Scribd
Upload
218 views

FRST

This document contains a summary of the Farbar Recovery Scan Tool (FRST) scan results. The scan found several whitelist processes, registry entries, and scheduled tasks. No malware or other potentially unwanted programs were detected.

Uploaded by

petr230307
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
218 views

FRST

This document contains a summary of the Farbar Recovery Scan Tool (FRST) scan results. The scan found several whitelist processes, registry entries, and scheduled tasks. No malware or other potentially unwanted programs were detected.

Uploaded by

petr230307
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 22

Результат сканирования Farbar Recovery Scan Tool (FRST) (x64) Версия: 11.01.

2024
Запущено с помощью elisey (Администратор) на DESKTOP-H50QIK1 (Gigabyte Technology
Co., Ltd. B450M DS3H) (14-01-2024 16:23:52)
Запущено из C:\Users\elisey\Desktop\sadsad\FRST64 (1).exe
Загруженные профили: elisey
Платформа: Майкрософт Windows 10 Pro Версия 22H2 19045.3930 (X64) Язык: Русский
(Россия)
Браузер по умолчанию: Opera
Режим загрузки: Normal

==================== Процессы (В белом списке) =================

(Если запись включена в fixlist, процесс будет закрыт. Файл не будет перемещён.)

(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc ->


Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft
Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Users\elisey\AppData\Local\Medal\app-4.2203.0\Medal.exe ->) (Ferox Games B.V. -
> ) C:\Users\elisey\AppData\Local\Medal\app-4.2203.0\resources\app\Medal.exe
(C:\Users\elisey\AppData\Local\Medal\app-4.2203.0\resources\app\Medal.exe ->)
(Ferox Games B.V. -> Ferox Games B.V.) C:\Users\elisey\AppData\Local\Medal\
recorder-3.773.0\MedalEncoder.exe
(C:\Users\elisey\AppData\Local\Medal\recorder-3.773.0\MedalEncoder.exe ->) () [Файл
не подписан] C:\Users\elisey\AppData\Local\Medal\recorder-3.773.0\DLLs\
crashpad_handler.exe
(C:\Users\elisey\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS ->
Opera Software) C:\Users\elisey\AppData\Local\Programs\Opera GX\105.0.4970.76\
opera_crashreporter.exe
(Discord Inc. -> Discord Inc.) C:\Users\elisey\AppData\Local\Discord\app-1.0.9030\
Discord.exe <6>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\
system_tray\lghub_system_tray.exe
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\elisey\AppData\
Roaming\Telegram Desktop\Telegram.exe
(Ferox Games B.V. -> Medal B.V.) C:\Users\elisey\AppData\Local\Medal\app-4.2203.0\
Medal.exe <7>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\
GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\
GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\
NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Users\elisey\AppData\Local\Programs\Opera
GX\opera.exe <24>
(services.exe ->) (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin
VPN\RvControlSvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\
lghub_updater.exe
(services.exe ->) (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn
Hamachi\x64\hamachi-2.exe
(services.exe ->) (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn
Hamachi\x64\LMIGuardianSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program
Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\
ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\
ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\
NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\
DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\
Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\
Windows\System32\DriverStore\FileRepository\
realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\
dllhost.exe <3>

==================== Реестр Windows (В белом списке) ===================

(Если запись включена в fixlist, элемент реестра будет сброшен на значение по


умолчанию или удалён. Файл не будет перемещён.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\


realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe [1343072 2021-08-22]
(Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3022640
2023-11-28] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\
Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe
[82992808 2022-04-19] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\
hamachi-2-ui.exe [7039464 2022-05-18] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\
Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle
Corporation)
HKLM-x32\...\Run: [ATNSOFT Key Manager] => C:\Program Files (x86)\ATNSOFT Key
Manager\keymanager.exe [3762688 2022-08-07] (ATNSOFT) [Файл не подписан]
HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe
[2089536 2023-07-10] (Famatech Corp. -> Famatech Corp.)
HKLM-x32\...\Run: [Genshin Impact_launcher__1_1] => [X]
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run: [Steam] => C:\stim\
steam.exe [4386664 2023-12-08] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run: [EpicGamesLauncher] =>
C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\
EpicGamesLauncher.exe [37188048 2024-01-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run: [Opera GX Browser
Assistant] => C:\Users\elisey\AppData\Local\Programs\Opera GX\assistant\
browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run: [utweb] => C:\Users\
elisey\AppData\Roaming\uTorrent Web\utweb.exe [6415008 2022-11-17] (BitTorrent Inc
-> BitTorrent Inc.)
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run: [Discord] => C:\Users\
elisey\AppData\Local\Discord\Update.exe [1525032 2022-08-08] (Discord Inc. ->
GitHub)
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run: [Medal] => C:\Users\
elisey\AppData\Local\Medal\update.exe [2046824 2023-10-11] (Ferox Games B.V. -> )
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run: [CCXProcess] => C:\
Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008
2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run:
[com.squirrel.Teams.Teams] => C:\Users\elisey\AppData\Local\Microsoft\Teams\
Update.exe [2588520 2023-08-23] (Microsoft 3rd Party Application Component ->
Microsoft Corporation)
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run:
[MicrosoftEdgeAutoLaunch_BD105616DFA4F291CEF90F1CFAB9C13D] => "C:\Program Files
(x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3854272 2024-01-
11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run: [LGHUB] => C:\Program
Files\LGHUB\system_tray\lghub_system_tray.exe [45968128 2023-12-30] (Logitech Inc -
> Logitech, Inc.)
HKU\S-1-5-21-1485128067-850457072-2224398771-1001\...\Run: [electron.app.BlueStacks
Services] => C:\Users\elisey\AppData\Local\Programs\bluestacks-services\
BlueStacksServices.exe [162219656 2023-10-19] (Now.gg, INC -> now.gg, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-
AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.217\
Installer\chrmstp.exe [2024-01-12] (Google LLC -> Google LLC)
Startup: C:\Users\elisey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\
Startup\AutorunsDisabled [2023-12-19]
GroupPolicy: Ограничение ? <==== ВНИМАНИЕ
GroupPolicy\User: Ограничение ? <==== ВНИМАНИЕ
Policies: C:\ProgramData\NTUSER.pol: Ограничение <==== ВНИМАНИЕ

==================== Запланированные задачи (В белом списке) =================

(Если запись включена в fixlist, она будет удалена из реестра. Файл не будет
удалён, если он не указан отдельно.)

Task: {84E3A766-CC4A-4E62-8018-DFFE3EA91E8A} - System32\Tasks\AMDAutoUpdate => C:\


Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667832 2021-07-16] (Advanced Micro
Devices INC. -> )
Task: {D7EA3F90-2D95-46AA-BDF3-AA9022E43336} - System32\Tasks\BlueStacksHelper_nxt
=> C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2023-12-26]
(Now.gg, INC -> BlueStack Systems, Inc.)
Task: {E4377900-E5A2-45FA-A3EA-F5CF3410C687} - System32\Tasks\
CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5550856 2024-01-13]
(Microsoft Windows -> Microsoft Corporation)
Task: {C69646A6-BD17-4128-B984-9098DA4024CF} - System32\Tasks\
GoogleUpdateTaskMachineCore{0EE94967-3C8C-4833-AB9E-6FEC07B636C3} => C:\Program
Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-18] (Google LLC ->
Google LLC)
Task: {6A36F27B-4BB2-4F4D-8656-ED8006F597A2} - System32\Tasks\
GoogleUpdateTaskMachineUA{CD47ECC0-32E3-43C4-AF04-9914EEEF1E8F} => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-18] (Google LLC -> Google LLC)
Task: {2AA38376-89BD-4513-ACB0-0A08F049A1CD} - System32\Tasks\Microsoft\Office\
Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\
ClickToRun\OfficeC2RClient.exe [21916856 2023-12-18] (Microsoft Corporation ->
Microsoft Corporation)
Task: {86AD845D-7C83-4E5F-8CFC-37C82A846F4D} - System32\Tasks\Microsoft\Office\
Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft
Shared\ClickToRun\OfficeC2RClient.exe [21916856 2023-12-18] (Microsoft Corporation
-> Microsoft Corporation)
Task: {C0AE53AE-732D-487C-BCF4-9281D1276F9E} - System32\Tasks\Microsoft\Office\
Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\
sdxhelper.exe [141352 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3E87202-520E-4E5B-9B00-9B932027A75F} - System32\Tasks\Microsoft\Office\
Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\
sdxhelper.exe [141352 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA44C079-82C9-414B-8F7C-FDE3603213AC} - System32\Tasks\Microsoft\Windows\
PLA\процесов => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll
[1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {A578740C-8A23-4E87-8392-8B88637FB57A} - System32\Tasks\Microsoft\Windows\
Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\
Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06]
(Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ED7BC5B3-7F9C-4B7C-94BF-32A5084B5282} - System32\Tasks\Microsoft\Windows\
Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows
Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft
Windows Publisher -> Microsoft Corporation)
Task: {3AD71FA2-FC44-4B44-B9D0-E1CF22B94426} - System32\Tasks\Microsoft\Windows\
Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\
Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06]
(Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D5749DB-1369-4585-B977-689FA75496B2} - System32\Tasks\Microsoft\Windows\
Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows
Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft
Windows Publisher -> Microsoft Corporation)
Task: {03B449BE-862D-4EE1-8202-107203AE28A8} - System32\Tasks\
NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program
Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA
Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\
NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6F010AC0-9B31-40B5-844B-A09C4E89E596} - System32\Tasks\NVIDIA GeForce
Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448
2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B35F28F-F7BB-4C1F-B942-F6E45AD72588} - System32\Tasks\
NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\
NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA
Corporation -> NVIDIA Corporation)
Task: {DA7CA336-F506-4789-B06A-5346B334BF23} - System32\Tasks\
NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA
Corporation -> NVIDIA Corporation)
Task: {3197C1C6-D41A-48E2-8DAD-C2409D4D2CBB} - System32\Tasks\
NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA
Corporation -> NVIDIA Corporation)
Task: {1BD50185-15D1-479E-952C-E583663F3199} - System32\Tasks\
NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -
> NVIDIA Corporation)
Task: {64DA751F-9CAC-4A36-B9A9-CDBFE3DB84FE} - System32\Tasks\
NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -
> NVIDIA Corporation)
Task: {CA27C883-800B-4192-8B8B-1B30159DF44F} - System32\Tasks\
NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -
> NVIDIA Corporation)
Task: {93B3DDDE-F13B-41A9-A97B-9474C5334B80} - System32\Tasks\
NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -
> NVIDIA Corporation)
Task: {A633A157-5419-418D-9554-37017C4DF252} - System32\Tasks\OneDrive Per-Machine
Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\
OneDriveStandaloneUpdater.exe [2882408 2024-01-11] (Microsoft Corporation ->
Microsoft Corporation)
Task: {C1B76E57-7076-4C42-9C86-BD13917A53F8} - System32\Tasks\OneDrive Reporting
Task-S-1-5-21-1485128067-850457072-2224398771-1001 => %localappdata%\Microsoft\
OneDrive\OneDriveStandaloneUpdater.exe /reporting (Нет файла)
Task: {554A5986-C591-471C-B0FD-4F217F3D0DD9} - System32\Tasks\Opera GX scheduled
assistant Autoupdate 1649850094 => C:\Users\elisey\AppData\Local\Programs\Opera GX\
launcher.exe [2296224 2024-01-06] (Opera Norway AS -> Opera Software) -> --
scheduledautoupdate --component-name=assistant --component-path="C:\Users\elisey\
AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {DF24D11B-7207-493D-9003-FC04A797CCC0} - System32\Tasks\Opera GX scheduled
Autoupdate 1649346061 => C:\Users\elisey\AppData\Local\Programs\Opera GX\
launcher.exe [2296224 2024-01-06] (Opera Norway AS -> Opera Software)
Task: {A9549EAD-934E-4E52-9CB7-451C4EAF9694} - System32\Tasks\ParkControl => C:\
Program Files\ParkControl\parkcontrol.exe [548608 2022-02-03] (Bitsum Technologies
(Bitsum LLC) -> Bitsum LLC)
Task: {B65D4A2A-818E-497A-B31C-87665425EF4D} - System32\Tasks\update-S-1-5-21-
1485128067-850457072-2224398771-1001 => C:\Program Files (x86)\Skillbrains\Updater\
Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {84B21948-AF39-4AB8-B290-E2F1493E4D90} - System32\Tasks\update-sys => C:\
Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO
Lightshot -> TODO: <Company name>)

(Если запись включена в fixlist, файл задачи (.job) будет перемещён. Файл,
выполняемый задачей, не будет перемещён.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\


explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1485128067-850457072-2224398771-1001.job =>
C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\
Updater\Updater.exe

==================== Internet (В белом списке) ====================

(Если элемент включён в fixlist, если он является элементом реестра, он будет


удалён или сброшен на значение по умолчанию.)

Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\mswsock.dll [325608 2024-01-13] (Microsoft


Windows -> Microsoft Corporation) ВНИМАНИЕ: LibraryPath должен быть "%SystemRoot%\
system32\NLAapi.dll"
Winsock: Catalog5-x64 03 C:\Windows\System32\mswsock.dll [419584 2024-01-13]
(Microsoft Windows -> Microsoft Corporation) ВНИМАНИЕ: LibraryPath должен быть
"%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{60fe40e3-ed98-45bb-9d42-80248559108b}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f7e063b5-bd29-4fcd-9c8e-835ced7541cb}: [DhcpNameServer]
192.168.0.1

Edge:
=======
Edge Profile: C:\Users\elisey\AppData\Local\Microsoft\Edge\User Data\Default [2023-
12-04]
Edge HomePage: Default -> hxxps://www.microsoft.com/ru-ru/edge
Edge StartupUrls: Default -> "hxxps://www.msn.com/ru-ru/","hxxps://ovgorskiy.ru"
Edge Extension: (Google Документы офлайн) - C:\Users\elisey\AppData\Local\
Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-
11-30]
Edge Extension: (Edge relevant text changes) - C:\Users\elisey\AppData\Local\
Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-
11-30]

FireFox:
========
FF ProfilePath: C:\Users\elisey\AppData\Roaming\Mozilla\Firefox\Profiles\
nahd6ha2.default [2023-02-26]
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxps://www.yandex.ru/?
win=540&clid=2379713-910
FF SearchPlugin: C:\Users\elisey\AppData\Roaming\Mozilla\Firefox\Profiles\
nahd6ha2.default\searchplugins\yandex.ru-20224703.xml [2022-05-03]
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\
jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-11-19] (Oracle America, Inc. ->
Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\
jre1.8.0_351\bin\plugin2\npjp2.dll [2022-11-19] (Oracle America, Inc. -> Oracle
Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft
Office\root\Office16\NPSPWRAP.DLL [2024-01-11] (Microsoft Corporation -> Microsoft
Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft
Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-11]
(Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\elisey\AppData\Local\Google\Chrome\User Data\Default [2023-
11-26]
CHR HomePage: Default -> hxxps://www.google.com
CHR StartupUrls: Default -> "hxxps://www.google.com","hxxps://ovgorskiy.ru"
CHR DefaultSearchURL: Default -> hxxps://yandex.ru/search/?
__PARAM__from=chromesearch&text={searchTerms}
CHR DefaultSearchKeyword: Default -> yandex.ru
CHR DefaultSuggestURL: Default -> hxxps://suggest.yandex.net/suggest-ff.cgi?
uil=ru&part={searchTerms}
CHR Extension: (Яндекс) - C:\Users\elisey\AppData\Local\Google\Chrome\User Data\
Default\Extensions\gndelhfhcfbdhndfpcinebijfcjpmpec [2023-10-09]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\elisey\
AppData\Local\Google\Chrome\User Data\Default\Extensions\
nmmhkkegccagdldgiimedpiccmgmieda [2023-02-18]
CHR HKU\S-1-5-21-1485128067-850457072-2224398771-1001\SOFTWARE\Google\Chrome\
Extensions\...\Chrome\Extension: [gndelhfhcfbdhndfpcinebijfcjpmpec]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1485128067-850457072-2224398771-1001) Opera
GXStable - "C:\Users\elisey\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Службы (В белом списке) ===================

