Результат сканирования Farbar Recovery Scan Tool (FRST) (x64) Версия: 11.06.2024 Запущено с помощью User (Администратор) на WIN-UBAT8PKEO6O (14-06-2024 13:00:17) Запущено из C:\Users\User\Downloads\FRST64.exe Загруженные профили: User Платформа: Microsoft Windows 7 Максимальная Service Pack 1 (X64) Язык: Русский (Россия) Браузер по умолчанию: Yandex Browser Режим загрузки: Normal ==================== Процессы (В белом списке) ================= (Если запись включена в fixlist, процесс будет закрыт. Файл не будет перемещён.) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe ->) (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe (C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe ->) (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe (C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (services.exe ->) (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe (services.exe ->) (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwservice.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (services.exe ->) (Microsoft Corporation) [Файл не подписан] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Doctor Web, Ltd.) C:\Program Files\DrWeb\wsc-service.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (taskeng.exe ->) () [Файл не подписан] C:\AMD\Radeon-Software-Adrenalin-2020-22.6.1-Win10-Win11-64Bit-LegacyASICs-June23-2022-LEGACY\Bin64\localization\tr_TR\Idle.exe (taskmgr.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9> (winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe Не удалось получить доступ к процессу -> chrome.exe ==================== Реестр Windows (В белом списке) =================== (Если запись включена в fixlist, элемент реестра будет сброшен на значение по умолчанию или удалён. Файл не будет перемещён.) HKLM\...\Run: [] => [X] HKLM\...\Run: [SpIDerAgent] => C:\Program Files\DrWeb\spideragent.exe [24152856 2024-01-18] (Doctor Web Ltd. -> Doctor Web, Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750672 2024-03-13] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKLM\...\Policies\Explorer: [TurnOffSPIAnimations] 1 HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1 HKLM\...\Policies\Explorer: [EnforceShellExtensionSecurity] 0 HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:windowsdefender; HKLM\ DisallowedCertificates: 47D92D49E6F7F296260DA1AF355F941EB25360C4 (U) HKLM\ DisallowedCertificates: EE45853E5C81DB8FDBB7F92C18B20972C744911C (U) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ограничение <==== ВНИМАНИЕ HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ограничение <==== ВНИМАНИЕ HKLM\SOFTWARE\Policies\Microsoft\MRT: Ограничение <==== ВНИМАНИЕ HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Ограничение <==== ВНИМАНИЕ HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [YandexBrowserAutoLaunch_B64B7D5D07784CD66F00CA43360BB68B] => C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [4568368 2024-06-07] (YANDEX LLC -> YANDEX LLC) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [Vidalia] => "C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe" (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [uTorrent] => "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [Spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [PlanetVPN] => C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe app_silent=1 (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [Opera GX Stable] => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [nr_server] => C:\Program Files (x86)\nr_plugin\ServerHandler.exe [112674 2020-07-21] (Top Case) [Файл не подписан] HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [moedelo_plugin_setup] => C:\Program Files (x86)\МоёДело.Плагин\StekTrustPlugin.exe [968040 2022-04-21] (АО НТЦ СТЭК -> ) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [Loudplay] => "C:\Users\User\AppData\Local\Programs\loudplay\Loudplay.exe" --hidden (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [GrandUpdateManager] => C:\Program Files (x86)\Grand\UpdateManager\GrandUM.exe (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [GoogleChromeAutoLaunch_E2A62F2EFCF52D2AD105647B23C0A2FD] => "C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --no-startup-window /prefetch:5 (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [EpicGamesLauncher] => "C:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\Update.exe --processStart Discord.exe (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482168 2022-09-17] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [CursorFX] => "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe" (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [CCleaner Smart Cleaning] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [Brotorrent - Torrent Client] => "C:\Users\User\AppData\Local\Programs\com.brotorrent.torrent-client\Brotorrent - Torrent Client.exe" (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [AltServer] => C:\Program Files (x86)\AltServer\AltServer.exe (Нет файла) HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Run: [Icdvb] => C:\Users\User\AppData\Roaming\Icdvb.exe [84208 2024-06-13] (The MathWorks, Inc. -> The MathWorks Inc.) [Файл не подписан] <==== ВНИМАНИЕ HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\MountPoints2: F - F:\setup.exe HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [2972672 2018-08-16] (Microsoft Windows -> Microsoft Corporation) <==== ВНИМАНИЕ HKU\S-1-5-21-718437350-3454518100-2172079934-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [] => [X] HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\Windows\System32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\Windows\System32\cscobj.dll [2010-11-21] (Microsoft Windows -> Корпорация Майкрософт) IFEO\explorer.exe: [Debugger] C:\Users\User\AppData\Local\Audio.exe Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2022-10-30] Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2023-01-09] ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe (Нет файла) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Вырезка экрана и программа запуска для OneNote 2007.lnk [2021-11-17] ShortcutTarget: Вырезка экрана и программа запуска для OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Плагин криптографии АГЗРТ.lnk [2021-04-26] ShortcutTarget: Плагин криптографии АГЗРТ.lnk -> C:\Users\User\AppData\Local\AgzrtCryptProvider\AgzrtCryptProviderEx.exe () [Файл не подписан] Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Плагин ЭТП.lnk [2022-01-20] ShortcutTarget: Плагин ЭТП.lnk -> C:\Users\User\AppData\Local\AgzrtCryptProvider\AgzrtCryptProviderEx.exe () [Файл не подписан] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2021-03-18] ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (Нет файла) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EGAISCrypto.lnk [2021-09-01] ShortcutTarget: EGAISCrypto.lnk -> C:\Program Files (x86)\EGAIS Crypto 2\EGAISCrypto.exe (EGAIS) [Файл не подписан] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\privoxy.lnk [2020-11-04] ShortcutTarget: privoxy.lnk -> C:\Users\Public\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org) [Файл не подписан] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2022-12-13] ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (Нет файла) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\webserv.lnk [2020-11-10] ShortcutTarget: webserv.lnk -> C:\Users\Public\proxy-pac\webserv.exe (www.storecalc.com) [Файл не подписан] BootExecute: GroupPolicy: Ограничение ? <==== ВНИМАНИЕ GroupPolicy\User: Ограничение ? <==== ВНИМАНИЕ Policies: C:\ProgramData\NTUSER.pol: Ограничение <==== ВНИМАНИЕ Policies: C:\Users\User\NTUSER.pol: Ограничение <==== ВНИМАНИЕ HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ограничение <==== ВНИМАНИЕ ==================== Запланированные задачи (В белом списке) ================= (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) Task: {130656E0-5F44-46C7-AF67-E0589DF7B2F8} - \service_updates -> Нет файла <==== ВНИМАНИЕ Task: {183DD106-1BD3-43EA-A4C3-64961793E5BA} - \services -> Нет файла <==== ВНИМАНИЕ Task: {2309E4FF-C82B-4BA8-B905-CAD40102FC7F} - \csrssc -> Нет файла <==== ВНИМАНИЕ Task: {2EFA2B2B-F8CD-4824-B618-B247A98EEEFA} - \dwwatcher -> Нет файла <==== ВНИМАНИЕ Task: {3283523E-5CFC-45DF-86E7-9FAE22ED6917} - \sppsvc -> Нет файла <==== ВНИМАНИЕ Task: {41A674F6-8645-4E9D-8B0B-A15372EAE3EF} - \sppsvcs -> Нет файла <==== ВНИМАНИЕ Task: {41F8A85C-8599-4476-9FAF-3ADC6F69C934} - \csrss -> Нет файла <==== ВНИМАНИЕ Task: {448D7485-0003-4175-BA9A-9997177F83BE} - \StartCNBM -> Нет файла <==== ВНИМАНИЕ Task: {49718547-E714-41BA-8B0A-900D4EC6513A} - \taskhost -> Нет файла <==== ВНИМАНИЕ Task: {512E26CA-1454-4741-8471-75CBC6A6B3AF} - \browserb -> Нет файла <==== ВНИМАНИЕ Task: {57434F18-59AE-42E1-BE3A-3B0A6B0AA984} - \alg -> Нет файла <==== ВНИМАНИЕ Task: {6AC1AE77-172F-4C9C-839F-0DCB829058EA} - \AMDRSSrcExt -> Нет файла <==== ВНИМАНИЕ Task: {6BC0A359-2935-42BB-BB80-E921F13D34BB} - \service_update -> Нет файла <==== ВНИМАНИЕ Task: {6C6BD0CB-F2EF-406A-B54C-5B07A781A3DD} - \taskengt -> Нет файла <==== ВНИМАНИЕ Task: {78D12598-2DAE-4D76-9411-565C33DA541C} - \alga -> Нет файла <==== ВНИМАНИЕ Task: {7DABBE8D-5FA6-4267-8E1B-196EC15F2170} - \Arizona Games Launcher -> Нет файла <==== ВНИМАНИЕ Task: {813C8B4D-2D52-4265-ABEC-8422C503AB9E} - \Arizona Games LauncherA -> Нет файла <==== ВНИМАНИЕ Task: {82CDAB1C-22DF-4113-8415-37E705FE9C96} - \taskhostt -> Нет файла <==== ВНИМАНИЕ Task: {85BA9D6E-2A88-4458-9D73-CB25F61A40F9} - \RadeonSoftwareR -> Нет файла <==== ВНИМАНИЕ Task: {90BD52DB-6169-461D-B16A-E9228B655A32} - \dwengine -> Нет файла <==== ВНИМАНИЕ Task: {97B3408B-4F58-4B2A-B9B0-422495362B96} - \RadeonSoftware -> Нет файла <==== ВНИМАНИЕ Task: {A5ACBC68-06BC-408A-95F5-E75EBB16A2BA} - \dwnetfilter -> Нет файла <==== ВНИМАНИЕ Task: {A95F5147-E344-4B25-9FA7-E019237D1B43} - \sidebars -> Нет файла <==== ВНИМАНИЕ Task: {B16AE8C5-A336-476A-AE90-303E4D4C3EE6} - \AMDRSServA -> Нет файла <==== ВНИМАНИЕ Task: {C103C9C1-21FA-4A66-849F-EF67B786434A} - \WmiPrvSE -> Нет файла <==== ВНИМАНИЕ Task: {C957EE27-4673-4FD5-BC5D-4596F225CEA1} - \dwarkdaemon -> Нет файла <==== ВНИМАНИЕ Task: {CEE44E35-627D-4DDC-ADBF-FE127CA427CC} - \servicess -> Нет файла <==== ВНИМАНИЕ Task: {D14A3494-C9DB-412F-9989-6EDD80DD848B} - \AMDRSSrcExtA -> Нет файла <==== ВНИМАНИЕ Task: {D893C6D5-A5E7-4C9E-91B8-5D454245D3C6} - \dwarkdaemond -> Нет файла <==== ВНИМАНИЕ Task: {DD9F2FD6-F985-4F0A-9808-E3F9D567186C} - \WmiPrvSEW -> Нет файла <==== ВНИМАНИЕ Task: {E45F96CE-B832-473F-B668-1FD22FD9BD59} - \sidebar -> Нет файла <==== ВНИМАНИЕ Task: {E740468E-6044-4616-AB83-3528303AB6AE} - \dwnetfilterd -> Нет файла <==== ВНИМАНИЕ Task: {ED2E665B-3230-4CD3-934F-8985690F1142} - \taskeng -> Нет файла <==== ВНИМАНИЕ Task: {FB0B54BC-9BDD-482D-B137-05FAB7900657} - \dwwatcherd -> Нет файла <==== ВНИМАНИЕ Task: {FD723EF7-B60D-45D8-B52E-4F91FE68CD2D} - \dwengined -> Нет файла <==== ВНИМАНИЕ Task: {FF0C281E-5214-4854-93A9-764977988CBA} - \browser -> Нет файла <==== ВНИМАНИЕ Task: {FF23CF66-7096-471C-87E9-14BCA90B38D0} - \AMDRSServ -> Нет файла <==== ВНИМАНИЕ Task: {F73A9388-7AEA-4DEB-8FB8-7D1BF209DCF9} - System32\Tasks\{4177C6D5-DF13-43CF-AC9A-020DF87641A7} => C:\Program Files (x86)\Grand\UpdateManager\GrandUM.exe (Нет файла) Task: {88EA8DF3-1DC3-463D-A64F-96D07DCAE335} - System32\Tasks\{561B14E4-D29C-49C5-B7A8-37C3D149933D} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Users\User\Desktop\Trigon Evo Installer v2.5\TrigonLauncher_v2.exe" -d "C:\Users\User\Desktop\Trigon Evo Installer v2.5" Task: {9A537615-7641-416D-B2C6-5B5F8690FA4D} - System32\Tasks\{71560CBC-4EB7-4D43-9C23-150080D70401} => C:\Program Files (x86)\Grand\UpdateManager\GrandUM.exe (Нет файла) Task: {7F3CFE8C-E695-4D61-97DE-14209DF9004B} - System32\Tasks\{828E798D-E031-45F8-9909-4668831222FF} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\User\Desktop\PSU\PSU_Installer.exe -d C:\Users\User\Desktop\PSU Task: {C420DDE2-F9AF-4A52-8C78-8707584B19EF} - System32\Tasks\{82BE6FC7-026C-48BE-80A3-64CE7A76B80E} => C:\Program Files (x86)\Grand\UpdateManager\GrandUM.exe (Нет файла) Task: {374723B8-0415-404D-A03B-645B33CD08DE} - System32\Tasks\{8E4F7D14-6616-42BD-B070-F25FE0433C4E} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\User\Downloads\GLP_Installer_900205958_brawlstars.exe -d C:\Users\User\Downloads Task: {5847FB11-AF05-4709-870D-119EEFFFEB5D} - System32\Tasks\{A695DA1F-9795-4154-BC51-A48600002315} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\User\Downloads\LA_Setup_v4.11.1.exe -d C:\Users\User\Downloads Task: {918F563D-2942-4F49-A5B7-E5219393D73C} - System32\Tasks\{C9C21FE9-E0F5-46ED-B8E9-A16F686D71E1} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Users\User\Downloads\GLP_Installer_900208074_Standoff 2.exe" -d C:\Users\User\Downloads Task: {2154B060-3518-48B9-8D2B-CF5986D22D36} - System32\Tasks\ActionLauncher_User => C:\Program Files (x86)\Mirillis\Action!\ActionLauncher.exe -> C:\Program Files (x86)\Mirillis\Action!\\5 Task: {11900ADE-E792-4360-8240-DB2B751604B1} - System32\Tasks\Altening Alt Loader => C:\Windows\System32\cmd.exe [345088 2010-11-21] (Microsoft Windows -> Microsoft Corporation) -> /C start %AppData%\altening\altening.launcher.exe --background Task: {B4BE2BEC-C01E-4DB1-AABC-EA3CA94E2BA8} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {058816EF-F199-44F9-87E4-67EE41603777} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {BBC60C59-EC36-4504-AE98-7152CAE75A58} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [12714552 2024-01-18] (Doctor Web Ltd. -> Doctor Web, Ltd.) -> C:\Program Files\DrWeb\/full Task: {7EFA5FC2-21B2-4322-8D13-77703EA3CBB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2020-10-16] (Google Inc -> Google Inc.) Task: {731AD72A-8947-4CCA-A94C-1B604406B1AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2020-10-16] (Google Inc -> Google Inc.) Task: {24BA0D68-1855-49C6-8869-13A03BD4B0CF} - System32\Tasks\Idle => C:\AMD\Radeon-Software-Adrenalin-2020-22.6.1-Win10-Win11-64Bit-LegacyASICs-June23-2022-LEGACY\Bin64\localization\tr_TR\Idle.exe [3175936 2024-04-29] () [Файл не подписан] Task: {234F4D60-B79B-49FD-97F2-54E107FCA281} - System32\Tasks\IdleI => C:\AMD\Radeon-Software-Adrenalin-2020-22.6.1-Win10-Win11-64Bit-LegacyASICs-June23-2022-LEGACY\Bin64\localization\tr_TR\Idle.exe [3175936 2024-04-29] () [Файл не подписан] Task: {AFC704CA-CD5F-43B0-AB95-152311FEBF64} - System32\Tasks\iTop Sump Task(One-Time) => "C:\Program Files (x86)\iTop VPN\SumpiTop.exe" -> C:\Program Files (x86)\iTop VPN\\/sup Task: {5640B31A-AD97-4E96-85DB-21E2B1FE1D52} - System32\Tasks\Kontur.Plugin.Assistant-v3.17.1.682-S-1-5-21-718437350-3454518100-2172079934-1000 => C:\Users\User\AppData\Local\SkbKontur\Plugin\3.17.1.682\kontur.plugin.assistant.exe [1279904 2023-02-17] (AO Proizvodstvennaya Firma SKB Kontur -> PF SKB Kontur AO) Task: {06B727BA-479A-4413-9A26-48FF62244A17} - System32\Tasks\Kontur.Updater-v1.3.0.267-S-1-5-21-718437350-3454518100-2172079934-1000 => C:\Users\User\AppData\Local\SkbKontur\Updater\1.3.0.267\kontur.updater.exe [1345952 2023-04-05] (AO Proizvodstvennaya Firma SKB Kontur -> PF SKB Kontur AO) Task: {30819739-5DAE-4168-B40A-B66ECFB0294A} - System32\Tasks\Microsoft\Windows\Autochk\WinKernel => C:\Windows\System32\WinKernel.exe [198296 2018-07-21] (simplix -> simplix) [Файл не подписан] Task: {F25F4151-28A7-48DD-8B64-8F32E426FD6E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [680352 2023-07-04] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (запись имеет ещё 6 символов). Task: {63F96F52-FA85-4C66-8F61-CD3E6B817234} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => "C:\Users\User\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe" (Нет файла) Task: {40878525-A46E-4D99-8D84-A6566272CCF1} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615638998 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\User\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {90A1C020-69A7-499C-953B-FDEC9FB27C82} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1622221723 => C:\Users\Астема\AppData\Local\Programs\Opera GX\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Астема\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {B97AE72F-2E06-406D-AF91-92107FA0AC93} - System32\Tasks\Opera GX scheduled Autoupdate 1605030412 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (Нет файла) Task: {5A591C1B-196F-4ED9-B908-9A4DC3141345} - System32\Tasks\Opera GX scheduled Autoupdate 1621962401 => C:\Users\Астема\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (Нет файла) Task: {0CAA4744-447E-4B59-9805-FD0198DA2923} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57312 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {85A5222C-5128-4DEA-B2A0-04305153BB6D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [263136 