Результат сканирования Farbar Recovery Scan Tool (FRST) (x64) Версия: 27.01.2024 01 Запущено с помощью Admond (Администратор) на DESKTOP-H6PNSOI (28-01-2024 10:06:06) Запущено из C:\Users\Admond\Downloads\FRST64.exe Загруженные профили: Admond Платформа: Майкрософт Windows 10 Pro Версия 22H2 19045.3930 (X64) Язык: Русский (Россия) Браузер по умолчанию: Yandex Browser Режим загрузки: Normal ==================== Процессы (В белом списке) ================= (Если запись включена в fixlist, процесс будет закрыт. Файл не будет перемещён.) (C:\Program Files (x86)\K7 Computing\K7TSecurity\k7pssrvc.exe ->) (K7 Computing Pvt Ltd -> K7 Computing Pvt. Ltd.) C:\Program Files (x86)\K7 Computing\K7TSecurity\k7twp.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (D:\Games\Steam_2\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Games\Steam_2\bin\cef\cef.win7x64\steamwebhelper.exe <6> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Games\Steam_2\steam.exe (explorer.exe ->) (YANDEX LLC -> YANDEX LLC) C:\Users\Admond\AppData\Local\Yandex\YandexBrowser\Application\browser.exe <17> (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSecurity.exe (services.exe ->) (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) C:\Program Files (x86)\K7 Computing\K7TSecurity\K7CrvSvc.exe (services.exe ->) (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) C:\Program Files (x86)\K7 Computing\K7TSecurity\K7EmlPxy.exe (services.exe ->) (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) C:\Program Files (x86)\K7 Computing\K7TSecurity\K7FWSrvc.exe (services.exe ->) (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) C:\Program Files (x86)\K7 Computing\K7TSecurity\k7pssrvc.exe (services.exe ->) (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) C:\Program Files (x86)\K7 Computing\K7TSecurity\K7RTScan.exe (services.exe ->) (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSMngr.exe (services.exe ->) (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) C:\Program Files (x86)\K7 Computing\K7TSecurity\k7wscshl.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Plarium Global LTD -> PlariumPlayClientService) C:\Users\Admond\AppData\Local\PlariumPlay\8.9.0-0.0.0\PlariumPlayClientService\PlariumPlayClientService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (services.exe ->) (YANDEX LLC -> YANDEX LLC) C:\Program Files (x86)\Yandex\YandexBrowser\24.1.0.2570\service_update.exe <2> (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Admond\AppData\Local\Microsoft\OneDrive\23.246.1127.0002\FileCoAuth.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2310.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\TiWorker.exe ==================== Реестр Windows (В белом списке) =================== (Если запись включена в fixlist, элемент реестра будет сброшен на значение по умолчанию или удалён. Файл не будет перемещён.) HKLM-x32\...\Run: [K7TSStart] => C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSecurity.exe [707088 2022-07-06] (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ограничение <==== ВНИМАНИЕ HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ограничение <==== ВНИМАНИЕ HKU\S-1-5-21-3849764716-1366410836-1343688429-1001\...\Run: [YandexBrowserAutoLaunch_48F1E9F95CA529850912FA06891DC93A] => C:\Users\Admond\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [8825496 2024-01-19] (YANDEX LLC -> YANDEX LLC) HKU\S-1-5-21-3849764716-1366410836-1343688429-1001\...\Run: [PlariumPlay] => C:\Users\Admond\AppData\Local\PlariumPlay\PlariumPlay.exe [295240 2023-10-13] (Plarium Global LTD -> PlariumPlay) HKU\S-1-5-21-3849764716-1366410836-1343688429-1001\...\Run: [MicrosoftEdgeAutoLaunch_59DCF712A6517F14EF7DF691D25AA174] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3849764716-1366410836-1343688429-1001\...\Run: [Steam] => D:\Games\Steam_2\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3849764716-1366410836-1343688429-1002\...\Run: [MicrosoftEdgeAutoLaunch_1576607EEAA493C78638FD88093571AF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation) GroupPolicy: Ограничение - Chrome <==== ВНИМАНИЕ Policies: C:\ProgramData\NTUSER.pol: Ограничение <==== ВНИМАНИЕ HKLM\SOFTWARE\Policies\Google: Ограничение <==== ВНИМАНИЕ ==================== Запланированные задачи (В белом списке) ================= (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) Task: {1C92C326-B94C-4DCC-A431-CE4AD1B63886} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Admond\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-08-06] (ESET, spol. s r.o. -> ESET) Task: {7BBA0717-EB14-406F-9FED-F4AE9DED9965} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Admond\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-08-06] (ESET, spol. s r.o. -> ESET) Task: {B9736729-1B9E-493A-8290-C8049DBC2356} - System32\Tasks\Microsoft\Windows\WindowsBackup\OnlogonCheck => C:\Programdata\ReaItekHD\taskhostw.exe (Нет файла) <==== ВНИМАНИЕ Task: {2D25EE7A-A4E7-4BE1-90E8-BF4EDBD336FA} - System32\Tasks\Microsoft\Windows\WindowsBackup\RecoveryManager => C:\Windows\SysWOW64\unsecapp.exe (Нет файла) <==== ВНИМАНИЕ Task: {30C9897A-9BE7-4C53-AEEA-66C8B8187A34} - System32\Tasks\Microsoft\Windows\WindowsBackup\ServiceControl => C:\Programdata\ReaItekHD\taskhostw.exe (Нет файла) <==== ВНИМАНИЕ Task: {853B61B9-040F-47A1-81D9-6444A58815E5} - System32\Tasks\Microsoft\Windows\WindowsBackup\SystemManager => C:\Programdata\ReaItekHD\taskhost.exe (Нет файла) <==== ВНИМАНИЕ Task: {FAA8543F-B6F9-4312-A1DD-6F606CAAAE4B} - System32\Tasks\Microsoft\Windows\WindowsBackup\WinlogonCheck => C:\Programdata\ReaItekHD\taskhost.exe (Нет файла) <==== ВНИМАНИЕ Task: {A8470628-199C-44D5-9617-D6DE0C4FD414} - System32\Tasks\Восстановление сервиса обновлений Яндекс Браузера => C:\Program Files (x86)\Yandex\YandexBrowser\24.1.0.2570\service_update.exe [3821208 2024-01-26] (YANDEX LLC -> YANDEX LLC) Task: {7BF5EE0B-3204-4432-B26B-D61D4A680627} - System32\Tasks\Обновление Браузера Яндекс => C:\Users\Admond\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [8825496 2024-01-19] (YANDEX LLC -> YANDEX LLC) Task: {EB177CBC-B700-4697-BEBF-2ABD6E22BA4E} - System32\Tasks\Системное обновление Браузера Яндекс => C:\Program Files (x86)\Yandex\YandexBrowser\24.1.0.2570\service_update.exe [3821208 2024-01-26] (YANDEX LLC -> YANDEX LLC) (Если запись включена в fixlist, файл задачи (.job) будет перемещён. Файл, выполняемый задачей, не будет перемещён.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe Task: C:\Windows\Tasks\Восстановление сервиса обновлений Яндекс Браузера.job => C:\Program Files (x86)\Yandex\YandexBrowser\24.1.0.2570\service_update.exe Task: C:\Windows\Tasks\Обновление Браузера Яндекс.job => C:\Users\Admond\AppData\Local\Yandex\YandexBrowser\Application\browser.exe Task: C:\Windows\Tasks\Системное обновление Браузера Яндекс.job => C:\Program Files (x86)\Yandex\YandexBrowser\24.1.0.2570\service_update.exe ==================== Internet (В белом списке) ==================== (Если элемент включён в fixlist, если он является элементом реестра, он будет удалён или сброшен на значение по умолчанию.) Hosts: Файл Hosts не обнаружен в каталоге по умолчанию Tcpip\..\Interfaces\{727d37a0-1e6f-46fa-9896-615879dba0a5}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{c918435f-015e-4ccb-8146-6cc73ef8b287}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Admond\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-28] Edge Extension: (Google Документы офлайн) - C:\Users\Admond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-23] Edge Extension: (Edge relevant text changes) - C:\Users\Admond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25] FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [k7srff_enUS@k7computing.com] - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SR\K7WebProtection.xpi FF Extension: (WebProtection) - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SR\K7WebProtection.xpi [2019-07-26] FF Plugin-x32: @k7computing.com/k7webprotection -> C:\Program Files (x86)\\K7 Computing\K7TSecurity\npK7SRNPExt.dll [2014-12-04] (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) Chrome: ======= CHR HKLM\...\Chrome\Extension: [dlpfamleaodfgmfnggonbfljhjggbdbe] - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SR\k7chrome.crx [2022-09-06] CHR HKLM-x32\...\Chrome\Extension: [dlpfamleaodfgmfnggonbfljhjggbdbe] - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SR\k7chrome.crx [2022-09-06] Yandex: ======= YAN Profile: C:\Users\Admond\AppData\Local\Yandex\YandexBrowser\User Data\Default [2024-01-28] ==================== Службы (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) R2 K7CrvSvc; C:\Program Files (x86)\K7 Computing\K7TSecurity\K7CrvSvc.exe [273192 2019-03-26] (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) R2 K7EmlPxy; C:\Program Files (x86)\K7 Computing\K7TSecurity\K7EmlPxy.exe [172328 2019-03-26] (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) R2 K7FWSrvc; C:\Program Files (x86)\K7 Computing\K7TSecurity\K7FWSrvc.exe [754872 2022-04-13] (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) R2 K7PSSrvc; C:\Program Files (x86)\K7 Computing\K7TSecurity\k7pssrvc.exe [934808 2022-01-19] (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) R2 K7RTScan; C:\Program Files (x86)\K7 