(Если запись включена в fixlist, она будет удалена из реестра. Файл не будет
удалён, если он не указан отдельно.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456


2023-12-08] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\
OfficeClickToRun.exe [9201848 2023-12-18] (Microsoft Corporation -> Microsoft
Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032
2022-06-12] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\
EasyAntiCheat_EOS.exe [955816 2023-11-07] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\
service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic
Games, Inc.)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.030.0211.0002_1\
FileSyncHelper.exe [2233704 2024-01-11] (Microsoft Corporation -> Microsoft
Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3848680
2022-05-18] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10759936 2023-12-
30] (Logitech Inc -> Logitech, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
[419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\
nv_dispig.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe
[1274992 2023-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\
21.030.0211.0002_1\OneDriveUpdaterService.exe [2602368 2024-01-11] (Microsoft
Corporation -> Microsoft Corporation)
R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1179712 2023-
07-10] (Famatech Corp. -> Famatech Corp.)
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
[534472 2024-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9623432 2023-11-28] (Riot Games,
Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\
NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft
Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\
MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft
Corporation)
S3 Origin Client Service; "D:\Origin\OriginClientService.exe" [X]
S2 Origin Web Helper Service; "D:\Origin\OriginWebHelperService.exe" [X]

===================== Драйверы (В белом списке) ===================

(Если запись включена в fixlist, она будет удалена из реестра. Файл не будет
удалён, если он не указан отдельно.)

S3 963b2d08; C:\WINDOWS\System32\Drivers\963b2d08.sys [377392 2024-01-11]


(Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [27256 2022-01-27] (ASMedia
Technology Inc. -> Advanced Micro Devices, Inc)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [394176 2023-
12-26] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System
Inc.)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-11] (Microsoft
Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\
droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10]
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK
provider)
R3 EuMusDesignVirtualAudioCableWdm; C:\WINDOWS\System32\drivers\vrtaucbl.sys [99616
2023-09-11] (Muzychenko Evgenii Viktorovich -> Eugene V. Muzychenko)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2022-05-18] (Microsoft
Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 HoYoProtect; C:\WINDOWS\system32\HoYoKProtect.sys [3768896 2023-12-10]
(Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880
2023-12-30] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-
12-30] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-12-
30] (Logitech Inc -> Logitech)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2024-01-11]
(SoftEther Corporation -> SoftEther Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\
nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14]
(Nvidia Corporation -> NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13]
(MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [58288 2023-07-10]
(Microsoft Windows Hardware Compatibility Publisher -> Famatech Corp.)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2024-01-11] (SoftEther
Corporation -> SoftEther Corporation)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2020-02-12] (OpenVPN
Technologies, Inc. -> The OpenVPN Project)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-
09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22035200 2023-11-28] (Riot Games,
Inc. -> Riot Games, Inc.)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2022-07-26]
(Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft
Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-06]
(Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06]
(Microsoft Windows -> Microsoft Corporation)
S3 klupd_963b2d08a_arkmon_3EAA902C; \??\C:\KVRT2020_Data\Temp\
3EAA902C0B5097D0258FD5FE1D8A2AA9\klupd_963b2d08a_arkmon.sys [X]

==================== NetSvcs (В белом списке) ===================

(Если запись включена в fixlist, она будет удалена из реестра. Файл не будет
удалён, если он не указан отдельно.)

==================== Три месяца (создан) (В белом списке) =========

(Если запись включена в лист исправлений, файл/папка будут перемещены.)