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {99F5BD3D-2338-4D92-98B5-FBADC91F2FE2} - System32\Tasks\UninstallTool_SkipUAC_User => C:\Program Files\Uninstall Tool\UninstallTool.exe [4917536 2023-01-31] (CrystalBit Solutions -> CrystalIDEA Software) Task: {5DAA4909-242B-4466-9DAF-EAEB30CD6AA2} - System32\Tasks\update-S-1-5-21-718437350-3454518100-2172079934-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {58F2653D-AFA5-4BD1-89D9-8EBF077F62E2} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {F471A8CC-92BD-47CF-8095-683E81B596B0} - System32\Tasks\Yandex.Stroka.User.S-1-5-21-718437350-3454518100-2172079934-1002 => C:\Users\Астема\AppData\Local\Yandex\SearchBand\Application\5.5.0.1923\searchbandapp64.exe /logon (Нет файла) Task: {B5E621B0-4A25-4E91-979B-2968AA2AE687} - System32\Tasks\ZoogVPNRunner => "C:\Program Files (x86)\ZoogVPN\ZoogVPN.exe" (Нет файла) Task: {FDE11BB1-A55A-4946-BC5E-39A58AAAA5E1} - System32\Tasks\Восстановление сервиса обновлений Яндекс Браузера => C:\Program Files (x86)\Yandex\YandexBrowser\24.4.5.498\service_update.exe [3048240 2024-06-11] (YANDEX LLC -> YANDEX LLC) Task: {47EC58A6-3076-41DA-96AF-F39F7F1806DB} - System32\Tasks\Восстановление сервиса обновлений Яндекс.Браузера => C:\Program Files (x86)\Yandex\YandexBrowser\22.9.1.1094\service_update.exe --repair (Нет файла) Task: {1207092D-A31F-44BA-A0BB-0E962E6C0E78} - System32\Tasks\Обновление Браузера Яндекс => C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [4568368 2024-06-07] (YANDEX LLC -> YANDEX LLC) Task: {BE8BB471-EEE0-4480-B934-3E38370859F9} - System32\Tasks\Плагин фиксации действий пользователя => C:\Windows\System32\wscript.exe [168960 2018-10-27] (Microsoft Windows -> Microsoft Corporation) -> c:\\"C:\Program Files\Плагин фиксации действий пользователя\ffmpeg\run.vbs" Task: {DBD6673C-1842-4A07-BBA7-A0C059B777C1} - System32\Tasks\Системное обновление Браузера Яндекс => C:\Program Files (x86)\Yandex\YandexBrowser\24.4.5.498\service_update.exe [3048240 2024-06-11] (YANDEX LLC -> YANDEX LLC) (Если запись включена в fixlist, файл задачи (.job) будет перемещён. Файл, выполняемый задачей, не будет перемещён.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => Task: C:\Windows\Tasks\update-S-1-5-21-718437350-3454518100-2172079934-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\Восстановление сервиса обновлений Яндекс.Браузера.job => C:\Program Files (x86)\Yandex\YandexBrowser\22.9.1.1094\service_update.exe Task: C:\Windows\Tasks\Восстановление сервиса обновлений Яндекс Браузера.job => C:\Program Files (x86)\Yandex\YandexBrowser\24.4.5.498\service_update.exe Task: C:\Windows\Tasks\Обновление Браузера Яндекс.job => C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe Task: C:\Windows\Tasks\Системное обновление Браузера Яндекс.job => C:\Program Files (x86)\Yandex\YandexBrowser\24.4.5.498\service_update.exe ==================== Internet (В белом списке) ==================== (Если элемент включён в fixlist, если он является элементом реестра, он будет удалён или сброшен на значение по умолчанию.) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{87FDE00D-6190-4D4A-8FC4-C9845597F718}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{87FDE00D-6190-4D4A-8FC4-C9845597F718}: [DhcpDomain] Home Tcpip\..\Interfaces\{FE18AA3F-7ADA-4B3D-B466-3BE09B17757E}: [NameServer] 1.1.1.1,1.0.0.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ограничение <==== ВНИМАНИЕ FireFox: ======== FF DefaultProfile: zfz8696p.default FF DefaultProfile: hh57l0gv.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7oayy4pb.default-release-1 [2024-04-28] FF Notifications: Mozilla\Firefox\Profiles\7oayy4pb.default-release-1 -> hxxps://funpay.com FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zfz8696p.default [2021-09-26] FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u3fn6nx3.default-release-1650206249371 [2024-04-28] FF ProfilePath: C:\Users\User\AppData\Roaming\K-Meleon\hh57l0gv.default [2024-02-16] FF user.js: detected! => C:\Users\User\AppData\Roaming\K-Meleon\hh57l0gv.default\user.js [2006-04-06] FF Extension: (Нет имени) - C:\Program Files (x86)\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [не найдено] FF HKU\S-1-5-21-718437350-3454518100-2172079934-1000\...\Firefox\Extensions: [rutokenplugin@rutoken.ru] - C:\Users\User\AppData\Roaming\Aktiv Co\CryptoPlugin\4.5.1.0\\rutoken_plugin_adapter.xpi FF Extension: (Rutoken Plugin Adapter) - C:\Users\User\AppData\Roaming\Aktiv Co\CryptoPlugin\4.5.1.0\\rutoken_plugin_adapter.xpi [2020-06-08] FF Plugin: @tongbu.com/tongbu,version=0.1 -> C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll [Нет файла] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin: www.croc.ru/CrocXmlSigner -> C:\Program Files (x86)\CrocInc\Croc.XmlSigner\CurrentVersion\x64\npCrocXmlSigner.dll [2017-11-28] (Croc Inc.) [Файл не подписан] FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [Файл не подписан] FF Plugin-x32: @cryptopro.ru/CAdES,version=1.0 -> C:\Program Files (x86)\Crypto Pro\CAdES Browser Plug-in\npcades.dll [2022-05-18] (CRYPTO-PRO LLC -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.411.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.411.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @skbkontur.ru/diagplugin -> C:\Program Files (x86)\SkbKontur\DiagPlugin\3.0.27.541\npapikd.dll [2022-06-09] (AO Proizvodstvennaya Firma SKB Kontur -> PF SKB Kontur AO) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: www.croc.ru/CrocXmlSigner -> C:\Program Files (x86)\CrocInc\Croc.XmlSigner\CurrentVersion\npCrocXmlSigner.dll [2018-02-06] (Croc Inc.) [Файл не подписан] FF Plugin HKU\S-1-5-21-718437350-3454518100-2172079934-1000: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\ECSR\Versions\ECSRClient041023h1\\NPRobloxProxy.dll [Нет файла] FF Plugin HKU\S-1-5-21-718437350-3454518100-2172079934-1000: @nsroblox.roblox.com/launcher64 -> C:\Program Files (x86)\ECSR\Versions\ECSRClient041023h1\\NPRobloxProxy64.dll [Нет файла] FF Plugin HKU\S-1-5-21-718437350-3454518100-2172079934-1000: @skbkontur.ru/toolbox2 -> C:\Users\User\AppData\Roaming\SkbKontur\ToolboxPlugin\2.9.9.41\npKonturToolbox2.9.9.41.dll [2019-10-24] (PF SKB Kontur AO -> PF SKB Kontur AO) FF Plugin HKU\S-1-5-21-718437350-3454518100-2172079934-1000: @TOPCASE/Crypto Plugin;version=2 -> C:\Users\User\AppData\Local\TOPCASE\Крипто компонента\npcryco.dll [2021-05-04] (TOP CASE LLC -> TOP CASE Company) [Файл не подписан] FF Plugin HKU\S-1-5-21-718437350-3454518100-2172079934-1000: @TOPCASE/Crypto Updater Plugin;version=1 -> C:\Users\User\AppData\Local\TOPCASE\Крипто компонента\npcryupd.dll [2021-05-04] (TOP CASE LLC -> TOP CASE Company) [Файл не подписан] FF Plugin HKU\S-1-5-21-718437350-3454518100-2172079934-1000: rt.ru/IFCPlugin -> C:\Users\User\AppData\Roaming\Rostelecom\IFCPlugin\3.1.1.0\x32\IFCPlugin.dll [2020-11-09] (Rostelecom PAO -> Rostelecom) FF Plugin HKU\S-1-5-21-718437350-3454518100-2172079934-1000: rutoken.ru/CryptoPlugin -> C:\Users\User\AppData\Roaming\Aktiv Co\CryptoPlugin\4.5.1.0\\npCryptoPlugin.dll [2020-06-08] (Aktiv-Soft Joint-Stock Company -> Aktiv Co.) FF Plugin HKU\S-1-5-21-718437350-3454518100-2172079934-1000: rutoken.ru/RutokenPlugin -> C:\Users\User\AppData\Roaming\Aktiv Co\CryptoPlugin\4.5.1.0\\npRutokenPlugin.dll [2020-06-08] (Aktiv-Soft Joint-Stock Company -> Aktiv Co.) Chrome: ======= CHR DefaultProfile: Profile 10 CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2024-01-08] CHR Extension: (panda dumpling) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\caaclfkfmcnlppkambfehbfhlekhpenf [2020-10-18] CHR Extension: (Плагин ГИС НР) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdjkkeofanojcdolaakkckkmfcjejlij [2023-01-26] CHR Extension: (Google Документы офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-18] CHR Extension: (Контур.