Результаты дополнительного сканирования Farbar Recovery Scan Tool (x64) Версия: 01-04-2025 Запущено с помощью Светик (17-04-2025 15:07:45) Запущено из C:\Users\Светик\Desktop Майкрософт Windows 10 Pro Версия 22H2 19045.5487 (X64) (2025-04-03 17:58:51) Режим загрузки: Normal ========================================================== ==================== Учетные записи: ============================= (Если запись включена в fixlist, она будет удалена) DefaultAccount (S-1-5-21-2025111457-2542931633-2603457532-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2025111457-2542931633-2603457532-504 - Limited - Disabled) Администратор (S-1-5-21-2025111457-2542931633-2603457532-500 - Administrator - Disabled) Гость (S-1-5-21-2025111457-2542931633-2603457532-501 - Limited - Disabled) Светик (S-1-5-21-2025111457-2542931633-2603457532-1001 - Administrator - Enabled) => C:\Users\Светик ==================== Центр безопасности ======================== (Если запись включена в fixlist, она будет удалена) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D} ==================== Установленные программы ====================== (В fixlist можно добавлять только рекламные программы с флагом «Скрытый», чтобы отобразить их.) 7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov) Adobe Photoshop 2021 (HKLM\...\Adobe Photoshop 2021_is1) (Version: 22.5 - SanLex) Aida64 Extreme Edition 2.85.2400.0 (HKLM-x32\...\Aida64 Extreme Edition 2.85.2400.0) (Version: - ) AKVIS Sketch Video (HKLM\...\{063B861E-2ABB-4D06-99E7-62AFB2E5B2FD}) (Version: 5.6.355.21357 - AKVIS) Hidden AKVIS Sketch Video (HKLM-x32\...\{8f671b57-43fe-4a76-8c02-e917b44c34bf}) (Version: 5.6.355.21357 - AKVIS) AllDup (HKLM-x32\...\AllDup_is1) (Version: 4.5.60 - MTSD) AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Audacity 3.7.1 (HKLM\...\Audacity_is1) (Version: 3.7.1 - Audacity Team) Bandicam (HKLM-x32\...\Bandicam) (Version: - Bandisoft) Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitRecover VBA Password Remover Wizard (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\BitRecover VBA Password Remover Wizard_is1) (Version: - BitRecover) Canon MF3010 (HKLM\...\{A97F4E18-3053-4652-B763-9A40AE2B1EE5}) (Version: 3.9.0.1 - CANON INC.) CapCut (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\CapCut) (Version: 3.1.0.1070 - Bytedance Pte. Ltd.) Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Chrome Remote Desktop Host (HKLM-x32\...\{2869C18D-C3E4-4CF9-9251-22688AEF8B70}) (Version: 136.0.7103.19 - Google LLC) CrystalDiskInfo 9.6.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.6.1 - Crystal Dew World) CrystalDiskMark 8.0.6 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.6 - Crystal Dew World) Direct Commander (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\direct-commander) (Version: 3.77.0 - Yandex) Direct Commander 3.92.0 (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\1382971d-292c-5d83-be0f-75fd233216d2) (Version: 3.92.0 - Yandex) dupeGuru 4.3.1 (HKLM\...\dupeGuru) (Version: 4.3.1 - Hardcoded Software) Fallout (HKLM-x32\...\Fallout) (Version: - ) Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio) FormatFactory 5.17.0.0 (HKLM-x32\...\FormatFactory) (Version: 5.17.0.0 - Free Time) Git (HKLM\...\Git_is1) (Version: 2.49.0 - The Git Development Community) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.95 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 106.0.4.0 - Google LLC) Google Earth Pro (HKLM\...\{AE3261A9-F9D9-4410-BB38-7FA1D6B54BDE}) (Version: 7.3.6.10201 - Google) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) KeePass Password Safe 2.57.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.57.1 - Dominik Reichl) Key Collector 4.2, версия 4.2.8295.18319 (HKLM\...\{04985911-E279-490F-BB17-6379EA7C2F3B}_is1) (Version: 4.2.8295.18319 - LegatoSoft OOO) LAV Filters 0.76.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.76.1 - Hendrik Leppkes) Microsoft .NET Host - 6.0.31 (x64) (HKLM\...\{59ED1DC1-E3E4-4BC0-B43F-143CCC38FF17}) (Version: 48.124.15198 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.31 (x64) (HKLM\...\{9992D04E-553E-4BC2-B0EC-4A394DD19986}) (Version: 48.124.15198 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.31 (x64) (HKLM\...\{0950F07D-F1C4-47A5-AC88-C5FAA5DC564D}) (Version: 48.124.15198 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.73 - Корпорация Майкрософт) Microsoft Office LTSC профессиональный плюс 2024 - ru-ru (HKLM\...\ProPlus2024Volume - ru-ru) (Version: 16.0.18814.20002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.4053 False (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.57102 False (HKLM\...