приключен Проверка за заразени файлове

[Богатир]

Здравейте!

Вчера след няколко неуспешни опита, да създам ISO със забрана на праверките за ТРМ по тези инструкции, теглене и няколко опита на файлове, Работния плот стана черен, и много програми и файлове изчезнаха..

Сканирах с МВАМ няма нищо освен два стари активатора, Касперски също мълчи . Днес мисля да го преинсталирам, но да проверим дали не е било вирус.

Благодаря!

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Богатир (06-01-2022 07:52:41)
Running from C:\Users\Богатир\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X64) (2018-02-26 15:02:25)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-384263124-1185983222-1883952984-500 - Administrator - Disabled)
Guest (S-1-5-21-384263124-1185983222-1883952984-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-384263124-1185983222-1883952984-1002 - Limited - Enabled)
Богатир (S-1-5-21-384263124-1185983222-1883952984-1000 - Administrator - Enabled) => C:\Users\Богатир

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Security Cloud (Enabled - Up to date) {F41710F6-65D1-4F66-2B68-CCCF63D4A09E}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
BurnAware Free 14.8 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.1.37576 - Foxit Software Inc.)
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version:  - )
Intel(R) Chipset Device Software (HKLM-x32\...\{d4874f67-8c81-475b-91e0-8de9b2892499}) (Version: 10.1.1.12 - Intel(R) Corporation) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3190 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Лаборатория Касперского) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Лаборатория Касперского)
LibreOffice 4.1.0.4 (HKLM-x32\...\{F8478020-D98E-49FB-BA14-07A534AED99C}) (Version: 4.1.0.4 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
Mozilla Firefox (x64 bg) (HKLM\...\Mozilla Firefox 95.0.2 (x64 bg)) (Version: 95.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 95.0.2 - Mozilla)
MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation)
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 5.11 - NCH Software)
Skype, версия 8.78 (HKLM-x32\...\Skype_is1) (Version: 8.78 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Viber (HKLM-x32\...\{F92E9AA2-DA12-4A04-AB74-AF6EA9E8C5D7}) (Version: 16.7.0.4 - Viber Media S.a.r.l) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Архиватор WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-384263124-1185983222-1883952984-1000_Classes\CLSID\{D91B67C3-925F-DE5B-FD45-B450E6E4F8B0}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [File not signed]
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [sx_ISO] -> {10E19A29-0E8D-49B7-9587-1760938EE690} => C:\Program Files (x86)\BurnAware Free\bashell64.dll [2018-05-17] (Burnaware -> Burnaware)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-03-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-02-26 17:12 - 2012-08-29 11:36 - 000958976 _____ () [File not signed] [File is in use] C:\Program Files\Conexant\SAII\SmartAudio.Desktop.dll
2018-02-26 17:06 - 2006-12-11 02:14 - 000043008 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2018-02-26 17:13 - 2018-02-26 17:13 - 000290304 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.CxHDAudioAP#\0d0b1b6eeaffe3b0591cc51edc3c55bc\Interop.CxHDAudioAPILib.ni.dll
2018-02-26 17:12 - 2012-08-29 16:40 - 007245824 _____ (Conexant Systems, Inc) [File not signed] [File is in use] C:\Program Files\Conexant\SAII\en-US\SmartAudio.resources.dll
2018-02-26 17:12 - 2012-08-10 17:19 - 001084416 _____ (Conexant Systems, Inc.) [File not signed] [File is in use] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2018-02-26 17:12 - 2008-12-24 15:59 - 000010752 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CXHDMI.DLL
2021-04-30 14:17 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-02-26 17:12 - 2012-08-29 11:36 - 000147456 _____ (Microsoft) [File not signed] [File is in use] C:\Program Files\Conexant\SAII\Microsoft.Windows.Shell.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-384263124-1185983222-1883952984-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/
Toolbar: HKU\S-1-5-21-384263124-1185983222-1883952984-1000 -> No Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} -  No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-03-18 16:40 - 000000836 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-384263124-1185983222-1883952984-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Богатир\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 109.104.192.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Bonus.SSR.FR12 => "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: CCleaner Monitoring =>
MSCONFIG\startupreg: Green Christmas Tree => C:\Users\Богатир\Desktop\iznenada.exe
MSCONFIG\startupreg: iTunesHelper =>
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{697A5AEF-FF30-43BE-BEE5-0FC40050D3D1}C:\users\богатир\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\богатир\appdata\roaming\bittorrent\bittorrent.exe => No File
FirewallRules: [UDP Query User{00FA2A2E-B987-4937-8800-03111BB8B77B}C:\users\богатир\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\богатир\appdata\roaming\bittorrent\bittorrent.exe => No File
FirewallRules: [{CA7AB78F-99C3-4E86-9C66-CB28A6084850}] => (Allow) C:\Users\Богатир\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{CC519E96-1419-415D-83B7-251E65DCC1EB}] => (Allow) C:\Users\Богатир\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [TCP Query User{933236E6-4803-47E8-A65B-6FFC7C3CA342}C:\users\богатир\appdata\local\viber\qtwebengineprocess.exe] => (Allow) C:\users\богатир\appdata\local\viber\qtwebengineprocess.exe => No File
FirewallRules: [UDP Query User{AAAFCE7B-5CF9-4D16-98A9-A213D5A8AFAE}C:\users\богатир\appdata\local\viber\qtwebengineprocess.exe] => (Allow) C:\users\богатир\appdata\local\viber\qtwebengineprocess.exe => No File
FirewallRules: [TCP Query User{361769F2-5277-43CB-8EED-05E15ADB331A}C:\users\богатир\appdata\local\viber\viber.exe] => (Allow) C:\users\богатир\appdata\local\viber\viber.exe => No File
FirewallRules: [UDP Query User{BA6E6701-17D4-48E3-9892-153D50B2FB1D}C:\users\богатир\appdata\local\viber\viber.exe] => (Allow) C:\users\богатир\appdata\local\viber\viber.exe => No File
FirewallRules: [{C997DE8B-A398-4F63-B9D3-35539D6550EC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E895C14D-B6B7-4239-8142-CA8209ED4054}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DCB34F4C-489A-4E0A-8120-B23A880181C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{30869F32-7353-4273-B742-1506B3215E09}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/05/2022 08:40:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/05/2022 08:40:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/03/2022 03:22:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/03/2022 03:22:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/02/2022 10:05:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/02/2022 10:05:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/29/2021 06:44:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (12/29/2021 06:44:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code.

