Перейти к содержанию

Помощь в удалении вирусов Farbar Recovery Scan Tool


Рекомендуемые сообщения

Спойлер

 



Результат сканирования Farbar Recovery Scan Tool (FRST) (x64) Версия: 19.04.2024 01
Запущено с помощью khana (Администратор) на DESKTOP-BI7M872 (Gigabyte Technology Co., Ltd. H610M H DDR4) (05-05-2024 02:42:17)
Запущено из C:\Users\khana\Downloads\farbar-recovery-scan-tool-04-04-2024 (1).exe
Загруженные профили: khana
Платформа: Майкрософт Windows 10 Pro Версия 22H2 19045.4355 (X64) Язык: Русский (Россия)
Браузер по умолчанию: Chrome
Режим загрузки: Normal

==================== Процессы (В белом списке) =================

(Если запись включена в fixlist, процесс будет закрыт. Файл не будет перемещён.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> ) C:\Program Files\Malwarebytes\Anti-Malware\MBAMCrashHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) () [Файл не подписан] D:\Phantom Wireless\OemDrv.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <35>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\GraphicsCardEngine.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe <20>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [Файл не подписан] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\Gigabyte\GService\GCloud.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(services.exe ->) (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe

==================== Реестр Windows (В белом списке) ===================

(Если запись включена в fixlist, элемент реестра будет сброшен на значение по умолчанию или удалён. Файл не будет перемещён.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-02-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2089536 2023-07-10] (Famatech Corp. -> Famatech Corp.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [7811960 2024-03-25] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:windowsdefender;
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [MicrosoftEdgeAutoLaunch_2F2D39F565634825059C9D78EECA0354] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081192 2024-05-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1943400 2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [Discord] => C:\Users\khana\AppData\Local\Discord\Update.exe [1525016 2023-12-19] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [Steam] => D:\Steam\steam.exe [4384104 2024-03-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [Figma Agent] => C:\Users\khana\AppData\Local\FigmaAgent\figma_agent.exe [6518816 2024-04-21] (Figma, Inc. -> )
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [2347080 2024-02-05] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [movavi_suiteplatform_2.2.0_suiteplatform] => D:\movavi\Movavi Suite\MovaviSuite.exe [4932872 2024-03-21] (Movavi Software Limited -> Movavi)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [movavi_suiteplatform_agent] => D:\movavi\Movavi Suite\AgentInformer.exe [2759944 2024-03-21] (Movavi Software Limited -> Movavi)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [movavi_videoconverter_agent] => C:\Users\khana\AppData\Roaming\Movavi Video Converter\ConverterAgent.exe [770824 2024-03-21] (Movavi Software Limited -> Movavi)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [PlanetVPN] => C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe [20878728 2024-03-31] (FREE VPN PLANET S.R.L. -> )
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [EpicGamesLauncher] => D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37448168 2024-04-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Run: [GoogleChromeAutoLaunch_266031EE53AEAB157DBD7CABFC5A7A0D] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2790176 2024-04-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\WPXSCR~1.SCR [241760 2024-01-03] (Skutta, Kristjan -> )
HKU\S-1-5-21-4232493208-3311039133-4267975668-500\...\Run: [MicrosoftEdgeAutoLaunch_FFBC0C4C8F28BBA2DFD10D307A538E97] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081192 2024-05-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.119\Installer\chrmstp.exe [2024-05-03] (Google LLC -> Google LLC)
IFEO\CompatTelRunner.exe: [Debugger] C:\WINDOWS\system32\systray.exe
IFEO\mobsync.exe: [Debugger] C:\WINDOWS\system32\systray.exe
IFEO\SecurityHealthService.exe: [Debugger] C:\WINDOWS\system32\systray.exe
Startup: C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ARDOR GAMING Phantom Wireless.lnk [2023-08-14]
ShortcutTarget: ARDOR GAMING Phantom Wireless.lnk -> D:\Phantom Wireless\OemDrv.exe () [Файл не подписан]
GroupPolicy: Ограничение ? <==== ВНИМАНИЕ
Policies: C:\ProgramData\NTUSER.pol: Ограничение <==== ВНИМАНИЕ
HKLM\SOFTWARE\Policies\Google: Ограничение <==== ВНИМАНИЕ

==================== Запланированные задачи (В белом списке) =================

(Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.)

Task: {D27D24F3-9395-4D0F-9825-55C9B88D6D11} - \OneDrive Per-Machine Standalone Update Task -> Нет файла <==== ВНИМАНИЕ
Task: {B80A3C1F-2C88-4DCF-8DF6-2E8D24F419A9} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [17280 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {F0CE1B67-031B-46A7-9802-3332D18FFF4A} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [20352 2021-10-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {4725314E-17F3-450C-BBEC-C1727005C95F} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6441.0{0721B719-DF33-45CF-9949-EA958A50EAE7} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
Task: {319751F9-C47D-4E21-A96F-D130FAF6F9DC} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [237672 2023-06-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {57F730F5-617E-4A43-AC5A-4E37644E13FF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21916864 2024-02-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4598F2A-C664-4D70-997F-E310F0DB6438} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21916864 2024-02-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {548CF8E0-5083-4D45-8051-513F74D5072D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C874ED2-1B0A-4E1C-9AA3-EEC0F29FBAD8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {69659AD6-3892-4F89-A7AF-DF954EDD9BA5} - System32\Tasks\Microsoft\Windows\GlobalDataO\RecoveryHosts => C:\ProgramData\Microsoft\Network\V6V0sP\GlobalDataO.bat  (Нет файла) <==== ВНИМАНИЕ
Task: {A5274A35-AB8D-4B86-A732-3307A8E7BA7F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {23DD5BBE-F607-4177-A7DD-A8ED42574E05} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2319E011-5050-4C06-97A0-DF30778F63BB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {24E2317C-FD46-44E7-AC6B-AA649AB1C718} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {509B5BE0-5F6D-4F60-926B-3D8EC2860BC6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0A946829-E88F-4575-9F05-92A7F7EFF982} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {150EEC44-689A-4024-B805-9138730697B4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {147E61CF-3A87-43C4-B99F-601AB1E8E357} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83037D80-DB63-4BCA-88A2-DA81DA3E4B08} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0F5E944-D362-4FDE-B547-6917B8880AAF} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\Thermald.exe [392296 2023-03-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {ADA7454E-59F8-410E-8F09-2C352C725FD1} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\Sensord.exe [257408 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {BA32E609-F9C1-4664-8C19-EA194797B1CC} - System32\Tasks\update-S-1-5-21-4232493208-3311039133-4267975668-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {6E294159-BE4A-4F36-9721-46E269336458} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

(Если запись включена в fixlist, файл задачи (.job) будет перемещён. Файл, выполняемый задачей, не будет перемещён.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-4232493208-3311039133-4267975668-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (В белом списке) ====================

(Если элемент включён в fixlist, если он является элементом реестра, он будет удалён или сброшен на значение по умолчанию.)

Tcpip\..\Interfaces\{add0ffe5-1ef1-44be-b5c7-8ba3814653ea}: [DhcpNameServer] 10.255.255.1 10.255.255.2
Tcpip\..\Interfaces\{d6e57146-dce7-41bb-bec2-e91787182ea5}: [NameServer] 10.255.255.1,10.255.255.2
Tcpip\..\Interfaces\{d77bc370-5d91-4cdd-bf4c-6484bc28362b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d77bc370-5d91-4cdd-bf4c-6484bc28362b}: [DhcpDomain] IGD_Rostelecom
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ограничение <==== ВНИМАНИЕ

Edge: 
=======
Edge Profile: C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-05]
Edge Extension: (What Font - find font) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\acpcapnaopbhbelhmbbmppghilclpkep [2024-01-03]
Edge Extension: (Steam Inventory Helper) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2024-05-05]
Edge Extension: (Magic VPN - Best Free VPN for Edge) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dgbhmbogkcdheijkkdmfhodkamcaiheo [2024-04-30]
Edge Extension: (Google Документы офлайн) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-02]
Edge Extension: (React Developer Tools) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gpphkfbcpidddadnkolkpfckpihlkkil [2024-04-30]
Edge Extension: (MarketGuru - бесплатная аналитика Wildberries) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hcamomjnbljieinbgbmgbimfpchjhfna [2024-04-30]
Edge Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ighhnpmaabelnfcbbkijikgghajbiaml [2024-01-03]
Edge Extension: (Chrome Remote Desktop) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2024-01-03]
Edge Extension: (Absolute Enable Right Click & Copy) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jdocbkpgdakpekjlhemmfcncgdjeiika [2024-01-03]
Edge Extension: (Edge relevant text changes) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27]
Edge Extension: (Shazify) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ncdhendbhjlcnboihkbjjldcndoebhan [2024-01-03]
Edge Extension: (AdBlock — лучший блокировщик рекламы) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-04-30]
Edge Extension: (Ears: Bass Boost, EQ Any Audio!) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nfdfiepdkbnoanddpianalelglmfooik [2024-01-03]
Edge Extension: (Tool 42) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nncphlpcbkdenjngapbabbcommdljkmo [2024-04-30]
Edge Extension: (Redux DevTools) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nnkgneoiohoecpdiaponcejilbhhikei [2024-01-03]
Edge Extension: (PerfectPixel by WellDoneCode (pixel perfect)) - C:\Users\khana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oolfkllppnieaaddmlfgljpboeagcobk [2024-01-03]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.401.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.401.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Guest Profile
CHR Profile: C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default [2024-05-05]
CHR Notifications: Default -> hxxps://www.faceit.com
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=812205"
CHR NewTab: Default ->  Active:"chrome-extension://kpblgdhkligkbbnbpkigppblggflihgn/index.html"
CHR Session Restore: Default -> включён
CHR Extension: (What Font - find font) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\acpcapnaopbhbelhmbbmppghilclpkep [2024-01-03]
CHR Extension: (Lighthouse) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blipmdconlkpinefehnmjammfjpmpbjk [2024-04-23]
CHR Extension: (Steam Inventory Helper) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2024-05-04]
CHR Extension: (PerfectPixel by WellDoneCode (pixel perfect)) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkaagdgjmgdmbnecmcefdhjekcoceebi [2024-04-01]
CHR Extension: (React Developer Tools) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2024-04-19]
CHR Extension: (Google Документы офлайн) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (AdBlock — лучший блокировщик рекламы) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-04-27]
CHR Extension: (Dark Mode - Dark Reader for Chrome) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjbmfigjpgnehjioicaalopaikcnheo [2024-01-27]
CHR Extension: (Hola VPN - The Website Unblocker) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2024-05-01]
CHR Extension: (MarketGuru - бесплатная аналитика Wildberries) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcamomjnbljieinbgbmgbimfpchjhfna [2024-04-22]
CHR Extension: (Бесплатный VPN-прокси и блокировщик рекламы - Planet VPN) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipncndjamdcmphkgngojegjblibadbe [2024-03-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2024-01-03]
CHR Extension: (Absolute Enable Right Click & Copy) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdocbkpgdakpekjlhemmfcncgdjeiika [2024-01-03]
CHR Extension: (Minim) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpblgdhkligkbbnbpkigppblggflihgn [2024-01-22]
CHR Extension: (Redux DevTools) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmhkpmbekcpmknklioeibfkpmmfibljd [2024-01-03]
CHR Extension: (Инструмент Цветная пипетка) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobiadjfmkomemokdfhiaaaidgdhcded [2024-02-05]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2024-03-19]
CHR Extension: (Shazam: ищите названия треков в браузере) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-05-02]
CHR Extension: (Shazify) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdhendbhjlcnboihkbjjldcndoebhan [2024-01-03]
CHR Extension: (Ears: Bass Boost, EQ Any Audio!) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdfiepdkbnoanddpianalelglmfooik [2024-01-03]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-03]
CHR Extension: (Tool 42) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nncphlpcbkdenjngapbabbcommdljkmo [2024-04-27]
CHR Profile: C:\Users\khana\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-05-05]
CHR Profile: C:\Users\khana\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-23]
CHR Extension: (saveVPN) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eiihlnknkpdkioamoicihckhjcamplal [2024-01-16]
CHR Extension: (Google Документы офлайн) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-14]
CHR Extension: (Hola VPN - The Website Unblocker) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2024-03-23]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\khana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-14]
CHR Profile: C:\Users\khana\AppData\Local\Google\Chrome\User Data\System Profile [2024-05-05]
CHR HKLM-x32\...\Chrome\Extension: [kadaohckdkghfaclhjmkmplebcdcnfnp] - <отсутствует Path/update_url>

==================== Службы (В белом списке) ===================

(Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9880840 2024-02-06] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9202360 2024-02-28] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [20072 2024-02-05] (Docker Inc -> Docker Inc.)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [954704 2024-03-03] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EasyTuneEngineService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe [150640 2023-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\FileSyncHelper.exe [2233704 2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService126.0.6441.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6441.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [4920184 2024-03-25] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [130432 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-05-05] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-05] (Malwarebytes Inc. -> Malwarebytes)
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Файл не подписан]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe [1274992 2023-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [130152 2023-06-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\OneDriveUpdaterService.exe [2602368 2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1179712 2023-07-10] (Famatech Corp. -> Famatech Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-04-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5084200 2024-02-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12363104 2024-03-06] (KRAFTON, Inc. -> KRAFTON, Inc)
S2 GoogleUpdateTaskMachineQC; C:\ProgramData\Google\Chrome\updater.exe [X] <==== ВНИМАНИЕ
R2 GigabyteUpdateService; %SystemRoot%\system32\GigabyteUpdateService.exe 2\C:\WINDOWS\system32\ [X]

===================== Драйверы (В белом списке) ===================

(Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.)

