Результат сканирования Farbar Recovery Scan Tool (FRST) (x64) Версия: 06-11-2021 Запущено с помощью Mark (Администратор) на WIN-D1UU9HH6MUI (Acer Aspire A515-51G) (06-11-2021 13:16:10) Запущено из C:\Users\Mark\Desktop Загруженные профили: Mark Платформа: Майкрософт Windows 10 Корпоративная LTSC Версия 1809 17763.2237 (X64) Язык: Русский (Россия) Браузер по умолчанию: Chrome Режим загрузки: Normal ==================== Процессы (В белом списке) ================= (Если запись включена в fixlist, процесс будет закрыт. Файл не будет перемещён.) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe (Institute of Information Technologies PrJSC -> АТ 'ІІТ') C:\Program Files (x86)\Institute of Informational Technologies\Certificate Authority-1.3\End User\Web\EUSAProcess.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe ==================== Реестр Windows (В белом списке) =================== (Если запись включена в fixlist, элемент реестра будет сброшен на значение по умолчанию или удалён. Файл не будет перемещён.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-09] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH) HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [665384 2019-12-05] (Autodesk, Inc. -> Autodesk, Inc.) HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\Mark\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY (Нет файла) HKU\S-1-5-21-1033015312-4152882920-3174503589-1000\...\Run: [Viber] => C:\Users\Mark\AppData\Local\Viber\Viber.exe [54922512 2021-10-27] (Viber Media S.à r.l. -> Viber Media S.à r.l.) HKU\S-1-5-21-1033015312-4152882920-3174503589-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1033015312-4152882920-3174503589-1000\...\Run: [Bitrix24] => C:\Program Files (x86)\Bitrix24\Bitrix24.exe [18171480 2021-06-09] (Bitrix, Inc. -> Bitrix) HKU\S-1-5-21-1033015312-4152882920-3174503589-1000\...\Run: [EUSAProcess] => C:\Program Files (x86)\Institute of Informational Technologies\Certificate Authority-1.3\End User\Web\EUSAProcess.exe [2610416 2019-03-23] (Institute of Information Technologies PrJSC -> АТ 'ІІТ') HKU\S-1-5-21-1033015312-4152882920-3174503589-1000\...\Policies\Explorer: [] HKU\S-1-5-21-1033015312-4152882920-3174503589-1001\...\Run: [Viber] => C:\Users\Mark\AppData\Local\Viber\Viber.exe [54922512 2021-10-27] (Viber Media S.à r.l. -> Viber Media S.à r.l.) HKLM\...\Windows x64\Print Processors\CnXP0PP: C:\Windows\System32\spool\prtprocs\x64\CnXP0PP.DLL [634368 2020-07-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\CPCA Language Monitor4: C:\Windows\system32\CNAS0MPK.DLL [1784320 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-03] (Google LLC -> Google LLC) GroupPolicy: Ограничение ? <==== ВНИМАНИЕ Policies: C:\ProgramData\NTUSER.pol: Ограничение <==== ВНИМАНИЕ HKU\S-1-5-21-1033015312-4152882920-3174503589-1000\SOFTWARE\Policies\Google: Ограничение <==== ВНИМАНИЕ ==================== Запланированные задачи (В белом списке) ============ (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) Task: {12EC1D7A-A73A-4054-915D-E8E6D94C230A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-10] (Google LLC -> Google LLC) Task: {16468663-40AB-49F1-9AFB-33BA6901A530} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2021-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {16CF6F8C-BC04-4508-8593-070232F79998} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-11] (Microsoft Corporation -> Microsoft Corporation) Task: {1765C910-5E7A-4DAB-A1A5-08C23FE9ECE8} - System32\Tasks\AAct => C:\Windows\AAct_Tools\AAct.exe [1746376 2020-08-04] (WZTeam -> ) [Файл не подписан] Task: {19795054-06A8-458B-9D1E-1333194173FA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-11] (Microsoft Corporation -> Microsoft Corporation) Task: {1A70A1EE-6303-4B0C-9A84-BE9FC3350D61} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2021-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2B9C91E6-BDCF-411B-800D-A0902E94DFE9} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {2BECCE66-D6E1-4E2F-943D-35D883564166} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {42F20FD1-5D8E-40BD-8E58-17B4D4072BA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-10] (Google LLC -> Google LLC) Task: {5A2B0447-890E-46E9-BB7D-6DE0A232069B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-11] (Microsoft Corporation -> Microsoft Corporation) Task: {71616C7F-EDC4-4C9A-91D0-264C7F31A8B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-11] (Microsoft Corporation -> Microsoft Corporation) Task: {730467A0-3C66-4479-A0C3-C80B6E7AD838} - System32\Tasks\CCleanerSkipUAC - Mark => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {7CA890BF-DC7A-41D7-874A-177EBF89580B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform) Task: {930ADAAD-25C9-45E4-A05A-C4F0AFFCEBD9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {9A12EBAC-1B9C-4085-AA71-0C40EE63EF62} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2021-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9B90C895-A06C-47B8-87D8-776AFC64B0E9} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2021-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B45D3DD2-2EC2-4D9D-B5DE-28B74F5273EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-20] (Microsoft Corporation -> Microsoft Corporation) Task: {B5B8A8AA-6587-49B9-9869-1D1ECE82FD76} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2021-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C9278AE1-EDF3-4885-8CB6-D4D55C1DC507} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2021-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D45912C6-D0FA-49E0-96D4-34CE84CD0D25} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {D67A5AFE-1E6E-4B04-8A2A-7BAA071F6795} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2021-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DA817334-E1D7-4D61-98FD-09B2B00EAD0F} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [61728 2020-10-16] (Stanislav Zinukhov -> www.startisback.com) Task: {DE68B7D5-FCED-45D5-8DD6-B3813F524119} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E76703D0-C6CF-4D88-B07F-198725E954F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-20] (Microsoft Corporation -> Microsoft Corporation) Task: {F188C126-1859-46FA-9E8A-F89F186C1C27} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2021-04-10] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FD136576-054D-4C45-96C6-76AE6F92C47E} - System32\Tasks\update-S-1-5-21-1033015312-4152882920-3174503589-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) (Если запись включена в fixlist, файл задачи (.job) будет перемещён. Файл, выполняемый задачей, не будет перемещён.) Task: C:\Windows\Tasks\update-S-1-5-21-1033015312-4152882920-3174503589-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (В белом списке) ==================== (Если элемент включён в fixlist, если он является элементом реестра, он будет удалён или сброшен на значение по умолчанию.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1559cecb-365d-45b0-86af-e95c751031ff}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{1559cecb-365d-45b0-86af-e95c751031ff}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6899502a-58d6-42e7-b861-f6c82967d4a8}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2020-11-23] [Устаревший] FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2020-11-23] FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi FF HKU\S-1-5-21-1033015312-4152882920-3174503589-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Mark\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Script) - C:\Users\Mark\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-01-24] FF Plugin: @npEUSign/iit-eusign-plugin -> C:\Program Files (x86)\Institute of Informational Technologies\Certificate Authority-1.3\End User\Web\npEUSignCP.dll [2019-03-23] (Institute of Information