\{f0cbd694-71ce-4391-9690-5da93b2f0445}) (Version: 8.0.57102 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.58298 False (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.4053 False (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.57103 False (HKLM-x32\...\{d8fea624-4f2c-432d-9a54-6eee9cd1a77e}) (Version: 8.0.57103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False (HKLM\...\{D04659D1-EB2D-3DE5-A833-837A623CCCF7}) (Version: 9.0.21022 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False (HKLM\...\{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}) (Version: 9.0.30411 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.0 False (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 False (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148.0 False (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.0 False (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.0 False (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Hidden Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Hidden Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 False Eng (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 False Eng (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 False (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 False (HKLM\...\{3C28BFD4-90C7-3138-87EF-418DC16E9598}) (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 False (HKLM\...\{764384C5-BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 False (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 False (HKLM\...\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}) (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 False (HKLM\...\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (HKLM-x32\...\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}) (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False (HKLM-x32\...\{3D6AD258-61EA-35F5-812C-B7A02152996E}) (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (HKLM-x32\...\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}) (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False (HKLM-x32\...\{E7D4E834-93EB-351F-B8FB-82CDAE623003}) (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 False (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 False Eng (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 False (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 False Eng (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 False (HKLM-x32\...\{c6870a89-ef30-4f22-bbd1-49cd2516bc56}) (Version: 12.0.40649.5 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 False Eng (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 False (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 False Eng (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 False Eng (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False Eng (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False Eng (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 False (HKLM-x32\...\{78142960-066b-4581-b984-0bdcf560c4be}) (Version: 12.0.40649.5 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 False Eng (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 False (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 False Eng (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 False Eng (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 False (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649 False (HKLM\...\{20C1086D-C843-36B1-B678-990089D1BD44}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 False (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 False (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649 False (HKLM\...\{ABB19BB4-838D-3082-BDA4-87C6604181A2}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 False (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 False (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40649 False (HKLM-x32\...\{A8589745-51BC-3963-B4E9-201CF8693538}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 False (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 False (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40649 False (HKLM-x32\...\{DEA7F8E3-B7B9-3C3C-945B-7F8CE9041748}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 False (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.94.2 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.31 (x64) (HKLM\...\{EFE53353-800E-4987-B965-1C968D0F23A4}) (Version: 48.124.15242 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.31 (x64) (HKLM-x32\...\{1a7abdc5-639b-4af0-87c6-dbc511750c6e}) (Version: 6.0.31.33720 - Microsoft Corporation) MiniTool Partition Wizard Free 12.9 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.9 - MiniTool Software Limited) Mozilla Firefox (x64 ru) (HKLM\...\Mozilla Firefox 137.0.2 (x64 ru)) (Version: 137.