2024-01-14 09:19 - 2024-01-14 09:19 - 000000000 ____D C:\Users\elisey\AppData\


Local\BSXCache
2024-01-14 09:19 - 2024-01-14 09:19 - 000000000 ____D C:\Users\elisey\AppData\
Local\BlueStacks X
2024-01-14 09:05 - 2024-01-14 09:50 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\bluestacks-services
2024-01-14 09:05 - 2024-01-14 09:19 - 000000000 ____D C:\ProgramData\
bst_boost_interprocess
2024-01-14 09:05 - 2024-01-14 09:05 - 000003940 _____ C:\WINDOWS\system32\Tasks\
BlueStacksHelper_nxt
2024-01-14 09:05 - 2024-01-14 09:05 - 000002443 _____ C:\Users\elisey\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\BlueStacks Services.lnk
2024-01-14 09:05 - 2024-01-14 09:05 - 000002087 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\BlueStacks 5.lnk
2024-01-14 09:05 - 2024-01-14 09:05 - 000001969 _____ C:\Users\Public\Desktop\
BlueStacks 5.lnk
2024-01-14 09:05 - 2024-01-14 09:05 - 000001275 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2024-01-14 09:05 - 2024-01-14 09:05 - 000001263 _____ C:\Users\Public\Desktop\
BlueStacks Multi-Instance Manager.lnk
2024-01-14 09:05 - 2024-01-14 09:05 - 000000000 ____D C:\Users\elisey\AppData\
Local\bluestacks-services-updater
2024-01-14 09:05 - 2024-01-14 09:05 - 000000000 ____D C:\Program Files\
BlueStacks_nxt
2024-01-14 09:04 - 2024-01-14 09:04 - 000000661 _____ C:\Users\Public\Desktop\
BlueStacks X.lnk
2024-01-14 09:04 - 2024-01-14 09:04 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\BlueStacks X
2024-01-14 08:59 - 2024-01-14 08:59 - 000932544 _____ (now.gg, Inc.) C:\Users\
elisey\Downloads\
BlueStacksInstaller_5.20.0.1037_native_ec7fc792a674b85b46bfbeeabfbc2ebc_MzsxNSwwOzU
sMTsxNSw0OzE1.exe
2024-01-14 08:15 - 2024-01-14 08:15 - 000000000 ____D C:\Users\elisey\AppData\
Local\Backup
2024-01-13 20:12 - 2024-01-13 22:04 - 000000000 ____D C:\Users\elisey\Desktop\AVBR
2024-01-13 20:12 - 2024-01-13 20:12 - 009625664 _____ C:\Users\elisey\Downloads\
AVbr.zip
2024-01-13 16:15 - 2024-01-13 16:15 - 000070680 _____ C:\Users\elisey\Downloads\
FRST (2).txt
2024-01-13 16:15 - 2024-01-13 16:15 - 000048484 _____ C:\Users\elisey\Downloads\
Addition (1).txt
2024-01-13 16:05 - 2024-01-13 16:05 - 000070680 _____ C:\Users\elisey\Downloads\
FRST (1).txt
2024-01-13 15:55 - 2024-01-13 15:55 - 002389504 _____ (Farbar) C:\Users\elisey\
Downloads\FRST64 (1).exe
2024-01-13 15:54 - 2024-01-13 15:54 - 000481552 _____ C:\Users\elisey\Downloads\
ClearLNK.zip
2024-01-13 15:54 - 2024-01-13 15:54 - 000000000 ____D C:\Users\elisey\Desktop\LOG
2024-01-13 15:54 - 2024-01-13 15:54 - 000000000 _____ C:\WINDOWS\SysWOW64\WFSR.dll
2024-01-13 15:54 - 2024-01-13 15:54 - 000000000 _____ C:\WINDOWS\SysWOW64\wfs.exe
2024-01-13 15:54 - 2020-07-25 18:05 - 001029112 _____ (Alex Dragokas) C:\Users\
elisey\Desktop\ClearLNK.exe
2024-01-13 07:55 - 2024-01-13 12:00 - 000000000 ___RD C:\WINDOWS\
ImmersiveControlPanel
2024-01-13 07:55 - 2024-01-13 07:55 - 000000000 ____D C:\WINDOWS\InboxApps
2024-01-13 07:29 - 2024-01-13 07:29 - 000016707 _____ C:\WINDOWS\system32\
IntegratedServicesRegionPolicySet.json
2024-01-13 07:03 - 2024-01-13 07:03 - 000027376 _____ (EasyAntiCheat Oy) C:\
WINDOWS\system32\eac_usermode_881374566337.dll
2024-01-13 07:02 - 2024-01-13 07:02 - 000083645 _____ C:\Users\elisey\Downloads\
CollectionLog-2024.01.12-20.02 (1).zip
2024-01-12 22:53 - 2024-01-14 16:21 - 000000000 ____D C:\Users\elisey\Desktop\
PROJECT
2024-01-12 22:53 - 2024-01-12 22:53 - 000000000 ____D C:\Users\elisey\Documents\
Custom Office Templates
2024-01-12 22:44 - 2024-01-12 22:44 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\QuickStyles
2024-01-12 22:44 - 2024-01-12 22:44 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Document Building Blocks
2024-01-12 22:14 - 2024-01-12 22:14 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Bibliography
2024-01-12 20:12 - 2024-01-12 22:45 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\UProof
2024-01-12 20:12 - 2024-01-12 20:12 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Proof
2024-01-12 20:11 - 2024-01-14 16:22 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Word
2024-01-12 20:11 - 2024-01-14 16:21 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Office
2024-01-12 20:08 - 2024-01-12 20:08 - 000083645 _____ C:\Users\elisey\Downloads\
CollectionLog-2024.01.12-20.02.zip
2024-01-12 19:53 - 2024-01-12 19:53 - 000000000 ____D C:\Users\elisey\Desktop\
autolog
2024-01-12 19:50 - 2024-01-12 19:50 - 018189003 _____ C:\Users\elisey\Downloads\
AutoLogger.zip
2024-01-12 19:38 - 2024-01-12 19:38 - 002389504 _____ (Farbar) C:\Users\elisey\
Desktop\FRST64.exe
2024-01-12 19:28 - 2024-01-12 19:28 - 014290344 _____ C:\Users\elisey\Downloads\mb-
support-1.9.7.1002 (1).exe
2024-01-12 19:24 - 2024-01-12 19:24 - 002606880 _____ (Malwarebytes) C:\Users\
elisey\Downloads\MBSetup (1).exe
2024-01-12 19:01 - 2024-01-12 19:01 - 000000000 ____D C:\Program Files (x86)\
WindowsInstallationAssistant
2024-01-12 18:39 - 2024-01-12 18:41 - 000000000 ____D C:\Users\eliseilolka\AppData\
Local\Packages
2024-01-12 18:39 - 2024-01-12 18:41 - 000000000 ____D C:\Users\eliseilolka\AppData\
Local\NVIDIA Corporation
2024-01-12 18:39 - 2024-01-12 18:41 - 000000000 ____D C:\Users\eliseilolka\AppData\
Local\D3DSCache
2024-01-12 18:39 - 2024-01-12 18:39 - 000002360 _____ C:\Users\eliseilolka\Desktop\
Microsoft Edge.lnk
2024-01-12 18:39 - 2024-01-12 18:39 - 000000020 ___SH C:\Users\eliseilolka\
ntuser.ini
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 _SHDL C:\Users\eliseilolka\Шаблоны
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 _SHDL C:\Users\eliseilolka\Мои
документы
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 _SHDL C:\Users\eliseilolka\главное
меню
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 _SHDL C:\Users\eliseilolka\
Documents\Моя музыка
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 _SHDL C:\Users\eliseilolka\
Documents\мои рисунки
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 _SHDL C:\Users\eliseilolka\
Documents\Мои видеозаписи
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 _SHDL C:\Users\eliseilolka\AppData\
Roaming\Microsoft\Windows\Start Menu\Программы
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ___SD C:\Users\eliseilolka\AppData\
Roaming\Microsoft\SystemCertificates
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ___SD C:\Users\eliseilolka\AppData\