Плагин) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhppcgejeffnbnioloohhmndpmclaga [2022-05-14] CHR Extension: (CryptoPro Extension for CAdES Browser Plug-in) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifchhfnnmpdbibifmljnfjhpififfog [2023-01-01] CHR Extension: (Помощник диагностики) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlmamahcfioibldbpbaechbpeeaelin [2020-10-18] CHR Extension: (ESEP Crypto Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhkcelnoeacagmhbidalbidnkjeokma [2023-01-26] CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-26] CHR Extension: (Расширение для плагина Госуслуг) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbefkdcndngodfeigfdgiodgnmbgcfha [2022-08-16] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-08] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10 [2024-06-14] CHR Notifications: Profile 10 -> hxxps://eu.gtrxlnd4.com; hxxps://eu.gtrxlnd82.com; hxxps://jqgrbs.com; hxxps://play.geforcenow.com; hxxps://sxnxu-notorgamesnet-f8h1fk005.dobrnovosti.com; hxxps://www.reddit.com; hxxps://zelenka.guru CHR Extension: (Torrent Scanner) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-12] CHR Extension: (Slinky Элегантный) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2024-01-18] CHR Extension: (Vencord Web) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\cbghhgpcnddeihccjmnadmkaejncjndb [2024-06-12] CHR Extension: (Плагин ГИС НР) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\cdjkkeofanojcdolaakkckkmfcjejlij [2023-11-08] CHR Extension: (РуТрекер - официальный плагин (доступ и пр.)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\fddjpichkajmnkjhcmpbbjdmmcodnkej [2024-05-08] CHR Extension: (Google Документы офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-30] CHR Extension: (AdBlock — лучший блокировщик рекламы) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-04-12] CHR Extension: (AdGuard VPN — быстрый и безопасный proxy) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\hhdobjgopfphlmjbmnpglhfcgppchgje [2024-05-31] CHR Extension: (CryptoPro Extension for CAdES Browser Plug-in) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\iifchhfnnmpdbibifmljnfjhpififfog [2023-03-10] CHR Extension: (Shazam: ищите названия треков в браузере) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-06-06] CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-10] CHR Extension: (Расширение для плагина Госуслуг) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\pbefkdcndngodfeigfdgiodgnmbgcfha [2023-03-10] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11 [2023-08-30] CHR Notifications: Profile 11 -> hxxps://meet.google.com; hxxps://play.geforcenow.com; hxxps://roskomsvoboda.org CHR Extension: (RoPro - Enhance Your Roblox Experience) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\adbacgifemdbhdkfppmeilbgppmhaobf [2023-02-03] CHR Extension: (Плагин ГИС НР) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\cdjkkeofanojcdolaakkckkmfcjejlij [2023-01-16] CHR Extension: (Free VPN ZenMate-Best VPN for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2023-02-13] CHR Extension: (РуТрекер - официальный плагин (доступ и пр.)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\fddjpichkajmnkjhcmpbbjdmmcodnkej [2023-01-16] CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-15] CHR Extension: (AdBlock — best ad blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-23] CHR Extension: (CryptoPro Extension for CAdES Browser Plug-in) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\iifchhfnnmpdbibifmljnfjhpififfog [2023-01-16] CHR Extension: (RoSearcher) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\kogoeldkgknjbdajddjjfijggnpcffib [2023-02-23] CHR Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2023-02-13] CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-16] CHR Extension: (Расширение для плагина Госуслуг) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\pbefkdcndngodfeigfdgiodgnmbgcfha [2023-01-16] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2024-06-14] CHR HKU\S-1-5-21-718437350-3454518100-2172079934-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbefkdcndngodfeigfdgiodgnmbgcfha] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [cdjkkeofanojcdolaakkckkmfcjejlij] CHR HKLM-x32\...\Chrome\Extension: [iifchhfnnmpdbibifmljnfjhpififfog] CHR HKLM-x32\...\Chrome\Extension: [imhlianhlhdicjchlbmbfaefhhjencbe] CHR HKLM-x32\...\Chrome\Extension: [moihledlmchhofenpacbhphnbnpakgmo] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-718437350-3454518100-2172079934-1000) Opera GXStable - "C:\Users\User\AppData\Local\Programs\Opera GX\Launcher.exe" Yandex: ======= YAN DefaultProfile: Default YAN Profile: C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Default [2024-06-14] YAN Notifications: Default -> hxxps://finance.rambler.ru; hxxps://horo.mail.ru; hxxps://kari.com; hxxps://pogoda.mail.ru; hxxps://rushop.lg.com; hxxps://web.whatsapp.com; hxxps://www.pochta.ru YAN Extension: (Плагин ГИС НР) - C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\cdjkkeofanojcdolaakkckkmfcjejlij [2023-12-10] YAN Extension: (CryptoPro Extension for CAdES Browser Plug-in) - C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\epebfcehmdedogndhlcacafjaacknbcm [2022-10-23] YAN Extension: (Контур.Плагин) - C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\hnhppcgejeffnbnioloohhmndpmclaga [2024-05-27] YAN Extension: (CryptoPro Extension for CAdES Browser Plug-in) - C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\iifchhfnnmpdbibifmljnfjhpififfog [2022-11-17] YAN Extension: (Помощник диагностики) - C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\inlmamahcfioibldbpbaechbpeeaelin [2024-05-31] YAN Extension: (Lightshot (screenshot tool)) - C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2024-04-05] YAN Extension: (ESEP Crypto Extension) - C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\ndhkcelnoeacagmhbidalbidnkjeokma [2022-12-26] YAN Extension: (Адаптер Рутокен Плагин) - C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\ohedcglhbbfdgaogjhcclacoccbagkjg [2024-05-22] YAN Extension: (Расширение для плагина Госуслуг) - C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\pbefkdcndngodfeigfdgiodgnmbgcfha [2021-12-13] ==================== Службы (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S4 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [190464 2022-08-02] () [Файл не подписан] S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-10-05] (BattlEye Innovations e.K. -> ) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4960120 2022-09-17] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 DrWebAVService; C:\Program Files\DrWeb\dwservice.exe [16687480 2024-01-18] (Doctor Web Ltd. -> Doctor Web, Ltd.) R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2816312 2024-01-18] (Doctor Web Ltd. -> Doctor Web, Ltd.) R3 DrWebNetFilter; C:\Program Files\DrWeb\dwnetfilter.exe [7369896 2024-01-18] (Doctor Web Ltd. -> Doctor Web, Ltd.) R2 DrWebWscService; C:\Program Files\DrWeb\wsc-service.exe [6340928 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Doctor Web, Ltd.) S4 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [5673048 2021-04-03] (Int3 Software AB -> Int3 Software AB) S4 GoodbyeDPI; C:\Users\Public\goodbyedpi\x86_64\goodbyedpi.exe [61952 2019-10-31] () [Файл не подписан] S4 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [518712 2019-12-19] (Intel Corporation -> Intel Corporation) S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> ) S4 KingoSoftService; C:\Users\User\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe [377832 2018-03-08] (FingerPower Digital Technology Ltd. -> ) S4 Logs service for nr modules; C:\Program Files (x86)\nr_plugin\nr_logs.exe [128000 2020-07-21] (TOPCASE) [Файл не подписан] R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Файл не подписан] S3 mracsvc; C:\Windows\System32\mracsvc.exe [29953808 2024-02-23] (VK Play LLC -> VK Play LLC) S4 Network service for nr modules; C:\Program Files (x86)\nr_plugin\nr_networking.exe [483362 2020-07-21] (TOPCASE) [Файл не подписан] S4 nr_plugin_updater; C:\Program Files (x86)\nr_plugin\nr_plugin_updater.exe [352290 2020-07-21] (Top Case) [Файл не подписан] S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2021-03-20] (Even Balance, Inc. -> ) S3 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1179712 2023-07-10] (Famatech Corp. -> Famatech Corp.) S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S4 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-03-08] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S4 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-12-15] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2018-08-16] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation) S4 Плагин фиксации действий пользователя; C:\Program