S3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44576 2024-05-05] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ВНИМАНИЕ
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [52016 2024-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2023-11-06] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO_187; C:\WINDOWS\system32\drivers\HWiNFO64A_187.SYS [56912 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> REALiX(tm))
S3 HWiNFO_191; C:\Users\khana\AppData\Local\Temp\HWiNFO64A_191.SYS [57936 2024-05-05] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ВНИМАНИЕ
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2023-11-08] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2023-11-08] (Intel Corporation -> Intel Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [201280 2024-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-05-05] (Malwarebytes Inc. -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2023-02-25] (Nvidia Corporation -> NVIDIA Corporation)
R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [58288 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Famatech Corp.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2024-03-27] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-03-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
U2 jhi; отсутствует ImagePath

==================== NetSvcs (В белом списке) ===================

(Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.)


==================== Три месяца (создан) (В белом списке) =========

(Если запись включена в лист исправлений, файл/папка будут перемещены.)

2024-05-05 02:40 - 2024-05-05 02:40 - 000000000 ____D C:\ProgramData\Google
2024-05-05 02:30 - 2024-05-05 02:30 - 000000000 ____D C:\Users\khana\AppData\LocalLow\IGDump
2024-05-05 02:23 - 2024-05-05 02:23 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-05-05 02:22 - 2024-05-05 02:24 - 000000000 ____D C:\Users\khana\AppData\Local\Malwarebytes
2024-05-05 02:22 - 2024-05-05 02:22 - 002589624 _____ (Malwarebytes) C:\Users\khana\Downloads\MBSetup.exe
2024-05-05 02:22 - 2024-05-05 02:22 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-05-05 02:22 - 2024-05-05 02:22 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-05-05 02:22 - 2024-05-05 02:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-05-05 02:22 - 2024-05-05 02:22 - 000000000 ____D C:\Program Files\Malwarebytes
2024-05-05 02:18 - 2024-05-05 02:19 - 000000000 ____D C:\Users\khana\Downloads\AV_block_remover
2024-05-05 02:08 - 2024-05-05 02:08 - 000346112 _____ C:\Users\khana\Downloads\Unlocker_x64_1.9.2.msi
2024-05-05 01:56 - 2024-05-05 01:56 - 000000000 ____D C:\Users\Администратор\AppData\Local\CEF
2024-05-05 01:54 - 2024-05-05 01:58 - 000000000 ____D C:\Users\Администратор
2024-05-05 01:54 - 2024-05-05 01:57 - 000000000 ____D C:\Users\Администратор\AppData\Local\Packages
2024-05-05 01:54 - 2024-05-05 01:57 - 000000000 ____D C:\Users\Администратор\AppData\Local\NVIDIA Corporation
2024-05-05 01:54 - 2024-05-05 01:57 - 000000000 ____D C:\Users\Администратор\AppData\Local\D3DSCache
2024-05-05 01:54 - 2024-05-05 01:54 - 000002360 _____ C:\Users\Администратор\Desktop\Microsoft Edge.lnk
2024-05-05 01:54 - 2024-05-05 01:54 - 000002274 _____ C:\Users\Администратор\Desktop\Google Chrome.lnk
2024-05-05 01:54 - 2024-05-05 01:54 - 000000020 ___SH C:\Users\Администратор\ntuser.ini
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 _SHDL C:\Users\Администратор\Шаблоны
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 _SHDL C:\Users\Администратор\Мои документы
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 _SHDL C:\Users\Администратор\главное меню
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 _SHDL C:\Users\Администратор\Documents\Моя музыка
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 _SHDL C:\Users\Администратор\Documents\мои рисунки
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 _SHDL C:\Users\Администратор\Documents\Мои видеозаписи
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 _SHDL C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ___SD C:\Users\Администратор\AppData\Roaming\Microsoft\SystemCertificates
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ___SD C:\Users\Администратор\AppData\Roaming\Microsoft\Protect
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ___SD C:\Users\Администратор\AppData\Roaming\Microsoft\Crypto
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ___SD C:\Users\Администратор\AppData\Roaming\Microsoft\Credentials
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ___RD C:\Users\Администратор\3D Objects
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ____D C:\Users\Администратор\AppData\Roaming\Microsoft\Windows
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ____D C:\Users\Администратор\AppData\Roaming\Adobe
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ____D C:\Users\Администратор\AppData\Local\Publishers
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ____D C:\Users\Администратор\AppData\Local\NVIDIA
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ____D C:\Users\Администратор\AppData\Local\Google
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ____D C:\Users\Администратор\AppData\Local\ConnectedDevicesPlatform
2024-05-05 01:54 - 2024-05-05 01:54 - 000000000 ____D C:\Users\Администратор\ansel
2024-05-05 01:54 - 2024-04-24 12:14 - 000000000 ____D C:\Users\Администратор\AppData\Local\LogMeIn Hamachi
2024-05-05 01:54 - 2024-01-03 14:16 - 000000000 ___RD C:\Users\Администратор\OneDrive
2024-05-05 01:52 - 2024-05-04 09:10 - 009838588 _____ (Company © regist) C:\Users\khana\Desktop\242342.exe
2024-05-05 01:51 - 2024-05-04 09:10 - 009838588 _____ (Company © regist) C:\Users\khana\Downloads\AVbr.exe
2024-05-05 01:42 - 2024-05-05 01:42 - 002267848 _____ (wj32 ) C:\Users\khana\Downloads\processhacker-2.39-setup.exe
2024-05-05 01:12 - 2024-05-05 02:42 - 002394112 _____ (Farbar) C:\Users\khana\Downloads\farbar-recovery-scan-tool-04-04-2024 (1).exe
2024-05-05 01:11 - 2024-05-05 01:11 - 002040856 _____ (CPUID, Inc. ) C:\Users\khana\Downloads\cpu-z_2.09-en (1).exe
2024-05-05 01:07 - 2024-05-05 01:07 - 002040856 _____ (CPUID, Inc. ) C:\Users\khana\Downloads\cpu-z_2.09-en.exe
2024-05-05 01:07 - 2024-05-05 01:07 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2024-05-05 01:07 - 2024-05-05 01:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2024-05-05 01:00 - 2024-05-05 01:01 - 000001938 _____ C:\Users\khana\Desktop\fixlist.txt
2024-05-05 00:56 - 2024-05-05 00:58 - 000064212 _____ C:\Users\khana\Downloads\Addition.txt
2024-05-05 00:55 - 2024-05-05 02:42 - 000035372 _____ C:\Users\khana\Downloads\FRST.txt
2024-05-05 00:55 - 2024-05-05 02:42 - 000000000 ____D C:\Users\khana\Downloads\FRST-OlderVersion
2024-05-05 00:55 - 2024-05-05 00:55 - 002394112 _____ (Farbar) C:\Users\khana\Downloads\farbar-recovery-scan-tool-04-04-2024.exe
2024-05-05 00:54 - 2024-05-05 00:54 - 014209528 _____ C:\Users\khana\Downloads\mb-support-1.9.10.1005.exe
2024-05-05 00:52 - 2024-05-05 02:05 - 000452278 _____ C:\WINDOWS\ntbtlog.txt
2024-05-04 21:44 - 2024-05-04 21:44 - 008194294 _____ C:\Users\khana\Downloads\Лабораторка 3.zip
2024-05-04 21:41 - 2024-05-05 01:53 - 000012188 _____ C:\Users\khana\Downloads\OCCT.config.json
2024-05-04 21:41 - 2024-05-04 21:41 - 002249913 _____ (EFD Software ) C:\Users\khana\Downloads\hdtunepro_575_trial (1).exe
2024-05-04 21:41 - 2024-05-04 21:41 - 000021274 _____ C:\Users\khana\Downloads\tm5 (1).rar
2024-05-04 21:40 - 2024-05-04 21:41 - 201390840 _____ (OCCT) C:\Users\khana\Downloads\OCCT.exe
2024-05-04 21:14 - 2024-05-04 21:14 - 000021274 _____ C:\Users\khana\Downloads\tm5.rar
2024-05-04 21:14 - 2024-05-04 21:14 - 000000000 ____D C:\Users\khana\Desktop\TM5
2024-05-04 21:13 - 2024-05-04 21:25 - 000001106 _____ C:\Users\khana\Desktop\HD Tune Pro.lnk
2024-05-04 21:13 - 2024-05-04 21:13 - 002249913 _____ (EFD Software ) C:\Users\khana\Downloads\hdtunepro_575_trial.exe
2024-05-04 21:13 - 2024-05-04 21:13 - 000000000 ____D C:\Users\khana\AppData\Roaming\HD Tune Pro
2024-05-04 21:13 - 2024-05-04 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2024-05-04 21:13 - 2024-05-04 21:13 - 000000000 ____D C:\Program Files (x86)\HD Tune Pro
2024-05-04 20:59 - 2024-05-04 20:59 - 068881624 _____ (FinalWire Ltd. ) C:\Users\khana\Downloads\aida64extreme720 (1).exe
2024-05-04 20:57 - 2024-05-04 20:57 - 319433616 _____ C:\Users\khana\Downloads\mqgo6ngy.exe
2024-05-02 14:23 - 2024-05-02 14:23 - 000585403 _____ C:\Users\khana\Downloads\titan dota 2.html
2024-05-02 14:23 - 2024-05-02 14:23 - 000000000 ____D C:\Users\khana\Downloads\titan dota 2_files
2024-05-02 02:46 - 2024-05-02 02:46 - 009131301 _____ C:\Users\khana\Downloads\С Рождеством Христовым! Колокольный звон в Вологодском кремле.mp4
2024-05-02 02:45 - 2024-05-02 02:45 - 004071612 _____ C:\Users\khana\Downloads\📿#4 СНЯТИЕ 77 ВИДОВ #ПОРЧИ С ВОЗВРАТОМ НЕГАТИВА ВРАГАМ (СИЛЬНЫЕ МОЛИТВЫ).mp4
2024-05-01 23:07 - 2024-05-01 23:07 - 000001345 _____ C:\Users\khana\Desktop\Stick Fight The Game.lnk
2024-05-01 23:07 - 2024-05-01 23:07 - 000000000 ____D C:\Workshop
2024-05-01 23:07 - 2024-05-01 23:07 - 000000000 ____D C:\Users\khana\AppData\LocalLow\Landfall West
2024-05-01 23:05 - 2024-05-01 23:07 - 000000000 ____D C:\Stick Fight
2024-05-01 23:05 - 2024-05-01 23:06 - 000000000 ____D C:\Users\khana\Downloads\Stick Fight The Game v05.06.2019 by Pioneer
2024-05-01 23:05 - 2024-05-01 23:05 - 001526997 _____ (FreeTP.Org - Stick Fight The Game Multiplayer Fix ) C:\Users\khana\Downloads\[FreeTP.Org]Stick-Fight-The-Game-Multiplayer-Fix-Online-v2.exe
2024-05-01 23:05 - 2024-05-01 23:05 - 000014273 _____ C:\Users\khana\Downloads\[FreeTP.Org]Stick-Fight-The-Game-v05.06.2019-by-Pioneer.torrent
2024-05-01 13:11 - 2024-05-01 13:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-04-30 17:50 - 2024-04-30 17:50 - 068881624 _____ (FinalWire Ltd. ) C:\Users\khana\Downloads\aida64extreme720.exe
2024-04-30 17:50 - 2024-04-30 17:50 - 000001252 _____ C:\Users\khana\Desktop\AIDA64 Extreme.lnk
2024-04-30 17:50 - 2024-04-30 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2024-04-30 17:50 - 2024-04-30 17:50 - 000000000 ____D C:\Program Files (x86)\FinalWire
2024-04-30 17:36 - 2024-05-05 00:51 - 000106332 _____ C:\Users\khana\Documents\FPSMonitor.txt
2024-04-30 17:36 - 2024-04-30 17:37 - 000000000 ____D C:\ProgramData\FPSMonitor
2024-04-30 17:36 - 2024-04-30 17:37 - 000000000 ____D C:\Program Files (x86)\FPS Monitor
2024-04-30 17:36 - 2024-04-30 17:36 - 013564608 _____ (Eduard Kozadaev ) C:\Users\khana\Downloads\fpsmon-5472.exe
2024-04-30 17:36 - 2024-04-30 17:36 - 000001111 _____ C:\Users\Public\Desktop\FPS Monitor.lnk
2024-04-29 22:01 - 2024-04-29 22:01 - 122870055 _____ C:\Users\khana\Downloads\CCleaner.6_key.rar
2024-04-29 16:13 - 2024-04-29 16:14 - 319109784 _____ C:\Users\khana\Downloads\dewy50cu.exe