Roaming\Microsoft\Protect
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ___SD C:\Users\eliseilolka\AppData\
Roaming\Microsoft\Crypto
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ___SD C:\Users\eliseilolka\AppData\
Roaming\Microsoft\Credentials
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ___RD C:\Users\eliseilolka\3D
Objects
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka\AppData\
Roaming\Microsoft\Windows
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka\AppData\
Roaming\Microsoft\Vault
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka\AppData\
Roaming\Adobe
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka\AppData\
LocalLow\NVIDIA
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka\AppData\
Local\VirtualStore
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka\AppData\
Local\Publishers
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka\AppData\
Local\NVIDIA
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka\AppData\
Local\Google
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka\AppData\
Local\ConnectedDevicesPlatform
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka\ansel
2024-01-12 18:39 - 2024-01-12 18:39 - 000000000 ____D C:\Users\eliseilolka
2024-01-12 18:39 - 2023-02-21 20:26 - 000000000 ____D C:\Users\eliseilolka\AppData\
Roaming\Microsoft\Network
2024-01-12 18:39 - 2022-04-20 20:51 - 000000000 ___RD C:\Users\eliseilolka\OneDrive
2024-01-12 18:37 - 2024-01-12 18:37 - 000000000 ____D C:\Users\elisey\AppData\
Local\Microsoft_Corporation
2024-01-12 18:35 - 2024-01-12 18:35 - 000000000 ____D C:\Users\elisey\AppData\
Local\ElevatedDiagnostics
2024-01-12 14:43 - 2024-01-12 14:43 - 000000000 ____D C:\Users\elisey\AppData\
LocalLow\NVIDIA
2024-01-12 14:39 - 2023-12-08 08:23 - 001487368 _____ (Khronos Group) C:\WINDOWS\
system32\OpenCL.dll
2024-01-12 14:39 - 2023-12-08 08:23 - 001424064 _____ C:\WINDOWS\system32\vulkan-1-
999-0-0-0.dll
2024-01-12 14:39 - 2023-12-08 08:23 - 001424064 _____ C:\WINDOWS\system32\vulkan-
1.dll
2024-01-12 14:39 - 2023-12-08 08:23 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1-
999-0-0-0.dll
2024-01-12 14:39 - 2023-12-08 08:23 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-
1.dll
2024-01-12 14:39 - 2023-12-08 08:23 - 001227288 _____ (Khronos Group) C:\WINDOWS\
SysWOW64\OpenCL.dll
2024-01-12 14:39 - 2023-12-08 08:23 - 000850616 _____ C:\WINDOWS\system32\
vulkaninfo-1-999-0-0-0.exe
2024-01-12 14:39 - 2023-12-08 08:23 - 000850616 _____ C:\WINDOWS\system32\
vulkaninfo.exe
2024-01-12 14:39 - 2023-12-08 08:23 - 000731320 _____ C:\WINDOWS\SysWOW64\
vulkaninfo-1-999-0-0-0.exe
2024-01-12 14:39 - 2023-12-08 08:23 - 000731320 _____ C:\WINDOWS\SysWOW64\
vulkaninfo.exe
2024-01-12 14:39 - 2023-12-08 08:19 - 000957960 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvml.dll
2024-01-12 14:39 - 2023-12-08 08:19 - 000670232 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvofapi64.dll
2024-01-12 14:39 - 2023-12-08 08:19 - 000505480 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\nvofapi.dll
2024-01-12 14:39 - 2023-12-08 08:18 - 012375688 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvcuvid.dll
2024-01-12 14:39 - 2023-12-08 08:18 - 002170992 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\NvFBC64.dll
2024-01-12 14:39 - 2023-12-08 08:18 - 001624712 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\NvFBC.dll
2024-01-12 14:39 - 2023-12-08 08:18 - 001541256 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\NvIFR64.dll
2024-01-12 14:39 - 2023-12-08 08:18 - 001198728 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\NvIFR.dll
2024-01-12 14:39 - 2023-12-08 08:18 - 000997512 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvEncodeAPI64.dll
2024-01-12 14:39 - 2023-12-08 08:18 - 000810096 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvidia-smi.exe
2024-01-12 14:39 - 2023-12-08 08:18 - 000459912 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvdebugdump.exe
2024-01-12 14:39 - 2023-12-08 08:17 - 015095408 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\nvcuvid.dll
2024-01-12 14:39 - 2023-12-08 08:17 - 006462600 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\nvcuda.dll
2024-01-12 14:39 - 2023-12-08 08:17 - 005862512 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvcudadebugger.dll
2024-01-12 14:39 - 2023-12-08 08:17 - 005861000 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvcpl.dll
2024-01-12 14:39 - 2023-12-08 08:17 - 000853640 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\MCU.exe
2024-01-12 14:39 - 2023-12-08 08:16 - 006745768 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\nvapi.dll
2024-01-12 14:38 - 2023-12-07 06:05 - 000113947 _____ C:\WINDOWS\system32\nvinfo.pb
2024-01-12 14:36 - 2024-01-13 14:28 - 000000913 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\NVCleanstall.lnk
2024-01-12 14:36 - 2024-01-12 14:36 - 003934936 _____ (TechPowerUp) C:\Users\
elisey\Downloads\NVCleanstall_1.16.0.exe
2024-01-12 14:36 - 2024-01-12 14:36 - 000000901 _____ C:\Users\Public\Desktop\
NVCleanstall.lnk
2024-01-12 14:36 - 2024-01-12 14:36 - 000000000 ____D C:\Program Files\NVCleanstall
2024-01-12 13:58 - 2024-01-12 13:58 - 000000000 ____D C:\ProgramData\PLUG
2024-01-12 07:37 - 2024-01-12 07:37 - 000000000 ___HD C:\$WinREAgent
2024-01-12 07:25 - 2024-01-12 07:25 - 000000000 ____D C:\Program Files\RUXIM
2024-01-11 22:41 - 2024-01-11 22:41 - 000050624 _____ (SoftEther Corporation) C:\
WINDOWS\system32\Drivers\SeLow_x64.sys
2024-01-11 22:39 - 2024-01-11 22:40 - 068728071 _____ C:\Users\elisey\Downloads\
vpngate-client-2024.01.12-build-9799.157870.zip
2024-01-11 22:32 - 2024-01-11 22:32 - 000152840 _____ (SoftEther VPN Project at
University of Tsukuba, Japan.) C:\WINDOWS\system32\vpncmd.exe
2024-01-11 22:32 - 2024-01-11 22:32 - 000037824 _____ (SoftEther Corporation) C:\
WINDOWS\system32\Drivers\Neo6_x64_VPN.sys
2024-01-11 22:30 - 2024-01-11 22:31 - 056232008 _____ (SoftEther VPN Project at
University of Tsukuba, Japan.) C:\Users\elisey\Downloads\softether-vpnclient-v4.43-
9799-beta-2023.08.31-windows-x86_x64-intel.exe
2024-01-11 18:26 - 2024-01-12 19:28 - 000000986 _____ C:\Users\elisey\Downloads\
FRSTEnglish.exe
2024-01-11 18:25 - 2024-01-11 18:26 - 014290344 ____N C:\Users\elisey\Downloads\mb-
support-1.9.7.1002.exe
2024-01-11 18:12 - 2024-01-13 14:28 - 000002461 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Project.lnk