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 126.0 - Mozilla) NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Графический драйвер 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation) NVIDIA Драйвер 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation) NVIDIA Драйвер контроллера 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA Системное программное обеспечение PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18731.20004 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18814.20002 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0419-1000-0000000FF1CE}) (Version: 16.0.18731.20004 - Microsoft Corporation) Hidden Office Password Recovery Lastic 1.3 (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\Office Password Recovery Lastic_is1) (Version: - ) Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com) paint.net (HKLM\...\{A89BF790-0679-403A-9CC7-4015DBF4FEBA}) (Version: 5.0.13 - dotPDN LLC) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 24.12.16.0 - Kakao Corp.) Punto Switcher 4.5.0 (HKLM-x32\...\{EB732FBF-BA1A-46CF-80F2-176B3B7EAD73}) (Version: 4.5.0.576 - Яндекс) Python 3.10.6 (64-bit) (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\{1fab56ed-b241-47a3-9abc-d51dc01b8dff}) (Version: 3.10.6150.0 - Python Software Foundation) Python 3.10.6 Core Interpreter (64-bit) (HKLM\...\{C91F8E4B-F9C1-4FD1-BCF3-4A91CDAD4B72}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Development Libraries (64-bit) (HKLM\...\{07CDAC2C-737C-4D8A-AF42-6BCE111699AE}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Documentation (64-bit) (HKLM\...\{4306E3B9-B285-4747-B84D-9FAF08AA412D}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Executables (64-bit) (HKLM\...\{750538B5-3E77-4F94-A64A-D3F09E608CA2}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 pip Bootstrap (64-bit) (HKLM\...\{3983F17E-1088-46F9-BB00-53B888FF3835}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Standard Library (64-bit) (HKLM\...\{C3A057F3-209B-4244-9697-D69031B81AAB}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Tcl/Tk Support (64-bit) (HKLM\...\{A551B92B-102D-45DC-8050-5CE10DE81CD0}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Test Suite (64-bit) (HKLM\...\{1204E654-144E-4FBA-ACA0-558F6E54FC5A}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Utility Scripts (64-bit) (HKLM\...\{1D60E386-848D-45D1-BB0A-7E26A3E32011}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{7805B176-9059-45BD-8C4A-5B9EB0C2C387}) (Version: 3.10.7882.0 - Python Software Foundation) qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.0.5 - The qBittorrent project) Registry Backup and Restore (HKLM\...\Registry Backup and Restore_is1) (Version: - Acelogix) Risk of Rain Returns (HKLM-x32\...\Risk of Rain Returns_is1) (Version: - ) ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 17.0.0 - ShareX Team) SketchUp 2020 (HKLM\...\{3018111d-9515-967c-baf8-b63c54330f67}) (Version: 20.0.363.132 - SketchUp) SketchUp Language Pack [ru] (HKLM\...\{5ba3b7db-f5c7-1791-702e-097d828db673}) (Version: 20 - SketchUp) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sublime Text (HKLM\...\Sublime Text_is1) (Version: - Sublime HQ Pty Ltd) Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) SumatraPDF (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk) Telegram Desktop (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.13.1 - Telegram FZ-LLC) Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH) Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers) Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation) WireGuard (HKLM\...\{2FDB79CE-5193-4A39-82BB-E00158CC1533}) (Version: 0.5.3 - WireGuard LLC) WizTree v4.25 (HKLM\...\WizTree_is1) (Version: 4.25 - Antibody Software) Yandex (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\YandexBrowser) (Version: 25.2.5.956 - Yandex) Zoom (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\ZoomUMX) (Version: 5.17.7 (31859) - Zoom Video Communications, Inc.) Проверка работоспособности ПК Windows (HKLM\...\{16A15A77-242A-412C-86EF-C4D58BD80ED0}) (Version: 3.6.2204.08001 - Microsoft Corporation) Среда выполнения Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.73 - Корпорация Майкрософт) Hidden Яндекс.Диск (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\YandexDisk2) (Version: 3.2.43.5089 - Яндекс) Яндекс.