2024-04-28 22:41 - 2024-04-28 22:41 - 319057592 _____ C:\Users\khana\Downloads\ec9xw1wo.exe
2024-04-26 20:51 - 2024-04-26 20:51 - 000000950 _____ C:\Users\khana\Downloads\Основы JavaScript. Массивы и объекты. Исходный код.zip
2024-04-26 20:51 - 2024-04-26 20:51 - 000000000 ____D C:\Users\khana\Desktop\2
2024-04-26 20:49 - 2024-04-26 20:50 - 000000000 ____D C:\Users\khana\Desktop\3
2024-04-26 20:49 - 2024-04-26 20:49 - 000000853 _____ C:\Users\khana\Downloads\Основы JavaScript. Теоретическая база JS, часть 1. Исходный код.zip
2024-04-26 19:37 - 2024-04-26 19:37 - 000002355 _____ C:\Users\khana\Downloads\Основы JavaScript. Основы JavaScript, часть 1. Итоговый ход.zip
2024-04-26 18:43 - 2024-04-26 20:08 - 000000000 ____D C:\Users\khana\Desktop\практ
2024-04-26 18:42 - 2024-04-26 18:42 - 000000991 _____ C:\Users\khana\Downloads\Основы JavaScript. Основы JavaScript, часть 1. Исходный код .zip
2024-04-26 14:45 - 2024-04-26 14:45 - 000000000 ___HD C:\$WinREAgent
2024-04-25 22:07 - 2024-04-25 22:07 - 005692808 _____ C:\Users\khana\Desktop\45435345435344353.pptx
2024-04-25 21:10 - 2024-04-25 21:10 - 008868649 _____ C:\Users\khana\Downloads\Untitled (3).pptx
2024-04-24 16:41 - 2024-04-24 16:41 - 000024317 _____ C:\Users\khana\Downloads\InternFrontend-EntryTask-main (1).zip
2024-04-24 00:17 - 2024-04-24 00:17 - 001393472 _____ (Oleg N. Scherbakov) C:\Users\khana\Downloads\get_movavi_logs (1) (1).exe
2024-04-23 20:53 - 2024-04-23 20:53 - 000024317 _____ C:\Users\khana\Downloads\InternFrontend-EntryTask-main.zip
2024-04-23 20:53 - 2023-09-15 15:17 - 000000000 ____D C:\Users\khana\Desktop\InternFrontend-EntryTask-main
2024-04-23 00:45 - 2024-04-23 00:45 - 000731160 _____ C:\Users\khana\Downloads\Bandit Hideouts v1.22-2213-1-22-1713190966.zip
2024-04-23 00:45 - 2024-04-23 00:45 - 000069843 _____ C:\Users\khana\Downloads\Final Update-569-final-1636899737.rar
2024-04-23 00:44 - 2024-04-23 00:44 - 000179644 _____ C:\Users\khana\Downloads\Duels.rar-500-1-2-1-1679812694.rar
2024-04-23 00:42 - 2024-04-23 00:42 - 000294614 _____ C:\Users\khana\Downloads\ScriptHookRDR2_1.0.1491.17.zip
2024-04-23 00:41 - 2024-04-23 00:41 - 000861050 _____ C:\Users\khana\Downloads\Ped Damage Overhaul - With Optional Files-184-2-0-BETA-7-1675749598.zip
2024-04-22 21:00 - 2024-04-22 21:00 - 188248236 _____ C:\Users\khana\Downloads\Задание 7.zip
2024-04-22 20:57 - 2024-04-22 20:57 - 056250340 _____ C:\Users\khana\Downloads\Задание 6.zip
2024-04-22 20:57 - 2024-04-22 20:57 - 014148737 _____ C:\Users\khana\Downloads\holiday_in_every_home.rar
2024-04-22 20:40 - 2024-04-22 20:40 - 042255598 _____ C:\Users\khana\Downloads\Задание 5 (1).zip
2024-04-22 19:03 - 2024-04-22 19:03 - 000001843 _____ C:\Users\khana\Downloads\image.txt
2024-04-21 20:56 - 2024-04-21 20:56 - 000000244 _____ C:\Users\khana\.gitconfig
2024-04-20 16:05 - 2024-04-24 12:14 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2024-04-20 16:05 - 2024-04-20 16:05 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2024-04-18 20:41 - 2024-04-18 20:41 - 000432197 _____ C:\Users\khana\Downloads\Лабораторка 1 (1).7z
2024-04-18 20:27 - 2020-11-12 14:37 - 000000000 ____D C:\Users\khana\Desktop\Склад
2024-04-18 20:26 - 2024-04-18 20:26 - 000100696 _____ C:\Users\khana\Downloads\Склад.zip
2024-04-17 23:41 - 2024-04-17 23:41 - 000039765 _____ C:\Users\khana\Downloads\Звук уведомления Telegram Desktop.mp4
2024-04-17 21:29 - 2024-04-17 21:29 - 000000804 _____ C:\ProgramData\droidcam-client-options-v2
2024-04-17 21:29 - 2024-04-17 21:29 - 000000402 _____ C:\ProgramData\droidcam-settings
2024-04-17 17:21 - 2024-04-17 17:21 - 000000000 ____D C:\Users\khana\Documents\Rockstar Games
2024-04-17 17:21 - 2024-04-17 17:21 - 000000000 ____D C:\Users\khana\AppData\Roaming\Goldberg SocialClub Emu Saves
2024-04-17 17:21 - 2024-04-17 17:21 - 000000000 ____D C:\Users\khana\AppData\Local\Rockstar Games
2024-04-17 17:15 - 2024-04-17 17:15 - 000000731 _____ C:\Users\Public\Desktop\Red Dead Redemption 2.lnk
2024-04-17 17:15 - 2024-04-17 17:15 - 000000000 ____D C:\Users\khana\Documents\TI
2024-04-17 15:46 - 2024-04-17 15:46 - 000243225 _____ C:\Users\khana\Downloads\Red-Dead-Redemption-2-by-Igruha.torrent
2024-04-17 14:31 - 2024-04-17 14:31 - 007512954 _____ C:\Users\khana\Downloads\Немецкий марш _Erika_.mp4
2024-04-17 14:29 - 2024-04-17 14:29 - 002760184 _____ C:\Users\khana\Downloads\Miko - Девочка в тренде (DDrecords).mp4
2024-04-17 00:47 - 2024-04-17 00:47 - 012394496 _____ C:\Users\khana\Downloads\hamachi.msi
2024-04-17 00:46 - 2024-04-17 00:46 - 000001037 _____ C:\Users\Public\Desktop\Radmin VPN.lnk
2024-04-17 00:46 - 2024-04-17 00:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin VPN
2024-04-17 00:46 - 2024-04-17 00:46 - 000000000 ____D C:\Program Files (x86)\Radmin VPN
2024-04-17 00:44 - 2024-04-29 22:08 - 000000000 ____D C:\Users\khana\AppData\Local\LogMeIn Hamachi
2024-04-17 00:44 - 2024-04-17 00:44 - 021775888 _____ (Famatech Corp. ) C:\Users\khana\Downloads\Radmin_VPN_1.4.4642.1.exe
2024-04-17 00:44 - 2024-04-17 00:44 - 000000000 ____D C:\Users\khana\AppData\Local\LogMeIn
2024-04-17 00:44 - 2024-04-17 00:44 - 000000000 ____D C:\ProgramData\LogMeIn
2024-04-17 00:38 - 2024-04-17 00:38 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2024-04-15 21:27 - 2024-04-15 21:27 - 000000000 ____D C:\Users\khana\AppData\LocalLow\Landfall Games
2024-04-15 21:25 - 2024-04-15 21:27 - 000000000 ____D C:\Users\khana\Downloads\Content Warning
2024-04-15 21:25 - 2024-04-15 21:25 - 000045592 _____ C:\Users\khana\Downloads\[FreeTP.Org]Content-Warning-v1.9.b.torrent
2024-04-15 11:17 - 2024-04-15 11:17 - 000000000 ____D C:\Program Files\Nefarius Software Solutions
2024-04-15 11:14 - 2024-05-03 16:45 - 000000000 ____D C:\Users\khana\Desktop\DS4Windows
2024-04-15 11:14 - 2024-04-15 11:14 - 004306953 _____ C:\Users\khana\Downloads\DS4Windows_3.3.3_x64.zip
2024-04-15 10:40 - 2024-04-15 12:24 - 000000000 ____D C:\FIFA 23 Live Editor
2024-04-15 10:40 - 2024-04-15 10:42 - 000000000 ____D C:\Users\khana\Documents\FIFA 23
2024-04-15 10:40 - 2024-04-15 10:40 - 000000619 _____ C:\Users\Public\Desktop\FIFA 23.lnk
2024-04-15 10:40 - 2024-04-15 10:40 - 000000000 ____D C:\Users\khana\AppData\Local\anadius
2024-04-15 10:40 - 2024-04-15 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 23
2024-04-15 10:40 - 2024-04-15 10:40 - 000000000 ____D C:\ProgramData\Frostbite
2024-04-15 10:40 - 2024-04-15 10:40 - 000000000 ____D C:\Program Files (x86)\TI
2024-04-15 10:19 - 2024-04-15 10:29 - 000000000 ____D C:\Users\khana\Downloads\FIFA 23 by Igruha
2024-04-15 10:19 - 2024-04-15 10:19 - 000417235 _____ C:\Users\khana\Downloads\FIFA-23-by-Igruha.torrent
2024-04-14 18:28 - 2024-04-14 18:28 - 000000000 ____D C:\Users\khana\AppData\Local\DBG
2024-04-14 16:05 - 2024-04-14 16:05 - 000000000 ____D C:\ProgramData\2K Sports
2024-04-14 16:04 - 2024-04-14 16:04 - 000000000 ____D C:\Users\khana\AppData\Roaming\2K Sports
2024-04-13 17:20 - 2024-04-13 17:20 - 000000000 ____D C:\Users\khana\AppData\Local\FarMech
2024-04-13 17:16 - 2024-04-13 17:16 - 001344557 _____ (FreeTP.Org - Lightyear Frontier Multiplayer Fix ) C:\Users\khana\Downloads\[FreeTP.Org]Lightyear-Frontier-Multiplayer-Fix-Online.exe
2024-04-13 17:16 - 2024-04-13 17:16 - 000020015 _____ C:\Users\khana\Downloads\[FreeTP.Org]Lightyear_Frontier_v0.1.373_by_Pioneer.torrent
2024-04-13 17:16 - 2024-04-13 17:16 - 000000000 ____D C:\Users\khana\Downloads\Lightyear Frontier v0.1.373 by Pioneer
2024-04-13 15:38 - 2024-04-13 15:38 - 001393472 _____ (Oleg N. Scherbakov) C:\Users\khana\Downloads\get_movavi_logs (1).exe
2024-04-12 22:38 - 2024-04-14 16:04 - 000000000 ____D C:\Users\khana\AppData\Local\Epic Games
2024-04-12 22:38 - 2024-04-12 22:38 - 000000000 ____D C:\Users\khana\AppData\Local\UnrealEngineLauncher
2024-04-12 22:38 - 2024-04-12 22:38 - 000000000 ____D C:\Users\khana\AppData\Local\EpicGamesLauncher
2024-04-12 22:37 - 2024-04-12 22:39 - 000000000 ____D C:\ProgramData\Epic
2024-04-12 22:37 - 2024-04-12 22:37 - 000000805 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2024-04-12 22:37 - 2024-04-12 22:37 - 000000805 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2024-04-12 22:37 - 2024-04-12 22:37 - 000000000 ____D C:\Program Files (x86)\Epic Games
2024-04-12 22:36 - 2024-04-12 22:36 - 185073664 _____ C:\Users\khana\Downloads\EpicInstaller-15.17.1-a4f302928f744af3bdeeab16e5f2c861.msi
2024-04-11 13:09 - 2024-04-11 13:09 - 000012948 _____ C:\Users\khana\Downloads\чек лист (1).xlsx
2024-04-11 13:09 - 2024-04-11 13:09 - 000012936 _____ C:\Users\khana\Downloads\чек лист.xlsx
2024-04-10 02:03 - 2024-04-23 21:15 - 000000000 ____D C:\Users\khana\Downloads\Telegram Desktop
2024-04-09 01:25 - 2024-04-09 01:26 - 000000000 ____D C:\Users\khana\AppData\Roaming\paradox-launcher-v2
2024-04-09 01:25 - 2024-04-09 01:25 - 000000000 ____D C:\Users\khana\AppData\Roaming\Paradox Interactive
2024-04-09 01:19 - 2024-04-09 01:25 - 000000000 ____D C:\Users\khana\AppData\Local\Paradox Interactive
2024-04-09 01:19 - 2024-04-09 01:19 - 000002579 _____ C:\Users\khana\Desktop\Paradox Launcher v2.lnk
2024-04-09 01:15 - 2024-04-09 01:15 - 000000000 ____D C:\Users\khana\Documents\Paradox Interactive
2024-04-08 23:59 - 2024-04-08 23:59 - 000000000 ____D C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Khil-soft
2024-04-08 23:59 - 2024-04-08 23:59 - 000000000 ____D C:\Users\khana\AppData\Local\Khil-soft
2024-04-08 23:59 - 2024-04-08 23:59 - 000000000 ____D C:\Users\khana\AppData\Local\IsolatedStorage
2024-04-08 23:59 - 2024-04-08 23:59 - 000000000 ____D C:\ProgramData\IsolatedStorage
2024-04-08 23:58 - 2024-04-17 16:03 - 000000000 ____D C:\Games
2024-04-08 23:58 - 2024-04-08 23:58 - 085221376 _____ C:\Users\khana\Downloads\SIGame.x64.msi
2024-04-08 23:41 - 2024-04-08 23:41 - 000018727 _____ C:\Users\khana\Downloads\[FreeTP.Org]Stellaris_v3.11.2_by_Pioneer.torrent
2024-04-08 23:41 - 2024-04-08 23:41 - 000000000 ____D C:\Users\khana\Downloads\Stellaris v3.11.2 by Pioneer
2024-04-08 15:43 - 2024-04-08 15:45 - 000000000 ____D C:\Users\khana\Desktop\лаба 1
2024-04-08 15:18 - 2024-04-08 15:18 - 001393472 _____ (Oleg N. Scherbakov) C:\Users\khana\Downloads\get_movavi_logs.exe
2024-04-08 15:13 - 2024-04-08 15:13 - 002096568 _____ C:\Users\khana\Downloads\Untitled (2).pptx
2024-04-08 15:12 - 2024-04-08 15:12 - 000664526 _____ C:\Users\khana\Downloads\Untitled (1).pptx
2024-04-08 15:11 - 2024-04-08 15:15 - 007422222 _____ C:\Users\khana\Downloads\Ponyatie-programmnoj-oshibki.pptx
2024-04-08 15:07 - 2024-04-08 15:07 - 011099002 _____ C:\Users\khana\Downloads\Untitled.pptx
2024-04-07 21:27 - 2024-04-07 21:27 - 000432197 _____ C:\Users\khana\Downloads\Лабораторка 1.7z
2024-04-06 20:40 - 2024-04-06 20:40 - 000000000 ____D C:\Users\khana\Documents\Larian Studios
2024-04-06 20:40 - 2024-04-06 20:40 - 000000000 ____D C:\Users\khana\AppData\Local\Larian Studios
2024-04-06 20:39 - 2024-04-15 11:14 - 000000000 ____D C:\Program Files\dotnet