2024-01-11 18:12 - 2024-01-11 18:12 - 000002443 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Visio.lnk
2024-01-11 18:12 - 2024-01-11 18:12 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Microsoft Office Tools
2024-01-11 18:12 - 2024-01-11 18:12 - 000000000 ____D C:\Program Files\Common
Files\DESIGNER
2024-01-11 18:09 - 2024-01-11 18:09 - 000000000 ____D C:\Program Files\Microsoft
Office 15
2024-01-11 18:05 - 2024-01-11 18:05 - 000000000 ____D C:\aasds
2024-01-11 17:49 - 2024-01-11 17:49 - 002606880 ____N (Malwarebytes) C:\Users\
elisey\Downloads\MBSetup.exe
2024-01-11 17:39 - 2024-01-11 17:40 - 000000214 _____ C:\WINDOWS\Tasks\
CreateExplorerShellUnelevatedTask.job
2024-01-11 17:27 - 2024-01-11 17:27 - 000000000 ____D C:\WINDOWS\Panther
2024-01-11 17:14 - 2023-11-16 21:13 - 000024134 _____ C:\WINDOWS\system32\Drivers\
etc\2024-01-11_17-14_hosts.bak
2024-01-11 17:11 - 2024-01-11 10:10 - 009755004 _____ (Company © regist) C:\Users\
elisey\Desktop\AVbr.exe
2024-01-11 17:06 - 2024-01-14 16:24 - 000000000 ____D C:\FRST
2024-01-11 16:19 - 2024-01-11 16:19 - 000005786 __RSH C:\ProgramData\ntuser.pol
2024-01-11 16:03 - 2024-01-12 20:57 - 000002450 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\PowerPoint.lnk
2024-01-11 16:03 - 2024-01-11 18:12 - 000002451 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Word.lnk
2024-01-11 16:03 - 2024-01-11 18:12 - 000002413 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Excel.lnk
2024-01-11 16:02 - 2024-01-11 17:17 - 000000000 ____D C:\WINDOWS\AAct_Tools
2024-01-11 16:02 - 2024-01-11 16:02 - 000037376 _____ (Microsoft Corporation) C:\
WINDOWS\system32\rfxvmt.dll
2024-01-11 16:02 - 2024-01-11 16:02 - 000000000 ____D C:\Program Files\7-Zip
2024-01-11 15:51 - 2024-01-11 18:12 - 000000000 ____D C:\Program Files\Microsoft
Office
2024-01-01 13:12 - 2024-01-11 16:50 - 000002410 _____ C:\WINDOWS\system32\Tasks\
ParkControl
2024-01-01 13:12 - 2024-01-01 13:12 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\ParkControl
2024-01-01 13:12 - 2024-01-01 13:12 - 000000000 ____D C:\Program Files\ParkControl
2023-12-31 16:21 - 2023-12-31 16:21 - 000000202 _____ C:\Users\elisey\Desktop\
JoJo's Bizarre Adventure All-Star Battle R Demo version.url
2023-12-30 17:46 - 2024-01-14 09:03 - 000000000 ____D C:\Users\elisey\AppData\
Local\LGHUB
2023-12-30 17:46 - 2024-01-06 21:22 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\G HUB
2023-12-30 17:46 - 2024-01-06 21:21 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\lghub
2023-12-30 17:46 - 2023-12-30 17:46 - 000073040 _____ (Logitech) C:\WINDOWS\
system32\Drivers\logi_joy_xlcore.sys
2023-12-30 17:46 - 2023-12-30 17:46 - 000044880 _____ (Logitech) C:\WINDOWS\
system32\Drivers\logi_joy_bus_enum.sys
2023-12-30 17:46 - 2023-12-30 17:46 - 000032080 _____ (Logitech) C:\WINDOWS\
system32\Drivers\logi_joy_vir_hid.sys
2023-12-30 17:46 - 2023-12-30 17:46 - 000000928 _____ C:\Users\Public\Desktop\
Logitech G HUB.lnk
2023-12-30 17:46 - 2023-12-30 17:46 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Logi
2023-12-30 17:46 - 2023-12-30 17:46 - 000000000 ____D C:\Program Files\LGHUB
2023-12-30 17:45 - 2023-12-30 17:46 - 000000000 ____D C:\ProgramData\LGHUB
2023-12-23 14:35 - 2024-01-05 10:24 - 000000000 ____D C:\ProgramData\Logishrd
2023-12-23 14:35 - 2024-01-05 10:24 - 000000000 ____D C:\Program Files\Logitech
2023-12-21 19:10 - 2024-01-10 20:25 - 000000000 ____D C:\Users\elisey\AppData\
Local\GeometryDash
2023-12-21 19:07 - 2023-12-21 19:07 - 000000201 _____ C:\Users\elisey\Desktop\
Geometry Dash.url
2023-12-17 18:26 - 2023-12-17 18:28 - 000000000 ____D C:\ProgramData\iTop VPN
2023-12-17 18:26 - 2023-12-17 18:26 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\iTop VPN
2023-12-17 18:21 - 2023-12-17 18:21 - 000000000 ____D C:\ProgramData\IObit
2023-12-15 14:17 - 2023-12-15 14:17 - 000000198 _____ C:\Users\elisey\Desktop\Dota
2.url
2023-12-13 16:39 - 2023-12-13 16:39 - 000027376 _____ (EasyAntiCheat Oy) C:\
WINDOWS\system32\eac_usermode_20623949223937.dll
2023-12-10 11:09 - 2023-12-10 11:09 - 000000000 ____D C:\Users\elisey\Desktop\
Custom_Desktop_Logo_V2.1
2023-12-04 22:29 - 2023-12-04 22:36 - 000000128 _____ C:\Users\elisey\AppData\
Local\PUTTY.RND
2023-12-04 22:28 - 2024-01-13 15:54 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\PuTTY (64-bit)
2023-12-04 21:55 - 2023-12-04 21:55 - 000012113 _____ C:\Users\elisey\имя.txt
2023-12-04 21:05 - 2023-12-04 21:05 - 000001770 _____ C:\Users\elisey\Desktop\Play
Roblox.lnk
2023-12-04 21:05 - 2023-12-04 21:05 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Bloxstrap
2023-12-04 20:44 - 2024-01-13 15:54 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Roblox
2023-11-19 19:40 - 2023-11-19 19:40 - 000000000 ____D C:\Users\elisey\AppData\
LocalLow\Steel Crate Games
2023-11-16 09:50 - 2023-11-16 09:50 - 000000639 _____ C:\Users\Public\Desktop\Adobe
Photoshop CS6 x64.lnk
2023-11-12 13:44 - 2023-11-12 13:44 - 000001020 _____ C:\Users\elisey\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2023-11-12 13:44 - 2023-11-12 13:44 - 000001012 _____ C:\Users\elisey\Desktop\
osu!.lnk
2023-11-12 13:43 - 2023-11-12 13:56 - 000000000 ____D C:\Users\elisey\AppData\
Local\osu!
2023-11-08 19:02 - 2023-11-16 21:03 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Factorio
2023-11-08 18:53 - 2023-11-08 18:53 - 000000577 _____ C:\Users\Public\Desktop\
Factorio.lnk
2023-10-27 14:41 - 2023-10-27 14:41 - 000001529 _____ C:\Users\Public\Desktop\
VALORANT.lnk
2023-10-27 14:41 - 2023-10-27 14:41 - 000000681 _____ C:\Users\Public\Desktop\Riot
Client.lnk
2023-10-21 17:41 - 2023-10-25 16:12 - 000000000 ____D C:\Users\elisey\AppData\
Local\kumir2-ide
2023-10-21 17:41 - 2023-10-21 17:41 - 000000000 ____D C:\Users\elisey\Kumir
2023-10-21 17:41 - 2023-10-21 17:41 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Кумир 2.1.0-rc11
2023-10-21 17:41 - 2023-10-21 17:41 - 000000000 ____D C:\Program Files (x86)\Kumir-
2.1.0-rc11
2023-10-21 16:24 - 2023-10-25 07:37 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\EVE Online
2023-10-21 16:24 - 2023-10-21 16:24 - 000001312 _____ C:\Users\elisey\Desktop\EVE
Online.lnk
2023-10-21 16:24 - 2023-10-21 16:24 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\CCP Games
2023-10-21 16:24 - 2023-10-21 16:24 - 000000000 ____D C:\Users\elisey\AppData\
Local\eve-online