Technologies PrJSC -> АТ "ІІТ") FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-1033015312-4152882920-3174503589-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\Mark\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default [2021-11-06] CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://start.ticno.com","hxxp://www.mail.ru/cnt/9516","hxxp://www.google.ru/","hxxp://www.yandex.ru/?win=63&clid=1214621","hxxp://mail.ru/cnt/10445?gp=newcustom15","hxxps://www.google.com/" CHR NewTab: Default -> Active:"chrome-extension://dakdpgneoijgmjihpkpppmofpglelack/newtab.html" CHR Session Restore: Default -> включён CHR Extension: (Презентации) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-10] CHR Extension: (h264ify) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2021-04-10] CHR Extension: (Dr.Web Link Checker) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleggpabliehgbeagmfhnodcijcmbonb [2021-07-15] CHR Extension: (Документы) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-10] CHR Extension: (Диск Google) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-10] CHR Extension: (YouTube) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-10] CHR Extension: (Set Character Encoding) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpojelgakakmcfmjfilgdlmhefphglae [2021-04-10] CHR Extension: (X New Tab Page) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh [2021-04-10] CHR Extension: (Adblock Plus - бесплатный блокировщик рекламы) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-02] CHR Extension: (Tabsbook закладки и экспресс панель) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\dakdpgneoijgmjihpkpppmofpglelack [2021-04-10] CHR Extension: (Don't Close Window With Last Tab) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnpfhfhmkiebpnlllpehlmklgdggbhn [2021-04-10] CHR Extension: (Go Back With Backspace) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekailopagacbcdloonjhbiecobagjci [2021-04-10] CHR Extension: (Alitools помощник в покупках) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenflijjbchafephdplkdmeenekabdfb [2021-11-05] CHR Extension: (Firebug Lite for Google Chrome) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehemiojjcpldeipjhjkepfdaohajpbdo [2021-04-10] CHR Extension: (Serpstat Website SEO Checker) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgbopaomlpldhbinhgebmkcnkfconmn [2021-04-10] CHR Extension: (Facebook Pixel Helper) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2021-04-10] CHR Extension: (Таблицы) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-10] CHR Extension: (Page Analytics (by Google)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2021-04-10] CHR Extension: (Google Документы офлайн) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-19] CHR Extension: (AdBlock — лучший блокировщик рекламы) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-10-29] CHR Extension: (OkayFreedom) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfnbbbkabnehoejfhcbbhdicagcoobji [2021-04-10] CHR Extension: (Crypto-Plugin) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfiabaafjemgcecklpgnebaebonghka [2021-04-10] CHR Extension: (Open in VLC™ media player) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihpiinojhnfhpdmmacgmpoonphhimkaj [2021-05-11] CHR Extension: (ИИТ Пользователь ЦСК-1. Библ. подп. (web-р.)