Computing\K7TSecurity\K7RTScan.exe [1196448 2022-12-20] (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) S3 K7SpmSrc; C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SpmSrc.exe [327632 2020-10-20] (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) R2 K7TSMngr; C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSMngr.exe [932840 2022-10-07] (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) R2 K7WscShl; C:\Program Files (x86)\K7 Computing\K7TSecurity\K7WscShl.exe [94688 2021-02-01] (K7 Computing Pvt Ltd -> K7 Computing Pvt Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-22] (Malwarebytes Inc. -> Malwarebytes) R2 Plarium Play Client Service; C:\Users\Admond\AppData\Local\PlariumPlay\8.9.0-0.0.0\PlariumPlayClientService\PlariumPlayClientService.exe [200520 2023-12-21] (Plarium Global LTD -> PlariumPlayClientService) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\24.1.0.2570\service_update.exe [3821208 2024-01-26] (YANDEX LLC -> YANDEX LLC) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Драйверы (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Файл не подписан] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Файл не подписан] R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 K7Elam; C:\Windows\System32\Drivers\K7Elam.sys [23040 2021-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> K7 Computing Pvt Ltd) R0 K7FWHlpr; C:\Windows\System32\drivers\K7FWHlpr.sys [134072 2022-08-12] (Microsoft Windows Hardware Compatibility Publisher -> K7 Computing Pvt Ltd) R0 K7Sentry; C:\Windows\System32\drivers\K7Sentry.sys [412352 2022-12-20] (Microsoft Windows Hardware Compatibility Publisher -> K7 Computing Pvt Ltd) R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-01-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [200104 2024-01-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-01-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-01-28] (Malwarebytes Inc. -> Malwarebytes) S3 RTCore64; H:\SYSTEM\MSI Afterburner_10V2\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation) S3 GPU-Z-v2; \??\C:\Users\Admond\AppData\Local\Temp\GPU-Z-v2.sys [X] <==== ВНИМАНИЕ ==================== NetSvcs (В белом списке) =================== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) ==================== Один месяц (создан) (В белом списке) ========= (Если запись включена в лист исправлений, файл/папка будут перемещены.) 2024-01-28 10:06 - 2024-01-28 10:06 - 000017564 _____ C:\Users\Admond\Downloads\FRST.txt 2024-01-28 10:05 - 2024-01-28 10:05 - 002389504 _____ (Farbar) C:\Users\Admond\Downloads\FRST64.exe 2024-01-28 09:45 - 2024-01-28 09:45 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2024-01-28 09:45 - 2024-01-28 09:45 - 000000000 __RHD C:\Users\znetbioszdooactuupfex 2024-01-28 09:45 - 2024-01-28 09:45 - 000000000 ___HD C:\xбуфере zdooactuupfex диски 2024-01-28 09:45 - 2024-01-28 09:45 - 000000000 ___HD C:\Users\`zdooactuupfexистечения 2024-01-28 09:45 - 2024-01-28 09:45 - 000000000 ___HD C:\`zdooactuupfex не 2024-01-28 09:35 - 2024-01-28 09:35 - 000000994 __RSH C:\ProgramData\ntuser.pol 2024-01-28 09:34 - 2024-01-28 09:35 - 000000000 ____D C:\Users\Admond\Downloads\UVS 2024-01-26 15:07 - 2024-01-26 15:07 - 005078831 _____ C:\Users\Admond\Downloads\uvs_v414.zip 2024-01-25 20:40 - 2024-01-25 20:40 - 000039771 _____ C:\Users\Admond\Downloads\act_TMU91605002_26-01-2024.pdf 2024-01-25 17:42 - 2024-01-25 17:42 - 004393523 _____ C:\Users\Admond\Desktop\K7DT_#message247.zip 2024-01-25 17:34 - 2024-01-25 17:35 - 000951760 _____ (K7 Computing Pvt Ltd) C:\Users\Admond\Downloads\K7DTL.exe 2024-01-23 13:16 - 2024-01-23 13:16 - 000000000 ____D C:\Users\Admond\Documents\FeedbackHub 2024-01-23 08:45 - 2024-01-23 08:45 - 000039907 _____ C:\Users\Admond\Downloads\act_TMU91403860_23-01-2024.pdf 2024-01-23 08:44 - 2024-01-23 08:44 - 000000000 ____D C:\Users\Admond\AppData\LocalLow\Temp 2024-01-22 19:20 - 2024-01-22 20:55 - 000000000 ____D C:\ProgramData\HitmanPro 2024-01-22 17:38 - 2024-01-22 17:38 - 000000000 ____D C:\Users\fafafafa\AppData\Local\PeerDistRepub 2024-01-22 15:21 - 2024-01-22 15:21 - 000000000 ____D C:\Users\fafafafa\AppData\Local\K7 Computing 2024-01-22 15:12 - 2024-01-22 15:12 - 000000000 ____D C:\Users\Admond\AppData\Local\mbam 2024-01-22 15:11 - 2024-01-28 10:04 - 000000000 ____D C:\Users\Admond\AppData\Local\Malwarebytes 2024-01-22 15:09 - 2024-01-22 15:09 - 000000000 ____D C:\Users\fafafafa\AppData\Local\Comms 2024-01-22 14:57 - 2024-01-22 14:57 - 000000000 ____D C:\Users\fafafafa\AppData\Roaming\Microsoft\Spelling 2024-01-22 14:51 - 2024-01-22 14:51 - 000000000 ____D