Files\Плагин фиксации действий пользователя\RecordSupportSystem.exe [137728 2020-12-30] () [Файл не подписан] S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [X] S4 AUEPLauncher; "C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe" [X] S4 Droid4XService; C:\Program Files (x86)\Droid4X\Droid4XService.exe [X] S3 EasyAntiCheat; "C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe" [X] S4 EasyAntiCheat_EOS; "C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe" [X] S3 ProtonVPN Service; "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe" [X] S2 YandexBrowserService; "C:\Program Files (x86)\Yandex\YandexBrowser\24.4.4.1168\service_update.exe" --run-as-service [X] ===================== Драйверы (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2022-08-17] (AnchorFree Inc -> The OpenVPN Project) U5 amdkmdap; C:\Windows\System32\Drivers\amdkmdap.sys [613152 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R1 betternet_netfilter2; C:\Windows\System32\drivers\betternet_netfilter2.sys [89088 2022-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Pango Inc) S3 CisUtMonitor; C:\Windows\system32\DRIVERS\CisUtMonitor.sys [57400 2023-04-09] (Texode Technologies, LLC -> CrystalIdea Software) R1 CProCtrl; C:\Windows\System32\DRIVERS\CProCtrl.5.0.0.10008.sys [120984 2021-06-02] (LLC Crypto-Pro -> Компания КРИПТО-ПРО) S3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [31576 2020-04-24] (DEV47 APPS -> Dev47Apps) R0 DrWebLwf; C:\Windows\System32\drivers\drweblwf.sys [544160 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Doctor Web, Ltd.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2021-07-29] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [63696 2022-09-17] (AVB Disc Soft, SIA -> Disc Soft Ltd) R0 DwDevGuard; C:\Windows\System32\drivers\dwdg.sys [333280 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Doctor Web, Ltd.) R0 DwProt; C:\Windows\System32\drivers\dwprot.sys [1159088 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Doctor Web, Ltd.) R3 GrdKey; C:\Windows\System32\DRIVERS\grdkey.sys [1006336 2009-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Aktiv Co.) S3 GrdUsb; C:\Windows\System32\DRIVERS\grdusb.sys [1060992 2009-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Aktiv Co.) R3 keyboard; C:\Windows\System32\Drivers\keyboard.sys [18536 2022-09-13] (Francisco Lopes da Silva -> Oblita) R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [354200 2024-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Oracle Corporation) R2 LdBoxDrv; C:\Program Files\dnplayerext2\LdBoxDrv.sys [319376 2024-02-08] (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [319376 2023-10-21] (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.) R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [52832 2012-01-17] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) S3 logi_joy_bus_enum; C:\Windows\System32\drivers\logi_joy_bus_enum.sys [37200 2022-02-14] (Logitech Inc -> Logitech) S3 logi_joy_vir_hid; C:\Windows\System32\drivers\logi_joy_vir_hid.sys [25928 2022-02-14] (Logitech Inc -> Logitech) S3 logi_joy_xlcore; C:\Windows\System32\drivers\logi_joy_xlcore.sys [66896 2022-02-14] (Logitech Inc -> Logitech) R1 MEmuDrv; C:\Windows\System32\DRIVERS\MEmuDrv.sys [309904 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94440 2019-06-12] (Microsoft Windows -> Корпорация Майкрософт) R3 mouse; C:\Windows\System32\Drivers\mouse.sys [18536 2022-09-13] (Francisco Lopes da Silva -> Oblita) S3 mracdrv; C:\Windows\System32\drivers\mracdrv1.sys [29287768 2024-02-23] (My.Com B.V. -> My.com B.V.) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> ) R1 ndextlag; C:\Windows\System32\DRIVERS\ndextlag.sys [39112 2018-04-11] (Mainline Net Holdings Limited -> SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA - ME) R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0116.sys [38088 2022-12-13] (SoftEther Corporation -> SoftEther Corporation) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2022-01-06] (Apple Inc.) [Файл не подписан] S3 nvme; C:\Windows\system32\drivers\nvme.sys [77488 2016-08-17] (Lite-On Technology Corporation -> Windows (R) Win 7 DDK provider) S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION) R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION) R1 pango_netfilter2; C:\Windows\System32\drivers\pango_netfilter2.sys [89088 2022-12-30] (Microsoft Windows Hardware Compatibility Publisher -> Pango Inc) S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [39448 2022-03-30] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) R3 RTIFDH; C:\Windows\System32\DRIVERS\rtIFDH.sys [16256 2020-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Компания "Актив") S3 rtUSB; C:\Windows\System32\DRIVERS\rtUSB.sys [39296 2020-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Компания "Актив") S3 RvNetMP60; C:\Windows\System32\DRIVERS\RvNetMP60.sys [58288 2022-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Famatech Corp.) R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 secnvme; C:\Windows\system32\drivers\secnvme.sys [91352 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R0 secnvmeF; C:\Windows\System32\drivers\secnvmeF.sys [30624 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R0 SpiderG3; C:\Windows\System32\drivers\spiderg3.sys [418784 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Doctor Web, Ltd.) S3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [46440 2017-06-29] (SteelSeries ApS -> SteelSeries ApS) S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2023-04-27] (TunnelBear, Inc. -> The OpenVPN Project) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2022-02-03] (The OpenVPN Project) [Файл не подписан] S3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [39696 2021-05-28] (Proton Technologies AG -> The OpenVPN Project) S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [48544 2021-04-18] (Windscribe Limited -> The OpenVPN Project) S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [802920 2020-10-22] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 UniFairy_x64; C:\Windows\system32\drivers\UniFairy_x64.sys [7500616 2024-01-23] (Tencent Technology(Shenzhen) Company Limited -> ) S3 unirsdt; C:\Windows\system32\drivers\unirsdt.sys [5008032 2024-01-23] (Tencent Technology(Shenzhen) Company Limited -> ) S3 UniSafe; C:\Windows\system32\drivers\UniSafe.sys [572632 2021-09-01] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [Файл не подписан] R3 UsbDk; C:\Windows\System32\Drivers\UsbDk.sys [93896 2020-02-27] (Red Hat, Inc. -> Red Hat Inc.) S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [240704 2022-03-22] (Oracle Corporation -> Oracle Corporation) R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2018-01-08] (VMware, Inc. -> VMware, Inc.) R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [66520 2018-01-08] (VMware, Inc. -> VMware, Inc.) S3 VOICEMOD_Driver; C:\Windows\System32\drivers\mvvad.sys [48144 2022-07-26] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363752 2018-08-16] (Microsoft Windows -> Корпорация Майкрософт) S3 windtun420; C:\Windows\System32\DRIVERS\windtun420.sys [38312 2021-04-18] (Windscribe Limited -> WireGuard LLC) S3 wintun; C:\Windows\System32\DRIVERS\wintun.sys [29680 2024-02-11] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WireGuard; C:\Windows\System32\DRIVERS\wireguard.sys [489368 2022-08-28] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [340880 2024-02-17] (Nox Limited -> Nox Limited Corporation) S1 adgnetworktdidrv; system32\drivers\adgnetworktdidrv.sys [X] S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X] S2 BlueStacksDrv_msi2; \??\C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [X] S3 bntap; system32\DRIVERS\bntap.sys [X] U4 ClipSVC; отсутствует ImagePath U4 diagsvc; отсутствует ImagePath U4 dmwappushservice; отсутствует ImagePath U4 embeddedmode; отсутствует ImagePath S3 EQU8_HELPER_19; \??\C:\Windows\system32\DRIVERS\EQU8_HELPER_19.sys [X] S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 GPU-Z-v2; \??\C:\Users\User\AppData\Local\Temp\GPU-Z-v2.sys [X] <==== ВНИМАНИЕ S3 hsstap; system32\DRIVERS\hsstap.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] U4 InstallService; отсутствует ImagePath U4 MapsBroker; отсутствует ImagePath U4 MsSecCore; отсутствует ImagePath S0 oem-drv64; system32\DRIVERS\oem-drv64.sys [X] U4 OneSyncSvc; отсутствует ImagePath U4 OneSyncSvc_402ac; отсутствует ImagePath S3 polarbear-split-tunneling; \??