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jffafkigfgmjafhpkoibhfefeaebmccg [2021-07-05] CHR Extension: (DS Amazon Quick View) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkompbllimaoekaogchhkmkdogpkhojg [2021-10-10] CHR Extension: (RDS Bar) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlipcaflaocihnmlhnhcfombgmmfglho [2021-08-11] CHR Extension: (Save to Facebook) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2021-06-13] CHR Extension: (Tag Assistant Legacy (by Google)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2021-09-25] CHR Extension: (LockPW) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjcloihghgncbdkaafgkckbokjnehfmo [2021-04-10] CHR Extension: (FireShot - скриншоты страниц и аннотации) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2021-07-30] CHR Extension: (PowerPoint Online) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2021-04-10] CHR Extension: (FastProxy - обход блокировки сайтов) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkelkmkgljeohnaeehnnkmdpocfmkmmf [2021-04-10] CHR Extension: (Yandex Wordstat Assistant) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbihjogngdgindfodcjbelhgjdpmkolc [2021-04-10] CHR Extension: (Awesome Screenshot & Screen Recorder) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2021-09-20] CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-10] CHR Extension: (Last Tab Keeper) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogookjjcaobcijoblfjoneggmhdlppkc [2021-04-10] CHR Extension: (Голосовой ввод текста) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pehlbpmpoabkgenppepoaihkacolpdcf [2021-04-10] CHR Extension: (BankID CryptoPlugin) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgfbdgicjmhenccemcijooffohcdanic [2021-04-10] CHR Extension: (Gmail) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-10] CHR Extension: (Yandex Wordstat Helper) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plikkahijklcmphklefjfighoofcijio [2021-04-10] CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-08] CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-08] CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-11-23] CHR HKU\S-1-5-21-1033015312-4152882920-3174503589-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-11-23] CHR HKLM-x32\...\Chrome\Extension: [ngahaphlngmdfhbhkplbglnfhehnpgdb] ==================== Службы (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1047416 2019-12-05] (Autodesk, Inc. -> Autodesk Inc.) R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2020-12-20] (Microsoft Corporation -> Microsoft Corporation) R2 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6510488 2021-10-19] (Microsoft Windows Publisher -> Microsoft Corporation) S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14691624 2021-09-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3800576 2021-01-19] (Microsoft Corporation -> Microsoft Corporation) S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation) ===================== Драйверы (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> ) S1 vdeznji0; C:\Windows\SysWOW64\Drivers\vdeznji0.sys [13312 2021-11-05] () [Файл не подписан] S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) ==================== Один месяц (создан) (В белом списке) ========= (Если запись включена в лист исправлений, файл/папка будут перемещены.) 2021-11-06 13:16 - 2021-11-06 13:16 - 000029903 _____ C:\Users\Mark\Desktop\FRST.txt 2021-11-06 13:15 - 2021-11-06 13:16 - 000000000 ____D C:\FRST 2021-11-06 13:12 - 2021-11-06 13:10 - 002312192 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe 2021-11-06 13:10 - 2021-11-06 13:10 - 002312192 _____ (Farbar) C:\Users\Mark\Downloads\FRST64.exe 2021-11-05 20:00 - 2021-11-05 20:00 - 000000000 ____D C:\Windows\ABR 2021-11-05 17:15 - 2021-11-05 17:15 - 000013312 _____ C:\Windows\SysWOW64\Drivers\vdeznji0.sys 2021-11-05 17:11 - 2021-11-05 17:13 - 000000000 ____D C:\Users\Mark\Downloads\ClearLNK 2021-11-05 17:11 - 2021-11-05 17:11 - 000481552 _____ C:\Users\Mark\Downloads\ClearLNK.zip 2021-11-05 16:15 - 2021-11-05 16:15 - 000000000 ___HD C:\$SysReset 2021-11-05 16:12 - 2021-11-05 16:17 - 000000000 ____D C:\Users\Mark\Downloads\AutoLogger 2021-11-05 16:11 - 2021-11-05 16:11 - 016356209 _____ C:\Users\Mark\Downloads\AutoLogger.zip 2021-11-05 13:30 - 2021-11-05 13:31 - 000000000 ____D C:\ProgramData\SystemExplorer 2021-11-05 13:30 - 2021-11-05 13:30 - 001917528 _____ (Mister