Телемост (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\YandexTelemost) (Version: 2.0.5.1751 - Яндекс) Chrome apps: ============ Gmail (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\ee1bb24ba397871a10987848de6d722e) (Version: 1.0 - Google\Chrome) Google Диск (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\c935f5eb34fe216fb9a2cc42bd832fff) (Version: 1.0 - Google\Chrome) Wink - ТВ, фильмы, сериалы, спорт (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\584a92b46198534c5f865592390ef0af) (Version: 1.0 - Google\Chrome) Документы (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\0eca91f835d06f4f50ccfa7f80d7f210) (Version: 1.0 - Google\Chrome) Презентация (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\6224d616c7520708de3e3058c1b3d9ee) (Version: 1.0 - Google\Chrome) Таблица (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\f778343b864872f6c6d6212c892e1fc3) (Version: 1.0 - Google\Chrome) Удаленный рабочий стол Chrome (HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\e30bbcb2ff2c3fa5bff7adac5a81a700) (Version: 1.0 - Google\Chrome) Packages: ========= Educandy Studio -> C:\Program Files\WindowsApps\Linguascope.EducandyStudio_1.0.8.0_x86__evgpe920v8p7g [2023-02-07] (Linguascope) OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-04-16] () Planet VPN -> C:\Program Files\WindowsApps\FreeVPNPlanet.PlanetVPN_2.9.1.0_x64__b2qrq2z57ppd2 [2025-04-03] (Free VPN Planet) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2508.5.0_x64__cv1g1gvanyjgm [2025-04-03] (WhatsApp Inc.) [Startup Task] Динамическая Тема -> C:\Program Files\WindowsApps\55888ChristopheLavalle.DynamicTheme_1.7.98.0_x64__jdggxwd41xcr0 [2025-04-03] (Christophe Lavalle) ==================== Пользовательские CLSID (В белом списке): ============== (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{05EEE316-3AD4-4459-922B-B1CA88962F14}\InprocServer32 -> C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll (VK LLC -> Mail.Ru) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{11C9DD7B-CCF5-4502-90A1-FEE8889976D5}\InprocServer32 -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{18224999-F24B-43ee-B697-9427587FDC9C}\InprocServer32 -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{33FED18D-FC3D-6019-A8B3-41E44F6DCA1A}\InprocServer32 -> C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll (VK LLC -> Mail.Ru) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{4299B2BA-5F79-4F6E-ACF8-11DAB8B7E79D}\InprocServer32 -> C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll (VK LLC -> Mail.Ru) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{4386fc53-f772-b2d3-15b0-80753dfa315e}\localserver32 -> "C:\Users\Светик\Desktop\StabilityMatrix-win-x64\StabilityMatrix.exe" -ToastActivated => Нет файла CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{44aED63a-ab3D-8133-A3c1-12c41F2DCb3C}\InprocServer32 -> C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll (VK LLC -> Mail.Ru) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{55FED18D-FC3D-6019-A8B3-41E44F6DCA1A}\InprocServer32 -> C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll (VK LLC -> Mail.Ru) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{63ADB0D1-6DA0-46A2-89D0-E0CE44536E32}\InprocServer32 -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{66FED18D-FC3D-4012-A8B3-41E77F6DCA5A}\InprocServer32 -> C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll (VK LLC -> Mail.Ru) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{72F6A03F-7B17-4E65-AE37-666FC9024FA2}\InprocServer32 -> C:\ProgramData\AllDup\KuShellExtension64.dll (Michael Thummerer -> ) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{75EF3512-D401-4172-BA0F-00E000DCBCE4}\InprocServer32 -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{78CE3579-0D34-413C-88C7-FE2855271688}\localserver32 -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk2.exe (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{847202AE-CDE0-469A-AF10-8798E02DED83}\InprocServer32 -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{8EEE3CD5-1F70-4B63-B19D-A5F1457761DB}\InprocServer32 -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{9CE04609-A360-4266-9937-9D799E8D2D5A}\InprocServer32 -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{B5E0E0D5-A185-4D82-BFEE-3C51052EEA82}\InprocServer32 -> C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll (VK LLC -> Mail.Ru) CustomCLSID: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001_Classes\CLSID\{C5F6CDD1-FB7B-4971-A53F-4B00757F756B}\InprocServer32 -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [ MailRuDiskoIconOverlay0] -> {05EEE316-3AD4-4459-922B-B1CA88962F14} => C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll [2024-10-30] (VK LLC -> Mail.Ru) ShellIconOverlayIdentifiers: [ MailRuDiskoIconOverlay1] -> {B5E0E0D5-A185-4D82-BFEE-3C51052EEA82} => C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll [2024-10-30] (VK LLC -> Mail.Ru) ShellIconOverlayIdentifiers: [ MailRuDiskoIconOverlay2] -> {66FED18D-FC3D-4012-A8B3-41E77F6DCA5A} => C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll [2024-10-30] (VK LLC -> Mail.Ru) ShellIconOverlayIdentifiers: [ MailRuDiskoIconOverlay3] -> {55FED18D-FC3D-6019-A8B3-41E44F6DCA1A} => C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll [2024-10-30] (VK LLC -> Mail.Ru) ShellIconOverlayIdentifiers: [ MailRuDiskoIconOverlay4] -> {33FED18D-FC3D-6019-A8B3-41E44F6DCA1A} => C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll [2024-10-30] (VK LLC -> Mail.Ru) ShellIconOverlayIdentifiers: [ MailRuDiskoIconOverlay5] -> {44aED63a-ab3D-8133-A3c1-12c41F2DCb3C} => C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll [2024-10-30] (VK LLC -> Mail.Ru) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers: [ YandexDisk1 SyncDone] -> {C5F6CDD1-FB7B-4971-A53F-4B00757F756B} => C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll [2025-03-19] (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [ YandexDisk2 SyncProgress] -> {75EF3512-D401-4172-BA0F-00E000DCBCE4} => C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll [2025-03-19] (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [ YandexDisk3 SyncDisabled] -> {8EEE3CD5-1F70-4B63-B19D-A5F1457761DB} => C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll [2025-03-19] (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [ YandexDisk4 SyncError] -> {9CE04609-A360-4266-9937-9D799E8D2D5A} => C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll [2025-03-19] (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [ YandexDisk5 SyncPart] -> {63ADB0D1-6DA0-46A2-89D0-E0CE44536E32} => C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll [2025-03-19] (YANDEX LLC -> Яндекс) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-18] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-18] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-18] (Adobe Inc. -> ) ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Файл не подписан] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-18] (Adobe Inc. -> ) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2024-01-04] (Free Time) [Файл не подписан] ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Файл не подписан] ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2024-01-04] (Free Time) [Файл не подписан] ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-31] (Google LLC -> Google LLC.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Файл не подписан] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-18] (Adobe Inc. -> ) ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => C:\ProgramData\AllDup\FEShlExt.dll [2008-08-20] (Alex Yakovlev) [Файл не подписан] ContextMenuHandlers1_S-1-5-21-2025111457-2542931633-2603457532-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll [2023-03-04] (Michael Thummerer -> ) ContextMenuHandlers2_S-1-5-21-2025111457-2542931633-2603457532-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll [2023-03-04] (Michael Thummerer -> ) ContextMenuHandlers3_S-1-5-21-2025111457-2542931633-2603457532-1001: [MailRuCloudContextMenu] -> {4299B2BA-5F79-4F6E-ACF8-11DAB8B7E79D} => C:\Users\Светик\AppData\Local\Mail.Ru\Disk-O\CloudShell64.dll [2024-10-30] (VK LLC -> Mail.Ru) ContextMenuHandlers4_S-1-5-21-2025111457-2542931633-2603457532-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll [2023-03-04] (Michael Thummerer -> ) ContextMenuHandlers4_S-1-5-21-2025111457-2542931633-2603457532-1001: [Yandex.Disk.3] -> {847202AE-CDE0-469A-AF10-8798E02DED83} => C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk3ShellExt-1511.dll [2025-03-19] (YANDEX LLC -> Яндекс) ContextMenuHandlers5_S-1-5-21-2025111457-2542931633-2603457532-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll [2023-03-04] (Michael Thummerer -> ) ==================== Codecs (В белом списке) ==================== (Если запись включена в fixlist, элемент реестра будет сброшен на значение по умолчанию или удалён. Файл не будет перемещён.) HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> ) ==================== Ярлыки & WMI ======================== (Записи могут быть перечислены для восстановления или удаления.) Shortcut: C:\Users\Светик\Desktop\!ФСК.lnk -> H:\Мой диск\MGCOM\Клиенты\!