System errors:
=============
Error: (01/06/2022 07:55:15 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.

Error: (01/05/2022 08:22:55 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (01/05/2022 08:22:55 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (01/01/2022 02:08:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Foxit Reader Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (12/28/2021 10:28:13 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume 😄 were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/27/2021 04:57:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Foxit Reader Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (12/19/2021 04:41:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Foxit Reader Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (12/03/2021 09:21:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Foxit Reader Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

==================== Memory info ===========================

BIOS: FUJITSU // American Megatrends Inc. V4.6.5.3 R1.23.0 for D3161-A1x 12/01/2014
Motherboard: FUJITSU D3161-A1
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8072.97 MB
Available physical RAM: 3630.52 MB
Total Virtual: 16144.08 MB
Available Virtual: 11232.43 MB

==================== Drives ================================

Drive 😄 () (Fixed) (Total:97.56 GB) (Free:64.65 GB) NTFS
Drive d: () (Fixed) (Total:135.23 GB) (Free:84 GB) NTFS

\\?\Volume{6d2926c4-1b05-11e8-b56f-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: D6F46FC5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=135.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Богатир (administrator) on БОГАТИР-PC (FUJITSU ESPRIMO E710) (06-01-2022 07:51:15)
Running from C:\Users\Богатир\Desktop
Loaded Profiles: Богатир
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X64) Language: Български (България)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Conexant Systems, Inc) [File not signed] C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\caudiofilteragent64.exe
(Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\SASrv.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\consent.exe
(Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe" (No File)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-28] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [File not signed]
HKLM\...\Windows x64\Print Processors\HP1006S: C:\Windows\System32\spool\prtprocs\x64\HP1006S.DLL [373760 2010-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\HP LaserJet P1006 Language Monitor: C:\Windows\system32\HP1006LM.DLL [403968 2010-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2A952DEE-22F0-4462-9F25-6D0464DBA9E6} - \AutoKMS -> No File <==== ATTENTION
Task: {4F1DEA93-8DD5-4902-A2B9-608813A64B37} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792 2012-04-16] (Intel® Services Manager -> Intel Corporation)
Task: {5CA6BEC5-2E13-4DBD-826F-F7800F314C1C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {6711242D-915A-463C-A678-F188C6ED5094} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792 2012-04-16] (Intel® Services Manager -> Intel Corporation)
Task: {A43737AF-ACEA-4859-899E-0288E9C897B2} - System32\Tasks\CCleanerSkipUAC - Богатир => C:\Users\Богатир\Downloads\ccsetup583\CCleaner.exe $(Arg0) (No File)
Task: {ADA9B21F-F71D-46A8-BDCD-AF2255A5183A} - System32\Tasks\CCleanerSkipUAC => C:\Users\Богатир\Downloads\ccsetup576\CCleaner.exe $(Arg0) (No File)
Task: {E56571EA-E37D-4759-98E6-C1841DC9761E} - System32\Tasks\CCleaner Update => C:\Users\Богатир\Downloads\ccsetup583\CCUpdate.exe (No File)
Task: {E8ED00D8-34D2-4D06-8CA7-612956ABA1B2} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-03-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 109.104.192.1 8.8.8.8