C:\Users\fafafafa\AppData\Local\PlaceholderTileLogoFolder 2024-01-22 14:50 - 2024-01-22 14:50 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3849764716-1366410836-1343688429-1002 2024-01-22 14:50 - 2024-01-22 14:50 - 000003386 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3849764716-1366410836-1343688429-1002 2024-01-22 14:50 - 2024-01-22 14:50 - 000000000 ___RD C:\Users\fafafafa\OneDrive 2024-01-22 14:50 - 2024-01-22 14:50 - 000000000 ____D C:\Users\fafafafa\AppData\Local\mbam 2024-01-22 14:50 - 2024-01-22 14:50 - 000000000 ____D C:\Users\fafafafa\AppData\Local\DBG 2024-01-22 14:49 - 2024-01-22 15:05 - 000000000 ____D C:\Users\fafafafa\AppData\Local\Packages 2024-01-22 14:49 - 2024-01-22 15:05 - 000000000 ____D C:\Users\fafafafa\AppData\Local\Malwarebytes 2024-01-22 14:49 - 2024-01-22 14:51 - 000000000 ____D C:\Users\fafafafa\AppData\Local\D3DSCache 2024-01-22 14:49 - 2024-01-22 14:50 - 000002424 _____ C:\Users\fafafafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-01-22 14:49 - 2024-01-22 14:50 - 000000000 ____D C:\Users\fafafafa 2024-01-22 14:49 - 2024-01-22 14:49 - 000000020 ___SH C:\Users\fafafafa\ntuser.ini 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 _SHDL C:\Users\fafafafa\Шаблоны 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 _SHDL C:\Users\fafafafa\Мои документы 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 _SHDL C:\Users\fafafafa\главное меню 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 _SHDL C:\Users\fafafafa\Documents\Моя музыка 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 _SHDL C:\Users\fafafafa\Documents\мои рисунки 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 _SHDL C:\Users\fafafafa\Documents\Мои видеозаписи 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 _SHDL C:\Users\fafafafa\AppData\Roaming\Microsoft\Windows\Start Menu\Программы 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ___SD C:\Users\fafafafa\AppData\Roaming\Microsoft\SystemCertificates 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ___SD C:\Users\fafafafa\AppData\Roaming\Microsoft\Protect 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ___SD C:\Users\fafafafa\AppData\Roaming\Microsoft\Crypto 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ___SD C:\Users\fafafafa\AppData\Roaming\Microsoft\Credentials 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ___RD C:\Users\fafafafa\3D Objects 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ____D C:\Users\fafafafa\AppData\Roaming\Yandex 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ____D C:\Users\fafafafa\AppData\Roaming\Microsoft\Windows 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ____D C:\Users\fafafafa\AppData\Roaming\Microsoft\Vault 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ____D C:\Users\fafafafa\AppData\Roaming\Microsoft\Network 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ____D C:\Users\fafafafa\AppData\Roaming\Adobe 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ____D C:\Users\fafafafa\AppData\Local\Yandex 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ____D C:\Users\fafafafa\AppData\Local\VirtualStore 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ____D C:\Users\fafafafa\AppData\Local\Publishers 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ____D C:\Users\fafafafa\AppData\Local\NVIDIA 2024-01-22 14:49 - 2024-01-22 14:49 - 000000000 ____D C:\Users\fafafafa\AppData\Local\ConnectedDevicesPlatform 2024-01-22 14:43 - 2024-01-22 14:43 - 004124918 _____ C:\Users\Admond\Downloads\uvs_latest.zip 2024-01-22 13:46 - 2024-01-22 13:46 - 307816104 _____ C:\Users\Admond\Downloads\o4j2yd3n.exe 2024-01-22 12:16 - 2024-01-22 12:16 - 000000000 ____D C:\Users\Admond\AppData\Local\ElevatedDiagnostics 2024-01-22 12:14 - 2024-01-22 13:27 - 000684500 _____ C:\Windows\ntbtlog.txt 2024-01-22 12:07 - 2024-01-22 15:10 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-01-22 12:07 - 2024-01-22 15:10 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-01-21 17:46 - 2024-01-21 17:46 - 000000000 ____D C:\KRD2018_Data 2024-01-21 14:29 - 2024-01-21 14:30 - 704428032 _____ C:\Users\Admond\Downloads\krd.iso 2024-01-21 13:12 - 2024-01-21 13:12 - 000000000 ____D C:\Users\Admond\AppData\Roaming\WinRAR 2024-01-21 13:09 - 2024-01-21 13:09 - 000001066 _____ C:\Users\Admond\Desktop\Starfield.exe - Ярлык.lnk 2024-01-21 09:29 - 2024-01-22 14:42 - 000000000 ____D C:\Users\Admond\Doctor Web 2024-01-21 08:54 - 2024-01-22 13:15 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job 2024-01-21 08:52 - 2024-01-21 08:52 - 000000000 ____D C:\Windows\pss 2024-01-21 00:49 - 2024-01-21 13:08 - 000000000 ____D