2024-04-05 02:57 - 2024-04-05 02:57 - 317482936 _____ C:\Users\khana\Downloads\pjl3wjys.exe
2024-04-05 02:44 - 2024-04-05 02:44 - 000000000 ____D C:\Users\khana\AppData\Local\MediaPlayer
2024-04-05 02:44 - 2024-04-05 02:44 - 000000000 ____D C:\Users\khana\.fontconfig
2024-04-05 01:55 - 2024-04-17 00:46 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2024-04-05 01:49 - 2024-04-05 01:55 - 000000000 ____D C:\Program Files\hidemy.name VPN 2.0
2024-04-05 01:49 - 2024-04-05 01:49 - 000000000 ____D C:\Users\khana\AppData\Local\hidemy.name VPN
2024-04-05 01:47 - 2024-04-05 01:47 - 104860768 _____ (hidemy.network Ltd.) C:\Users\khana\Downloads\hidemyname_vpn_2.1.865.exe
2024-04-05 01:47 - 2024-04-05 01:47 - 000000000 ____D C:\Users\khana\AppData\Roaming\hidemy.network Ltd
2024-04-05 01:02 - 2024-04-05 01:03 - 000000000 ____D C:\Program Files (x86)\PlanetVPN
2024-04-05 01:02 - 2024-04-05 01:02 - 133377856 _____ (PlanetVPN ) C:\Users\khana\Downloads\planetvpn.exe
2024-04-05 01:02 - 2024-04-05 01:02 - 000001092 _____ C:\Users\Public\Desktop\PlanetVPN.lnk
2024-04-05 01:02 - 2024-04-05 01:02 - 000000000 ____D C:\Users\khana\AppData\Local\PlanetVPN
2024-04-05 01:02 - 2024-04-05 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlanetVPN
2024-04-05 01:00 - 2024-04-05 01:02 - 000000000 ____D C:\ProgramData\iTop VPN
2024-04-05 01:00 - 2024-04-05 01:00 - 000000000 ____D C:\Users\khana\AppData\Roaming\iTop VPN
2024-04-05 00:55 - 2024-04-05 00:56 - 000000000 ____D C:\ProgramData\iTop
2024-04-05 00:51 - 2024-04-05 00:52 - 000000000 ____D C:\Users\khana\AppData\Local\ProtonVPN
2024-04-04 20:08 - 2024-04-04 20:08 - 079346664 _____ (Proton AG ) C:\Users\khana\Downloads\ProtonVPN_v3.2.10.exe
2024-04-04 01:35 - 2024-04-04 01:35 - 000000172 _____ C:\Users\khana\Desktop\Новый текстовый документ.txt
2024-04-04 00:21 - 2024-04-04 00:21 - 103691256 _____ C:\Users\khana\Downloads\tor-browser-windows-x86_64-portable-13.0.13.exe
2024-04-02 15:20 - 2024-04-02 15:20 - 000000000 ____D C:\Users\khana\AppData\LocalLow\Mastfire Studios
2024-04-02 15:20 - 2024-04-02 15:20 - 000000000 ____D C:\Users\khana\AppData\LocalLow\Mastfire
2024-03-28 20:12 - 2024-03-28 20:12 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-28 20:12 - 2024-03-28 20:12 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-26 14:28 - 2024-04-29 22:03 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-25 14:39 - 2024-04-06 20:29 - 000000000 ____D C:\Users\khana\AppData\Roaming\EasyAntiCheat
2024-03-21 17:33 - 2024-03-21 17:33 - 000000000 ____D C:\Users\khana\AppData\Roaming\Movavi Video Converter
2024-03-21 17:33 - 2024-03-21 17:33 - 000000000 ____D C:\Users\khana\AppData\Roaming\Movavi Screen Recorder
2024-03-21 17:33 - 2024-03-21 17:33 - 000000000 ____D C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Suite
2024-03-21 17:33 - 2024-03-21 17:33 - 000000000 ____D C:\Users\khana\AppData\Local\VideoEditor
2024-03-21 17:33 - 2024-03-21 17:33 - 000000000 ____D C:\ProgramData\Movavi Video Editor 24 Plus
2024-03-21 17:14 - 2024-03-29 15:29 - 000000730 _____ C:\Users\khana\Desktop\Movavi Suite.lnk
2024-03-21 17:08 - 2024-05-05 02:25 - 000000000 ____D C:\Users\khana\Desktop\Movavi Video Editor 23.3.0
2024-03-21 16:19 - 2024-03-21 17:33 - 000000000 ____D C:\ProgramData\movavi
2024-03-21 16:17 - 2024-03-21 17:33 - 000000000 ____D C:\Users\khana\AppData\Local\Movavi
2024-03-21 16:01 - 2024-03-21 16:15 - 000000000 ____D C:\Users\khana\AppData\Roaming\obs-studio
2024-03-21 16:01 - 2024-03-21 16:01 - 000000773 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2024-03-21 16:01 - 2024-03-21 16:01 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-03-21 16:01 - 2024-03-21 16:01 - 000000000 ____D C:\ProgramData\obs-studio
2024-03-18 01:56 - 2024-03-18 01:56 - 000307901 _____ C:\Users\khana\Documents\Без имени-1.psd
2024-03-16 02:37 - 2024-03-23 22:48 - 000000000 ____D C:\Users\khana\Desktop\пикчи
2024-03-16 00:21 - 2024-03-16 00:22 - 000000000 ____D C:\Users\khana\AppData\Roaming\Goldberg SteamEmu Saves
2024-03-16 00:21 - 2024-03-16 00:21 - 000000000 ____D C:\Users\khana\AppData\Local\Fathers_Day
2024-03-15 06:32 - 2024-03-15 06:32 - 000000000 ____D C:\Users\khana\AppData\LocalLow\SteelkrillStudio
2024-03-15 06:19 - 2024-03-15 06:19 - 000000053 _____ C:\WINDOWS\WrpYGF74DrEm.ini
2024-03-15 05:27 - 2024-03-15 05:27 - 000000000 ____D C:\Users\khana\AppData\LocalLow\Psalm
2024-03-10 01:37 - 2024-03-10 01:37 - 000000000 ____D C:\Users\khana\AppData\Local\Panicore
2024-03-10 01:33 - 2024-03-10 01:33 - 000000000 ____D C:\Users\khana\AppData\LocalLow\616 GAMES
2024-03-07 19:09 - 2024-03-07 19:09 - 000000000 ____D C:\Users\khana\AppData\Local\Hospital666
2024-03-03 23:28 - 2024-05-05 00:45 - 000007589 _____ C:\Users\khana\AppData\Local\Resmon.ResmonCfg
2024-03-03 01:28 - 2024-03-03 01:28 - 000000000 ____D C:\Users\khana\AppData\Local\Embark
2024-03-03 01:25 - 2024-03-03 01:25 - 000000000 ____D C:\Users\khana\AppData\Local\AnybrainSDK
2024-03-03 01:23 - 2024-03-03 01:23 - 000000000 ____D C:\Users\khana\AppData\Local\Discovery
2024-03-03 01:23 - 2024-03-03 01:23 - 000000000 ____D C:\ProgramData\Packer
2024-03-02 02:45 - 2024-03-02 02:45 - 000000000 ____D C:\Users\khana\AppData\Roaming\ATNSOFT
2024-02-29 20:50 - 2024-02-29 20:50 - 000000000 ____D C:\Users\khana\AppData\Roaming\.mono
2024-02-29 20:50 - 2024-02-29 20:50 - 000000000 ____D C:\Users\khana\AppData\LocalLow\Bennett Foddy
2024-02-27 23:25 - 2024-02-27 23:25 - 000000000 ____D C:\Users\khana\AppData\LocalLow\Temp
2024-02-27 23:04 - 2024-02-28 00:22 - 000000000 ____D C:\Users\khana\AppData\Roaming\KinitoPET
2024-02-27 19:31 - 2024-03-03 01:22 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2024-02-18 19:10 - 2024-02-18 19:10 - 000000000 ____D C:\Users\khana\AppData\Roaming\com.adobe.dunamis
2024-02-18 19:10 - 2024-02-18 19:10 - 000000000 ____D C:\Users\khana\AppData\LocalLow\Adobe
2024-02-18 19:09 - 2024-02-18 19:09 - 000000787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk
2024-02-18 19:08 - 2024-02-18 19:09 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-02-18 19:07 - 2024-02-18 21:13 - 000000000 ____D C:\Users\khana\AppData\Local\Adobe
2024-02-18 19:07 - 2024-02-18 19:08 - 000000000 ____D C:\ProgramData\Adobe
2024-02-16 17:46 - 2024-02-16 18:29 - 000000000 ____D C:\Users\khana\Desktop\пркт4
2024-02-16 00:04 - 2024-02-16 00:04 - 000000000 ____D C:\Users\khana\AppData\Roaming\Microsoft\QuickStyles
2024-02-15 22:14 - 2024-02-15 22:41 - 000000000 ____D C:\Users\khana\Desktop\+Вариант 1
2024-02-15 22:10 - 2024-04-11 13:11 - 000000000 ____D C:\Users\khana\Desktop\Задания1
2024-02-15 16:56 - 2024-02-15 17:07 - 000000000 ____D C:\Users\khana\Desktop\пркт2
2024-02-12 13:34 - 2024-02-12 13:37 - 000000000 ____D C:\Users\khana\Desktop\NeNetFlix-master
2024-02-11 21:37 - 2023-12-26 21:06 - 000000000 ____D C:\Users\khana\Desktop\HZF-ORION-Bomber-master
2024-02-11 21:25 - 2021-12-31 21:10 - 000000000 ____D C:\Users\khana\Desktop\b0mb3r-master
2024-02-10 23:47 - 2024-04-25 22:07 - 000000000 ____D C:\Users\khana\AppData\Roaming\Microsoft\PowerPoint
2024-02-10 02:32 - 2024-02-10 02:32 - 000000000 ____D C:\Users\khana\AppData\Roaming\Sun
2024-02-10 02:32 - 2024-02-10 02:32 - 000000000 ____D C:\Users\khana\AppData\LocalLow\Sun
2024-02-10 02:32 - 2024-02-10 02:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-02-10 02:32 - 2024-02-10 02:32 - 000000000 ____D C:\Program Files (x86)\Java
2024-02-10 02:32 - 2023-12-19 13:01 - 000170624 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2024-02-10 02:03 - 2024-02-10 02:04 - 000000000 ____D C:\Users\khana\AppData\Roaming\.vimeworld
2024-02-06 23:18 - 2023-05-22 17:40 - 000000000 ____D C:\Users\khana\Desktop\КОД ВСЕ ПРАКТИКИ
2024-02-06 15:10 - 2024-02-06 15:10 - 000000000 ____D C:\Users\khana\AppData\Local\TslGame
2024-02-06 15:10 - 2024-02-06 15:10 - 000000000 ____D C:\Users\khana\AppData\Local\BattlEye
2024-02-06 15:09 - 2024-03-10 16:18 - 000000000 ____D C:\Program Files\Common Files\PUBG
2024-02-06 15:09 - 2024-03-10 15:37 - 000215864 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2024-02-06 15:09 - 2024-02-06 15:09 - 000000000 ____D C:\Users\khana\AppData\Local\WELLBIA
2024-02-06 15:09 - 2024-02-06 15:09 - 000000000 ____D C:\Program Files\Common Files\Wellbia.com
2024-02-05 23:27 - 2024-02-05 23:27 - 000000000 ____D C:\Users\khana\Desktop\see
2024-02-05 23:09 - 2024-02-05 23:09 - 000000000 ____D C:\Users\khana\Desktop\232
2024-02-05 21:36 - 2024-02-05 21:47 - 000000000 ____D C:\Users\khana\Desktop\berry-react-material-next-js-3.8.0
2024-02-05 21:34 - 2023-12-28 02:17 - 000000000 ____D C:\Users\khana\Desktop\ecomvue-dev
2024-02-05 21:20 - 2024-02-05 21:38 - 000000000 ____D C:\Users\khana\Desktop\berry-material-react-3.7.0
2024-02-05 18:57 - 2024-02-05 18:57 - 000000000 ____D C:\Users\khana\AppData\Local\node-gyp
2024-02-05 18:56 - 2023-07-23 13:12 - 000000000 ____D C:\Users\khana\Desktop\berry-react-remix-js-1.1.0
2024-02-05 16:24 - 2024-02-05 16:24 - 000000000 ____D C:\Users\khana\Desktop\1
2024-02-05 15:44 - 2024-02-05 15:44 - 000000000 ____D C:\Users\khana\AppData\Local\fanal
2024-02-05 15:33 - 2024-02-05 15:33 - 000002599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL.lnk
2024-02-05 15:33 - 2024-02-05 15:33 - 000000000 ____D C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\docker-desktop-data
2024-02-05 15:33 - 2024-02-05 15:33 - 000000000 ____D C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\docker-desktop
2024-02-05 15:33 - 2024-02-05 15:33 - 000000000 ____D C:\Program Files\WSL
2024-02-05 15:32 - 2024-02-18 19:10 - 000000000 ____D C:\Users\khana\AppData\Roaming\Adobe
2024-02-05 15:32 - 2024-02-06 04:21 - 000000000 ____D C:\Users\khana\AppData\Roaming\Docker Desktop
2024-02-05 15:32 - 2024-02-05 15:45 - 000000000 ____D C:\Users\khana\.docker
2024-02-05 15:32 - 2024-02-05 15:33 - 000000000 ____D C:\Users\khana\AppData\Local\Docker
2024-02-05 15:31 - 2024-04-29 21:59 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-02-05 15:30 - 2024-03-03 22:07 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2024-02-05 15:28 - 2024-02-05 15:28 - 000002146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2024-02-05 15:28 - 2024-02-05 15:28 - 000002140 _____ C:\Users\khana\Desktop\Docker Desktop.lnk
2024-02-05 15:26 - 2024-02-05 15:33 - 000000000 ____D C:\Users\khana\AppData\Roaming\Docker
2024-02-05 15:26 - 2024-02-05 15:28 - 000000000 ____D C:\ProgramData\DockerDesktop
2024-02-05 15:26 - 2024-02-05 15:28 - 000000000 ____D C:\Program Files\Docker
2024-02-05 14:58 - 2024-02-05 14:58 - 000000121 _____ C:\Users\khana\.yarnrc
2024-02-05 04:01 - 2024-02-05 04:08 - 000000000 ____D C:\Users\khana\Desktop\client
2024-02-05 02:56 - 2024-04-10 10:12 - 000000000 ____D C:\Users\khana\Desktop\seed
2024-02-05 02:56 - 2024-02-05 21:50 - 000000000 ____D C:\Users\khana\Desktop\full-version
2024-02-05 02:49 - 2023-12-07 19:12 - 197394265 _____ C:\Users\khana\Desktop\berry-figma-v3.8.0.fig

==================== Три месяца (изменён) ==================

(Если запись включена в лист исправлений, файл/папка будут перемещены.)

2024-05-05 02:42 - 2024-01-19 17:51 - 000000000 ____D C:\FRST
2024-05-05 02:27 - 2024-01-03 17:36 - 000897920 _____ C:\WINDOWS\system32\perfh019.dat
2024-05-05 02:27 - 2024-01-03 17:36 - 000192280 _____ C:\WINDOWS\system32\perfc019.dat
2024-05-05 02:27 - 2024-01-03 13:52 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-05 02:26 - 2024-01-03 13:56 - 000000000 ____D C:\Users\khana\AppData\Roaming\discord
2024-05-05 02:25 - 2024-01-03 17:35 - 000000000 ____D C:\Program Files\Common Files\System
2024-05-05 02:22 - 2024-01-03 17:35 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-05-05 02:22 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\INF
2024-05-05 02:20 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\ServiceState
2024-05-05 02:20 - 2024-01-03 14:01 - 000000000 ____D C:\SteamLibrary
2024-05-05 02:20 - 2024-01-03 13:56 - 000000000 ____D C:\Users\khana\AppData\Local\Discord
2024-05-05 02:20 - 2024-01-03 13:50 - 000109304 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe
2024-05-05 02:20 - 2024-01-03 13:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-05 02:20 - 2024-01-03 13:42 - 000000000 ____D C:\ProgramData\NVIDIA
2024-05-05 02:20 - 2024-01-03 13:41 - 001209656 _____ C:\WINDOWS\system32\wpbbin.exe
2024-05-05 02:20 - 2024-01-03 13:41 - 001181944 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe
2024-05-05 02:19 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-05-05 02:19 - 2024-01-03 17:33 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-05-05 02:19 - 2024-01-03 13:43 - 000000000 ____D C:\Users\khana
2024-05-05 02:16 - 2024-01-19 17:52 - 000000000 ____D C:\Program Files\CPUID
2024-05-05 01:56 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-05 01:55 - 2024-01-03 13:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-05 01:54 - 2024-01-03 17:35 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-05 01:54 - 2024-01-03 17:35 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-05 01:54 - 2024-01-03 17:35 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-05 01:54 - 2023-03-04 14:25 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-05-05 00:50 - 2024-01-24 02:23 - 000000000 ____D C:\Users\khana\AppData\Local\CrashDumps
2024-05-04 23:43 - 2024-01-26 13:39 - 000000000 ____D C:\Users\khana\AppData\Roaming\Leppsoft
2024-05-03 09:32 - 2023-03-04 18:21 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-03 08:51 - 2024-01-03 13:54 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-02 14:18 - 2024-01-03 13:52 - 000000000 ____D C:\Users\khana\AppData\Local\D3DSCache
2024-05-01 23:07 - 2024-01-16 21:58 - 000000000 ____D C:\Users\khana\AppData\Roaming\qBittorrent
2024-05-01 13:13 - 2024-01-03 13:54 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-30 17:36 - 2023-04-19 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FPS Monitor
2024-04-29 22:03 - 2024-01-03 14:31 - 000052016 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\Drivers\gdrv3.sys
2024-04-29 22:03 - 2024-01-03 13:52 - 000000000 ____D C:\Program Files (x86)\Gigabyte
2024-04-29 22:03 - 2023-03-04 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigabyte
2024-04-27 15:29 - 2024-01-03 13:52 - 000000000 ____D C:\Users\khana\AppData\Roaming\Code
2024-04-27 13:31 - 2024-01-03 13:41 - 000452408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\system32\setup
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-04-27 13:30 - 2024-01-03 17:35 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-04-27 13:30 - 2024-01-03 17:33 - 000000000 ____D C:\WINDOWS\servicing
2024-04-27 13:30 - 2024-01-03 13:42 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-04-26 16:26 - 2024-01-03 17:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-26 15:52 - 2024-01-03 13:44 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-25 22:07 - 2024-01-13 19:54 - 000000000 ____D C:\Users\khana\AppData\Roaming\Microsoft\Office
2024-04-25 21:15 - 2024-01-13 19:54 - 000000000 ____D C:\Users\khana\AppData\Roaming\Microsoft\Word
2024-04-24 18:32 - 2024-01-14 20:03 - 000000000 ____D C:\Users\khana\AppData\Roaming\GitHub Desktop
2024-04-24 18:32 - 2024-01-03 13:56 - 000000000 ____D C:\Users\khana\AppData\Local\SquirrelTemp
2024-04-24 13:01 - 2024-01-03 13:50 - 000000000 ____D C:\Users\khana\AppData\Local\Packages
2024-04-24 12:39 - 2024-01-03 17:35 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-24 12:39 - 2023-03-04 18:20 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-22 21:42 - 2024-01-03 19:37 - 000000000 ____D C:\Users\khana\AppData\Roaming\Figma
2024-04-22 21:28 - 2024-01-03 19:37 - 000000000 ____D C:\Users\khana\AppData\Local\FigmaAgent
2024-04-21 18:20 - 2024-01-03 19:37 - 000001280 _____ C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Figma.lnk
2024-04-21 18:20 - 2024-01-03 19:37 - 000000000 ____D C:\Users\khana\AppData\Local\Figma
2024-04-20 16:05 - 2023-11-11 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2024-04-17 15:44 - 2023-03-04 15:43 - 000000000 ____D C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-04-12 14:05 - 2024-01-03 14:11 - 000000000 ____D C:\Program Files\Microsoft Office
2024-04-09 01:25 - 2024-01-03 13:42 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-04-09 01:19 - 2023-03-15 16:29 - 000000000 ____D C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2024-04-06 20:28 - 2024-01-03 13:59 - 000000000 ____D C:\Users\khana\AppData\Local\Steam
2024-04-05 01:03 - 2024-01-03 19:50 - 000000000 ____D C:\Users\khana\AppData\Local\cache

==================== Файлы в корне каталогов ========

2024-03-03 23:28 - 2024-05-05 00:45 - 000007589 _____ () C:\Users\khana\AppData\Local\Resmon.ResmonCfg
2024-01-03 21:00 - 2024-01-03 21:00 - 000000003 _____ () C:\Users\khana\AppData\Local\updater.log
2024-01-03 21:00 - 2024-01-03 21:00 - 000000424 _____ () C:\Users\khana\AppData\Local\UserProducts.xml

==================== SigCheckExt =========================

2024-01-19 17:51 - 2024-01-19 17:51 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2006-08-26 12:17 - 2006-08-26 12:17 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2011-01-13 01:53 - 2011-01-13 01:53 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2006-08-26 13:07 - 2006-08-26 13:07 - 001024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2006-08-26 13:15 - 2006-08-26 13:15 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll
2006-08-26 13:15 - 2006-08-26 13:15 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll
2006-08-26 13:15 - 2006-08-26 13:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll
2006-08-26 13:15 - 2006-08-26 13:15 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll
2006-08-26 13:15 - 2006-08-26 13:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll
2006-08-26 13:15 - 2006-08-26 13:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll
2006-08-26 13:15 - 2006-08-26 13:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll
2006-08-26 13:15 - 2006-08-26 13:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll
2006-08-26 13:15 - 2006-08-26 13:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll
2006-08-26 13:28 - 2006-08-26 13:28 - 001017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2011-01-13 02:19 - 2011-01-13 02:19 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2011-01-13 02:25 - 2011-01-13 02:25 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71chs.dll
2011-01-13 02:25 - 2011-01-13 02:25 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71cht.dll
2011-01-13 02:25 - 2011-01-13 02:25 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71deu.dll
2011-01-13 02:25 - 2011-01-13 02:25 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71enu.dll
2011-01-13 02:25 - 2011-01-13 02:25 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71esp.dll
2011-01-13 02:25 - 2011-01-13 02:25 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71fra.dll
2011-01-13 02:25 - 2011-01-13 02:25 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71ita.dll
2011-01-13 02:25 - 2011-01-13 02:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71jpn.dll
2011-01-13 02:25 - 2011-01-13 02:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71kor.dll
2011-01-13 02:36 - 2011-01-13 02:36 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2001-08-23 13:00 - 2001-08-23 13:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2005-01-21 08:25 - 2005-01-21 08:25 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2002-01-05 18:40 - 2002-01-05 18:40 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll
2007-02-02 11:13 - 2007-02-02 11:13 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2007-01-31 11:04 - 2007-01-31 11:04 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2007-02-02 08:11 - 2007-02-02 08:11 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
1993-07-24 08:31 - 1993-07-24 08:31 - 000210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll
1996-01-12 16:00 - 1996-01-12 16:00 - 000722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb40032.dll
2024-05-05 01:52 - 2024-05-04 09:10 - 009838588 _____ (Company © regist) C:\Users\khana\Desktop\242342.exe
2024-05-05 01:51 - 2024-05-04 09:10 - 009838588 _____ (Company © regist) C:\Users\khana\Downloads\AVbr.exe
2024-05-05 01:12 - 2024-05-05 02:42 - 002394112 _____ (Farbar) C:\Users\khana\Downloads\farbar-recovery-scan-tool-04-04-2024 (1).exe
2024-05-05 00:55 - 2024-05-05 00:55 - 002394112 _____ (Farbar) C:\Users\khana\Downloads\farbar-recovery-scan-tool-04-04-2024.exe
2024-05-04 21:41 - 2024-05-04 21:41 - 002249913 _____ (EFD Software ) C:\Users\khana\Downloads\hdtunepro_575_trial (1).exe
2024-05-04 21:13 - 2024-05-04 21:13 - 002249913 _____ (EFD Software ) C:\Users\khana\Downloads\hdtunepro_575_trial.exe
2024-04-13 17:16 - 2024-04-13 17:16 - 001344557 _____ (FreeTP.Org - Lightyear Frontier Multiplayer Fix ) C:\Users\khana\Downloads\[FreeTP.Org]Lightyear-Frontier-Multiplayer-Fix-Online.exe
2024-05-01 23:05 - 2024-05-01 23:05 - 001526997 _____ (FreeTP.Org - Stick Fight The Game Multiplayer Fix ) C:\Users\khana\Downloads\[FreeTP.Org]Stick-Fight-The-Game-Multiplayer-Fix-Online-v2.exe

==================== SigCheck ============================

(Нет автоматического исправления файлов, которые не проходят проверку.)