ФСК () <==== Cyrillic Shortcut: C:\Users\Светик\Desktop\Мой диск.lnk -> G:\Мой диск () <==== Cyrillic Shortcut: C:\Users\Светик\Desktop\Рабочая папка.lnk -> D:\Рабочая папка () <==== Cyrillic Shortcut: C:\Users\Светик\Desktop\РАБОЧИЕ МОМЕНТЫ.lnk -> G:\Мой диск\РАБОЧИЕ МОМЕНТЫ () <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Word\Директору%20ООО311745062191803008\Директору%20ООО.docx.lnk -> D:\ЖКХ\Директору ООО.docx (Нет файла) <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приватный просмотр Firefox.lnk -> C:\Program Files\Mozilla Firefox\private_browsing.exe (Mozilla Corporation) <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс\Punto Switcher\Дневник.lnk -> C:\Users\Светик\AppData\Local\Yandex\Punto Switcher\diary.exe (ООО Яндекс) <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс\Punto Switcher\Настройка раскладок.lnk -> C:\Users\Светик\AppData\Local\Yandex\Punto Switcher\layouts.exe (ООО Яндекс) <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс\Punto Switcher\Новые возможности.lnk -> C:\Users\Светик\AppData\Local\Yandex\Punto Switcher\WelcomeToPunto.url () <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Деинсталлировать Telegram.lnk -> C:\Users\Светик\AppData\Roaming\Telegram Desktop\unins000.exe (Telegram FZ-LLC ) <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DupKiller\История.lnk -> C:\Program Files (x86)\DupKiller\History.txt () <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DupKiller\Лицензионное соглашение.lnk -> C:\Program Files (x86)\DupKiller\License.txt () <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DupKiller\Удалить DupKiller.lnk -> C:\Program Files (x86)\DupKiller\Uninstall.exe (Oleksandr 'TR' Roslov) <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitRecover VBA Password Remover Wizard\Деинсталлировать BitRecover VBA Password Remover Wizard.lnk -> C:\Users\Светик\AppData\Local\Programs\BitRecover\VBA Password Remover Wizard\unins000.exe () <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\SendTo\Передача файлов через Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\Users\Светик\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Приватный просмотр Firefox.lnk -> C:\Program Files\Mozilla Firefox\private_browsing.exe (Mozilla Corporation) <==== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Приватный просмотр Firefox.lnk -> C:\Program Files\Mozilla Firefox\private_browsing.exe (Mozilla Corporation) <==== Cyrillic ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс.Телемост.lnk -> C:\Users\Светик\AppData\Roaming\Yandex\YandexTelemost\2.0.5.1751\YandexTelemost.exe (Yandex) -> -startmenu <==== Cyrillic ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс.Диск\Скриншоты в Яндекс.Диске.lnk -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDiskScreenshotEditor.exe (Яндекс) -> -startmenu <==== Cyrillic ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс.Диск\Яндекс.Диск.lnk -> C:\Users\Светик\AppData\Roaming\Yandex\YandexDisk2\3.2.43.5089\YandexDisk2.exe (Яндекс) -> -startmenu <==== Cyrillic ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\Bitford.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=agjcpjkkccmhfopfciohkkfolnjbbdoh ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\Floating for YouTube™.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=jjphmlaoffndcnecccgemfdaaoighkel ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\Kronymous - Access internet via Tor Network.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=dfdhngcahhplaibahkkjhdklhihbaikl ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\Telegram.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=clhhggbfdinjmjhajaheehoeibfljjno ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\Wink - ТВ, фильмы, сериалы, спорт.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=glcgmiihejfelbacpkeppegcgidlenke ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DupKiller\Запустить в безопасном режиме.lnk -> C:\Program Files (x86)\DupKiller\DupKiller.exe (Oleksandr 'TR' Roslov) -> -r <==== Cyrillic ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Windows\SendTo\Получатель факса.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo <==== Cyrillic ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\Светлана - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5" ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Михаил - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Михаил - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Михаил (mgcom.ru) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4" ShortcutWithArgument: C:\Users\Светик\AppData\Roaming\Microsoft\Excel\ФСК.%20Контекст.%20Автоотчет %20(new)_План-факт_Та311741051621681227\ФСК.%20Контекст.%20Автоотчет %20(new)_План-факт_Таблица%20(1).csv.lnk -> D:\Рабочая папка\25-04\Загрузки\ФСК. Контекст. Автоотчет  (new)_План-факт_Таблица (1).csv () -> 61 <==== Cyrillic ==================== Загруженные модули (В белом списке) ============= 2022-05-29 15:50 - 2021-12-26 17:00 - 000093696 _____ (Igor Pavlov) [Файл не подписан] C:\Program Files\7-Zip\7-zip.dll 2024-12-24 13:14 - 2023-10-11 19:38 - 000157184 _____ (Navimatics LLC) [Файл не подписан] C:\Windows\system32\disko\winfsp_x64.dll 2022-05-31 22:10 - 2016-11-14 15:30 - 001300688 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Файл не подписан] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll 2025-04-03 18:34 - 2016-11-14 12:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Файл не подписан] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll ==================== Alternate Data Streams (В белом списке) ======== ==================== Безопасный режим (В белом списке) ================== (Если запись включена в fixlist, она будет удалена из реестра. Значение "AlternateShell" будет восстановлено.