C:\Users\Admond\AppData\Local\Warframe 2024-01-21 00:22 - 2024-01-21 00:22 - 000000210 _____ C:\Users\Admond\Desktop\Warframe.url 2024-01-21 00:22 - 2024-01-21 00:22 - 000000000 ____D C:\Users\Admond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-01-21 00:19 - 2024-01-21 00:19 - 000000000 ____D C:\Users\Admond\AppData\Local\Steam 2024-01-21 00:19 - 2024-01-21 00:19 - 000000000 ____D C:\Users\Admond\AppData\Local\CEF 2024-01-21 00:07 - 2024-01-21 00:18 - 000000659 _____ C:\Users\Public\Desktop\Steam.lnk 2024-01-21 00:07 - 2024-01-21 00:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2024-01-21 00:06 - 2024-01-21 00:06 - 002296488 _____ C:\Users\Admond\Downloads\SteamSetup.exe 2024-01-20 22:51 - 2024-01-20 22:51 - 002377032 _____ (Ledger Media Ltd) C:\Users\Admond\Downloads\paladinvpn-setup.exe 2024-01-20 22:24 - 2024-01-20 22:24 - 000000000 ____D C:\Users\Admond\AppData\Local\hidemy.name VPN 2024-01-20 22:24 - 2024-01-20 22:24 - 000000000 ____D C:\Users\Admond\AppData\Local\cache 2024-01-20 22:23 - 2024-01-20 22:23 - 104820336 _____ (hidemy.network Ltd.) C:\Users\Admond\Downloads\hidemyname_vpn_2.1.785.exe 2024-01-20 21:17 - 2024-01-20 21:17 - 003579880 _____ (Alexander Roshal) C:\Users\Admond\Downloads\winrar-x64-624.exe 2024-01-20 21:17 - 2024-01-20 21:17 - 000000000 ____D C:\Users\Admond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2024-01-20 21:17 - 2024-01-20 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2024-01-20 21:17 - 2024-01-20 21:17 - 000000000 ____D C:\Program Files\WinRAR 2024-01-20 18:14 - 2024-01-20 18:14 - 000000000 ____D C:\Users\Admond\AppData\Local\K7 Computing 2024-01-20 17:58 - 2024-01-20 17:58 - 000002221 _____ C:\Users\Public\Desktop\PRO32TotalSecurity.lnk 2024-01-20 17:58 - 2024-01-20 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PRO32TotalSecurity 2024-01-20 17:58 - 2024-01-20 17:58 - 000000000 ____D C:\ProgramData\K7 Computing 2024-01-20 17:58 - 2024-01-20 17:58 - 000000000 ____D C:\Program Files (x86)\K7 Computing 2024-01-20 17:57 - 2024-01-20 17:58 - 218427784 _____ (K7 Computing Pvt. Ltd.) C:\Users\Admond\Downloads\setup-ts-ru.exe 2024-01-20 17:40 - 2024-01-20 17:40 - 005455480 _____ (ESET) C:\Users\Admond\Downloads\eset_internet_security_live_installer_eos.exe 2024-01-20 16:11 - 2024-01-26 18:22 - 000001977 _____ C:\Users\Admond\Desktop\Новый текстовый документ.txt 2024-01-20 16:03 - 2024-01-28 10:06 - 000000000 ____D C:\FRST 2024-01-20 16:03 - 2024-01-22 15:10 - 000000000 __SHD C:\ProgramData\Malwarebytes 2024-01-20 16:03 - 2024-01-22 15:10 - 000000000 __SHD C:\Program Files\Malwarebytes 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Users\Admond\Downloads\AV_block_remover 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Users\Admond\Downloads\AutoLogger 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Users\Admond\Desktop\AV_block_remover 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Users\Admond\Desktop\AutoLogger 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Users\Admond\AppData\Roaming\Sysfiles 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\WavePad 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\RobotDemo 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\PuzzleMedia 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\princeton-produce 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\Norton 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\McAfee 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\MB3Install 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\Kaspersky Lab Setup Files 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\Kaspersky Lab 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\grizzly 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\FingerPrint 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\Evernote 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\ESET 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\Doctor Web 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\BookManager 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\AVAST Software 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\ProgramData\360safe 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Transmission 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\SUPERAntiSpyware 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\SpyHunter 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\RogueKiller 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Ravantivirus 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Rainmeter 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\QuickCPU 