==================== BCD ================================

Диспетчер загрузки микропрограмм
---------------------
идентификатор           {fwbootmgr}
displayorder            {bootmgr}
timeout                 1

Диспетчер загрузки Windows
--------------------
идентификатор           {bootmgr}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  ru-RU
inherit                 {globalsettings}
default                 {current}
resumeobject            {38ba9063-aa24-11ee-9cb9-c10cf7fc4470}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Загрузка Windows
-------------------
идентификатор           {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 10
locale                  ru-RU
inherit                 {bootloadersettings}
recoverysequence        {8f9c13dd-ba7e-11ed-ab69-f7989c2930e7}
displaymessageoverride  Recovery
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {38ba9063-aa24-11ee-9cb9-c10cf7fc4470}
nx                      OptIn
bootmenupolicy          Standard
hypervisorlaunchtype    Auto

Загрузка Windows
-------------------
идентификатор           {8f9c13dd-ba7e-11ed-ab69-f7989c2930e7}
device                  ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{8f9c13de-ba7e-11ed-ab69-f7989c2930e7}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  ru-ru
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  PushButtonReset
osdevice                ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{8f9c13de-ba7e-11ed-ab69-f7989c2930e7}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Выход из режима гибернации
--------------------------
идентификатор           {38ba9063-aa24-11ee-9cb9-c10cf7fc4470}
device                  partition=C:
path                    \WINDOWS\system32\winresume.efi
description             Windows Resume Application
locale                  ru-RU
inherit                 {resumeloadersettings}
recoverysequence        {8f9c13dd-ba7e-11ed-ab69-f7989c2930e7}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Проверка памяти Windows
---------------------
идентификатор           {memdiag}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\memtest.efi
description             Диагностика памяти
locale                  ru-RU
inherit                 {globalsettings}
badmemoryaccess         Yes

Параметры EMS
-------------
идентификатор           {emssettings}
bootems                 No

Параметры отладчика
-------------------
идентификатор           {dbgsettings}
debugtype               Local

Дефекты ОЗУ
-----------
идентификатор           {badmemory}

Глобальные параметры
--------------------
идентификатор           {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Параметры загрузчика
--------------------
идентификатор           {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Параметры гипервизора
-------------------
идентификатор           {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Параметры загрузчика восстановления
-----------------------------------
идентификатор           {resumeloadersettings}
inherit                 {globalsettings}

Параметры устройств
-------------------
идентификатор           {8f9c13de-ba7e-11ed-ab69-f7989c2930e7}
description             Windows Recovery
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

==================== Конец от FRST.txt ========================


Результаты дополнительного сканирования Farbar Recovery Scan Tool (x64) Версия: 19.04.2024 01
Запущено с помощью khana (05-05-2024 02:44:22)
Запущено из C:\Users\khana\Downloads
Майкрософт Windows 10 Pro Версия 22H2 19045.4355 (X64) (2024-01-03 06:49:56)
Режим загрузки: Normal
==========================================================


==================== Учетные записи: =============================


(Если запись включена в fixlist, она будет удалена)

DefaultAccount (S-1-5-21-4232493208-3311039133-4267975668-503 - Limited - Disabled)
khana (S-1-5-21-4232493208-3311039133-4267975668-1001 - Administrator - Enabled) => C:\Users\khana
WDAGUtilityAccount (S-1-5-21-4232493208-3311039133-4267975668-504 - Limited - Disabled)
Администратор (S-1-5-21-4232493208-3311039133-4267975668-500 - Administrator - Disabled) => C:\Users\Администратор
Гость (S-1-5-21-4232493208-3311039133-4267975668-501 - Limited - Disabled)

==================== Центр безопасности ========================

(Если запись включена в fixlist, она будет удалена)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Установленные программы ======================

(В fixlist можно добавлять только рекламные программы с флагом «Скрытый», чтобы отобразить их.)

@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.23.0718.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.23.0718.1 - GIGABYTE)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_4) (Version: 25.4.0.319 - Adobe Inc.)
AIDA64 Extreme v7.20 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 7.20 - FinalWire Ltd.)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.24.0315.1 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.24.0315.1 - Gigabyte)
CPUID CPU-Z 2.09 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.09 - CPUID, Inc.)
Discord (HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Discord) (Version: 1.0.9028 - Discord Inc.)
Docker Desktop (HKLM\...\Docker Desktop) (Version: 4.27.1 - Docker Inc.)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.5.2 - DEV47APPS)
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.23.1123 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.23.1123 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.23.1123 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.23.1123 - GIGABYTE)
Epic Games Launcher (HKLM-x32\...\{0130A13A-FC14-4964-A601-386B49D93FD5}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
FIFA 23 (HKLM-x32\...\FIFA 23_is1) (Version:  - torrent-igruha.org)
Figma (HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Figma) (Version: 116.17.13 - Figma, Inc.)
Figma Agent (HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\FigmaAgent) (Version: 116.17.12 - Figma, Inc.)
FPS Monitor (HKLM-x32\...\FPS Monitor_is1) (Version: 1 - )
Git (HKLM\...\Git_is1) (Version: 2.43.0 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\GitHubDesktop) (Version: 3.3.8 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.119 - Google LLC)
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.19.0624.1 - GIGABYTE)
Hamachi (HKLM-x32\...\{C00E2143-38F2-49BA-AB8A-03F22F02F0A4}) (Version: 2.3.0.111 - LogMeIn, Inc.) Hidden
Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.3.0.111 - LogMeIn, Inc.)
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Java 8 Update 401 (HKLM-x32\...\{71024AE4-039E-4CA4-87B4-2F32180401F0}) (Version: 8.0.4010.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Malwarebytes version 5.1.3.110 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.3.110 - Malwarebytes)
Microsoft .NET Core Host - 3.1.8 (x64) (HKLM\...\{D375EE6D-18EF-4EC9-8260-555DEB0EE4EC}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.8 (x64) (HKLM\...\{907E0A78-B4DF-4E35-9878-FEE2F22B6852}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.8 (x64) (HKLM\...\{912B84A5-61CC-4308-B244-5C34C2C02899}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.4 (x64) (HKLM\...\{85D9FDA9-B82F-4DC6-A598-DC5EEE78ABFB}) (Version: 64.16.12025 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.4 (x64) (HKLM\...\{2DF8788F-CE7B-4D48-AE13-00F807A959CC}) (Version: 64.16.12025 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.4 (x64) (HKLM\...\{F03725EC-977F-4425-A568-05D0B3DB9F15}) (Version: 64.16.12025 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.80 - Корпорация Майкрософт)
Microsoft Office LTSC профессиональный плюс 2021 - ru-ru (HKLM\...\ProPlus2021Volume - ru-ru) (Version: 16.0.14332.20685 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM\...\{F3871724-6A58-425C-8E4C-4A54935AA68F}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM-x32\...\{3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}) (Version: 3.1.8.29220 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.4 (x64) (HKLM\...\{4B91040F-9192-4D51-B1CE-36B959846C8D}) (Version: 64.16.12024 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.4 (x64) (HKLM-x32\...\{93344293-35c0-4560-8a6c-1b06afd31de4}) (Version: 8.0.4.33519 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movavi Screen Recorder (HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Movavi Screen Recorder) (Version: 24.0.0 - Movavi)
Movavi Suite (HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Movavi Suite) (Version: 2.2.0 - Movavi)
Movavi Video Converter (HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Movavi Video Converter) (Version: 24.0.0 - Movavi)
Movavi Video Editor 24 (HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\Movavi Video Editor 24) (Version: 24.2.1 - Movavi)
Node.js (HKLM\...\{3BC1471A-748E-48EE-94F3-024920ADA553}) (Version: 20.10.0 - Node.js Foundation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20685 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20685 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0419-1000-0000000FF1CE}) (Version: 16.0.14332.20624 - Microsoft Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{8C5CF4CE-D589-40B4-A77F-01FD64602C50}) (Version: 2.4.0 - Paradox Interactive)
PlanetVPN-2.7.65.44 (HKLM-x32\...\{33eecf4f-167f-4fa6-9e3e-5a4be965965c}_is1) (Version: 2.7.65.44 - PlanetVPN)
PTC Diagnostic Tools (HKLM\...\{D30CC61A-E841-401C-BF1D-B1BC5100BE8A}) (Version: 9.0.4.0 - PTC)
PTC Mathcad Prime 9.0.0.0 (HKLM\...\{FC38B6C5-11F6-40E6-A8C5-D73D517F54FE}) (Version: 9.0.0.0 - PTC)
Python 3.12.1 (64-bit) (HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\{86e52725-ef45-452f-ac4c-b8958718bfea}) (Version: 3.12.1150.0 - Python Software Foundation)
Python 3.12.1 Add to Path (64-bit) (HKLM\...\{946DC818-F8CA-463A-BE16-946EB508BD48}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Core Interpreter (64-bit) (HKLM\...\{AC82C1A3-9597-40F2-893D-F02F778FBA4D}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Development Libraries (64-bit) (HKLM\...\{8C53CBDD-4DAF-426F-9478-6C7C2920CDDA}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Documentation (64-bit) (HKLM\...\{62667662-A580-409C-8044-55B06F774AE2}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Executables (64-bit) (HKLM\...\{44BC9F9C-15C2-46C1-B88D-3135A9DA555F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 pip Bootstrap (64-bit) (HKLM\...\{1662F43B-2337-4FD8-8CE6-BEA38FC94DD4}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Standard Library (64-bit) (HKLM\...\{47957EE3-0E23-4075-B825-F202E913670F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Tcl/Tk Support (64-bit) (HKLM\...\{926CDC62-3AE2-422B-9858-D6EC3BAD473F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Test Suite (64-bit) (HKLM\...\{E309AE00-4FB1-4817-9172-7E198668375D}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{4C8D4EC3-F620-4CEE-8BAD-B59A3C6815F3}) (Version: 3.12.1150.0 - Python Software Foundation)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.2 - The qBittorrent project)
Radmin VPN 1.4.1 (HKLM-x32\...\{F8CD7C5F-00E2-43AD-A7FF-D6DC0882AA97}) (Version: 1.4.4642.1 - Famatech)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2_is1) (Version:  - torrent-igruha.org)
SIGame (HKLM\...\{CAAE3D4C-18D0-40A9-A9C2-5F50AF2FD8F2}) (Version: 7.11.11 - Khil-soft)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.23.1123 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.23.1123 - GIGABYTE)
Smart Backup (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.21.0326.1 - GIGABYTE)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stick Fight (HKLM-x32\...\Stick Fight_is1) (Version:  - )
TablePlus 5.8.0 (HKLM\...\TablePlus_is1) (Version: 5.8.0 - TablePlus, Inc)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
ViGEm Bus Driver (HKLM\...\{966606F3-2745-49E9-BF15-5C3EAA4E9077}) (Version: 1.22.0 - Nefarius Software Solutions e.U.)
Windows Subsystem for Linux (HKLM\...\{B65C3390-98CD-4624-B0CC-F44416BDF6A3}) (Version: 2.0.14.0 - Microsoft Corporation)
WinRAR 6.24 (64-разрядная) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Среда выполнения Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.67 - Корпорация Майкрософт)

Packages:
=========

Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-05-05] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-05-05] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.35.266.0_x64__dt26b99r8h8gj [2024-05-05] (Realtek Semiconductor Corp)
Домашняя версия для разработчиков -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1300.477.0_x64__8wekyb3d8bbwe [2024-05-05] (Microsoft Corporation)
Яндекс.Музыка -> C:\Program Files\WindowsApps\A025C540.Yandex.Music_4.54.8517.0_x64__vfvw9svesycw6 [2024-01-03] (Yandex) [Startup Task]

==================== Пользовательские CLSID (В белом списке): ==============

(Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.)

CustomCLSID: HKU\S-1-5-21-4232493208-3311039133-4267975668-1001_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}\InprocServer32 -> отсутствует путь к файлу
CustomCLSID: HKU\S-1-5-21-4232493208-3311039133-4267975668-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> отсутствует путь к файлу
CustomCLSID: HKU\S-1-5-21-4232493208-3311039133-4267975668-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> отсутствует путь к файлу
CustomCLSID: HKU\S-1-5-21-4232493208-3311039133-4267975668-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\khana\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-4232493208-3311039133-4267975668-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999}\localserver32 -> C:\WINDOWS\System32\RunDll32.exe "D:\Reg Organizer\Notifications.dll",Activate -ToastActivated => Нет файла
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002\amd64\FileSyncShell64.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\nvshext.dll [2023-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (В белом списке) ====================

==================== Ярлыки & WMI ========================

(Записи могут быть перечислены для восстановления или удаления.)