Tcpip\..\Interfaces\{40054DA4-3D03-4784-B991-BF76434509D3}: [DhcpNameServer] 109.104.192.1 8.8.8.8

FireFox:
========
FF DefaultProfile: iqevww3p.default
FF ProfilePath: C:\Users\Богатир\AppData\Roaming\Mozilla\Firefox\Profiles\iqevww3p.default [2022-01-05]
FF ProfilePath: C:\Users\Богатир\AppData\Roaming\Mozilla\Firefox\Profiles\h2shiu6f.default-release [2022-01-06]
FF Homepage: Mozilla\Firefox\Profiles\h2shiu6f.default-release -> www.google.bg
FF Extension: (uBlock Origin) - C:\Users\Богатир\AppData\Roaming\Mozilla\Firefox\Profiles\h2shiu6f.default-release\Extensions\[email protected] [2022-01-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-01-05] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-01-05] <==== ATTENTION

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

Opera:
=======
OPR Profile: C:\Users\Богатир\AppData\Roaming\Opera Software\Opera Stable [2022-01-05]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Богатир\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-01-05]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Богатир\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-01-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [184768 2021-06-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-22] (Malwarebytes Inc -> Malwarebytes)
R2 SAService; C:\Windows\SysWOW64\SAsrv.exe [440320 2011-09-01] (Conexant Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 FscEfDmi; C:\Windows\System32\DRIVERS\FscEfDmi.sys [25856 2014-04-16] (Fujitsu Technology Solutions GmbH -> Fujitsu Technology Solutions)
S3 FscGabi; C:\Windows\System32\DRIVERS\FscGabi.sys [29952 2014-04-16] (Fujitsu Technology Solutions GmbH -> Fujitsu Technology Solutions)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-03-25] (Sony Mobile Communications AB -> Sony Mobile Communications)
R1 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klflt; C:\Windows\System32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657696 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1400600 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [256280 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [284432 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [106224 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [217352 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-02-22] (Malwarebytes Inc -> Malwarebytes)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-06 07:51 - 2022-01-06 07:52 - 000016720 _____ C:\Users\Богатир\Desktop\FRST.txt
2022-01-06 07:51 - 2022-01-06 07:51 - 000000000 ____D C:\FRST
2022-01-06 07:49 - 2022-01-06 07:49 - 002311168 _____ (Farbar) C:\Users\Богатир\Desktop\FRST64.exe
2022-01-05 20:55 - 2022-01-06 07:49 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-05 20:55 - 2022-01-05 20:55 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-05 20:55 - 2022-01-05 20:55 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2022-01-05 20:55 - 2022-01-05 20:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-01-05 20:55 - 2022-01-05 20:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-05 20:45 - 2022-01-05 21:00 - 000000000 ____D C:\Users\Богатир\Desktop\от Работен плот
2022-01-05 18:22 - 2022-01-05 18:22 - 000097264 _____ C:\Users\Богатир\AppData\Local\GDIPFONTCACHEV1.DAT
2021-12-29 16:48 - 2022-01-05 18:22 - 000000000 ____D C:\Users\Богатир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2021-12-29 16:48 - 2021-12-29 16:48 - 000000000 ____D C:\Users\Богатир\AppData\Local\Package Cache
2021-12-14 16:06 - 2021-12-14 16:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-12-14 16:06 - 2021-12-14 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2021-12-14 16:06 - 2021-12-14 16:06 - 000000000 ____D C:\Program Files (x86)\JetfireHD
2021-12-12 11:38 - 2021-12-12 11:38 - 000000000 ____D C:\ProgramData\SP_FT_V6_Logs

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-06 07:47 - 2018-02-26 17:20 - 000000000 ____D C:\Users\Богатир\AppData\LocalLow\Mozilla
2022-01-06 07:47 - 2018-02-26 17:14 - 000000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2022-01-06 07:47 - 2018-02-26 17:02 - 000000000 ____D C:\Users\Богатир
2022-01-06 07:47 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-05 20:55 - 2020-01-09 09:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-05 20:55 - 2018-02-26 17:20 - 000000000 ____D C:\Users\Богатир\AppData\Roaming\Mozilla
2022-01-05 20:55 - 2018-02-26 17:20 - 000000000 ____D C:\Users\Богатир\AppData\Local\Mozilla
2022-01-05 20:53 - 2018-04-19 06:46 - 000000000 ____D C:\Users\Богатир\AppData\Roaming\Geek Uninstaller
2022-01-05 20:48 - 2019-02-27 09:53 - 000038400 ___SH C:\Users\Богатир\Thumbs.db
2022-01-05 20:48 - 2009-07-14 06:45 - 000032928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-01-05 20:48 - 2009-07-14 06:45 - 000032928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-01-05 20:40 - 2009-07-14 07:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-05 20:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2022-01-05 19:38 - 2018-02-26 17:32 - 000000000 ____D C:\Users\Богатир\AppData\Roaming\vlc
2022-01-05 19:19 - 2018-02-26 17:14 - 000000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2022-01-05 18:28 - 2021-08-04 19:47 - 000000000 ____D C:\Users\Богатир\Downloads\ccsetup583
2022-01-05 18:28 - 2021-01-21 20:48 - 000000000 ____D C:\Users\Богатир\Downloads\centbrowser_4.3.9.248_portable
2022-01-05 18:22 - 2018-02-26 17:06 - 000000000 ____D C:\Users\Богатир\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-01-05 18:20 - 2021-07-05 11:36 - 000000000 ____D C:\Users\Богатир\AppData\Local\WhyNotWin11
2022-01-05 18:20 - 2018-02-26 17:02 - 000000000 ____D C:\Users\Богатир\AppData\Local\VirtualStore
2022-01-05 18:19 - 2021-10-27 12:36 - 000000000 ____D C:\Users\Богатир\AppData\Local\Rufus
2022-01-05 18:19 - 2019-06-17 08:06 - 000000000 ____D C:\Users\Богатир\AppData\Local\Foxit Reader
2022-01-05 18:19 - 2018-04-17 19:32 - 000000000 ____D C:\Users\Богатир\AppData\Local\SquirrelTemp
2022-01-05 18:19 - 2018-02-27 10:05 - 000000000 ____D C:\Users\Богатир\AppData\Local\MSfree Inc
2022-01-03 19:10 - 2018-05-27 14:30 - 000000432 __RSH C:\ProgramData\ntuser.pol
2021-12-20 16:12 - 2021-03-13 20:18 - 000000000 ____D C:\Users\Богатир\AppData\Local\CrashDumps
2021-12-20 16:11 - 2020-12-30 09:27 - 000003894 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-12-14 16:33 - 2018-12-18 13:53 - 000000000 ____D C:\ProgramData\SP_FT_Logs
2021-12-08 18:53 - 2019-08-22 15:49 - 000000000 ____D C:\Users\Богатир\AppData\Roaming\NCH Software

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2021-12-28 10:23
==================== End of FRST.txt ========================

 

Днес ще инсталирам 10, ако остане време.

Само искам да знам, дали това е причинено от вирус.

Систем рестор е спряна от мен, отдавна..

 

 

Редактирано 6 януари от Богатир (преглед на промените)

[B-boy/StyLe/]

Привет,

Лог файловете са чисти и проблема не се дължи на зловреден софтуер. Провери "здравето" на диска.

Според мен не се занимавай с качването на Windows 11 на система непокриваща изискванията (дори да има методи за това). В дългосрочен план лично аз мисля, че може да се появят проблеми от различно естество.

Поздрави!

[Богатир]

преди 1 час, B-boy/StyLe/ написа:

Привет,

Лог файловете са чисти и проблема не се дължи на зловреден софтуер. Провери "здравето" на диска.

Според мен не се занимавай с качването на Windows 11 на система непокриваща изискванията (дори да има методи за това). В дългосрочен план лично аз мисля, че може да се появят проблеми от различно естество.

Поздрави!

Благодаря за включването Жоре!

Ще му сложа 10.

 

но преди това ще го отворя и ще сложа SSD-то

Редактирано 6 януари от Богатир (преглед на промените)

[Богатир]

Снощи пуснах sfc /scannow , не откри проблеми, преди малко chkdsk /x/ f/ r  няма лоши сектори

Checking file system on 😄
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
  154112 file records processed.                                          File verification completed.
  513 large file records processed.                                      0 bad file records processed.                                        2 EA records processed.                                              28 reparse records processed.                                       CHKDSK is verifying indexes (stage 2 of 5)...
  197550 index entries processed.                                         Index verification completed.
  0 unindexed files scanned.                                           0 unindexed files recovered.                                       CHKDSK is verifying security descriptors (stage 3 of 5)...
  154112 file SDs/SIDs processed.                                         Cleaning up 501 unused index entries from index $SII of file 0x9.
Cleaning up 501 unused index entries from index $SDH of file 0x9.
Cleaning up 501 unused security descriptors.
Security descriptor verification completed.
  21720 data files processed.                                            CHKDSK is verifying Usn Journal...
  34524288 USN bytes processed.                                             Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  154096 files processed.                                                 File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  16976381 free clusters processed.                                         Free space verification is complete.
Windows has checked the file system and found no problems.

 102297599 KB total disk space.
  34066836 KB in 80859 files.
     66360 KB in 21721 indexes.
         0 KB in bad sectors.
    258879 KB in use by the system.
     65536 KB occupied by the log file.
  67905524 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  16976381 allocation units available on disk.

Internal Info:
00 5a 02 00 bf 90 01 00 b7 0c 03 00 00 00 00 00  .Z..............
5f 01 00 00 1c 00 00 00 00 00 00 00 00 00 00 00  _...............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.

 

[B-boy/StyLe/]

Привет колега,

 

Имаш  ли нужда още от помощ или идеята беше само да се провери системата и вече си преинсталирал с 10?

Поздрави!

[Богатир]

преди 7 часа, B-boy/StyLe/ написа:

Привет колега,

 

Имаш  ли нужда още от помощ или идеята беше само да се провери системата и вече си преинсталирал с 10?

Поздрави!

Привет!

Нямам нужда от помощ Жорка. Просто исках да проверим, дали тоя гаф се дължеше на вирус, или ..се омаза самия Уиндоус..

Но щом логовете показаха, че е чисто, явно нещо наистина стана токава с хард диска?!

Благодаря! Поздрави и

[Богатир]

Най-накрая остана време да сложа SSD-то и да инсталирам 10..

Сега докато свикна ..😁 аз затова избягвах да ползвам лаптопа, защото е с десятка ..

[B-boy/StyLe/]

Ще свикнеш друже. Реално може да си го конфигурираш така или иначе да си я направиш да изглежда по твой вкус до голяма степен. Аз лично в момента като интерфейс не намирам разлика с 8.1 защото и тук съм с OpenShell и съм спрял Cortana и т.н. Пък и вече няма връщане назад, защото минималните изисквания за доста от новите версии и на програмите и на игрите изискват 10.

Честито за диска. Наслаждавай се на Performance boost-a. При SSD-то се усеща осезаемо.