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Process Lasso 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Process Hacker 2 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\NETGATE 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Loaris Trojan Remover 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Kaspersky Lab 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\HitmanPro 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\ESET 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\EnigmaSoft 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Enigma Software Group 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\DrWeb 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\COMODO 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Common Files\McAfee 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Common Files\Doctor Web 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Common Files\AV 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Cezurity 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\Bitdefender Agent 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\AVG 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files\AVAST Software 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\Transmission 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\SpyHunter 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\SpeedFan 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\Panda Security 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\Moo0 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\Microsoft JDX 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\Kaspersky Lab 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\IObit 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\GRIZZLY Antivirus 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\GPU Temp 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\Cezurity 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\AVG 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\AVAST Software 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\Program Files (x86)\360 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\KVRT2020_Data 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 __SHD C:\AdwCleaner 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 ____D C:\Windows\speechstracing 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 ____D C:\ProgramData\Avira 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 ____D C:\Program Files\Google 2024-01-20 16:03 - 2024-01-20 16:03 - 000000000 ____D C:\Program Files (x86)\MSI 2024-01-20 16:02 - 2024-01-21 18:26 - 000000000 __SHD C:\ProgramData\WindowsTask 2024-01-20 16:02 - 2024-01-20 16:02 - 000000000 __SHD C:\ProgramData\Windows Tasks Service 2024-01-20 16:02 - 2024-01-20 16:02 - 000000000 __SHD C:\ProgramData\RunDLL 2024-01-20 16:02 - 2024-01-20 16:02 - 000000000 __SHD C:\ProgramData\Install 2024-01-20 16:02 - 2024-01-20 16:02 - 000000000 __SHD C:\KVRT_Data 2024-01-20 16:02 - 2024-01-20 16:02 - 000000000 ____D C:\ProgramData\System32 2024-01-20 15:34 - 2024-01-20 15:34 - 000000000 ____D C:\Users\Admond\AppData\Roaming\VisualShape 2024-01-20 15:34 - 2024-01-20 15:34 - 000000000 ____D C:\ProgramData\VisualShape 2024-01-19 21:38 - 2024-01-19 21:38 - 000116438 _____ C:\Users\Admond\Downloads\231101066572_20240119213809.pdf 2024-01-19 19:04 - 2024-01-19 19:04 - 000039719 _____ C:\Users\Admond\Downloads\act_TMU91183940_20-01-2024.pdf 2024-01-15 19:31 - 2024-01-15 19:31 - 000040475 _____ C:\Users\Admond\Downloads\act_TMU90858234_16-01-2024.pdf 2024-01-15 08:30 - 2024-01-15 08:30 - 000039930 _____ C:\Users\Admond\Downloads\act_TMU90628118_15-01-2024.pdf 2024-01-12 11:53 - 2024-01-12 11:53 - 000607153 _____ C:\Users\Admond\Downloads\dogovor_na_okazanie_uslug_po_razmescheniyu.pdf 2024-01-12 11:51 - 2024-01-12 11:51 - 001598976 _____ C:\Users\Admond\Downloads\income_2023-11-01.zip 2024-01-12 11:48 - 2024-01-12 11:48 - 000940075 _____ C:\Users\Admond\Downloads\income_2023-12-01.zip 2024-01-11 20:43 - 2024-01-11 20:43 - 000000000 ____D C:\Users\Admond\AppData\Local\OneDrive 2024-01-11 15:43 - 2024-01-11 15:44 - 000000000 ___HD C:\$WinREAgent 2024-01-10 10:38 - 2024-01-10 10:38 - 000039827 _____ C:\Users\Admond\Downloads\act_TMU90156978_10-01-2024.pdf 2024-01-08 23:40 - 2024-01-08 23:40 - 000040304 _____ C:\Users\Admond\Downloads\Акт_09.01.2024.pdf 2024-01-08 14:32 - 2024-01-08 14:32 - 000411371 _____ C:\Users\Admond\Documents\Заказ_375248381_отгр.09.01.2024.pdf 2024-01-08 00:37 - 2024-01-08 00:37 - 009487576 _____ (TechPowerUp (www.techpowerup.com)) C:\Users\Admond\Downloads\GPU-Z.2.56.0.exe 2024-01-02 16:35 - 2024-01-02 16:35 - 000000671 _____ C:\Users\Public\Desktop\TechPowerUp GPU-Z.lnk 2024-01-02 16:35 - 2024-01-02 16:35 - 000000671 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk 2023-12-29 19:13 - 2023-12-29 19:13 - 000040750 _____ C:\Users\Admond\Downloads\act_TMU89859841_30-12-2023.pdf ==================== Один месяц (изменён) ================== (Если запись включена в лист исправлений, файл/папка будут перемещены.) 