Shortcut: C:\Users\khana\3D Objects\Музыка - Ярлык.lnk -> C:\Users\khana\Music () <==== Cyrillic
Shortcut: C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Новости в последней версии.lnk -> D:\Winrar\WhatsNew.txt () <==== Cyrillic
Shortcut: C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Руководство по консольной версии RAR.lnk -> D:\Winrar\Rar.txt () <==== Cyrillic
Shortcut: C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Справка WinRAR.lnk -> D:\Winrar\WinRAR.chm () <==== Cyrillic
Shortcut: C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Деинсталлировать Telegram.lnk -> D:\Telegram Desktop\unins000.exe (Telegram FZ-LLC                                             ) <==== Cyrillic
Shortcut: C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Suite\Сайт Movavi Suite.lnk -> D:\movavi\Movavi Suite\Movavi Suite.url () <==== Cyrillic
Shortcut: C:\Users\khana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Suite\Удалить Movavi Suite.lnk -> D:\movavi\Movavi Suite\uninst.exe (Movavi) <==== Cyrillic
Shortcut: C:\Users\khana\AppData\Roaming\Microsoft\Windows\SendTo\Передача файлов через Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic
ShortcutWithArgument: C:\Users\khana\AppData\Roaming\Microsoft\Windows\SendTo\Получатель факса.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo <==== Cyrillic
ShortcutWithArgument: C:\Users\khana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\SeliRyzh - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Загруженные модули (В белом списке) =============

2015-10-14 01:15 - 2015-10-14 01:15 - 002042368 _____ (TODO: <Company name>) [Файл не подписан] C:\Program Files (x86)\Gigabyte\AppCenter\osvi.dll

==================== Alternate Data Streams (В белом списке) ========

(Если запись включена в fixlist, будет удален только ADS (альтернативный поток данных).)

AlternateDataStreams: C:\Users\khana\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\khana\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

==================== Безопасный режим (В белом списке) ==================

(Если запись включена в fixlist, она будет удалена из реестра. Значение "AlternateShell" будет восстановлено.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Ассоциация (В белом списке) =================

==================== Internet Explorer (В белом списке) ==========

BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts содержимое: =========================

(При необходимости, директива Hosts: может быть включена в fixlist для сброса файла Hosts)

2024-05-05 02:17 - 2024-05-05 02:17 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Другие области ===========================

(В настоящее время нет автоматического исправления для этого раздела.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;D:\nodejs\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Docker\Docker\resources\bin;C:\Program Files\dotnet\
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4232493208-3311039133-4267975668-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Брандмауэр Windows включён

==================== MSCONFIG/TASK MANAGER отключённые элементы ==

(Если запись включена в fixlist, она будет удалена)

MSCONFIG\Services: zksvc => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKLM\...\StartupApproved\Run32: => "ATNSOFT Text Paster"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_266031EE53AEAB157DBD7CABFC5A7A0D"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_2F2D39F565634825059C9D78EECA0354"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "Figma Agent"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "Docker Desktop"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "movavi_suiteplatform_2.2.0_suiteplatform"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "movavi_suiteplatform_agent"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "movavi_videoconverter_agent"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "PlanetVPN"
HKU\S-1-5-21-4232493208-3311039133-4267975668-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== Правила Брандмауэра (В белом списке) ================

(Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.)

FirewallRules: [{2ED01467-E3C2-4FCE-A46E-40FBE643234A}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{AF91A379-D6EB-4621-B935-2050D251FE35}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{1C889794-435B-4D29-AACB-0FF342EDD57C}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{75CBDFC7-9EDC-45EE-81EA-2B922679C018}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0DB2F639-D0BF-4F91-8849-B00D4385477A}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{348F1C44-2F5D-4124-895F-E228F5429FBC}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0E5298E5-21F1-438D-B13D-101EB462B10F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA2D20EC-D928-4439-BFA1-C48449EADBCA}] => (Allow) LPort=9009
FirewallRules: [{75F94AE4-4741-4FDF-B4F2-CC6E1B5B97DE}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> )
FirewallRules: [{0D6F90D3-EAD2-4455-A1A7-4A31B92C40DF}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> )
FirewallRules: [{C6FCA302-A7B2-45C9-8BDC-AC98B92606D1}] => (Allow) LPort=9009
FirewallRules: [{2BDC31D0-AF38-4F66-8281-9E36302740A3}] => (Allow) LPort=9009
FirewallRules: [{6C943761-8B05-4505-9622-B3FC64C52438}] => (Allow) LPort=9009
FirewallRules: [{283FD14E-1C3C-4411-BB75-1EEDB925938E}] => (Allow) LPort=9009
FirewallRules: [{673E8E88-90E6-410E-921F-342CF200005B}] => (Allow) LPort=9009
FirewallRules: [{6DC002B6-3955-4E05-A014-8FB8691A7A2A}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{D6F2639E-FE1A-46CF-AE6F-5CBBA94F7B32}D:\nodejs\node.exe] => (Allow) D:\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [UDP Query User{4408F952-401B-4FDC-89B9-6EAC6E4774F9}D:\nodejs\node.exe] => (Allow) D:\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [{6155EFD4-46BA-4295-A2E9-EE19408791AD}] => (Allow) LPort=9009
FirewallRules: [{97AB9B08-A238-4B10-B5D8-A93CE8467471}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{000FA5A6-5A56-4118-80F7-09F56FE06907}D:\microsoft vs code\code.exe] => (Allow) D:\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{BDAEF3D5-B157-4B5E-BF39-76C54EB28417}D:\microsoft vs code\code.exe] => (Allow) D:\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2FCC4772-2FD8-4B90-8ECA-154158A65DA0}D:\droidcam\droidcamapp.exe] => (Allow) D:\droidcam\droidcamapp.exe (DEV47 APPS LTD. -> )
FirewallRules: [UDP Query User{23D2FA01-68B0-4191-831C-0301D5DB9F56}D:\droidcam\droidcamapp.exe] => (Allow) D:\droidcam\droidcamapp.exe (DEV47 APPS LTD. -> )
FirewallRules: [{EDFB97CC-3129-4D01-916E-1722C89EC1E5}] => (Allow) D:\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Файл не подписан]
FirewallRules: [{55A4B338-58D9-42F3-8A3C-391444FFD969}] => (Allow) D:\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Файл не подписан]
FirewallRules: [{18365ED0-3EB8-4935-AC60-3CF6688D8056}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [Файл не подписан]
FirewallRules: [{9CFB40A0-E1E2-40FE-8AFE-4E44F0A02BE9}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [Файл не подписан]
FirewallRules: [{6C130E35-2612-4A90-8A75-1B7877C8EF0E}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [Файл не подписан]
FirewallRules: [{9B8A2335-7C79-4414-9EF3-55613F10028D}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [Файл не подписан]
FirewallRules: [{75427F21-6FD8-4F0E-90D5-CE05EA603369}] => (Allow) LPort=9009
FirewallRules: [{6AFC71D2-F918-453A-819E-9414A5C113FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C893F3F3-6C97-4C7A-88D8-87F9CCA91B8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DECBACC6-9FF8-4522-B264-8E5D909778BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{38CB7082-F164-46AD-BE71-61A91442C3C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A9EB5CA5-ECBC-41D2-B635-1D1891E6AABF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3DF788B0-3635-4C2A-B034-A269BCB078BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{755F47CA-2ECB-46FE-A18C-96C6A80DA84C}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{248F8C44-3597-4DA6-B01C-A165E674E29A}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe (Docker Inc -> Docker Inc.)
FirewallRules: [UDP Query User{DBD49739-9EC7-4835-9C2D-CF8CFD9CABF5}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe (Docker Inc -> Docker Inc.)
FirewallRules: [{66F09064-6EB7-4059-B2AD-A92D53CE5E4C}] => (Block) C:\program files\docker\docker\resources\com.docker.backend.exe (Docker Inc -> Docker Inc.)
FirewallRules: [{F68C894D-24D4-40D1-9997-C8597A5BD439}] => (Block) C:\program files\docker\docker\resources\com.docker.backend.exe (Docker Inc -> Docker Inc.)
FirewallRules: [TCP Query User{2DF1DC2C-0D1D-4AAB-9E50-8EFE998200DD}D:\telegram desktop\telegram.exe] => (Allow) D:\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{339E5C51-D833-4BF2-9101-37057764C7B3}D:\telegram desktop\telegram.exe] => (Allow) D:\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{6760D234-725E-4A00-8038-18A337558B0D}] => (Block) D:\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{6CBD9D35-863D-4018-B559-F4C2ACFC3FB8}] => (Block) D:\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{44BC4DB8-E09B-4FFC-88A2-F23A7D35A523}C:\users\khana\appdata\roaming\.vimeworld\jre\brainstorm\windows-amd64\bin\javaw.exe] => (Allow) C:\users\khana\appdata\roaming\.vimeworld\jre\brainstorm\windows-amd64\bin\javaw.exe
FirewallRules: [UDP Query User{06245A53-3E10-4DEB-8737-B4CF0E1A2DC0}C:\users\khana\appdata\roaming\.vimeworld\jre\brainstorm\windows-amd64\bin\javaw.exe] => (Allow) C:\users\khana\appdata\roaming\.vimeworld\jre\brainstorm\windows-amd64\bin\javaw.exe
FirewallRules: [{B0551FB4-72B2-42A7-B940-DF040DFC3E54}] => (Block) C:\users\khana\appdata\roaming\.vimeworld\jre\brainstorm\windows-amd64\bin\javaw.exe
FirewallRules: [{EB68A56E-C8D2-45C6-9863-47C6279BA08D}] => (Block) C:\users\khana\appdata\roaming\.vimeworld\jre\brainstorm\windows-amd64\bin\javaw.exe
FirewallRules: [{9FCECAFE-894A-4861-AE2D-8D61EB766DF3}] => (Allow) LPort=9009
FirewallRules: [{E64B02D3-49E6-4C53-8DDB-F8E957641624}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{BC2C7ABF-83F5-4455-9264-0CF9E8221F73}C:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) C:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{F98750E6-9F03-46C3-A209-1DEE40278F15}C:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) C:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{26FFEDFD-0DA7-43CA-A2CF-88B04721C503}] => (Block) C:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{770C3460-A11F-4772-8122-337DCAA75670}] => (Block) C:\steamlibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{C62FE5B6-9DD4-4ED9-A13F-2FCFF20A260D}C:\steamlibrary\steamapps\common\the finals\discovery\binaries\win64\discovery.exe] => (Allow) C:\steamlibrary\steamapps\common\the finals\discovery\binaries\win64\discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [UDP Query User{0945B32E-3CC8-4F42-B9B4-E83D3521584D}C:\steamlibrary\steamapps\common\the finals\discovery\binaries\win64\discovery.exe] => (Allow) C:\steamlibrary\steamapps\common\the finals\discovery\binaries\win64\discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [{4F6469D4-1C28-48A2-A141-D8FA41CC8246}] => (Allow) LPort=9009
FirewallRules: [{098468A8-8D10-473B-955E-23AEF224A97D}] => (Allow) LPort=9009
FirewallRules: [{1B87C54F-5C3D-4948-9E4B-9F9B8A96EA9A}] => (Allow) LPort=9009
FirewallRules: [{519C71DA-38F0-470A-BE8B-B7A765289C43}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{0F3126D2-5CE2-4950-A649-31A5B7235D84}D:\movavi\movavi suite\qtwebengineprocess.exe] => (Allow) D:\movavi\movavi suite\qtwebengineprocess.exe (Movavi Software Limited -> The Qt Company Ltd.)
FirewallRules: [UDP Query User{CECA76A3-DB43-4A50-B224-B279789B963B}D:\movavi\movavi suite\qtwebengineprocess.exe] => (Allow) D:\movavi\movavi suite\qtwebengineprocess.exe (Movavi Software Limited -> The Qt Company Ltd.)
FirewallRules: [{67EFFCE3-4402-4B88-BB19-ECE3DEB148C5}] => (Block) D:\movavi\movavi suite\qtwebengineprocess.exe (Movavi Software Limited -> The Qt Company Ltd.)
FirewallRules: [{5513878F-DCF4-43D3-BB07-52A8D2187E22}] => (Block) D:\movavi\movavi suite\qtwebengineprocess.exe (Movavi Software Limited -> The Qt Company Ltd.)
FirewallRules: [{ACC18AD5-50C1-4148-BC7A-C29AA5FD04A8}] => (Allow) LPort=9009
FirewallRules: [{B83246EF-9877-49CC-A823-224288ED8961}] => (Allow) LPort=9009
FirewallRules: [{B4E6D690-994E-4F72-831E-8AEC04393B12}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{627DD744-F49A-45C2-A90E-F89843296C8A}C:\program files (x86)\planetvpn\bin\xray\xray.exe] => (Allow) C:\program files (x86)\planetvpn\bin\xray\xray.exe (FREE VPN PLANET S.R.L. -> )
FirewallRules: [UDP Query User{4D46B2FB-5C4F-40FC-8DF4-CCBF9CC4348C}C:\program files (x86)\planetvpn\bin\xray\xray.exe] => (Allow) C:\program files (x86)\planetvpn\bin\xray\xray.exe (FREE VPN PLANET S.R.L. -> )
FirewallRules: [{2E9DE010-02BC-4B65-821D-ECFE1F6A596E}] => (Block) C:\program files (x86)\planetvpn\bin\xray\xray.exe (FREE VPN PLANET S.R.L. -> )
FirewallRules: [{CC357A67-2B17-48C9-9531-A2125A66210D}] => (Block) C:\program files (x86)\planetvpn\bin\xray\xray.exe (FREE VPN PLANET S.R.L. -> )
FirewallRules: [{85C6C11E-1588-4746-AB36-66CB8EC382F5}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.)
FirewallRules: [{B9BA890A-89BC-401F-8301-9AA7B30C3A5F}] => (Allow) C:\SteamLibrary\steamapps\common\Squad\squad_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{4C0EE764-E0E7-4D48-9BAA-788A92423DE1}] => (Allow) C:\SteamLibrary\steamapps\common\Squad\squad_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{E5D97476-1281-4B80-84C3-5D1C5FE16F73}] => (Allow) D:\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [Файл не подписан]
FirewallRules: [{E473B778-E1A6-4D93-B757-81BABB0ABBA3}] => (Allow) D:\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [Файл не подписан]
FirewallRules: [{5A2B0591-E06D-4697-9076-0714977219A9}] => (Allow) LPort=9009
FirewallRules: [{369731EB-46BC-4A86-8687-E37AA0492A87}] => (Allow) LPort=9009
FirewallRules: [{3DD94502-7DEC-4A83-9059-D455E8550B6F}] => (Allow) LPort=9009
FirewallRules: [{55F964A8-7532-43B0-855F-E5FC07DD840B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5CA02F8-5BD9-44D4-B9E7-93D3D2EFF0E0}] => (Allow) LPort=9009
FirewallRules: [{A2489A2F-2FC2-4ADA-A4AB-777AB97DA30B}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{60B8E72F-50CF-466A-A168-694E2E47D693}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{274C0F72-C880-4972-A442-D0AB201F2E40}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{254C31E1-FE8B-449B-B35A-20B8439A06B4}] => (Allow) LPort=9009
FirewallRules: [{D48D0F09-7F77-48E7-B95A-C22574D3F61D}] => (Allow) LPort=9009
FirewallRules: [{7004690E-8221-46EA-9EA1-DD8CC4B6D533}] => (Allow) LPort=9009
FirewallRules: [{83377D2F-AC90-457B-B9EB-CCEABD819C8C}] => (Allow) LPort=9009
FirewallRules: [{DF7F87DF-9A6A-42D1-99C1-D94754C4C523}] => (Allow) LPort=9009