Group ) C:\Users\Mark\Downloads\SystemExplorerSetup.exe 2021-11-05 13:30 - 2021-11-05 13:30 - 000001169 _____ C:\Users\Public\Desktop\System Explorer.lnk 2021-11-05 13:30 - 2021-11-05 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer 2021-11-05 13:30 - 2021-11-05 13:30 - 000000000 ____D C:\Program Files (x86)\System Explorer 2021-11-05 09:54 - 2021-11-05 09:54 - 002916337 _____ C:\Users\Mark_2\Downloads\0111 Прайс Р-Д (1).pdf 2021-11-02 12:29 - 2021-11-02 12:29 - 010597326 _____ C:\Users\Mark\Downloads\Domino.pdf 2021-11-01 12:23 - 2021-11-01 16:28 - 000000000 ____D C:\Видео_Solarworks 2021-11-01 12:22 - 2021-11-01 12:24 - 530082292 _____ C:\Users\Mark\Downloads\drive-download-20211101T102223Z-001.zip 2021-11-01 12:20 - 2021-11-01 13:11 - 000000000 ____D C:\Users\Mark\AppData\Local\Movavi 2021-11-01 12:20 - 2021-11-01 12:20 - 000012595 _____ C:\ProgramData\goyslgxe.nnn 2021-11-01 12:20 - 2021-11-01 12:20 - 000001227 _____ C:\Users\Mark\Desktop\Movavi Video Editor Plus.lnk 2021-11-01 12:20 - 2021-11-01 12:20 - 000000016 _____ C:\ProgramData\mntemp 2021-11-01 12:20 - 2021-11-01 12:20 - 000000000 ____D C:\Users\Mark\AppData\Local\VideoEditorPlus 2021-11-01 12:20 - 2021-11-01 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor Plus 2021-11-01 12:19 - 2021-11-01 12:20 - 000000000 ____D C:\Users\Mark\AppData\Roaming\Movavi Video Editor Plus 2021-11-01 12:17 - 2021-11-01 12:17 - 000011912 _____ C:\Users\Mark\Downloads\[NNMClub.to]_Movavi Video Editor Plus 22.0.0 RePack (& Portable) by elchupacabra.torrent 2021-11-01 11:31 - 2021-11-01 11:32 - 000000000 ____D C:\Users\Mark\AppData\Local\Viber 2021-11-01 09:09 - 2021-11-01 09:09 - 000000000 ____D C:\Users\Mark\Downloads\Photos (11) 2021-11-01 09:08 - 2021-11-01 09:08 - 006507081 _____ C:\Users\Mark\Downloads\Photos (11).zip 2021-10-28 13:22 - 2021-10-28 13:25 - 259661552 _____ C:\Users\Mark\Downloads\cureit.exe 2021-10-28 10:33 - 2021-10-28 10:33 - 000038400 _____ C:\Users\Mark\Downloads\1355 счет ТОВ Соларворкс_1635403279.xls 2021-10-28 10:27 - 2021-10-28 10:27 - 000052224 _____ C:\Users\Mark\Downloads\1355 счет ТОВ Соларворкс.xls 2021-10-28 08:54 - 2021-10-28 08:54 - 001220108 _____ C:\Users\Mark\Downloads\Соларворкс 28,10.pdf 2021-10-27 12:27 - 2021-10-27 12:27 - 000154110 _____ C:\Users\Mark\Downloads\order(1189).pdf 2021-10-25 19:40 - 2021-10-25 19:40 - 003063694 _____ C:\Users\Mark\Downloads\JAM60S20-MR-365-390-UA (2).pdf 2021-10-25 19:15 - 2021-10-25 19:15 - 001220068 _____ C:\Users\Mark\Downloads\Соларворкс 25,10.pdf 2021-10-25 19:12 - 2021-11-05 09:53 - 000000000 ____D C:\Users\Mark_2\Documents\ViberDownloads 2021-10-25 18:37 - 2021-10-25 18:37 - 003045854 _____ C:\Users\Mark\Downloads\JAM66S30-MR-480-505-UA_2.pdf 2021-10-22 08:32 - 2021-10-22 08:32 - 000342111 _____ C:\Users\Mark\Downloads\PRONT_№21102021_120ФЕМ_Марк Solar Works_Кріплення до проф.труби.xlsm 2021-10-22 08:32 - 2021-10-22 08:32 - 000342097 _____ C:\Users\Mark\Downloads\PRONT_№21102021_74ФЕМ_Марк Solar Works_Кріплення до проф.труби.xlsm 2021-10-21 21:55 - 2021-10-21 21:55 - 000000000 ____D C:\Users\Mark_2\Documents\ViberDownloads — копия 2021-10-21 10:54 - 2021-10-21 10:54 - 000554609 _____ C:\Users\Mark\Downloads\Технічні умови(2).pdf 2021-10-19 20:45 - 2021-10-19 20:45 - 002045952 _____ C:\Windows\system32\rdpnano.dll 2021-10-19 20:45 - 2021-10-19 20:45 - 000150016 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-10-19 20:45 - 2021-10-19 20:45 - 000144384 _____ C:\Windows\system32\uwfcsp.dll 2021-10-19 20:45 - 2021-10-19 20:45 - 000132096 _____ C:\Windows\system32\uwfcfgmgmt.dll 2021-10-19 20:45 - 2021-10-19 20:45 - 000058368 _____ C:\Windows\system32\runexehelper.exe 2021-10-19 20:45 - 2021-10-19 20:45 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2021-10-19 20:45 - 2021-10-19 20:45 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2021-10-19 20:45 - 2021-10-19 20:45 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2021-10-19 