2024-01-28 10:04 - 2023-06-20 15:38 - 000000506 _____ C:\Windows\Tasks\Системное обновление Браузера Яндекс.job 2024-01-28 10:04 - 2023-06-20 15:38 - 000000466 _____ C:\Windows\Tasks\Восстановление сервиса обновлений Яндекс Браузера.job 2024-01-28 10:04 - 2023-06-20 15:38 - 000000464 _____ C:\Windows\Tasks\Обновление Браузера Яндекс.job 2024-01-28 10:03 - 2023-06-20 15:21 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-01-28 09:49 - 2023-06-20 15:35 - 001663226 _____ C:\Windows\system32\PerfStringBackup.INI 2024-01-28 09:49 - 2019-12-07 17:34 - 000734024 _____ C:\Windows\system32\perfh019.dat 2024-01-28 09:49 - 2019-12-07 17:34 - 000144036 _____ C:\Windows\system32\perfc019.dat 2024-01-28 09:49 - 2019-12-07 12:13 - 000000000 ____D C:\Windows\INF 2024-01-28 09:45 - 2023-06-20 15:58 - 000001134 _____ C:\Windows\system32\config\VSMIDK 2024-01-28 09:45 - 2023-06-20 15:33 - 000000000 ____D C:\ProgramData\NVIDIA 2024-01-28 09:45 - 2023-06-20 15:21 - 000008192 ___SH C:\DumpStack.log.tmp 2024-01-28 09:45 - 2023-06-20 15:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-01-28 09:45 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-01-28 09:40 - 2019-12-07 12:03 - 000524288 _____ C:\Windows\system32\config\BBI 2024-01-28 09:34 - 2019-12-07 12:03 - 000032768 _____ C:\Windows\system32\config\ELAM 2024-01-28 09:00 - 2023-06-20 15:59 - 000000804 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2024-01-28 00:16 - 2023-06-20 15:33 - 000000000 ____D C:\Users\Admond\AppData\Local\Packages 2024-01-27 18:56 - 2019-12-07 12:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-01-27 18:56 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\AppReadiness 2024-01-27 18:26 - 2023-06-20 15:21 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-01-27 18:26 - 2023-06-20 15:21 - 000002288 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-01-27 18:26 - 2022-09-08 06:15 - 000000000 ____D C:\Windows\SystemTemp 2024-01-27 17:57 - 2023-06-20 15:36 - 000000000 ____D C:\Users\Admond\AppData\Local\D3DSCache 2024-01-26 18:20 - 2023-06-20 15:38 - 000003680 _____ C:\Windows\system32\Tasks\Системное обновление Браузера Яндекс 2024-01-26 18:20 - 2023-06-20 15:38 - 000003570 _____ C:\Windows\system32\Tasks\Восстановление сервиса обновлений Яндекс Браузера 2024-01-26 18:20 - 2023-06-20 15:38 - 000002575 _____ C:\Users\Admond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk 2024-01-26 18:20 - 2023-06-20 15:38 - 000002538 _____ C:\Users\Admond\Desktop\Yandex.lnk 2024-01-22 19:23 - 2023-07-14 17:10 - 000000000 ____D C:\Windows\system32\MRT 2024-01-22 16:18 - 2023-08-06 13:25 - 000001383 _____ C:\Users\Admond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2024-01-22 16:18 - 2023-08-06 13:25 - 000001277 _____ C:\Users\Admond\Desktop\ESET Online Scanner.lnk 2024-01-22 15:26 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\System 2024-01-22 14:58 - 2023-06-20 15:32 - 000000000 ____D C:\Users\Admond 2024-01-22 14:49 - 2023-06-20 15:33 - 000000000 __RHD C:\Users\Public\AccountPictures 2024-01-22 14:49 - 2019-12-07 12:14 - 000000000 ___RD C:\Windows\PrintDialog 2024-01-22 14:49 - 2019-12-07 12:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-01-22 14:42 - 2023-08-04 08:46 - 000000000 ____D C:\Users\Admond\Downloads\Для скачанных Торрентов 2024-01-22 14:34 - 2023-06-20 16:00 - 000000000 ____D C:\Users\Admond\AppData\Roaming\Microsoft\MMC 2024-01-22 13:16 - 2023-06-20 15:33 - 000000000 ___SD C:\Users\Admond\AppData\Roaming\Microsoft\Protect 2024-01-22 12:07 - 2019-12-07 12:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2024-01-21 21:36 - 2023-08-06 14:04 - 000003862 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn 2024-01-21 21:36 - 2023-08-06 14:04 - 000003420 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime 2024-01-20 21:07 - 2023-06-20 15:21 - 000269320 _____ C:\Windows\system32\FNTCACHE.DAT 2024-01-20 17:58 - 2019-12-07 12:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2024-01-20 17:58 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2024-01-20 17:58 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\Help 2024-01-20 16:16 - 2023-08-04 08:45 - 000000000 ____D