване.....? Възможно е проблема да е хардуерен ....!!!! Ако стартирате системата в безопасен режим ...как са нещата ...?

Линк към този отговор
Сподели в други сайтове

Ами, все едно нещо постоянно ми товари RAM паммета, хард диска го чува постоянно все едно върши нещо, бавно браузваане, особенно във фейсбук, зарежда по много време, мисли и такива подобни лагващи неща..

Линк към този отговор
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от мирослав24
      MBAM откри и карантинира две нежелани програми и един ключ в регистъра след планово сканиране .Не виждам някакви проблеми с компютъра,освен че е по-бавен от няколко дни.Трябва ли да правя допълнителни сканирания с FRST или това че ги е карантинирала е достатъчно ?Прилагам лога от MBAM
       
      Malwarebytes
      www.malwarebytes.com
      -Log Details-
      Scan Date: 8/19/20
      Scan Time: 11:56 AM
      Log File: e061e561-e1f9-11ea-9e71-001966873225.json
      -Software Information-
      Version: 4.1.0.56
      Components Version: 1.0.1003
      Update Package Version: 1.0.28709
      License: Free
      -System Information-
      OS: Windows 7 Service Pack 1
      CPU: x64
      File System: NTFS
      User: System
      -Scan Summary-
      Scan Type: Threat Scan
      Scan Initiated By: Scheduler
      Result: Completed
      Objects Scanned: 285140
      Threats Detected: 3
      Threats Quarantined: 3
      Time Elapsed: 1 hr, 13 min, 25 sec
      -Scan Options-
      Memory: Enabled
      Startup: Enabled
      Filesystem: Enabled
      Archives: Enabled
      Rootkits: Enabled
      Heuristics: Enabled
      PUP: Detect
      PUM: Detect
      -Scan Details-
      Process: 0
      (No malicious items detected)
      Module: 0
      (No malicious items detected)
      Registry Key: 1
      PUP.Optional.InstallCore, HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\SOFTWARE\CSASTATS\ic, Quarantined, 506, 586068, 1.0.28709, , ame, , , 
      Registry Value: 0
      (No malicious items detected)
      Registry Data: 0
      (No malicious items detected)
      Data Stream: 0
      (No malicious items detected)
      Folder: 0
      (No malicious items detected)
      File: 2
      PUP.Optional.BundleInstaller, C:\$RECYCLE.BIN\S-1-5-21-3677490310-1812953499-2719145278-1003\$RG4RP68.EXE, Quarantined, 515, 790622, 1.0.28709, , ame, , 6382E83EE8373F7EB320C4AB6916C9DC, 368181A26642FD05727AB1CC77D0C242E9F510186028BEFA90F6ABD9A7258632
      Adware.InstallCore, C:\$RECYCLE.BIN\S-1-5-21-3677490310-1812953499-2719145278-1003\$RNNSFPX.EXE, Quarantined, 507, 834715, 1.0.28709, 78E27A9C1798BDE7A312E379, dds, 00858674, 528826720AFA7DF828FFDFBBAB428E67, 08D4DB2268E913E7DDBCF6C447EE3FF3A71AF764E321E1E80B951764EE4588AE
      Physical Sector: 0
      (No malicious items detected)
      WMI: 0
      (No malicious items detected)

      (end)
    • от heat_bg
      Хванах някакъв вирус и всички снимки и клипове станаха с разширение mado.
      И в момента не могат да се отворят.
      Сканирах PC  с Kaspersky ,Malwarebytes,Anti-spyware и няма оправия.
      Pc-то се оправи но не и снимките и видето.
    • от Jordan890
      Здравейте. Моля за помощ. Когато си включа компютъра, браузърът ми под подразбиране Opera се включва автоматично и ми отваря таб, който автоматично ме води към сайтове за хазартни игри. Аваст не откри нищо, деинсталирах го и инсталирах Bitdefender, който също не откри нищо. Как мога да се справя с проблема ? 
      П.п. това се случи след като изтеглих и инсталирах приложение, което бе препоръчано тук, а именно https://www.kaldata.com/софтуер/adsfix-261716.html AdsFix 7.123.20.1
      Тази тема е продължение на 
       
      Прикачвам файлове от FRST с молба за съдействие. Благодаря! 
      1.txt 2.txt 3.txt
    • от k19_russia
      Здравейте!
      Днес реших да пробвам така наречената програма ProtonVPN. Всичко беше добре докато не реших да се дисконектна и изключих VPN-a. След това се оказа, че нямам интернет достъп. В браузърите Chrome и MS edge не успявам да зареждам сайтове. На команда ping google.bg няма отговор. Единственото което работи е cloud клиента, с който се свързвам отдалечено до работното ми място. Следователно си мисля, че имам някакъв достъп до глобалната система и нещо ми пречи да го осъществямам с другите ми приложения на PC. 
      Опитах се да проверя на адаптера на WIFI да взима автоматично настройките от рутера. Всичко е на автоматично. Гледам, че програмата protonVPN е създала виртуален мрежови адаптер, който се изключва при дисконект на програмта от сърварите и след това оставам само на wifi адаптера. 
      Когато отново се свържа чрез protonvpn към някой от сърварите internet достъпът ми се възстановява и отново мога да достъпя интернет сайтовето които ползвам.

      Предисторита на горното, е че на другията дял на същият комп имах WINDOWS който ползвах само него и опитах да ползвам версия на VPN програма която беше кракната. Успях да инсталирам програмата, но антивирусната полудя и съответно изтри някои неща в резултат на което нямах интернет достъп, но имах ping към сървъра на google.com. Резултата не се промени и след деинсталиране на дадената програма. 

      Някой има ли идея какво мога да проверя и да реша проблема си и да имам досъп до интернет и при изкл. protonVPN 
    • от Ralitsa-Bella Perfanova
      Здравейте, 
      При свалянето и инсталирането на една програма на компютъра ми бе качен вирус, който екриптира голямо количество важни файлове с .kkll екстеншън. За да получа файловете обратно ми искат 490$ в първите 72 часа, а след това става двойно.
       
      Някой срещал ли се е с подобен проблем и може ли да ми помогнете и дадете съвет? 

  • Дарение

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване