Результат сканирования Farbar Recovery Scan Tool (FRST) (x64) Версия: 18-03-2025 Запущено с помощью Zhanna (Администратор) на MATEYS (ASUS System Product Name) (23-03-2025 10:59:49) Запущено из C:\Users\Zhanna\Desktop\FRST64.exe Загруженные профили: Zhanna Платформа: Майкрософт Windows 11 Pro Версия 23H2 22631.3296 (X64) Язык: Русский (Россия) Браузер по умолчанию: Chrome Режим загрузки: Normal ==================== Процессы (В белом списке) ================= (Если запись включена в fixlist, процесс будет закрыт. Файл не будет перемещён.) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\grpm-mini.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\monitoring-mini.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-agent.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\updater.exe (C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe (D:\Programs\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> ) D:\Programs\Plex Media Server\Plex Tuner Service.exe (D:\Programs\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> ) D:\Programs\Plex Media Server\PlexScriptHost.exe <2> (D:\Programs\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) D:\Programs\RivaTuner Statistics Server\EncoderServer.exe (D:\Programs\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) D:\Programs\RivaTuner Statistics Server\RTSSHooksLoader64.exe (D:\Programs\TorrServeW\TorrServeW_x64.exe ->) () [Файл не подписан] D:\Programs\TorrServeW\server\TorrServer-windows-amd64.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13> (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe (explorer.exe ->) (Plex, Inc. -> Plex, Inc.) D:\Programs\Plex Media Server\Plex Media Server.exe (explorer.exe ->) (tsrvwc.ru -> ) [Файл не подписан] D:\Programs\TorrServeW\TorrServeW_x64.exe (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\aakore.exe (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe (services.exe ->) (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (services.exe ->) (HUAWEI Technologies Co., Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_fb9e356192ae1106\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_a2eeb2756802bbd3\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Urban Cyber Security Inc. -> ) C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe (sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5390.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (svchost.exe ->) (Alexey Nicolaychuk -> ) D:\Programs\RivaTuner Statistics Server\RTSS.exe (svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5390.0_x64__8j3eq9eme6ctt\IGCC.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.3294_none_e96368b442c95c86\TiWorker.exe (svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (svchost.exe ->) (Micro-Star International CO., LTD. -> ) C:\Program Files\GamingIntelligence\mysticlight\MysticLightController.exe (svchost.exe ->) (Micro-Star International CO., LTD. -> MICRO-STAR INT'L,.LTD.) C:\Program Files\GamingIntelligence\GamingIntelligence.exe (svchost.exe ->) (Micro-Star International CO., LTD. -> MSI) C:\Program Files\GamingIntelligence\MonitorMicroKeyDetector.exe (svchost.exe ->) (Micro-Star International CO., LTD. -> MSI) C:\Program Files\GamingIntelligence\WeatherDetector.exe ==================== Реестр Windows (В белом списке) =================== (Если запись включена в fixlist, элемент реестра будет сброшен на значение по умолчанию или удалён. Файл не будет перемещён.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe [1249848 2021-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [644000 2022-01-05] (Acronis International GmbH -> Acronis International GmbH) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4143376 2025-03-11] (Riot Games, Inc. -> Riot Games, Inc.) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6223200 2022-01-05] (Acronis International GmbH -> ) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [446392 2022-01-05] (Acronis International GmbH -> Acronis International GmbH) HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [12420920 2025-02-25] (Famatech Corp. -> Famatech Corp.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-12-04] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:windowsdefender HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ограничение <==== ВНИМАНИЕ HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ограничение <==== ВНИМАНИЕ HKLM\SOFTWARE\Policies\Microsoft\MRT: Ограничение <==== ВНИМАНИЕ HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Ограничение <==== ВНИМАНИЕ HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-21-2382854425-647347343-2161374781-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [22511496 2025-03-04] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-2382854425-647347343-2161374781-1001\...\Run: [Plex Media Server] => D:\Programs\Plex Media Server\Plex Media Server.exe [30591240 2024-12-16] (Plex, Inc. -> Plex, Inc.) HKU\S-1-5-21-2382854425-647347343-2161374781-1001\...\Run: [MicrosoftEdgeAutoLaunch_950148255ACC57E4BF64DA28E2CC242F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4291144 2025-03-21] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\134.0.6998.118\Installer\chrmstp.exe [2025-03-21] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\Users\Zhanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorrServeW.lnk [2025-03-23] ShortcutTarget: TorrServeW.lnk -> D:\Programs\TorrServeW\TorrServeW_x64.exe (tsrvwc.ru -> ) [Файл не подписан] GroupPolicy: Ограничение ? <==== ВНИМАНИЕ Policies: C:\ProgramData\NTUSER.pol: Ограничение <==== ВНИМАНИЕ ==================== Запланированные задачи (В белом списке) ================= (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) Task: {E8270652-02B1-4558-9A7F-2E9DC8198D86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.) Task: {403C7681-207A-4D77-8E7C-5BD47EEAF444} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (Нет файла) Task: {A3002628-F359-43DB-8697-DDCBC6AC596B} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (Нет файла) Task: {0CCC42C7-3DCC-4032-8135-873F4080D31A} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d8203d123f9df3 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c (Нет файла) Task: {43E6419E-6C21-497F-90FF-14899BFE560D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler (Нет файла) Task: {8A3FF093-88D5-4C24-A81F-F0808B1BB213} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe (Нет файла) Task: {84000E17-6F20-464B-BCDD-B11909DFDBC5} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Нет файла) Task: {386F4D53-D21B-4C52-AE48-232BA01ED802} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.0{2AAEF1B3-4889-402A-B740-905F324572E4} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe [5745760 2025-02-19] (Google LLC -> Google LLC) Task: {55E1176D-2840-464D-AF48-8A81CDAB95C4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {8D47A367-BA0E-4B09-8593-6F727C8BD129} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {B82BCD7F-B419-4F67-8DDF-87EE8A72F656} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Нет файла) Task: {27CD4864-74F5-461F-B546-4FDC0F834FD9} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => %windir%\System32\RemoteFXvGPUDisablement.exe Disable (Нет файла) Task: {B65267D2-D31F-4E1E-8E4E-CE650F16BA25} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => %windir%\System32\RemoteFXvGPUDisablement.exe Warning (Нет файла) Task: {7751B652-E3CF-4297-80DC-C38C4F983946} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (Нет файла) Task: {6849B898-2479-4AD0-AFBF-A06934E6FE4E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (Нет файла) Task: {687A2477-D4C7-45E4-AC78-563E2629B4C5} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Нет файла) Task: {A5CC0E64-D973-4D96-A7C1-806B9E32A477} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Нет файла) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Нет файла) Task: {E47F8CEA-D979-44F1-B27B-4A259B27F39C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {633E7E5A-D3C1-4017-A164-8F29696B16CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {24E8CFF3-C6FA-4871-9F71-A0A8E3CBCD1C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4A23FCC-11AA-4B84-8A58-864F189AD87F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A3BC13EE-EDF3-4AC7-9BDB-E4E380B33AD8} - System32\Tasks\MonitorMicroKey => C:\Program Files\GamingIntelligence\MonitorMicroKeyDetector.exe [84112 2022-11-23] (Micro-Star International CO., LTD. -> MSI) Task: {78424D6F-B3BA-46EE-AAD4-50845D186351} - System32\Tasks\MonitorMysticLight => C:\Program Files\GamingIntelligence\MysticLight\MysticLightController.exe [30872 2022-08-19] (Micro-Star International CO., LTD. -> ) Task: {9B7B258D-91CD-44D7-95E2-5304EA50778D} - System32\Tasks\MonitorWeatherDetector => C:\Program Files\GamingIntelligence\WeatherDetector.exe [43664 2022-11-23] (Micro-Star International CO., LTD. -> MSI) Task: {D6DBC50E-1218-4A33-ACE8-03C833484539} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) Task: {49279C3F-479B-4342-BDBA-3CDC37DEE1CE} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3287072 2025-03-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C9B0668B-AA9E-4639-8B87-69323EFF04EA} - System32\Tasks\OSDAppAutoStartUp => C:\Program Files\GamingIntelligence\GamingIntelligence.exe [14819472 2022-11-23] (Micro-Star International CO., LTD. -> MICRO-STAR INT'L,.LTD.) Task: {85252A83-9055-4755-9F3E-E5A5D367C83F} - System32\Tasks\RTSS => D:\Programs\RivaTuner Statistics Server\RTSS.exe [434896 2021-12-03] (Alexey Nicolaychuk -> ) (Если запись включена в fixlist, файл задачи (.job) будет перемещён. Файл, выполняемый задачей, не будет перемещён.) ==================== Internet (В белом списке) ==================== (Если элемент включён в fixlist, если он является элементом реестра, он будет удалён или сброшен на значение по умолчанию.) Hosts: В Hosts файле более одной записи. Смотрите раздел Hosts Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.31.1 Tcpip\..\Interfaces\{2b90dd3a-2127-4a6a-93cc-b8f8c13bd7f1}: [DhcpNameServer] 192.168.31.1 Tcpip\..\Interfaces\{9baaa67c-b910-43e2-8d37-9da9e0190b97}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{9baaa67c-b910-43e2-8d37-9da9e0190b97}\4556C69616741647567716971443D22413D25493D27354D24323D26373: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9baaa67c-b910-43e2-8d37-9da9e0190b97}\4556C69616741647567716971443D22413D25493D27354D24323D26373: [DhcpDomain] lan Tcpip\..\Interfaces\{9baaa67c-b910-43e2-8d37-9da9e0190b97}\D41645569735: [DhcpNameServer] 172.20.10.1 Edge: ======= Edge Profile: C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-22] Edge StartupUrls: Default -> "hxxps://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419" Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats} Edge Extension: (7TV) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-11-04]hxxps://clients2.google.com/service/update2/crx Edge Extension: (DuckDuckGo) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2025-03-21]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx Edge Extension: (Визуальные закладки) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejbjamhkdedinncaeiackcdehpccoejm [2023-11-04]hxxps://clients2.google.com/service/update2/crx Edge Extension: (FrankerFaceZ) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2025-03-21]hxxps://clients2.google.com/service/update2/crx Edge Extension: (Google Документы офлайн) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-01-22]hxxps://clients2.google.com/service/update2/crx Edge Extension: (Adblock Plus - бесплатный блокировщик рекламы) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlndgjomjalkoiiccaachajfidjjophm [2025-01-06] [UpdateUrl:0] <==== ВНИМАНИЕ Edge Extension: (Edge relevant text changes) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-21]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx Edge Extension: (RUMIWIFI) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mbiehbednoakmhlmjcpgpciocekdjabp [2023-11-04]hxxps://clients2.google.com/service/update2/crx Edge Extension: (AdBlock – блокировка рекламы в Интернете.) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2025-03-21]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx Edge Extension: (Разблокировать сайт Одноклассники ру) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ofckjckbcjodaifegcmdegalggbekfhd [2024-03-23]hxxps://clients2.google.com/service/update2/crx Edge Extension: (Бесплатный VPN для Edge — VPN прокси VeePN) - C:\Users\Zhanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\panammoooggmlehahpcjckcncfeffcoi [2025-03-21]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx Edge HKU\S-1-5-21-2382854425-647347343-2161374781-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - D:\Programs\TeraBox\terabox_ext_chrome.crx [2024-11-17] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\dtplugin\npDeployJava1.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\plugin2\npjp2.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Profile 3 CHR Profile: C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default [2025-03-19] CHR Notifications: Default -> hxxps://rutor.org; hxxps://www.youtube.com CHR HomePage: Default -> hxxps://www.youtube.com/ CHR StartupUrls: Default -> "hxxps://www.youtube.com/" CHR NewTab: Default -> Active:"chrome-extension://ejbjamhkdedinncaeiackcdehpccoejm/pages/newtab.html" CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms} CHR DefaultSearchKeyword: Default -> duckduckgo.com CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list CHR Extension: (Torrent Scanner) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-11]hxxps://clients2.google.com/service/update2/crx CHR Extension: (7TV) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-06-01]hxxps://clients2.google.com/service/update2/crx CHR Extension: (DuckDuckGo) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2025-03-14]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-19]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Визуальные закладки) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbjamhkdedinncaeiackcdehpccoejm [2022-11-16]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Adblock Plus - бесплатный блокировщик рекламы) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\elaeomlgdbpejoiaafjehonkbknkkenl [2025-01-06] [UpdateUrl:0] <==== ВНИМАНИЕ CHR Extension: (FrankerFaceZ) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2025-03-19]hxxps://clients2.google.com/service/update2/crx CHR Extension: (AdBlock – блокировка рекламы в Интернете.) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-03-19]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Бесплатный VPN для Chrome - VPN прокси VeePN) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2025-03-19]hxxps://clients2.google.com/service/update2/crx CHR Extension: (RUMIWIFI) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbiehbednoakmhlmjcpgpciocekdjabp [2022-06-14]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-12]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Разблокировать сайт Одноклассники ру) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofckjckbcjodaifegcmdegalggbekfhd [2024-03-25]hxxps://clients2.google.com/service/update2/crx CHR Profile: C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-10] CHR Profile: C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-12-24] CHR NewTab: Profile 2 -> Active:"chrome-extension://ejbjamhkdedinncaeiackcdehpccoejm/pages/newtab.html" CHR Extension: (Torrent Scanner) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-26]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2023-11-10]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Визуальные закладки) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ejbjamhkdedinncaeiackcdehpccoejm [2022-11-24]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Google Документы офлайн) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-24]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-26]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Adblock Plus - бесплатный блокировщик рекламы) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\omenfddgibiekhhfpifpdiihogbcpcpf [2025-01-06] [UpdateUrl:0] <==== ВНИМАНИЕ CHR Profile: C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3 [2025-03-23] CHR Notifications: Profile 3 -> hxxps://chatsupport.apple.com; hxxps://h5-global.alimebot.aliexpress.com; hxxps://lan03.bid; hxxps://psprices.com; hxxps://tv.kyivstar.ua; hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.staff-clothes.com; hxxps://www.tui.se; hxxps://www.youtube.com CHR HomePage: Profile 3 -> hxxp://www.google.com/ CHR StartupUrls: Profile 3 -> "hxxp://www.google.com/","hxxp://avg.nation.com/avgtbavg/search/home?cid={D72E18C1-F5B6-4723-8ED2-CB0FCAA44D37}&mid=5285613928d147d3a8426d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&pr=fr&d=2013-09-28 10:33:29&v=17.0.1.7&pid=nation&sg=&sap=hp","hxxp://avg.nation.com/avgtbavg/search/home?cid={D72E18C1-F5B6-4723-8ED2-CB0FCAA44D37}&mid=5285613928d147d3a8426d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&pr=fr&d=2013-09-28 10:33:29&v=17.0.1.7&pid=nation&sg=&sap=hp&cmpid=0913b","hxxp://www.google.com/|hxxp://avg.nation.com/avgtbavg/search/home?cid={D72E18C1-F5B6-4723-8ED2-CB0FCAA44D37}&mid=5285613928d147d3a8426d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&pr=fr&d=2013-09-28 10:33:29&v=17.0.1.9&pid=nation&sg=0&sap=hp|hxxp://avg.nation.com/avgtbavg/search/home?cid={D72E18C1-F5B6-4723-8ED2-CB0FCAA44D37}&mid=5285613928d147d3a8426d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&pr=fr&d=2013-09-28 10:33:29&v=17.0.1.7&pid=nation&sg=&sap=hp&cmpid=0913b","hxxp://mysearch.avg.com?cid={6ED75B83-4ED3-47DB-8F16-FA0C09D94167}&mid=d1b3d61e4cb847d3882f6d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-23 10:01:30&v=17.2.0.38&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={7C0A9D0C-C743-4DFB-A865-37E1F34FD9C3}&mid=912a4991a04647d28bec6d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-27 18:47:24&v=17.2.0.38&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={7C0A9D0C-C743-4DFB-A865-37E1F34FD9C3}&mid=912a4991a04647d28bec6d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 23:23:36&v=17.3.1.204&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={FD26F521-443E-4F04-9FD9-27BB08791870}&mid=912a4991a04647d28bec6d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 17:44:43&v=18.0.5.292&pid=safeguard&sg=&sap=hp","hxxp://www.google.com/|hxxp://avg.nation.com/avgtbavg/search/home?cid={FD26F521-443E-4F04-9FD9-27BB08791870}&mid=912a4991a04647d28bec6d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&pr=fr&d=2013-09-28 10:33:29&v=18.0.5.292&pid=nation&sg=&sap=hp|hxxp://avg.nation.com/avgtbavg/search/home?cid={D72E18C1-F5B6-4723-8ED2-CB0FCAA44D37}&mid=5285613928d147d3a8426d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&pr=fr&d=2013-09-28 10:33:29&v=17.0.1.7&pid=nation&sg=&sap=hp&cmpid=0913b|hxxp://www.google.com/|hxxp://avg.nation.com/avgtbavg/search/home?cid={D72E18C1-F5B6-4723-8ED2-CB0FCAA44D37}&mid=5285613928d147d3a8426d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&pr=fr&d=2013-09-28 10:33:29&v=17.0.1.9&pid=nation&sg=0&sap=hp|hxxp://avg.nation.com/avgtbavg/search/home?cid={D72E18C1-F5B6-4723-8ED2-CB0FCAA44D37}&mid=5285613928d147d3a8426d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&pr=fr&d=2013-09-28 10:33:29&v=17.0.1.7&pid=nation&sg=&sap=hp&cmpid=0913b|hxxp://mysearch.avg.com?cid={6ED75B83-4ED3-47DB-8F16-FA0C09D94167}&mid=d1b3d61e4cb847d3882f6d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-23 10:01:30&v=17.2.0.38&pid=safeguard&sg=&sap=hp|hxxp://mysearch.avg.com?cid={7C0A9D0C-C743-4DFB-A865-37E1F34FD9C3}&mid=912a4991a04647d28bec6d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-27 18:47:24&v=17.2.0.38&pid=safeguard&sg=&sap=hp|hxxp://mysearch.avg.com?cid={7C0A9D0C-C743-4DFB-A865-37E1F34FD9C3}&mid=912a4991a04647d28bec6d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 23:23:36&v=17.3.1.204&pid=safeguard&sg=&sap=hp|hxxp://mysearch.avg.com?cid={FD26F521-443E-4F04-9FD9-27BB08791870}&mid=912a4991a04647d28bec6d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 17:44:43&v=18.0.5.292&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={FD26F521-443E-4F04-9FD9-27BB08791870}&mid=912a4991a04647d28bec6d16b2ade615-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=ru&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 17:44:43&v=18.1.0.443&pid=safeguard&sg=&sap=hp" CHR NewTab: Profile 3 -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/override.html", Not-active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html", Not-active:"chrome-extension://ejbjamhkdedinncaeiackcdehpccoejm/pages/newtab.html" CHR Extension: (Adblock Plus - бесплатный блокировщик рекламы) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-03-19]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Визуальные закладки) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ejbjamhkdedinncaeiackcdehpccoejm [2022-11-16]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Urban VPN Proxy) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2025-03-21]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Translate Mi) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fcdofhdgjfhmlfiblcojepdniopclapk [2025-01-12]hxxps://clients2.google.com/service/update2/crx CHR Extension: (AdBlock – блокировка рекламы в Интернете.) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-03-19]hxxps://clients2.google.com/service/update2/crx CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2024-12-24]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Speed Dial 2 Новая вкладка) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2025-03-07]hxxp://clients2.google.com/service/update2/crx CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2024-12-24]hxxps://clients2.google.com/service/update2/crx CHR Extension: (MetaMask) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2025-03-13]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-27]hxxps://clients2.google.com/service/update2/crx CHR Profile: C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 9 [2025-03-10] CHR NewTab: Profile 9 -> Active:"chrome-extension://ggonkegnkiclajiocblalpkfajkbkelp/override.html" CHR Extension: (Adblock Plus - бесплатный блокировщик рекламы) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\fdpfphnmhfpkanllionnpnlpfamlinac [2025-01-06] [UpdateUrl:0] <==== ВНИМАНИЕ CHR Extension: (Speed Dial Новая вкладка) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ggonkegnkiclajiocblalpkfajkbkelp [2025-01-03]hxxp://clients2.google.com/service/update2/crx CHR Extension: (AdBlock – блокировка рекламы в Интернете.) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-03-09]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-01-03]hxxps://clients2.google.com/service/update2/crx CHR Profile: C:\Users\Zhanna\AppData\Local\Google\Chrome\User Data\System Profile [2025-03-23] CHR HKU\S-1-5-21-2382854425-647347343-2161374781-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - D:\Programs\TeraBox\terabox_ext_chrome.crx [2024-11-17] CHR HKU\S-1-5-21-2382854425-647347343-2161374781-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Службы (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) R2 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9022120 2022-01-05] (Acronis International GmbH -> Acronis International GmbH) R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12978544 2022-01-05] (Acronis International GmbH -> ) S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1425256 2022-01-05] (Acronis International GmbH -> Acronis International GmbH) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1052280 2022-01-05] (Acronis International GmbH -> Acronis International GmbH) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.) R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2023-07-14] (Acronis International GmbH -> ) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2021-10-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [179488 2021-09-16] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1223896 2025-03-23] (ASUSTeK Computer Inc. -> ) S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2569352 2024-08-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2022-11-22] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [965872 2024-12-04] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicGamesUpdater; D:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3064848 2025-03-19] (Epic Games Inc. -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [381416 2024-08-16] (Epic Games Inc. -> Epic Games, Inc.) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [16084360 2025-03-04] (Logitech Inc -> Logitech, Inc.) R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe [11177064 2024-10-28] (Logitech Inc -> Logitech, Inc.) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4882992 2022-01-05] (Acronis International GmbH -> Acronis International GmbH) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [227680 2011-08-12] (HUAWEI Technologies Co., Ltd. -> ) S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2022-01-05] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2130296 2023-07-14] (Acronis International GmbH -> ) [Файл не подписан] S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [12153200 2023-01-07] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_a2eeb2756802bbd3\Display.NvContainer\NVDisplay.Container.exe [1275560 2025-03-04] (NVIDIA Corporation -> NVIDIA Corporation) S2 PlexUpdateService; D:\Programs\Plex Media Server\Plex Update Service.exe [920864 2024-12-16] (Plex, Inc. -> Plex, Inc.) R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1475384 2025-02-25] (Famatech Corp. -> Famatech Corp.) S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-03-22] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7402528 2022-01-05] (Acronis International GmbH -> ) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [21047096 2023-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 TeraBoxUtility; D:\Programs\TeraBox\YunUtilityService.exe [115176 2024-10-25] (FLEXTECH INC. -> Flextech Inc.) S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2022-01-05] (Acronis International GmbH -> Acronis International GmbH) R2 UrbanVPNServiceInteractive; C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe [450768 2023-07-11] (Urban Cyber Security Inc. -> ) S3 UrbanVPNUpdater; C:\Program Files\UrbanVPN\UrbanVPNUpdater.exe [1058656 2023-07-11] (Urban Cyber Security Inc. -> Urban Security) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [38725264 2025-03-11] (Riot Games, Inc. -> Riot Games, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 AAErrorPort; C:\Users\Zhanna\AppData\Local\Temp\ActiveAnticheat\1223440\aaerrport.exe [X] <==== ВНИМАНИЕ S2 asus; "C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe" /svc [X] S3 asusm; "C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe" /medsvc [X] ===================== Драйверы (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2021-10-21] (ASUSTeK Computer Inc. -> ) R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43192 2021-09-16] (ASUSTeK Computer Inc. -> ) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2022-01-05] (Bitdefender SRL -> Bitdefender) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-11-26] (Microsoft Corporation) [Файл не подписан] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-11-26] (Microsoft Corporation) [Файл не подписан] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Файл не подписан] S3 ElgatoGC656Y; C:\WINDOWS\System32\Drivers\ElgatoGC656.sys [52848 2016-08-03] (Elgato Systems LLC -> UB658) S3 ElgatoVAD; C:\WINDOWS\system32\DRIVERS\ElgatoVAD.sys [39208 2020-11-08] (Elgato Systems LLC -> Elgato Systems GmbH) S1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-11] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [726160 2023-07-14] (Acronis International GmbH -> Acronis International GmbH) R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2023-07-14] (Acronis International GmbH -> Acronis International GmbH) R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2023-07-14] (Acronis International GmbH -> Acronis International GmbH) R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_e11257f05c0c2f89\iaLPSS2_GPIO2_ADL.sys [139928 2021-07-29] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_778b19a5f4d49cba\iaLPSS2_I2C_ADL.sys [202896 2021-07-29] (Intel Corporation -> Intel Corporation) R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1587376 2021-10-19] (Intel Corporation -> Intel Corporation) R1 ISODrive; D:\Programs\UltraISO\drivers\ISODrv64.sys [135600 2021-08-08] (Shenzhen Yibo Digital Systems Development Co., Ltd. -> EZB Systems, Inc.) R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-03-06] (Microsoft Windows -> Microsoft Corporation) S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9986168 2022-09-15] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE) S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2020-08-17] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-09-18] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2024-09-18] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-09-18] (Logitech Inc -> Logitech) R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray.sys [89192 2024-10-28] (Logitech Inc -> Logitech, Inc.) R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R1 networx; C:\WINDOWS\System32\drivers\networx.sys [103496 2022-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S0 ngelam; C:\WINDOWS\System32\drivers\ngelam.sys [16344 2022-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Acronis International GmbH) R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [179104 2022-01-05] (Acronis International GmbH -> Acronis International GmbH) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [58288 2022-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Famatech Corp.