\C:\Program Files (x86)\TunnelBear\Drivers\x64\SplitTunnelingDriver.sys [X] U4 PrintNotify; отсутствует ImagePath U4 PrintWorkflowUserSvc; отсутствует ImagePath S3 ProtonVPNCallout; \??\C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.CalloutDriver.sys [X] U4 PushToInstall; отсутствует ImagePath U4 SecurityHealthService; отсутствует ImagePath U2 Sense; отсутствует ImagePath U4 SgrmAgent; отсутствует ImagePath U4 SgrmBroker; отсутствует ImagePath U4 StorSvc; отсутствует ImagePath S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] U4 WdBoot; отсутствует ImagePath U4 WdFiltrer; отсутствует ImagePath U4 WdNisDrv; отсутствует ImagePath U4 WdNisSvc; отсутствует ImagePath U4 webthreatdefsvc; отсутствует ImagePath U4 webthreatdefusersvc; отсутствует ImagePath S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) ==================== Один месяц (создан) (В белом списке) ========= (Если запись включена в лист исправлений, файл/папка будут перемещены.) 2024-06-14 13:00 - 2024-06-14 13:04 - 000060346 _____ C:\Users\User\Downloads\FRST.txt 2024-06-14 13:00 - 2024-06-14 13:02 - 000000000 ____D C:\FRST 2024-06-14 12:59 - 2024-06-14 13:00 - 002395136 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2024-06-14 12:58 - 2024-06-14 13:03 - 000000000 ____D C:\Program Files\chrome_url_fetcher_3208_284706288 2024-06-14 12:51 - 2024-06-14 12:51 - 000000000 ____D C:\Program Files\chrome_url_fetcher_7728_1316160053 2024-06-14 12:49 - 2024-06-14 12:49 - 000000000 ____D C:\Program Files\chrome_url_fetcher_6300_195581039 2024-06-14 12:06 - 2024-06-14 12:06 - 000111504 _____ C:\Users\User\Downloads\CollectionLog-2024.06.14-12.05.zip 2024-06-14 11:04 - 2024-06-14 11:53 - 000000000 ____D C:\KVRT2020_Data 2024-06-14 11:02 - 2024-06-14 11:02 - 000000000 ____D C:\Program Files\ChromiumTemp908_1218745250 2024-06-14 11:00 - 2024-06-14 11:03 - 111704432 _____ (AO Kaspersky Lab) C:\Users\User\Downloads\KVRT.exe 2024-06-14 10:49 - 2024-06-14 12:59 - 034816000 _____ C:\Windows\system32\config\SYSTEM 2024-06-14 10:49 - 2024-06-14 12:57 - 000102400 _____ C:\Windows\system32\config\SAM 2024-06-14 10:49 - 2024-06-14 12:56 - 098615296 _____ C:\Windows\system32\config\SOFTWARE 2024-06-14 10:49 - 2024-06-14 12:56 - 000036864 _____ C:\Windows\system32\config\SECURITY 2024-06-14 10:38 - 2024-06-14 10:43 - 000000000 ____D C:\Program Files\chrome_url_fetcher_2908_2122241164 2024-06-14 10:35 - 2024-06-14 12:56 - 002138112 _____ C:\Windows\system32\config\DEFAULT 2024-06-14 09:39 - 2024-06-14 09:39 - 001478144 _____ C:\Users\User\Downloads\Audio.exe 2024-06-13 20:51 - 2024-06-13 20:51 - 000001239 _____ C:\Users\User\Desktop\Roblox Player.lnk 2024-06-13 20:36 - 2024-06-13 20:36 - 000084208 __RSH (The MathWorks Inc.) C:\Users\User\AppData\Roaming\Icdvb.exe 2024-06-13 19:57 - 2024-06-13 19:57 - 001248478 _____ C:\Users\User\Downloads\HUD ARIZONA RP (Kent Paul).zip 2024-06-13 19:53 - 2024-06-13 19:54 - 000915167 _____ C:\Users\User\Downloads\AZVoice.zip 2024-06-13 19:53 - 2024-06-13 19:54 - 000325010 _____ C:\Users\User\Downloads\ci_asi.zip 2024-06-13 16:47 - 2024-06-13 16:49 - 000000000 ____D C:\Users\User\Desktop\5 2024-06-13 16:32 - 2024-06-14 09:37 - 038506335 _____ C:\Users\User\Downloads\AutoLogger.zip 2024-06-13 14:09 - 2024-06-13 14:09 - 000000814 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ARIZONA GAMES.lnk 2024-06-13 14:03 - 2024-06-13 14:06 - 158886496 _____ (Professional Gaming Solutions, LTD ) C:\Users\User\Downloads\AG-setup.exe 2024-06-13 14:00 - 2024-06-13 14:00 - 000000000 ____D C:\Program Files\chrome_url_fetcher_5636_712309030 2024-06-13 13:43 - 2024-06-13 13:43 - 004038897 _____ C:\Users\User\Downloads\arizona-interface-main.zip 2024-06-13 12:47 - 2024-06-13 12:47 - 000001962 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-06-13 12:39 - 2024-06-13 12:40 - 000000000 ____D C:\Program Files\CrystalDiskInfo 2024-06-13 12:39 - 2024-06-13 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2024-06-13 12:38 - 2024-06-13 12:38 - 005921600 _____ (Crystal Dew World ) C:\Users\User\Downloads\CrystalDiskInfo9_3_0.exe 2024-06-13 12:10 - 2024-06-13 12:40 - 296380520 _____ (Malwarebytes) C:\Users\User\Downloads\MBSetup.exe 2024-06-12 22:37 - 2024-06-12 22:40 - 000000000 ____D C:\Program Files\chrome_url_fetcher_3476_1997026362 2024-06-12 15:36 - 2024-06-12 15:36 - 005641112 _____ (Roblox Corporation) C:\Users\User\Downloads\RobloxPlayerInstaller.exe 2024-06-12 15:36 - 2024-06-12 15:36 - 000000000 ____D C:\Users\User\AppData\Local\Roblox 2024-06-12 12:07 - 2024-06-13 12:44 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-06-12 12:07 - 2024-06-13 12:44 - 000000000 ____D C:\Program Files\Malwarebytes 2024-06-12 11:39 - 2024-06-12 11:46 - 277685776 _____ (Malwarebytes) C:\Users\User\Downloads\mb5-setup-consumer-5.1.5.116-1.0.1252-1.0.85403.exe 2024-06-11 21:01 - 2024-06-11 21:01 - 000000000 ____D C:\Users\Public\7oayy4pb.default-release-1 2024-06-11 19:56 - 2024-06-11 19:56 - 000000000 __SHD C:\found.002 2024-06-11 16:26 - 2024-06-11 16:26 - 000003160 _____ C:\Windows\system32\Tasks\StartCN 2024-06-11 16:26 - 2024-06-11 16:26 - 000003124 _____ C:\Windows\system32\Tasks\AMDInstallLauncher 2024-06-11 16:26 - 2024-06-11 16:26 - 000003108 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2024-06-11 16:26 - 2024-06-11 16:26 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR 2024-06-11 16:26 - 2024-06-11 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software 2024-06-11 16:26 - 2024-06-11 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool 2024-06-11 16:25 - 2022-08-02 18:09 - 002241656 _____ (AMD Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe 2024-06-11 16:24 - 2024-06-11 16:24 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2024-06-11 16:18 - 2024-11-06 23:39 - 000000000 ____D C:\Program Files\AMD 2024-06-11 16:18 - 2024-06-11 16:33 - 000000000 ____D C:\ProgramData\AMD 2024-06-11 14:52 - 2024-06-11 14:53 - 000000000 ____D C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping2804_830251007 2024-06-11 12:14 - 2024-06-11 12:14 - 000058368 _____ C:\Users\User\Downloads\UltraWH.asi 2024-06-11 12:14 - 2024-06-11 12:14 - 000001360 _____ C:\Users\User\Downloads\UltraWH.ini 2024-06-10 18:32 - 2024-06-10 18:32 - 000002428 _____ C:\Users\User\Downloads\attachTrailer.lua 2024-06-10 18:31 - 2024-06-10 18:31 - 000000000 ____D C:\Program Files\chrome_url_fetcher_5932_1816986407 2024-06-10 12:53 - 2024-06-10 12:53 - 000000000 ____D C:\Program Files\chrome_url_fetcher_5792_1868843906 2024-06-10 09:33 - 2024-11-07 10:48 - 001037526 _____ C:\Windows\ntbtlog.txt 2024-06-09 22:42 - 2024-06-09 22:42 - 001478144 __RSH C:\Users\User\AppData\Local\Audio.exe 2024-06-09 13:10 - 2024-04-03 19:48 - 3441356559 _____ C:\Users\User\Desktop\Screenrecorder-2024-02-17-10-49-50-756.mp4 2024-06-09 13:07 - 2024-04-03 19:42 - 4191936186 _____ C:\Users\User\Desktop\Screenrecorder-2024-03-16-10-18-07-498.mp4 2024-06-09 10:14 - 2024-11-07 11:08 - 000000000 ____D C:\Users\User\AppData\LocalLow\AMD 2024-06-08 22:27 - 2024-06-08 22:28 - 000000000 ____D C:\Program Files\chrome_url_fetcher_6264_1461238115 2024-06-08 18:45 - 2024-06-08 18:45 - 000004572 _____ C:\Users\User\Downloads\GamerProfile.xml 2024-06-08 18:43 - 2024-06-08 18:43 - 000000000 ____D C:\Program Files\chrome_url_fetcher_6436_797297929 2024-06-08 17:11 - 2024-06-08 17:56 - 000000000 ____D C:\Program Files (x86)\Far Cry 4 2024-06-08 12:03 - 2024-06-08 12:03 - 000000000 ____D C:\Program Files\chrome_url_fetcher_2156_688500592 2024-06-07 15:53 - 2024-06-07 17:31 - 000000000 ____D C:\Users\User\AppData\Roaming\Pears Project 2024-06-07 15:53 - 2024-06-07 15:53 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pears Project Launcher 2024-06-07 15:53 - 2024-06-07 15:53 - 000000000 ____D C:\Program Files\Pears Project Launcher 2024-06-07 15:49 - 2024-06-07 15:49 - 000000000 ____D C:\Program Files\chrome_url_fetcher_4660_672978991 2024-06-07 15:48 - 2024-06-07 15:48 - 000000000 ____D C:\Program Files\chrome_url_fetcher_4660_463483250 2024-06-05 21:49 - 2024-06-05 21:49 - 000000000 ____D C:\Program Files\chrome_url_fetcher_7704_1773465439 2024-06-05 21:26 - 2024-06-05 21:27 - 000000000 ____D C:\Program Files\chrome_url_fetcher_3560_1259389365 2024-06-04 21:09 - 2024-06-04 21:09 - 000000000 ____D C:\Program