==================== Три месяца (изменён) ==================

(Если запись включена в лист исправлений, файл/папка будут перемещены.)

2024-01-14 16:23 - 2023-08-22 11:25 - 000000000 ____D C:\Users\elisey\Desktop\


sadsad
2024-01-14 16:21 - 2019-12-07 16:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-14 16:09 - 2022-09-08 10:15 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-14 16:09 - 2022-04-07 21:23 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-14 16:08 - 2019-12-07 16:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-14 16:03 - 2022-09-19 06:43 - 000000000 ____D C:\Users\elisey\AppData\
Local\Discord
2024-01-14 15:46 - 2022-04-07 21:28 - 000000000 ____D C:\Users\elisey\AppData\
Local\Packages
2024-01-14 12:41 - 2022-11-17 18:03 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Telegram Desktop
2024-01-14 12:25 - 2022-09-24 20:24 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-14 10:06 - 2023-02-21 20:23 - 000000000 ____D C:\WINDOWS\system32\
SleepStudy
2024-01-14 10:00 - 2019-12-07 16:14 - 000000000 ____D C:\ProgramData\regid.1991-
06.com.microsoft
2024-01-14 09:13 - 2022-09-19 07:12 - 000000000 ____D C:\Users\elisey\AppData\
Local\CrashDumps
2024-01-14 09:08 - 2023-02-21 20:33 - 001752884 _____ C:\WINDOWS\system32\
PerfStringBackup.INI
2024-01-14 09:08 - 2019-12-07 21:34 - 000770526 _____ C:\WINDOWS\system32\
perfh019.dat
2024-01-14 09:08 - 2019-12-07 21:34 - 000151772 _____ C:\WINDOWS\system32\
perfc019.dat
2024-01-14 09:07 - 2022-09-24 20:19 - 000000000 ____D C:\Users\elisey\AppData\
Local\D3DSCache
2024-01-14 09:05 - 2022-09-24 20:24 - 000000000 ____D C:\Users\elisey\AppData\
Local\NVIDIA
2024-01-14 09:05 - 2022-07-28 13:27 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-01-14 09:05 - 2022-06-10 11:50 - 000000000 ____D C:\Users\elisey\AppData\
Local\log
2024-01-14 09:05 - 2022-05-05 16:51 - 000000000 ____D C:\Users\elisey\AppData\
Local\BlueStacks
2024-01-14 09:03 - 2022-09-19 16:14 - 000000000 ____D C:\Users\elisey\Documents\
Medal
2024-01-14 09:03 - 2022-06-10 11:43 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Medal
2024-01-14 09:03 - 2022-06-10 11:43 - 000000000 ____D C:\Medal
2024-01-14 09:03 - 2022-04-07 21:43 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\discord
2024-01-14 09:02 - 2023-02-21 20:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-14 09:02 - 2022-04-08 01:19 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-14 09:00 - 2019-12-07 16:03 - 000524288 _____ C:\WINDOWS\system32\config\
BBI
2024-01-14 08:59 - 2022-05-05 16:51 - 000000000 ____D C:\Users\Public\BlueStacks
2024-01-14 08:57 - 2022-04-09 14:40 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Leppsoft
2024-01-13 22:22 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-13 17:17 - 2023-02-21 20:24 - 000002450 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-13 17:17 - 2019-12-07 16:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-13 15:54 - 2023-09-02 16:33 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-01-13 15:54 - 2022-10-14 10:53 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Unity 2021.3.11f1
2024-01-13 15:54 - 2022-10-09 11:58 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Overwatch
2024-01-13 15:54 - 2022-10-09 10:46 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Battle.net
2024-01-13 15:54 - 2022-09-19 06:35 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Win 10 Tweaker
2024-01-13 15:54 - 2022-08-19 14:19 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\MAXON
2024-01-13 15:54 - 2022-08-10 07:44 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Plants vs Zombies GW2
2024-01-13 15:54 - 2022-08-06 21:44 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\PVZ Garden Warfare
2024-01-13 15:54 - 2022-08-06 21:31 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Origin
2024-01-13 15:54 - 2022-07-13 16:39 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka
2024-01-13 15:54 - 2022-04-13 21:18 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2024-01-13 15:54 - 2022-04-13 21:18 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Image-Line
2024-01-13 15:54 - 2022-04-09 14:41 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Soundpad
2024-01-13 15:54 - 2022-04-08 01:17 - 000000000 ____D C:\Users\Public\Desktop\
Patches_FIX
2024-01-13 14:28 - 2023-05-30 07:24 - 000001458 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Ahk2Exe.lnk
2024-01-13 14:28 - 2023-02-18 06:48 - 000002243 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-13 14:28 - 2022-11-07 21:21 - 000001286 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Epic Games Launcher.lnk
2024-01-13 14:28 - 2022-04-20 20:51 - 000002294 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\OneDrive.lnk
2024-01-13 14:28 - 2022-04-12 07:06 - 000000865 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Audacity.lnk
2024-01-13 14:28 - 2022-04-08 21:11 - 000001146 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\PC Health Check.lnk
2024-01-13 14:28 - 2022-04-08 01:17 - 000000163 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\OVGorskiy.ru.URL
2024-01-13 14:25 - 2022-07-28 13:01 - 000000000 ____D C:\ProgramData\Riot Games
2024-01-13 13:10 - 2022-07-09 13:25 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\EasyAntiCheat
2024-01-13 13:02 - 2022-09-19 16:26 - 000000000 ____D C:\Genshin Impact
2024-01-13 07:57 - 2023-02-21 20:23 - 000442344 _____ C:\WINDOWS\system32\
FNTCACHE.DAT
2024-01-13 07:55 - 2019-12-07 21:37 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-01-13 07:55 - 2019-12-07 21:37 - 000000000 ____D C:\Program Files\Windows
Photo Viewer
2024-01-13 07:55 - 2019-12-07 21:37 - 000000000 ____D C:\Program Files\Windows
Defender Advanced Threat Protection
2024-01-13 07:55 - 2019-12-07 21:37 - 000000000 ____D C:\Program Files (x86)\
Windows Photo Viewer
2024-01-13 07:55 - 2019-12-07 21:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ru
2024-01-13 07:55 - 2019-12-07 21:34 - 000000000 ____D C:\WINDOWS\system32\ru
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\
WinMetadata
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\
PerceptionSimulation
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\
AdvancedInstallers
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\
WinMetadata
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\
WinBioPlugIns
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\
SystemResetPlatform
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\
ShellExperiences
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\
SecureBootUpdates
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\
PerceptionSimulation
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\
AdvancedInstallers
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\IME
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files\Windows
Defender
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files\Common
Files\System
2024-01-13 07:55 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files (x86)\
Windows Defender
2024-01-13 07:55 - 2019-12-07 16:03 - 000000000 ____D C:\WINDOWS\servicing
2024-01-13 07:54 - 2023-02-21 20:24 - 000000000 ____D C:\Users\elisey
2024-01-13 07:36 - 2019-12-07 21:37 - 000023040 _____ (Microsoft Corporation) C:\
WINDOWS\system32\OEMDefaultAssociations.dll
2024-01-13 07:36 - 2019-12-07 21:37 - 000020827 _____ C:\WINDOWS\system32\
OEMDefaultAssociations.xml
2024-01-13 07:36 - 2019-12-07 16:15 - 000208384 _____ (Microsoft Corporation) C:\
WINDOWS\SysWOW64\msclmd.dll
2024-01-13 07:36 - 2019-12-07 16:14 - 000232448 _____ (Microsoft Corporation) C:\
WINDOWS\system32\msclmd.dll
2024-01-13 07:29 - 2023-02-21 20:28 - 003016192 _____ (Microsoft Corporation) C:\
WINDOWS\SysWOW64\PrintConfig.dll
2024-01-13 07:02 - 2022-08-08 21:01 - 000000000 ____D C:\Users\elisey\AppData\
Local\LogMeIn Hamachi
2024-01-12 20:57 - 2022-06-15 11:07 - 000003216 _____ C:\ProgramData\droidcam-
client-options-v2
2024-01-12 19:29 - 2019-12-07 16:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-12 19:08 - 2019-12-07 16:14 - 000000000 ___RD C:\WINDOWS\131
2024-01-12 18:39 - 2022-04-07 21:28 - 000000000 __RHD C:\Users\Public\
AccountPictures
2024-01-12 18:29 - 2022-09-24 20:32 - 000007599 _____ C:\Users\elisey\AppData\
Local\resmon.resmoncfg
2024-01-12 14:43 - 2022-09-24 20:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\
NVIDIA Corporation
2024-01-12 07:37 - 2022-04-08 21:26 - 000000000 ____D C:\Program Files\Microsoft
Update Health Tools
2024-01-12 07:33 - 2022-04-08 21:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-12 07:26 - 2022-04-08 21:10 - 189718008 ____C (Microsoft Corporation) C:\
WINDOWS\system32\MRT.exe
2024-01-12 07:13 - 2023-02-18 06:48 - 000002202 _____ C:\Users\Public\Desktop\
Google Chrome.lnk
2024-01-12 07:13 - 2022-09-19 06:43 - 000002232 _____ C:\Users\elisey\Desktop\
Discord.lnk
2024-01-12 07:10 - 2022-04-08 06:46 - 000918944 ____N (Microsoft Corporation) C:\
WINDOWS\system32\MpSigStub.exe
2024-01-11 18:13 - 2023-02-21 20:29 - 000003206 _____ C:\WINDOWS\system32\Tasks\
OneDrive Per-Machine Standalone Update Task
2024-01-11 18:13 - 2022-04-20 20:51 - 000000000 ___RD C:\Users\elisey\OneDrive
2024-01-11 18:13 - 2022-04-20 20:51 - 000000000 ____D C:\Program Files (x86)\
Microsoft OneDrive
2024-01-11 18:12 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files\Common
Files\microsoft shared
2024-01-11 17:55 - 2022-09-19 22:09 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Krnl
2024-01-11 17:43 - 2022-09-19 16:13 - 000000000 ____D C:\Users\elisey\AppData\
Local\Medal
2024-01-11 17:43 - 2022-06-10 11:43 - 000000000 ____D C:\Users\elisey\AppData\
Local\Ferox_Games_B.V
2024-01-11 17:37 - 2023-04-07 18:19 - 000001370 _____ C:\Users\elisey\Desktop\plz
donat.txt
2024-01-11 17:35 - 2019-12-07 16:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-01-11 17:27 - 2022-04-07 21:28 - 000000000 ____D C:\Users\elisey\AppData\
Local\ConnectedDevicesPlatform
2024-01-11 16:51 - 2023-03-20 18:57 - 000000000 ____D C:\WINDOWS\Minidump
2024-01-11 16:49 - 2023-10-03 22:09 - 000000000 ____D C:\KVRT2020_Data
2024-01-11 16:30 - 2022-06-04 13:30 - 000000000 ____D C:\Users\elisey\Doctor Web
2024-01-11 16:11 - 2022-04-13 21:08 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\uTorrent Web
2024-01-11 16:10 - 2022-04-13 21:09 - 000000000 ____D C:\Users\elisey\AppData\
Local\BitTorrentHelper
2024-01-11 16:03 - 2023-02-21 20:24 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Windows
2024-01-10 20:50 - 2022-09-24 17:59 - 000000000 ____D C:\stim
2024-01-10 20:49 - 2022-06-15 11:07 - 000000400 _____ C:\ProgramData\droidcam-
settings
2024-01-08 18:42 - 2023-08-25 17:42 - 000001163 _____ C:\Users\Public\Desktop\Key
Manager.lnk
2024-01-08 16:31 - 2023-02-21 20:29 - 000004256 _____ C:\WINDOWS\system32\Tasks\
Opera GX scheduled Autoupdate 1649346061
2024-01-08 16:31 - 2022-04-07 22:41 - 000001437 _____ C:\Users\elisey\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Браузер Opera GX.lnk
2024-01-04 16:47 - 2022-04-09 14:48 - 000000000 ____D C:\Users\elisey\Desktop\
Soundpad Crack by renako
2024-01-04 16:43 - 2022-04-09 14:41 - 000000000 ____D C:\Program Files\Soundpad
2023-12-31 16:21 - 2022-04-07 22:03 - 000000000 ____D C:\Users\elisey\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-12-30 17:46 - 2022-04-07 21:28 - 000000000 ___SD C:\Users\elisey\AppData\
Roaming\Microsoft\Credentials
2023-12-20 15:40 - 2022-09-19 16:26 - 000000685 _____ C:\Users\elisey\Desktop\
Genshin Impact.lnk
2023-12-20 06:56 - 2022-04-09 12:07 - 000000422 _____ C:\WINDOWS\Tasks\update-
sys.job
2023-12-20 06:56 - 2022-04-09 12:07 - 000000422 _____ C:\WINDOWS\Tasks\update-S-1-
5-21-1485128067-850457072-2224398771-1001.job
2023-12-19 16:52 - 2023-02-21 20:29 - 000003114 _____ C:\WINDOWS\system32\Tasks\
update-S-1-5-21-1485128067-850457072-2224398771-1001
2023-12-19 16:52 - 2023-02-21 20:29 - 000002862 _____ C:\WINDOWS\system32\Tasks\
update-sys
2023-12-17 18:22 - 2023-02-26 08:53 - 000000000 ____D C:\ProgramData\iTop