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2022-05-03] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2023-04-11] (Windscribe Limited -> The OpenVPN Project) S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2023-07-14] (Acronis International GmbH -> Acronis International GmbH) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175648 2023-07-14] (Acronis International GmbH -> Acronis International GmbH) S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2023-07-14] (Acronis International GmbH -> Acronis International GmbH) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [34228720 2025-03-11] (Riot Games, Inc. -> Riot Games, Inc.) R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2023-07-14] (Acronis International GmbH -> Acronis International GmbH) R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2023-07-14] (Acronis International GmbH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601520 2025-03-06] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-06] (Microsoft Windows -> Microsoft Corporation) S3 WinDivert1.1; C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys [35376 2013-12-03] (Nemea Mjukvaruutveckling AB -> Basil Projects) S3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2023-04-11] (Windscribe Limited -> WireGuard LLC) S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 ace-game-0; \SystemRoot\System32\drivers\ace-game-0.sys [X] S3 ACE-SSC-DRV64; \??\C:\Program Files\AntiCheatExpert\SGuard\x64\plugins\ACE-SSC-DRV64.sys [X] S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X] S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) ==================== Один месяц (создан) (В белом списке) ========= (Если запись включена в лист исправлений, файл/папка будут перемещены.) 2025-03-23 10:59 - 2025-03-23 11:00 - 000051888 _____ C:\Users\Zhanna\Desktop\FRST.txt 2025-03-23 10:59 - 2025-03-23 11:00 - 000000000 ____D C:\FRST 2025-03-23 10:55 - 2025-03-23 10:55 - 002404352 _____ (Farbar) C:\Users\Zhanna\Desktop\FRST64.exe 2025-03-23 08:57 - 2025-03-23 08:57 - 000000000 ____D C:\Users\Zhanna\AppData\LocalLow\ButtonSoft 2025-03-23 08:55 - 2025-03-23 08:55 - 000000657 _____ C:\Users\Zhanna\Desktop\Fantasy Survivors.lnk 2025-03-23 08:44 - 2025-03-23 08:44 - 000782106 _____ C:\WINDOWS\system32\perfh019.dat 2025-03-23 08:44 - 2025-03-23 08:44 - 000157626 _____ C:\WINDOWS\system32\perfc019.dat 2025-03-18 19:07 - 2025-03-18 19:07 - 000000000 ____D C:\Users\Zhanna\AppData\Local\Zcrew 2025-03-18 17:20 - 2025-03-18 17:20 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\Sun 2025-03-18 17:20 - 2025-03-18 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2025-03-18 17:20 - 2025-03-18 17:20 - 000000000 ____D C:\Program Files\Java 2025-03-18 17:20 - 2024-12-04 08:34 - 000213120 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2025-03-17 20:33 - 2025-03-04 12:10 - 002072464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2025-03-17 20:33 - 2025-03-04 12:10 - 002072464 _____ C:\WINDOWS\system32\vulkaninfo.exe 2025-03-17 20:33 - 2025-03-04 12:10 - 001614224 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2025-03-17 20:33 - 2025-03-04 12:10 - 001614224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2025-03-17 20:33 - 2025-03-04 12:10 - 001576848 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2025-03-17 20:33 - 2025-03-04 12:10 - 001576848 _____ C:\WINDOWS\system32\vulkan-1.dll 2025-03-17 20:33 - 2025-03-04 12:10 - 001389968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2025-03-17 20:33 - 2025-03-04 12:10 - 001389968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2025-03-17 20:33 - 2025-03-04 12:10 - 000477840 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2025-03-17 20:33 - 2025-03-04 12:10 - 000374952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2025-03-17 20:33 - 2025-03-04 12:06 - 001183912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2025-03-17 20:33 - 2025-03-04 12:06 - 000669848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2025-03-17 20:33 - 2025-03-04 12:06 - 000506024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2025-03-17 20:33 - 2025-03-04 12:05 - 025643688 _____ C:\WINDOWS\system32\nvidia-pcc.exe 2025-03-17 20:33 - 2025-03-04 12:05 - 001563800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2025-03-17 20:33 - 2025-03-04 12:05 - 001216168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2025-03-17 20:33 - 2025-03-04 12:05 - 000904336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2025-03-17 20:33 - 2025-03-04 12:04 - 019904152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2025-03-17 20:33 - 2025-03-04 12:04 - 002195112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2025-03-17 20:33 - 2025-03-04 12:04 - 001642152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2025-03-17 20:33 - 2025-03-04 12:04 - 001045648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2025-03-17 20:33 - 2025-03-04 12:04 - 000804520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2025-03-17 20:33 - 2025-03-04 12:04 - 000462992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2025-03-17 20:33 - 2025-03-04 12:03 - 019329704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2025-03-17 20:33 - 2025-03-04 12:03 - 007225000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2025-03-17 20:33 - 2025-03-04 12:03 - 005913240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2025-03-17 20:33 - 2025-03-04 12:03 - 005500056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2025-03-17 20:33 - 2025-03-04 12:03 - 003944616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2025-03-17 20:33 - 2025-03-04 