Files\chrome_url_fetcher_9408_783616672 2024-06-04 16:56 - 2024-06-04 17:00 - 095442382 _____ C:\Users\User\Downloads\1376318841_audio.zip 2024-06-04 16:31 - 2024-06-04 16:32 - 006466413 _____ C:\Users\User\Downloads\Не подтвержден 174613.crdownload 2024-06-04 16:28 - 2024-06-04 16:28 - 000000000 ____D C:\Program Files\chrome_url_fetcher_2840_1545160989 2024-06-03 17:38 - 2024-06-03 17:39 - 000000000 ____D C:\Program Files\chrome_url_fetcher_4484_435048747 2024-06-03 12:54 - 2024-06-03 12:55 - 000000000 ____D C:\Program Files\chrome_url_fetcher_3080_260418477 2024-06-02 19:21 - 2024-06-02 19:21 - 000001156 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Legacy Launcher Stable.lnk 2024-06-02 17:29 - 2024-06-02 17:29 - 000000000 ____D C:\Program Files\chrome_url_fetcher_5456_1215938505 2024-06-01 21:06 - 2024-06-01 21:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast 2 2024-06-01 15:06 - 2024-06-01 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotline Miami 2 Wrong Number 2024-06-01 15:06 - 2024-06-01 15:06 - 000000000 ____D C:\Program Files (x86)\Hotline Miami 2 Wrong Number 2024-06-01 15:00 - 2024-06-01 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotline Miami 2024-06-01 15:00 - 2024-06-01 15:00 - 000000000 ____D C:\Program Files (x86)\Hotline Miami 2024-06-01 13:29 - 2024-06-01 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxima RP win7 2024-06-01 13:23 - 2024-06-01 13:29 - 000000000 ____D C:\Program Files (x86)\PROXIMA 2024-06-01 10:50 - 2024-06-01 10:50 - 000000000 ____D C:\Users\User\AppData\Roaming\Sun 2024-06-01 10:50 - 2024-06-01 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2024-06-01 10:50 - 2024-03-13 07:44 - 000170624 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2024-06-01 10:48 - 2024-06-01 10:48 - 000000000 ____D C:\Program Files (x86)\Java 2024-05-29 14:38 - 2024-05-29 14:38 - 000003650 _____ C:\Windows\system32\Tasks\IdleI 2024-05-29 14:38 - 2024-05-29 14:38 - 000003398 _____ C:\Windows\system32\Tasks\Idle 2024-05-27 21:13 - 2024-05-27 21:13 - 000000000 ____D C:\Program Files\chrome_url_fetcher_5736_1587078243 2024-05-26 22:25 - 2024-05-26 22:25 - 000000000 ____D C:\Program Files\chrome_url_fetcher_6016_47144354 2024-05-26 13:36 - 2024-05-26 13:36 - 000390078 _____ C:\Users\User\Desktop\План.svg 2024-05-26 13:35 - 2024-05-26 14:54 - 000048133 _____ C:\Users\User\Desktop\План.sh3d 2024-05-26 13:31 - 2024-05-26 13:31 - 000070760 _____ C:\Users\User\Desktop\План 1.pdf 2024-05-25 19:46 - 2024-05-25 19:46 - 000000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs 2024-05-24 23:01 - 2024-05-24 23:03 - 069501197 _____ C:\Users\User\Downloads\3DModels-Scopia-1.9.1.zip 2024-05-24 23:00 - 2024-05-24 23:01 - 029028481 _____ C:\Users\User\Downloads\3DModels-Contributions-1.9.1.zip 2024-05-24 22:58 - 2024-05-24 22:59 - 023762844 _____ C:\Users\User\Downloads\3DModels-BlendSwap-CC-0-1.9.1.zip 2024-05-24 22:56 - 2024-05-24 22:56 - 000000936 _____ C:\Users\User\Desktop\Sweet Home 3D.lnk 2024-05-24 22:56 - 2024-05-24 22:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D 2024-05-24 22:49 - 2024-05-24 22:52 - 084891808 _____ (eTeks ) C:\Users\User\Downloads\SweetHome3D-7.3-windows.exe 2024-05-24 22:01 - 2024-05-24 22:02 - 000555764 _____ C:\Users\User\Downloads\16-05-2024_13-12-38.zip 2024-05-24 21:54 - 2024-05-24 21:54 - 000089415 _____ C:\Users\User\Downloads\013301057 Квитанция на оплату 000799079 от 11052024 172451.pdf 2024-05-23 19:49 - 2024-05-23 19:49 - 000000000 ____D C:\Program Files\chrome_url_fetcher_17836_2133307617 2024-05-23 17:30 - 2024-05-23 17:30 - 000000000 ____D C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping12968_241517119 2024-05-23 16:54 - 2024-05-23 16:54 - 000000000 ____D C:\Users\User\AppData\LocalLow\AIHASTO 2024-05-22 16:49 - 2024-05-22 16:49 - 000000000 ____D C:\Users\User\.oracle_jre_usage 2024-05-22 16:47 - 2024-05-22 16:49 - 000000000 ____D C:\Program Files\Ben and Ed 2024-05-22 16:47 - 2024-05-22 16:47 - 000000621 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ben and Ed.lnk 2024-05-22 16:44 - 2024-05-22 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guns Gore and Cannoli 2 2024-05-22 16:43 - 2024-05-22 16:44 - 000000000 ____D C:\Program Files (x86)\Guns Gore and Cannoli 2 2024-05-22 16:02 - 2024-05-22 16:49 - 000000000 ____D C:\Users\User\AppData\LocalLow\Crazy Monkey Studios 2024-05-22 16:02 - 2024-05-22 16:02 - 000000000 ____D C:\Users\User\Documents\Gamesaves 2024-05-19 16:35 - 2024-05-19 16:35 - 000000000 ____D C:\Program Files\chrome_url_fetcher_5184_582404359 2024-05-18 21:10 - 2024-05-18 21:11 - 000000000 ____D C:\Program Files\chrome_url_fetcher_3648_2083703251 2024-05-18 16:58 - 2024-05-18 16:59 - 000000000 ____D C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping6300_932365229 2024-05-17 20:29 - 2024-05-17 20:30 - 000000000 ____D C:\Program Files\chrome_url_fetcher_4016_908218370 2024-05-17 20:21 - 2024-05-17 20:21 - 000000064 _____ C:\Windows\ab15f3e 2024-05-17 20:20 - 2024-05-17 20:21 - 000000000 ____D C:\Users\User\Documents\AMAZING 2024-05-16 20:01 - 2024-05-16 20:01 - 000002441 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mechvibes.lnk 2024-05-16 17:03 - 2024-05-16 17:03 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyHome Launcher.lnk 2024-05-16 17:02 - 2024-05-16 17:08 - 000000000 ____D C:\Program Files (x86)\MyHome Launcher ==================== Один месяц (изменён) ================== (Если запись включена в лист исправлений, файл/папка будут перемещены.) 2024-11-07 11:10 - 2011-04-12 16:26 - 000724340 _____ C:\Windows\system32\perfh019.dat 2024-11-07 11:10 - 2011-04-12 16:26 - 000150656 _____ C:\Windows\system32\perfc019.dat 2024-11-07 11:10 - 2009-07-14 08:13 - 001648228 _____ C:\Windows\system32\PerfStringBackup.INI 2024-11-07 10:38 - 2021-01-15 20:15 - 000000000 ____D C:\Windows\pss 2024-06-14 12:59 - 2020-10-16 16:14 - 000000000 ____D C:\ProgramData\Doctor Web 2024-06-14 12:59 - 2018-08-23 13:05 - 000000000 ____D C:\Program Files (x86)\Google 2024-06-14 12:57 - 2021-01-07 14:15 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2024-06-14 12:57 - 2020-10-16 16:07 - 000000424 _____ C:\Windows\Tasks\Обновление Браузера Яндекс.job 2024-06-14 12:57 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-06-14 12:56 - 2020-10-16 16:03 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2024-06-14 12:55 - 2020-12-21 18:15 - 000019376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2024-06-14 12:55 - 2020-12-21 18:15 - 000019376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2024-06-14 12:54 - 2023-01-17 16:45 - 000000000 ____D C:\Program Files\Intel 2024-06-14 12:54 - 2022-07-17 23:02 - 000000000 ____D C:\Windows\system32\Tasks\System 2024-06-14 12:51 - 2022-11-26 20:10 - 000000000 ____D C:\Users\User\AppData\Roaming\arizona-launcher 2024-06-14 12:51 - 2022-01-20 09:41 - 000000000 ____D C:\ProgramData\firebird 2024-06-14 12:51 - 2020-12-13 19:46 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2024-06-14 12:51 - 2020-12-13 19:46 - 000000000 ____D C:\Windows\system32\Macromed 2024-06-14 12:16 - 2022-11-07 15:07 - 000000386 _____ C:\Windows\Tasks\update-sys.job 2024-06-14 12:02 - 2020-10-16 16:07 - 000003428 _____ C:\Windows\system32\Tasks\Обновление Браузера Яндекс 2024-06-14 11:47 - 2020-10-16 16:07 - 000000466 _____ C:\Windows\Tasks\Системное обновление Браузера Яндекс.job 2024-06-14 11:23 - 2023-03-13 12:57 - 000000000 __SHD C:\found.000 2024-06-14 11:23 - 2023-02-24 17:14 - 000000000 ___HD C:\msdownld.tmp 2024-06-14 11:23 - 2023-02-24 11:45 - 000000000 ____D C:\Вторая часть заявки 2024-06-14 11:23 - 2023-02-24 11:41 - 000000000 ____D C:\Licenses 2024-06-14 11:23 - 2021-03-20 20:37 - 000000000 ____D C:\sessionmonitornetcommon 2024-06-14 11:19 - 2022-04-28 16:50 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps 2024-06-14 11:02 - 2023-07-23 18:01 - 000000000 __SHD C:\DrWeb Quarantine 2024-06-14 10:07 - 2020-10-16 16:07 - 000000428 _____ C:\Windows\Tasks\Восстановление сервиса обновлений Яндекс.