==================== Точки восстановления =========================


==================== Неисправное Устройство в Менеджере Устройств ============


==================== Ошибки журнала событий: ========================

Ошибки приложения:
==================
Error: (05/05/2024 02:32:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Имя сбойного приложения: svchost.exe_wuauserv, версия: 10.0.19041.4355, метка времени: 0x9ce47784
Имя сбойного модуля: ucrtbase.dll, версия: 10.0.19041.3636, метка времени: 0x81cf5d89
Код исключения: 0xc0000409
Смещение ошибки: 0x000000000007286e
Идентификатор сбойного процесса: 0xd10
Время запуска сбойного приложения: 0x01da9e5810c655fb
Путь сбойного приложения: C:\WINDOWS\system32\svchost.exe
Путь сбойного модуля: C:\WINDOWS\System32\ucrtbase.dll
Идентификатор отчета: 52e119ce-948d-434b-aede-aef3f365db17
Полное имя сбойного пакета: 
Код приложения, связанного со сбойным пакетом:

Error: (05/05/2024 02:32:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Имя сбойного приложения: svchost.exe_wuauserv, версия: 10.0.19041.4355, метка времени: 0x9ce47784
Имя сбойного модуля: ntdll.dll, версия: 10.0.19041.4355, метка времени: 0x35a939aa
Код исключения: 0xc0000005
Смещение ошибки: 0x000000000002f23f
Идентификатор сбойного процесса: 0xd10
Время запуска сбойного приложения: 0x01da9e5810c655fb
Путь сбойного приложения: C:\WINDOWS\system32\svchost.exe
Путь сбойного модуля: C:\WINDOWS\SYSTEM32\ntdll.dll
Идентификатор отчета: b684d065-dfb7-4b16-9ba6-7c4bdc4d19ed
Полное имя сбойного пакета: 
Код приложения, связанного со сбойным пакетом:

Error: (05/05/2024 02:21:23 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки:
hr=0x8007251D
Аргументы командной строки:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/05/2024 02:21:17 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки:
hr=0x8007251D
Аргументы командной строки:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/05/2024 02:21:03 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки:
hr=0x8007251D
Аргументы командной строки:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (05/05/2024 02:20:42 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки:
hr=0x8007251D
Аргументы командной строки:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/05/2024 02:18:58 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки:
hr=0x8007251D
Аргументы командной строки:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/05/2024 02:18:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Сбой активации лицензий (slui.exe) со следующим кодом ошибки:
hr=0x8007251D
Аргументы командной строки:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable


Системные ошибки:
=============
Error: (05/05/2024 02:40:26 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-BI7M872)
Description: Регистрация сервера {9AA46009-3CE0-458A-A354-715610A075E6} DCOM не выполнена за отведенное время ожидания.

Error: (05/05/2024 02:32:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Служба Центр обновления Windows была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 60000 мсек: Перезапуск службы.

Error: (05/05/2024 02:23:18 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-BI7M872)
Description: Произошла ошибка DCOM "577" при попытке запуска службы SecurityHealthService с аргументами "Недоступно" для запуска сервера:
{D6B0D1EB-456E-48FF-A3E3-F393C74B85DB}

Error: (05/05/2024 02:23:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы "Служба "Безопасность Windows"" из-за ошибки 
Системе Windows не удается проверить цифровую подпись этого файла. При последнем изменении оборудования или программного обеспечения могла быть произведена установка неправильно подписанного или поврежденного файла либо вредоносной программы неизвестного происхождения.

Error: (05/05/2024 02:23:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы "Служба антивирусной программы Microsoft Defender" из-за ошибки 
Системе Windows не удается проверить цифровую подпись этого файла. При последнем изменении оборудования или программного обеспечения могла быть произведена установка неправильно подписанного или поврежденного файла либо вредоносной программы неизвестного происхождения.

Error: (05/05/2024 02:22:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы "Служба Google Update (gupdate)" из-за ошибки 
Служба не ответила на запрос своевременно.

Error: (05/05/2024 02:22:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Превышение времени ожидания (30000 мс) при ожидании подключения службы "Служба Google Update (gupdate)".

Error: (05/05/2024 02:20:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Сбой при запуске службы "WinRing0_1_2_0" из-за ошибки 
Системе не удается найти указанный путь.


==================== Информация о памяти =========================== 

BIOS: American Megatrends International, LLC. FL 11/15/2022
Материнская плата: Gigabyte Technology Co., Ltd. H610M H DDR4
Процессор: 12th Gen Intel(R) Core(TM) i3-12100F
Процент используемой памяти: 50%
Общий объём физической RAM: 16222.9 MB
Доступно физической RAM: 8108.14 MB
Всего Виртуальной: 47966.9 MB
Доступно Виртуальной: 38460.55 MB

==================== Диски ================================

Drive c: () (Fixed) (Total:465.12 GB) (Free:88.88 GB) (Model: KINGSTON SFYRS500G) NTFS
Drive d: (Новый том) (Fixed) (Total:931.5 GB) (Free:356.84 GB) (Model: WDC WD10SPZX-22Z10T1) NTFS

\\?\Volume{b2d4b3ae-39c9-45c3-83cb-c3d0ab39a74f}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{c0b08b5d-61f6-4b87-9a33-a72fa327ac62}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Таблица Разделов ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Конец от Addition.txt =======================

 

 

 

Ссылка на сообщение
Поделиться на другие сайты

Прогонял комп в безопасном режиме dr web, malware, использовал avz, Сейчас malware постоянно удаляет  C:\ProgramData\Google\Chrome\updater.exe, собрал данные используя farbar, был бы очень благодарен если бы кто то помог составить fixlist 😊 и дал какие то советы как точно убедиться в отсутствии вирусов на пк

Ссылка на сообщение
Поделиться на другие сайты

Здравствуйте.

Порядок оформления запроса о помощи.

Новую тему создавать не нужно, логи прикрепите к следующему сообщению.

Ссылка на сообщение
Поделиться на другие сайты

Выполните скрипт в AVZ из папки Autologger (запускать AVZ от имени Администратора по правой кнопке мыши)

begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
 then
  begin
   SearchRootkit(true, true);
   SetAVZGuardStatus(True);
  end;
 QuarantineFile('C:\ProgramData\Google\Chrome\updater.exe','');
 DeleteService('GoogleUpdateTaskMachineQC');
 DeleteFile('C:\ProgramData\Google\Chrome\updater.exe','64');
 DeleteFile('C:\ProgramData\Microsoft\Network\V6V0sP\GlobalDataO.bat','64');
 DeleteSchedulerTask('Microsoft\Windows\GlobalDataO\RecoveryHosts');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
  • Обратите внимание: будет выполнена перезагрузка компьютера.

Выполните скрипт в AVZ

begin
DeleteFile(GetAVZDirectory+'quarantine.7z');
ExecuteFile(GetAVZDirectory+'7za.exe', 'a -mx9 -pmalware quarantine ./Quarantine/', 1, 0, true);
end.

Отправьте quarantine.7z из папки с распакованной утилитой AVZ с помощью формы отправки карантина или на этот почтовый ящик: quarantine <at> safezone.cc (замените <at> на @) с указанием ссылки на тему в теме (заголовке) сообщения и с указанием пароля: malware в теле письма.

 

Пожалуйста, ЕЩЕ РАЗ запустите Autologger; прикрепите к следующему сообщению НОВЫЕ логи.
 

Ссылка на сообщение
Поделиться на другие сайты

CollectionLog-2024.05.05-16.21.zip

upadter exe создаётся всё равно

 

 

upadter exe создаётся всё равно

+ пк себя странно ведёт, просто микрофриз на 1 секунду каждые несколько минут..

Ссылка на сообщение
Поделиться на другие сайты

Скачайте Farbar Recovery Scan Tool (или с зеркала) и сохраните на Рабочем столе.

  • Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.


1. Запустите программу двойным щелчком. Когда программа запустится, нажмите Yes для соглашения с предупреждением.
2. Убедитесь, что в окне Optional Scan (Дополнительные опции) отмечены List BCD и 90 Days Files.
3. Нажмите кнопку Scan (Сканировать).
4. После окончания сканирования будет создан отчет (FRST.txt) в той же папке, откуда была запущена программа.
5. Если программа была запущена в первый раз, также будет создан отчет (Addition.txt).
6. Файлы FRST.txt и Addition.txt заархивируйте (в один общий архив) и прикрепите к сообщению.
 

Ссылка на сообщение
Поделиться на другие сайты

Пожалуйста, войдите, чтобы комментировать

Вы сможете оставить комментарий после входа в



Войти
  • Похожий контент

    • MaximLem
      От MaximLem
      Здравствуйте, хотел бы обратиться за помощью в связи с ситуацией с вирусами на компьютере. Честно говоря, не знаю точно после чего эти вирусы появились., находятся они в разделе "Разрешённые угрозы". Логи и скриншот прикрепил
    • DobryPapa
      От DobryPapa
      Добрый день.
      Угораздило вляпаться в нечто дурнопахнущее с труднопроизносимым именем MEM:Trojan.win32.SEPEH.gen. Из контрацептивов уже очень давно и успешно используются продукты лаборатории Касперского, в текущий момент KasperskyPremium. И хотя, как я узнал в Паутине, троян этот далеко не первой свежести от 2018г, но вот контрацептив против него не сработал. После своего обнаружения и лечения с перезагрузкой, троян проявлял себя с регулярностью геморроя у профессионального грузчика, а именно после каждой перезагрузки. KVR тоже себя не проявил, тоже брался вылечить с перезагрузкой и так и не справлялся с данным обещанием. 
      Помогите пожалуйста вылечиться.
      CollectionLog-2024.07.28-16.44.zip KVR report.zip
    • Vladislavvv
      От Vladislavvv
      После использования KMSAuto появился какой-то самовосстанавливающийся после удаления антивирусом троян dcxegsjhaybk\snxixaqsteid.exe
      Смотрел другие темы, нашёл примерное решение, но не понимаю что делать дальше.
      Запустил Farbar Recovery Scan Tool, просканировал комп, файлы FRST.txt и Addition.txt прилагаются.
      Помогите пожалуйста составить fixlist.txt
      Addition.txt FRST.txt
    • Егор Гвоздяный
      От Егор Гвоздяный
      Здравствуйте! Помогите пожалуйста, большие проблемы с вирусами. Прикрепляю файлы FRST.txt и Addition.txt 
      Архив.rar
      Сообщение от модератора thyrex Перенесено из темы  
    • Стас Панасенков
      От Стас Панасенков
      Здравствуйте. Проверил комп cureit-ом, ничего не находит. Расширение t-cashback само устанавливается.
      Прикрепляю так же отчеты от Farbar recovery scan tool
      Addition.txt FRST.txt
×
×
  • Создать...