20:45 - 2021-10-19 20:45 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2021-10-19 20:45 - 2021-10-19 20:45 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2021-10-19 20:45 - 2021-10-19 20:45 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2021-10-19 20:45 - 2021-10-19 20:45 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2021-10-19 20:45 - 2021-10-19 20:45 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin 2021-10-19 20:29 - 2021-10-19 20:29 - 000001073 _____ C:\Users\Mark\Desktop\aida64.exe — ярлык.lnk 2021-10-19 20:11 - 2021-10-19 20:11 - 000012061 _____ C:\Users\Mark\Downloads\[NNMClub.to]_AIDA64 Extreme_Engineer_Business_Network 6.33.5700 Final Repack_Portable by Litoy.exe.torrent 2021-10-19 16:40 - 2021-10-19 16:40 - 011650643 _____ C:\Users\Mark\Downloads\84199.pdf 2021-10-19 16:39 - 2021-10-19 16:40 - 010498924 _____ C:\Users\Mark\Downloads\84198 (1).pdf 2021-10-19 16:39 - 2021-10-19 16:39 - 010498924 _____ C:\Users\Mark\Downloads\84198.pdf 2021-10-19 16:36 - 2021-10-19 16:36 - 000045688 _____ C:\Users\Mark\Downloads\84193 (1).pdf 2021-10-19 16:35 - 2021-10-19 16:35 - 007970182 _____ C:\Users\Mark\Downloads\84197.pdf 2021-10-19 16:34 - 2021-10-19 16:34 - 001651413 _____ C:\Users\Mark\Downloads\84192.pdf 2021-10-19 16:33 - 2021-10-19 16:33 - 000045688 _____ C:\Users\Mark\Downloads\84193.pdf 2021-10-19 16:32 - 2021-10-19 16:32 - 000037185 _____ C:\Users\Mark\Downloads\84191.pdf 2021-10-19 16:12 - 2021-10-19 16:12 - 000254441 _____ C:\Users\Mark\Downloads\Додаток_1._Перелік_транспортних_засобів_18R.pdf 2021-10-19 15:56 - 2021-10-19 15:56 - 000925826 _____ C:\Users\Mark\Downloads\Додаток_2.4._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_4186.pdf 2021-10-19 15:56 - 2021-10-19 15:56 - 000884719 _____ C:\Users\Mark\Downloads\Додаток_2.3._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_3814 (2).pdf 2021-10-19 15:56 - 2021-10-19 15:56 - 000637097 _____ C:\Users\Mark\Downloads\Додаток_2.2._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_3681 (1).pdf 2021-10-19 15:55 - 2021-10-19 15:55 - 001388071 _____ C:\Users\Mark\Downloads\Додаток_2.15._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_9042.pdf 2021-10-19 15:55 - 2021-10-19 15:55 - 001264249 _____ C:\Users\Mark\Downloads\Додаток_2.12._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_7250.pdf 2021-10-19 15:55 - 2021-10-19 15:55 - 001244040 _____ C:\Users\Mark\Downloads\Додаток_2.13._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_7252.pdf 2021-10-19 15:55 - 2021-10-19 15:55 - 001177406 _____ C:\Users\Mark\Downloads\Додаток_2.14._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_7695.pdf 2021-10-19 15:55 - 2021-10-19 15:55 - 000642937 _____ C:\Users\Mark\Downloads\Додаток_2.10._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_6684.pdf 2021-10-19 15:55 - 2021-10-19 15:55 - 000629244 _____ C:\Users\Mark\Downloads\Додаток_2.11._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_7064.pdf 2021-10-19 15:55 - 2021-10-19 15:55 - 000625683 _____ C:\Users\Mark\Downloads\Додаток_2.8._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_4580.pdf 2021-10-19 15:55 - 2021-10-19 15:55 - 000623322 _____ C:\Users\Mark\Downloads\Додаток_2.9._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_6250.pdf 2021-10-19 15:54 - 2021-10-19 15:54 - 000892876 _____ C:\Users\Mark\Downloads\Додаток_2.5._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_04467.pdf 2021-10-19 15:54 - 2021-10-19 15:54 - 000884719 _____ C:\Users\Mark\Downloads\Додаток_2.3._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_3814 (1).pdf 2021-10-19 15:54 - 2021-10-19 15:54 - 000637097 _____ C:\Users\Mark\Downloads\Додаток_2.2._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_3681.pdf 2021-10-19 15:53 - 2021-10-19 15:53 - 000884719 _____ C:\Users\Mark\Downloads\Додаток_2.3._Технічний_стан_та_свідоцтво_про_реєстрацію_транспортного_засобу_3814.pdf 