Браузера.job 2024-06-13 20:51 - 2023-09-16 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox 2024-06-13 14:16 - 2020-10-16 16:23 - 000000000 ___RD C:\Users\User\Desktop\Games 2024-06-13 14:09 - 2020-10-25 14:29 - 000000000 ____D C:\Games 2024-06-12 14:35 - 2023-12-15 15:38 - 000000000 ____D C:\Program Files (x86)\Steam 2024-06-12 14:35 - 2021-11-17 21:13 - 000005032 ___SH C:\Users\User\Downloads\Содержание OneNote.onetoc2 2024-06-12 12:50 - 2021-03-03 15:12 - 000000000 ____D C:\Users\User\AppData\Local\AMD_Common 2024-06-12 12:08 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf 2024-06-12 12:01 - 2022-10-03 16:10 - 000000426 _____ C:\Windows\Tasks\Восстановление сервиса обновлений Яндекс Браузера.job 2024-06-12 11:50 - 2022-10-03 16:10 - 000003422 _____ C:\Windows\system32\Tasks\Восстановление сервиса обновлений Яндекс Браузера 2024-06-12 11:50 - 2020-10-16 16:07 - 000003558 _____ C:\Windows\system32\Tasks\Системное обновление Браузера Яндекс 2024-06-11 20:00 - 2009-07-14 08:08 - 000032528 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2024-06-11 17:54 - 2020-10-16 16:05 - 000000000 ____D C:\Users\User\AppData\Local\AMD 2024-06-11 12:35 - 2023-10-25 18:32 - 000003972 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{57F39B7E-7D59-49A5-8719-E5B27AB6F21E} 2024-06-11 10:50 - 2020-10-16 16:07 - 000002491 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk 2024-06-10 16:55 - 2023-01-08 13:53 - 000000000 ____D C:\Users\Public\utorrent 2024-06-09 22:43 - 2023-01-21 18:52 - 000000000 ____D C:\Program Files (x86)\Outline 2024-06-09 19:37 - 2023-01-08 13:53 - 000000000 ____D C:\Users\Public\torrents 2024-06-09 19:36 - 2023-01-08 13:53 - 000000000 ____D C:\Users\Public\utordownload 2024-06-08 22:26 - 2023-12-10 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2024-06-08 18:17 - 2022-08-31 17:21 - 000000000 ____D C:\Users\User\Documents\My Games 2024-06-08 18:10 - 2020-10-17 15:43 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Шаблоны 2024-06-08 17:57 - 2021-09-05 13:39 - 000000000 ____D C:\ProgramData\Orbit 2024-06-07 09:01 - 2021-06-11 17:59 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-06-07 09:01 - 2021-06-11 17:59 - 000003440 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-06-06 15:58 - 2022-11-26 20:49 - 000000000 ____D C:\Users\User\Documents\GTA San Andreas User Files 2024-06-06 15:08 - 2020-11-02 14:41 - 000000000 ____D C:\Users\User\AppData\Local\modloader 2024-06-06 15:08 - 2020-11-02 14:41 - 000000000 ____D C:\ProgramData\modloader 2024-06-05 10:39 - 2022-07-19 14:00 - 000000000 ____D C:\Medal 2024-06-05 10:33 - 2023-07-29 09:40 - 000128184 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2024-06-05 10:32 - 2023-07-29 09:38 - 000491896 _____ C:\Windows\system32\FNTCACHE.DAT 2024-06-04 21:01 - 2021-03-27 12:44 - 000000000 ____D C:\Users\User\AppData\Roaming\radmir-launcher 2024-06-04 20:53 - 2024-03-23 17:59 - 000000000 ____D C:\Users\User\Documents\RADMIR CRMP User Files 2024-06-02 19:19 - 2024-02-01 17:40 - 000000000 ____D C:\Users\User\AppData\Roaming\.tlauncher 2024-06-02 19:18 - 2023-11-29 19:07 - 000000000 ____D C:\Redmi Note 10S 2024-06-01 15:06 - 2024-04-30 21:45 - 000000000 ____D C:\Program Files (x86)\TI 2024-06-01 14:29 - 2024-04-28 13:33 - 000000000 ____D C:\ProgramData\MTA San Andreas All 2024-06-01 13:29 - 2020-10-27 20:15 - 000000000 ___HD C:\Windows\msdownld.tmp 2024-06-01 13:29 - 2020-10-27 20:15 - 000000000 ____D C:\Windows\SysWOW64\directx 2024-06-01 10:56 - 2024-02-01 17:40 - 000000000 ____D C:\Users\User\AppData\Roaming\.minecraft 2024-05-31 20:10 - 2022-09-22 18:01 - 000055296 _____ C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2024-05-29 14:38 - 2023-11-05 12:49 - 000000000 ____D C:\.android 2024-05-29 14:38 - 2021-10-04 19:26 - 000000000 ____D C:\Program Files (x86)\DXBX 2024-05-28 16:49 - 2022-12-01 20:48 - 000000000 ____D C:\Users\User\AppData\Roaming\Lightcord 2024-05-28 12:36 - 2020-10-17 15:27 - 000000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics 2024-05-27 21:50 - 2024-05-13 12:11 - 000000000 ____D C:\Users\User\AppData\Roaming\Mechvibes 2024-05-26 14:15 - 2020-10-17 15:43 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Word 2024-05-25 19:46 - 2018-08-18 09:20 - 000000000 ___RD C:\Users\Public\Recorded TV 2024-05-25 19:46 - 2009-07-14 08:32 - 000000000 ____D C:\Program Files\DVD Maker 2024-05-25 19:46 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2024-05-25 19:01 - 2023-10-25 18:31 - 000000000 ____D C:\Program Files (x86)\NeoSmart Technologies 2024-05-24 22:56 - 2021-01-23 11:03 - 000000000 ____D C:\Program Files\Sweet Home 3D 2024-05-23 16:10 - 2022-10-07 18:44 - 000000000 ____D C:\Users\User\AppData\Roaming\Leppsoft 2024-05-19 12:13 - 2023-12-15 15:53 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-05-16 18:41 - 2023-12-15 15:46 - 000000000 ____D C:\Users\User\AppData\Local\Steam 2024-05-16 15:26 - 2023-08-31 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab 2024-05-15 21:22 - 2021-02-08 00:31 - 000000000 ____D C:\Users\User\Doctor Web ==================== Файлы в корне каталогов ======== 2020-06-01 23:23 - 2020-06-01 23:23 - 000000258 _____ () C:\ProgramData\fontcacheev1.dat 2022-08-02 11:01 - 2022-08-02 11:01 - 002515936 _____ (Advanced Micro Devices, Inc.) C:\Users\User\AMDRSServ.exe 2022-08-02 11:01 - 2022-08-02 11:01 - 000417760 _____ (Advanced Micro Devices, Inc.) C:\Users\User\AMDRSSrcExt.exe 2023-12-10 20:18 - 2023-12-10 20:18 - 006970144 _____ (VS Revo Group ) C:\Users\User\revosetup.exe 2021-08-26 15:36 - 2021-08-26 15:36 - 000018850 _____ () C:\Users\User\AppData\Roaming\ANGIGNIGHT Hackgignight.ini 2023-01-21 17:07 - 2023-02-27 19:08 - 000000001 _____ () C:\Users\User\AppData\Roaming\c 2021-02-02 17:02 - 2021-02-02 17:02 - 000000068 _____ () C:\Users\User\AppData\Roaming\changzhi_leidian.data 2021-09-01 12:39 - 2021-09-01 12:39 - 000000206 _____ () C:\Users\User\AppData\Roaming\changzhi_leidianmac.data 2021-03-13 14:09 - 2021-03-13 14:27 - 003787673 _____ () C:\Users\User\AppData\Roaming\CROSS_DUC.p7b 2021-01-06 21:28 - 2021-01-06 21:29 - 000001021 _____ () C:\Users\User\AppData\Roaming\droid4xinstaller.log 2022-09-20 17:34 - 2022-09-20 17:34 - 000000128 ____H () C:\Users\User\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6 2022-03-21 20:13 - 2022-03-23 12:02 - 000012288 _____ () C:\Users\User\AppData\Roaming\emp.bin 2024-06-13 20:36 - 2024-06-13 20:36 - 000084208 __RSH (The MathWorks Inc.) C:\Users\User\AppData\Roaming\Icdvb.exe 2020-11-15 14:41 - 2022-06-09 23:22 - 000000238 _____ () C:\Users\User\AppData\Roaming\jjv5conf.json 2022-05-10 11:44 - 2022-05-12 20:04 - 000000016 _____ () C:\Users\User\AppData\Roaming\obs-virtualcam.txt 2022-10-22 21:43 - 2022-10-22 21:43 - 000000133 _____ () C:\Users\User\AppData\Roaming\settings.evon 2022-04-18 16:48 - 2022-04-18 16:53 - 000005629 _____ () C:\Users\User\AppData\Roaming\SpeedRunnersLog.txt 2024-06-09 22:42 - 2024-06-09 22:42 - 001478144 __RSH () C:\Users\User\AppData\Local\Audio.exe 2022-06-01 21:06 - 2022-06-02 19:07 - 000000107 _____ () C:\Users\User\AppData\Local\dc4f79923a5baeb14164.bin 2022-09-22 18:01 - 2024-05-31 20:10 - 000055296 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2022-06-09 23:38 - 2023-04-04 18:08 - 000000041 _____ () C:\Users\User\AppData\Local\link.txt 2021-09-18 17:53 - 2021-09-18 17:53 - 000000000 ___SH () C:\Users\User\AppData\Local\LumaEmu 2021-05-13 12:17 - 2021-05-13 12:17 - 000000410 _____ () C:\Users\User\AppData\Local\oobelibMkey.log 2020-10-26 12:13 - 2021-09-04 18:58 - 000007849 _____ () C:\Users\User\AppData\Local\PlariumPlay.log 2022-01-18 20:57 - 2022-01-18 20:58 - 000000128 _____ () C:\Users\User\AppData\Local\PUTTY.RND 2023-01-29 20:31 - 2023-01-29 20:31 - 000000218 _____ () C:\Users\User\AppData\Local\recently-used.xbel 2023-02-18 21:36 - 2023-07-12 22:42 - 000007609 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg 2022-11-07 15:07 - 2022-11-07 15:07 - 000000003 _____ () C:\Users\User\AppData\Local\updater.log 2022-11-07 15:07 - 2023-08-30 17:02 - 000000059 _____ () C:\Users\User\AppData\Local\UserProducts.xml 2022-05-25 21:03 - 2022-05-25 21:55 - 000017408 _____ () C:\Users\User\AppData\Local\WebpageIcons.db 2022-12-23 21:49 - 2022-12-23 21:52 - 000000000 _____ () C:\Users\User\AppData\Local\{0349A4ED-A359-4D0C-8094-7C0E3C01073D} 2023-01-12 13:37 - 2023-01-12 13:37 - 000000000 _____ () C:\Users\User\AppData\Local\{25C95F27-BB68-4CE9-97FC-6D6123CC8037} ==================== FLock ============================== 2024-06-14 11:02 C:\DrWeb Quarantine ==================== SigCheck ============================ (Нет автоматического исправления файлов, которые не проходят проверку.) LastRegBack: 2024-06-06 10:41 ==================== Конец от FRST.txt ========================