12:03 - 000853144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2025-03-17 20:33 - 2025-03-04 12:02 - 005554312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2025-03-17 20:33 - 2025-03-04 12:02 - 004859592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2025-03-17 20:33 - 2025-03-04 04:20 - 000137714 _____ C:\WINDOWS\system32\nvinfo.pb 2025-03-17 06:51 - 2025-03-17 06:51 - 000000000 ____D C:\WINDOWS\ABR 2025-03-13 20:47 - 2025-03-13 20:47 - 000000000 ____D C:\Users\Zhanna\AppData\Local\Alabama 2025-03-13 12:59 - 2025-03-13 12:59 - 000000000 ____D C:\Program Files\Riot Vanguard 2025-03-13 12:58 - 2025-03-13 12:59 - 000001675 _____ C:\Users\Public\Desktop\League of Legends.lnk 2025-03-13 12:58 - 2025-03-13 12:58 - 000000709 _____ C:\Users\Public\Desktop\Riot Client.lnk 2025-03-13 07:59 - 2025-03-15 14:40 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\WebView2 2025-03-13 07:59 - 2025-03-13 07:59 - 000000000 ____D C:\Users\Zhanna\AppData\LocalLow\aligames 2025-03-13 07:39 - 2025-03-13 07:39 - 000000215 _____ C:\Users\Zhanna\Desktop\Warborne Above Ashes (Playtest).url 2025-03-12 12:18 - 2025-03-12 12:18 - 000000477 _____ C:\Users\Public\Desktop\Avowed.lnk 2025-03-12 11:33 - 2025-03-12 11:33 - 000000048 ____R C:\Users\Zhanna\AppData\Local\3E6FAE9EEC5C61282D54BF06E26429D9 2025-03-12 11:33 - 2025-03-12 11:33 - 000000000 ____D C:\Users\Zhanna\AppData\Local\NgConsentManager 2025-03-12 11:33 - 2025-03-12 11:33 - 000000000 ____D C:\Users\Zhanna\AppData\Local\Netease 2025-03-12 11:33 - 2025-03-12 11:33 - 000000000 ____D C:\Users\Zhanna\AppData\Local\FragPunk 2025-03-11 17:48 - 2025-03-11 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin VPN 2025-03-11 17:48 - 2025-03-11 17:48 - 000000000 ____D C:\Program Files (x86)\Radmin VPN 2025-03-10 21:35 - 2025-03-12 20:25 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2025-03-10 21:34 - 2025-03-12 20:25 - 000000000 ____D C:\ProgramData\Rockstar Games 2025-03-10 21:34 - 2025-03-12 20:25 - 000000000 ____D C:\Program Files\Rockstar Games 2025-03-08 08:47 - 2025-03-08 08:47 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\Electronic Arts 2025-03-08 08:43 - 2025-03-08 08:47 - 000000000 ____D C:\Users\Zhanna\AppData\Local\SplitFiction 2025-03-06 11:49 - 2025-03-06 11:49 - 000000000 ____D C:\Users\Zhanna\AppData\LocalLow\BetaDwarf ApS 2025-03-06 08:40 - 2025-03-06 08:40 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\NVIDIA 2025-03-05 13:15 - 2025-03-05 13:17 - 000003088 _____ C:\WINDOWS\system32\Tasks\RTSS 2025-03-05 13:00 - 2025-03-05 13:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2025-03-05 07:07 - 2025-03-05 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2025-03-05 07:07 - 2025-03-05 07:07 - 000000000 ____D C:\Program Files\LGHUB 2025-03-03 18:33 - 2025-03-03 18:33 - 000000000 ____D C:\Users\Zhanna\AppData\Local\Clay_7 2025-02-28 21:35 - 2025-02-28 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2025-02-28 21:34 - 2025-02-28 21:35 - 000000000 ____D C:\Program Files\qBittorrent 2025-02-24 18:57 - 2025-02-24 18:57 - 000000000 ____D C:\Users\Zhanna\AppData\Local\enshrouded 2025-02-24 17:35 - 2025-02-24 17:35 - 000000565 _____ C:\Users\Zhanna\Desktop\Enshrouded.lnk 2025-02-23 19:51 - 2025-02-23 19:51 - 000000350 _____ C:\WINDOWS\PAGa4.dat 2025-02-23 12:34 - 2025-02-23 12:34 - 000000000 ____D C:\Users\Zhanna\AppData\Local\AnimalBrothers ==================== Один месяц (изменён) ================== (Если запись включена в лист исправлений, файл/папка будут перемещены.) 2025-03-23 10:59 - 2024-12-31 16:08 - 000000000 ____D C:\Users\Zhanna\AppData\Local\Plex Media Server 2025-03-23 10:59 - 2022-02-17 18:20 - 000000000 ____D C:\Users\Zhanna\AppData\Local\LGHUB 2025-03-23 10:58 - 2024-07-17 19:06 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2025-03-23 10:58 - 2023-10-24 09:13 - 000012288 ___SH C:\DumpStack.log.tmp 2025-03-23 10:58 - 2022-11-26 23:04 - 000003126 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner 2025-03-23 10:58 - 2022-11-26 23:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2025-03-23 10:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2025-03-23 10:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState 2025-03-23 10:58 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-03-23 10:58 - 2022-05-07 06:17 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2025-03-23 10:58 - 2022-02-18 17:09 - 000000000 ____D C:\ProgramData\NVIDIA 2025-03-23 10:58 - 2022-02-14 08:37 - 000000000 ____D C:\Program Files\TeamViewer 2025-03-23 10:58 - 2022-02-13 00:28 - 001283008 _____ () C:\WINDOWS\system32\wpbbin.exe 2025-03-23 10:58 - 2022-02-13 00:28 - 001223896 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe 2025-03-23 10:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2025-03-23 10:21 - 2023-12-16 20:30 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\qBittorrent 2025-03-23 09:25 - 2022-02-15 21:06 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-03-23 08:55 - 2025-01-09 12:59 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\monday 2025-03-23 08:44 - 2022-11-27 09:55 - 001780056 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2025-03-23 08:44 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2025-03-22 17:51 - 2022-04-19 11:52 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\EasyAntiCheat 2025-03-22 09:21 - 2022-02-12 19:21 - 000000000 ____D C:\Users\Zhanna\AppData\Local\D3DSCache 2025-03-21 12:17 - 2025-01-06 21:02 - 000000000 ____D C:\Program Files\Client Helper 2025-03-21 07:43 - 2024-01-04 13:28 - 000000000 ____D C:\ProgramData\UrbanVPN 2025-03-21 07:09 - 2022-11-26 23:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2025-03-21 07:09 - 2022-02-12 19:18 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2025-03-20 21:06 - 2025-01-13 11:59 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\ClickUp 2025-03-20 07:21 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2025-03-20 07:00 