2021-10-19 15:52 - 2021-10-19 15:52 - 000087506 _____ C:\Users\Mark\Downloads\Додаток_1._Перелік_транспортних_засобів_16R.pdf 2021-10-19 15:35 - 2021-10-19 15:35 - 000421400 _____ C:\Users\Mark\Downloads\Табличный документ.pdf 2021-10-19 11:35 - 2021-10-19 11:35 - 003063694 _____ C:\Users\Mark\Downloads\JAM60S20-MR-365-390-UA (1).pdf 2021-10-18 15:28 - 2021-10-18 15:28 - 001747010 _____ C:\Users\Mark\Downloads\Kripter-Ballast-Fix-manual-v020620.pdf 2021-10-18 15:13 - 2021-10-18 15:13 - 000141846 _____ C:\Users\Mark\Downloads\2.pdf 2021-10-18 15:13 - 2021-10-18 15:13 - 000093746 _____ C:\Users\Mark\Downloads\1.pdf 2021-10-18 08:53 - 2021-10-18 08:53 - 000000000 ____D C:\Program Files (x86)\Direct Side Kit 2021-10-13 09:47 - 2021-10-13 09:47 - 000341691 _____ C:\Users\Mark_2\Downloads\КП_100кВт_Huawei_Укр.pdf 2021-10-13 09:24 - 2021-10-13 09:24 - 000021504 _____ C:\Users\Mark\Downloads\Солар Воркс.xls 2021-10-08 15:24 - 2021-10-08 15:24 - 085734008 _____ C:\Users\Mark\Desktop\IMG_4041.psd 2021-10-08 08:24 - 2021-10-08 08:24 - 000013095 _____ C:\Users\Mark\Downloads\томилівка володарка гоголів княжичі.xlsx 2021-10-07 14:48 - 2021-10-07 14:49 - 000000000 ____D C:\Users\Mark\Downloads\Photos (10) 2021-10-07 14:46 - 2021-10-07 14:46 - 005884275 _____ C:\Users\Mark\Downloads\Photos (10).zip 2021-10-07 14:41 - 2021-10-07 14:41 - 000000000 ____D C:\Users\Mark\Downloads\Photos (9) 2021-10-07 14:40 - 2021-10-07 14:40 - 023849309 _____ C:\Users\Mark\Downloads\Photos (9).zip 2021-10-07 14:36 - 2021-10-07 14:36 - 000000000 ____D C:\Users\Mark\Downloads\Photos (8) 2021-10-07 14:35 - 2021-10-07 14:35 - 042946340 _____ C:\Users\Mark\Downloads\Photos (8).zip 2021-10-07 11:57 - 2021-10-07 11:57 - 000197691 _____ C:\Users\Mark\Downloads\SUN2000-30-40KTL-M3_UA-2 (1).pdf 2021-10-07 10:40 - 2021-10-07 10:40 - 000341925 _____ C:\Users\Mark\Downloads\PRONT_№07102021_Марк Solar Works_Кріплення до проф.труби.xlsm ==================== Один месяц (изменён) ================== (Если запись включена в лист исправлений, файл/папка будут перемещены.) 2021-11-06 13:14 - 2021-04-10 23:25 - 000000258 __RSH C:\ProgramData\ntuser.pol 2021-11-06 13:12 - 2021-04-11 08:40 - 000000000 ____D C:\Users\Mark\AppData\Roaming\ViberPC 2021-11-06 12:42 - 2021-04-10 21:41 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-06 12:42 - 2021-01-22 01:27 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-11-06 12:25 - 2021-04-10 21:55 - 000000000 ____D C:\ProgramData\NVIDIA 2021-11-06 11:18 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-06 09:00 - 2021-04-11 08:40 - 000000000 ____D C:\Users\Mark\Documents\ViberDownloads 2021-11-06 07:24 - 2021-04-11 12:10 - 000000000 ____D C:\Program Files\CCleaner 2021-11-05 21:18 - 2021-04-13 17:35 - 000000000 ____D C:\Users\Mark\AppData\Local\ElevatedDiagnostics 2021-11-05 17:22 - 2021-01-22 02:04 - 001765076 _____ C:\Windows\system32\PerfStringBackup.INI 2021-11-05 17:22 - 2018-09-15 18:41 - 000776270 _____ C:\Windows\system32\perfh019.dat 2021-11-05 17:22 - 2018-09-15 18:41 - 000153662 _____ C:\Windows\system32\perfc019.dat 2021-11-05 17:22 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF 2021-11-05 17:16 - 2021-09-22 19:22 - 000000000 ____D C:\Program Files\TeamViewer 2021-11-05 17:16 - 2021-01-22 01:28 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-11-05 17:15 - 2018-09-15 08:09 - 000131072 _____ C:\Windows\system32\config\BBI 2021-11-05 17:13 - 2021-10-04 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\V_K-D_J 2021-11-05 17:13 - 2021-07-27 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ФотоГалерея 2021-11-05 17:13 - 2021-04-11 09:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2021 — Русский (Russian) 2021-11-05 17:09 - 2021-04-11 12:10 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update 2021-11-05 16:14 - 2021-01-21 14:27 - 000000000 ____D C:\Windows\Panther 2021-11-05 16:10 - 2021-04-10 21:36 - 