==================== Файлы в корне каталогов ========

2022-08-19 15:40 - 2022-08-19 15:40 - 000000000 _____ () C:\Users\elisey\AppData\


Roaming\3CB6.tmp
2022-08-19 15:55 - 2022-08-19 15:55 - 000000000 _____ () C:\Users\elisey\AppData\
Roaming\7D0C.tmp
2022-10-09 19:30 - 2012-09-01 19:03 - 000000144 _____ () C:\Users\elisey\AppData\
Roaming\ACEConfigCache2.lst
2023-08-25 17:48 - 2023-08-25 17:48 - 000000994 _____ () C:\Users\elisey\AppData\
Roaming\AppData - Ярлык.lnk
2023-04-11 19:36 - 2023-08-22 15:50 - 000000016 _____ () C:\Users\elisey\AppData\
Roaming\obs-virtualcam.txt
2022-10-09 20:11 - 2023-11-16 10:15 - 000000132 _____ () C:\Users\elisey\AppData\
Roaming\Установки формата PNG Adobe CS6
2023-12-04 22:29 - 2023-12-04 22:36 - 000000128 _____ () C:\Users\elisey\AppData\
Local\PUTTY.RND
2022-09-24 20:32 - 2024-01-12 18:29 - 000007599 _____ () C:\Users\elisey\AppData\
Local\resmon.resmoncfg
2022-04-09 12:07 - 2022-04-09 12:07 - 000000003 _____ () C:\Users\elisey\AppData\
Local\updater.log
2022-04-09 12:07 - 2022-04-09 12:07 - 000000424 _____ () C:\Users\elisey\AppData\
Local\UserProducts.xml

==================== SigCheckExt =========================

2022-04-08 01:17 - 2021-08-27 12:03 - 000255488 _____ (www.startisback.com) C:\


WINDOWS\system32\OldNewExplorer32.dll
2022-04-08 01:17 - 2021-08-27 12:03 - 000261632 _____ (www.startisback.com) C:\
WINDOWS\system32\OldNewExplorer64.dll
2022-04-08 01:17 - 2021-08-27 12:03 - 000614912 _____ (Tihiy) C:\WINDOWS\system32\
OldNewExplorerCfg.exe
2024-01-11 16:02 - 2024-01-11 16:02 - 000037376 _____ (Microsoft Corporation) C:\
WINDOWS\system32\rfxvmt.dll
2012-09-29 02:45 - 2012-09-29 02:45 - 000246272 _____ C:\WINDOWS\system32\
rtvcvfw64.dll
2022-04-08 01:17 - 2021-08-27 12:03 - 000255488 _____ (www.startisback.com) C:\
WINDOWS\SysWOW64\OldNewExplorer32.dll
2012-09-29 02:45 - 2012-09-29 02:45 - 000247296 _____ C:\WINDOWS\SysWOW64\
rtvcvfw32.dll
2024-01-13 15:54 - 2024-01-13 15:54 - 000000000 _____ C:\WINDOWS\SysWOW64\wfs.exe
2024-01-13 15:54 - 2024-01-13 15:54 - 000000000 _____ C:\WINDOWS\SysWOW64\WFSR.dll
2024-01-11 17:11 - 2024-01-11 10:10 - 009755004 _____ (Company © regist) C:\Users\
elisey\Desktop\AVbr.exe
2024-01-12 19:38 - 2024-01-12 19:38 - 002389504 _____ (Farbar) C:\Users\elisey\
Desktop\FRST64.exe
2022-10-01 18:47 - 2018-08-27 16:58 - 000684032 _____ (Speed Guide Inc.) C:\Users\
elisey\Desktop\TCPOptimizer.exe
2024-01-13 15:55 - 2024-01-13 15:55 - 002389504 _____ (Farbar) C:\Users\elisey\
Downloads\FRST64 (1).exe
2024-01-11 18:26 - 2024-01-12 19:28 - 000000986 _____ C:\Users\elisey\Downloads\
FRSTEnglish.exe

==================== FCheck ================================

(Если запись включена в лист исправлений, файл/папка будут перемещены.)

FCheck: C:\WINDOWS\SysWOW64\wfs.exe [2024-01-13] <==== ВНИМАНИЕ (нулевой байт


Файл/Папка)
FCheck: C:\WINDOWS\SysWOW64\WFSR.dll [2024-01-13] <==== ВНИМАНИЕ (нулевой байт
Файл/Папка)

==================== SigCheck ============================

(Нет автоматического исправления файлов, которые не проходят проверку.)

==================== BCD ================================

Диспетчер загрузки микропрограмм


---------------------
идентификатор {fwbootmgr}
displayorder {bootmgr}
{45c6c310-5cc5-11ed-8ad0-806e6f6e6963}
{2cf64fc0-6d20-11ee-aead-806e6f6e6963}
timeout 1

Диспетчер загрузки Windows


--------------------
идентификатор {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale ru-RU
inherit {globalsettings}
default {current}
resumeobject {5df70392-b20c-11ed-bc38-8ab0f4ac58cb}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Приложение микропрограммы (101fffff)


-------------------------------
идентификатор {2cf64fc0-6d20-11ee-aead-806e6f6e6963}
description ST3500418AS

Приложение микропрограммы (101fffff)


-------------------------------
идентификатор {45c6c310-5cc5-11ed-8ad0-806e6f6e6963}
description KINGSTON SV300S37A120G

Загрузка Windows
-------------------
идентификатор {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale ru-RU
inherit {bootloadersettings}
recoverysequence {5df70394-b20c-11ed-bc38-8ab0f4ac58cb}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {5df70392-b20c-11ed-bc38-8ab0f4ac58cb}
nx OptIn
numproc 12
bootmenupolicy Standard
usefirmwarepcisettings No
useplatformtick Yes
disabledynamictick Yes

Загрузка Windows
-------------------
идентификатор {5df70394-b20c-11ed-bc38-8ab0f4ac58cb}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\
Winre.wim,{5df70395-b20c-11ed-bc38-8ab0f4ac58cb}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale ru-RU
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\
Winre.wim,{5df70395-b20c-11ed-bc38-8ab0f4ac58cb}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Выход из режима гибернации


--------------------------
идентификатор {5df70392-b20c-11ed-bc38-8ab0f4ac58cb}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale ru-RU
inherit {resumeloadersettings}
recoverysequence {5df70394-b20c-11ed-bc38-8ab0f4ac58cb}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Проверка памяти Windows


---------------------
идентификатор {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Диагностика памяти
locale ru-RU
inherit {globalsettings}
badmemoryaccess Yes

Параметры EMS
-------------
идентификатор {emssettings}
bootems No

Параметры отладчика
-------------------
идентификатор {dbgsettings}
debugtype Local

Дефекты ОЗУ
-----------
идентификатор {badmemory}

Глобальные параметры
--------------------
идентификатор {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Параметры загрузчика
--------------------
идентификатор {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Параметры гипервизора
-------------------
идентификатор {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Параметры загрузчика восстановления


-----------------------------------
идентификатор {resumeloadersettings}
inherit {globalsettings}

Параметры устройств
-------------------
идентификатор {5df70395-b20c-11ed-bc38-8ab0f4ac58cb}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Конец от FRST.txt ========================

You might also like