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2025-03-20 07:00 - 2022-02-13 00:33 - 000000000 ____D C:\Users\Zhanna\AppData\Local\Packages 2025-03-19 20:10 - 2022-11-26 23:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2025-03-19 20:10 - 2022-10-13 21:04 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2025-03-18 20:11 - 2022-05-21 20:00 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\discord 2025-03-18 19:45 - 2022-05-21 20:00 - 000000000 ____D C:\Users\Zhanna\AppData\Local\Discord 2025-03-18 17:43 - 2022-02-18 17:09 - 000000000 ____D C:\Users\Zhanna\AppData\Local\NVIDIA 2025-03-17 20:32 - 2024-11-16 20:43 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-03-17 20:32 - 2022-02-18 17:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2025-03-17 20:32 - 2022-02-18 17:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2025-03-13 21:03 - 2022-11-04 17:41 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\FLT 2025-03-13 13:05 - 2024-09-28 12:52 - 134222904 _____ C:\WINDOWS\392667600.dat 2025-03-13 13:03 - 2022-09-17 22:25 - 000000000 ____D C:\ProgramData\Riot Games 2025-03-13 12:59 - 2024-03-22 18:20 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\riot-client-ux 2025-03-13 12:58 - 2022-09-17 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2025-03-13 07:39 - 2022-09-28 19:22 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2025-03-12 20:33 - 2023-11-26 17:20 - 000000000 ____D C:\Users\Zhanna\AppData\Local\BattlEye 2025-03-12 20:25 - 2022-10-30 13:07 - 000000000 ____D C:\Users\Zhanna\Documents\Rockstar Games 2025-03-12 20:25 - 2022-10-30 13:07 - 000000000 ____D C:\Users\Zhanna\AppData\Local\Rockstar Games 2025-03-12 20:24 - 2022-02-13 12:45 - 000000000 ____D C:\Users\Zhanna\AppData\Local\CrashDumps 2025-03-10 20:06 - 2022-02-13 00:29 - 000000000 ____D C:\ProgramData\Package Cache 2025-03-07 17:18 - 2022-11-26 23:04 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-03-07 17:18 - 2022-11-26 23:04 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2025-03-06 18:31 - 2025-02-01 17:30 - 000000000 ____D C:\Users\Zhanna\AppData\Local\Vivox 2025-03-06 13:31 - 2024-11-16 20:43 - 003108896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2025-03-06 13:31 - 2024-11-16 20:43 - 002398752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2025-03-06 13:31 - 2022-02-18 17:10 - 000271904 _____ C:\WINDOWS\system32\FvSDK_x64.dll 2025-03-06 13:31 - 2022-02-18 17:10 - 000245792 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll 2025-03-06 13:10 - 2022-02-18 17:09 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2025-03-06 13:10 - 2022-02-18 17:09 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2025-03-06 13:09 - 2022-02-18 17:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2025-03-06 11:49 - 2023-12-02 17:19 - 000000000 ____D C:\Users\Zhanna\AppData\LocalLow\Unity 2025-03-06 09:01 - 2022-08-26 17:37 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2025-03-06 08:50 - 2022-02-15 21:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2025-03-05 13:00 - 2022-10-10 20:45 - 000000000 ____D C:\Users\Zhanna\AppData\LocalLow\NVIDIA 2025-03-05 07:07 - 2023-08-31 17:53 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\G HUB 2025-03-05 07:07 - 2022-02-17 18:20 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\LGHUB 2025-03-03 18:32 - 2025-01-06 16:30 - 000000000 ____D C:\Program Files (x86)\TI 2025-02-28 09:37 - 2022-02-14 07:26 - 000000000 ____D C:\Users\Zhanna\AppData\Local\Spotify 2025-02-28 09:34 - 2022-02-14 07:26 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\Spotify 2025-02-23 19:51 - 2024-07-04 20:27 - 000000000 ____D C:\ProgramData\boost_interprocess 2025-02-23 19:51 - 2024-07-04 20:27 - 000000000 ____D C:\ProgramData\AOMEIPA 2025-02-23 19:50 - 2025-01-22 08:08 - 000001078 _____ C:\Users\Public\Desktop\PicPick.lnk 2025-02-23 19:50 - 2025-01-13 11:59 - 000002314 _____ C:\Users\Zhanna\Desktop\ClickUp.lnk 2025-02-23 19:50 - 2025-01-12 21:20 - 000000842 _____ C:\Users\Zhanna\Desktop\Red Dead Redemption 2.lnk 2025-02-23 19:50 - 2025-01-09 12:59 - 000001790 _____ C:\Users\Public\Desktop\monday.lnk 2025-02-22 20:15 - 2023-11-04 15:42 - 000000000 ____D C:\Users\Zhanna\AppData\Roaming\ViberPC 2025-02-22 15:19 - 2024-09-28 13:39 - 000000000 ____D C:\Users\Zhanna\AppData\LocalLow\Shiny Shoe 2025-02-22 08:04 - 2024-12-20 08:49 - 190829627 _____ C:\WINDOWS\system32\WhatsApp.Msixbundle ==================== Файлы в корне каталогов ======== 2022-08-26 20:16 - 2022-08-26 20:16 - 000047328 ____H (Microsoft Corporation) C:\Users\Zhanna\kms driver.exe 2022-08-26 20:16 - 2022-08-26 20:16 - 000061152 ____H () C:\Users\Zhanna\kms tap driver.exe 2022-08-26 20:16 - 2022-08-26 20:16 - 017987504 ____H () C:\Users\Zhanna\kmsauto++v1.6.4.exe 2022-08-26 20:16 - 2022-08-26 20:16 - 000528808 ____H (Microsoft Corporation) C:\Users\Zhanna\svchost32.exe 2024-08-21 16:34 - 2024-08-21 16:34 - 000001360 _____ () C:\Users\Zhanna\AppData\Roaming\arena_breakout_infinite_launcher.reg 2022-02-17 17:09 - 2022-02-17 17:09 - 000000016 _____ () C:\Users\Zhanna\AppData\Roaming\obs-virtualcam.txt 2023-11-14 20:48 - 2024-06-22 07:17 - 000001036 _____ () C:\Users\Zhanna\AppData\Roaming\taris_launcher.reg 2022-09-10 17:24 - 2022-09-10 17:24 - 000001032 _____ () C:\Users\Zhanna\AppData\Roaming\tof_launcher.reg 2025-03-12 11:33 - 2025-03-12 11:33 - 000000048 ____R () C:\Users\Zhanna\AppData\Local\3E6FAE9EEC5C61282D54BF06E26429D9 2024-02-11 23:05 - 2024-02-11 23:06 - 001065984 _____ () C:\Users\Zhanna\AppData\Local\file__0.localstorage 2024-04-05 14:31 - 2024-05-08 16:10 - 000000913 _____ () C:\Users\Zhanna\AppData\Local\log.txt 2022-10-15 20:09 - 2022-10-15 20:09 - 000017408 _____ () C:\Users\Zhanna\AppData\Local\WebpageIcons.db ==================== SigCheck ============================ (Нет автоматического исправления файлов, которые не проходят проверку.) ==================== Конец от FRST.txt ========================