C:\Users\Admond\Downloads\Torrents 2024-01-20 16:03 - 2023-12-14 23:57 - 000000000 ____D C:\Program Files\CPUID 2024-01-20 16:03 - 2023-06-20 15:32 - 000000000 ____D C:\Users\Admond\AppData\Roaming\Microsoft\Windows 2024-01-13 10:26 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2024-01-13 10:26 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2024-01-13 10:26 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SystemResources 2024-01-13 10:26 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\setup 2024-01-13 10:26 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\ShellExperiences 2024-01-13 10:26 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\bcastdvr 2024-01-12 20:26 - 2019-12-07 12:03 - 000000000 ____D C:\Windows\CbsTemp 2024-01-12 18:36 - 2023-07-14 17:10 - 000918944 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2024-01-11 15:42 - 2023-07-14 17:10 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-01-09 13:29 - 2023-11-10 22:16 - 000000000 ____D C:\Users\Admond\AppData\Local\Starfield 2024-01-09 13:29 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\LiveKernelReports 2023-12-29 01:26 - 2023-10-13 09:38 - 000000000 ____D C:\Users\Admond\AppData\Roaming\PlariumPlay 2023-12-29 01:26 - 2023-10-13 09:37 - 000000000 ____D C:\Users\Admond\AppData\Local\PlariumPlay ==================== Файлы в корне каталогов ======== 2023-10-13 09:37 - 2023-10-13 09:38 - 000026788 _____ () C:\Users\Admond\AppData\Local\PlariumPlay.log 2023-12-12 01:35 - 2023-12-20 01:54 - 000007602 _____ () C:\Users\Admond\AppData\Local\Resmon.ResmonCfg ==================== FLock ============================== 2024-01-20 16:03 C:\Program Files\AVAST Software 2024-01-20 16:03 C:\Program Files\AVG 2024-01-20 16:03 C:\Program Files\Bitdefender Agent 2024-01-20 16:03 C:\Program Files\Cezurity 2024-01-20 16:03 C:\Program Files\COMODO 2024-01-20 16:03 C:\Program Files\DrWeb 2024-01-20 16:03 C:\Program Files\Enigma Software Group 2024-01-20 16:03 C:\Program Files\EnigmaSoft 2024-01-20 16:03 C:\Program Files\ESET 2024-01-20 16:03 C:\Program Files\HitmanPro 2024-01-20 16:03 C:\Program Files\Kaspersky Lab 2024-01-20 16:03 C:\Program Files\Loaris Trojan Remover 2024-01-20 16:03 C:\Program Files\NETGATE 2024-01-20 16:03 C:\Program Files\Process Hacker 2 2024-01-20 16:03 C:\Program Files\Process Lasso 2024-01-20 16:03 C:\Program Files\QuickCPU 2024-01-20 16:03 C:\Program Files\Rainmeter 2024-01-20 16:03 C:\Program Files\Ravantivirus 2024-01-20 16:03 C:\Program Files\RogueKiller 2024-01-20 16:03 C:\Program Files\SpyHunter 2024-01-20 16:03 C:\Program Files\SUPERAntiSpyware 2024-01-20 16:03 C:\Program Files\Transmission 2024-01-20 16:03 C:\Program Files (x86)\360 2024-01-20 16:03 C:\Program Files (x86)\AVAST Software 2024-01-20 16:03 C:\Program Files (x86)\AVG 2024-01-20 16:03 C:\Program Files (x86)\Cezurity 2024-01-20 16:03 C:\Program Files (x86)\GPU Temp 2024-01-20 16:03 C:\Program Files (x86)\GRIZZLY Antivirus 2024-01-20 16:03 C:\Program Files (x86)\Kaspersky Lab 2024-01-20 16:03 C:\Program Files (x86)\Microsoft JDX 2024-01-20 16:03 C:\Program Files (x86)\Moo0 2024-01-20 16:03 C:\Program Files (x86)\Panda Security 2024-01-20 16:03 C:\Program Files (x86)\SpeedFan 2024-01-20 16:03 C:\Program Files (x86)\SpyHunter 2024-01-20 16:03 C:\Program Files (x86)\Transmission 2024-01-20 16:03 C:\Program Files\Common Files\AV 2024-01-20 16:03 C:\Program Files\Common Files\Doctor Web 2024-01-20 16:03 C:\Program Files\Common Files\McAfee 2024-01-20 16:03 C:\Users\Admond\Desktop\AV_block_remover 2024-01-20 16:03 C:\Users\Admond\Downloads\AutoLogger 2024-01-20 16:03 C:\Users\Admond\Downloads\AV_block_remover 2024-01-20 16:03 C:\Users\Admond\AppData\Roaming\Sysfiles 2024-01-20 16:03 C:\ProgramData\360safe 2024-01-20 16:03 C:\ProgramData\AVAST Software 2024-01-20 16:03 C:\ProgramData\Avira 2024-01-20 16:03 C:\ProgramData\BookManager 2024-01-20 16:03 C:\ProgramData\Doctor Web 2024-01-20 16:03 C:\ProgramData\ESET 2024-01-20 16:03 C:\ProgramData\Evernote 2024-01-20 16:03 C:\ProgramData\FingerPrint 2024-01-20 16:03 C:\ProgramData\grizzly 2024-01-20 16:03 C:\ProgramData\Kaspersky Lab 2024-01-20 16:03 C:\ProgramData\Kaspersky Lab Setup Files 2024-01-20 16:03 C:\ProgramData\McAfee 2024-01-20 16:03 C:\ProgramData\Norton 2024-01-20 16:03 C:\ProgramData\princeton-produce 2024-01-20 16:03 C:\ProgramData\PuzzleMedia 2024-01-20 16:03 C:\ProgramData\RobotDemo 2024-01-20 16:03 C:\ProgramData\WavePad ==================== SigCheck ============================ (Нет автоматического исправления файлов, которые не проходят проверку.) ==================== Конец от FRST.txt ========================