000000000 ____D C:\Windows\AAct_Tools 2021-11-05 16:04 - 2021-04-11 09:10 - 000000000 ____D C:\ProgramData\Autodesk 2021-11-05 15:55 - 2021-06-28 11:23 - 000000000 ____D C:\Users\Mark_2\AppData\Roaming\ViberPC 2021-11-03 10:11 - 2021-04-10 21:35 - 000000000 ____D C:\Users\Mark\AppData\Local\Packages 2021-11-03 08:38 - 2021-04-10 21:42 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-11-03 08:38 - 2021-04-10 21:42 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-11-02 15:04 - 2021-04-11 09:20 - 000000000 ____D C:\ProgramData\boost_interprocess 2021-11-02 11:38 - 2021-05-21 17:56 - 000001456 _____ C:\Users\Mark\AppData\Local\Adobe Сохранить для Web 13.0 Prefs 2021-11-01 17:10 - 2021-04-10 22:55 - 000000000 ____D C:\Users\Mark\AppData\Roaming\uTorrent 2021-11-01 16:46 - 2021-04-10 22:55 - 000000000 ____D C:\Users\Mark\AppData\Local\BitTorrentHelper 2021-11-01 12:17 - 2021-10-04 19:02 - 000000000 ____D C:\Users\Mark\AppData\LocalLow\uTorrent 2021-10-30 22:23 - 2021-04-10 21:35 - 000000000 ____D C:\Users\Mark 2021-10-29 19:35 - 2021-04-10 23:42 - 000000000 ____D C:\Users\Mark\AppData\Local\CrashDumps 2021-10-27 08:09 - 2021-04-12 14:23 - 000000000 ____D C:\Windows\Minidump 2021-10-25 19:12 - 2021-06-28 15:41 - 000001096 _____ C:\Users\Mark_2\Desktop\Viber_2.lnk 2021-10-25 19:12 - 2021-06-28 15:37 - 000000000 ___RD C:\Users\Mark_2\3D Objects 2021-10-25 19:12 - 2021-01-22 01:33 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-10-19 21:00 - 2021-04-10 21:35 - 000000000 ___RD C:\Users\Mark\3D Objects 2021-10-19 21:00 - 2021-01-22 01:27 - 000538936 _____ C:\Windows\system32\FNTCACHE.DAT 2021-10-19 20:59 - 2018-09-15 18:43 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\setup 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\setup 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\oobe 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\lv-LV 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\lt-LT 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\et-EE 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\es-MX 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\ShellExperiences 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\Provisioning 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr 2021-10-19 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\system 2021-10-19 20:59 - 2018-09-15 08:09 - 000000000 ____D C:\Windows\system32\Dism 2021-10-19 20:53 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp 2021-10-19 20:51 - 2021-04-10 23:39 - 000000000 ____D C:\Windows\system32\MRT 2021-10-19 20:48 - 2021-04-10 23:39 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-10-19 20:44 - 2021-01-22 01:34 - 002884096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2021-10-19 20:43 - 2018-09-15 09:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll 2021-10-19 20:42 - 2018-09-15 09:29 - 000122368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll 2021-10-18 22:53 - 2021-01-22 01:35 - 000000000 ____D C:\ProgramData\Package Cache 2021-10-18 12:20 - 2021-04-11 11:51 - 000000000 ____D C:\Users\Mark\AppData\Roaming\Telegram Desktop 2021-10-18 08:53 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy ==================== Файлы в корне каталогов ======== 2021-05-21 17:56 - 2021-11-02 11:38 - 000001456 _____ () C:\Users\Mark\AppData\Local\Adobe Сохранить для Web 13.0 Prefs 2021-05-20 20:51 - 2021-05-20 20:51 - 000000001 _____ () C:\Users\Mark\AppData\Local\llftool.4.40.agreement 2021-04-11 14:51 - 2021-04-11 14:51 - 000000003 _____ () C:\Users\Mark\AppData\Local\updater.log 2021-04-11 14:51 - 2021-04-11 14:51 - 000000424 _____ () C:\Users\Mark\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (Нет автоматического исправления файлов, которые не проходят проверку.) BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== успешно восстановлен ==================== Конец от FRST.txt ========================