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AutorunsDisabled => "AlternateShell"="cmd.exe" ==================== Ассоциация (В белом списке) ================= ==================== Internet Explorer (В белом списке) ============= SearchScopes: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627 SearchScopes: HKU\S-1-5-21-2025111457-2542931633-2603457532-1001 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627 BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-16] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-16] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-16] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-16] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts содержимое: ========================= (При необходимости, директива Hosts: может быть включена в fixlist для сброса файла Hosts) 2024-04-26 10:27 - 2025-04-16 21:16 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Другие области =========================== (В настоящее время нет автоматического исправления для этого раздела.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files\dotnet\;C:\Program Files\Git\cmd;C:\Program Files\WireGuard\ HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Светик\AppData\Local\Packages\55888ChristopheLavalle.DynamicTheme_jdggxwd41xcr0\LocalState\Bing\KachinaBridge_ROW9220690058_1920x1080.0.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Брандмауэр Windows включён Network Binding: ============= Ethernet 7: TAP-Windows Adapter V9 -> tap0901.sys Ethernet 2: Realtek PCIe GbE Family Controller -> rt640x64.sys Ethernet 5: D-Link DFE-520TX PCI Fast Ethernet Adapter -> fetn63a.sys ==================== MSCONFIG/TASK MANAGER отключённые элементы == (Если запись включена в fixlist, она будет удалена) HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\StartupApproved\Run: => "YandexBrowserAutoLaunch_617A1B0C0AB7EA2DC698A458F3C42BF4" HKU\S-1-5-21-2025111457-2542931633-2603457532-1001\...\StartupApproved\Run: => "YandexDisk2" ==================== Правила Брандмауэра (В белом списке) ================ (Если запись включена в fixlist, она будет удалена из реестра. Файл не будет удалён, если он не указан отдельно.) FirewallRules: [UDP Query User{0EB059ED-20B8-4C64-87F3-5CEBED2CEECE}C:\program files (x86)\starcraft\x86_64\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\x86_64\starcraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{E5A9355A-84FE-42C1-8B3B-3631DF187B24}C:\program files (x86)\starcraft\x86_64\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\x86_64\starcraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{6640F7BB-5189-4BCE-854F-73B56FF1BF94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cube Racer\CubeRacer.exe => Нет файла FirewallRules: [{0F1EC4FC-66CA-4784-A9FC-110214115060}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cube Racer\CubeRacer.exe => Нет файла FirewallRules: [{B40C4C4C-DAFC-4FC4-8059-615B76ABCFE9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{90DFA9C9-5AB9-4E18-9AF7-E895DA66CA5C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E50FD687-D266-40B9-981A-57F7449626E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{2557FB9E-C66C-41D4-979D-C98183FC2531}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [UDP Query User{8F454826-C0F4-4AFC-89E4-281A20E7897D}C:\risk of rain returns\risk of rain returns.exe] => (Allow) C:\risk of rain returns\risk of rain returns.exe (Hopoo Games, LLC) [Файл не подписан] FirewallRules: [TCP Query User{DAEA1937-B617-4679-9CBB-75C48B174E37}C:\risk of rain returns\risk of rain returns.exe] => (Allow) C:\risk of rain returns\risk of rain returns.exe (Hopoo Games, LLC) [Файл не подписан] FirewallRules: [{EF85E565-9459-43F3-9AF0-08F8950F6534}] => (Block) C:\program files\windowsapps\freevpnplanet.planetvpn_2.9.1.0_x64__b2qrq2z57ppd2\bin\xray\xray.exe (61FF30D8-22EB-4823-80CA-7C5E75905A66 -> ) FirewallRules: [{DFB93B56-8F5F-412E-B8F5-3B3BE8D66539}] => (Block) C:\program files\windowsapps\freevpnplanet.planetvpn_2.9.1.0_x64__b2qrq2z57ppd2\bin\xray\xray.exe (61FF30D8-22EB-4823-80CA-7C5E75905A66 -> ) FirewallRules: [UDP Query User{24225965-4E4A-4DD4-8C1A-31F640EE4578}C:\program files\windowsapps\freevpnplanet.planetvpn_2.9.1.0_x64__b2qrq2z57ppd2\bin\xray\xray.exe] => (Allow) C:\program files\windowsapps\freevpnplanet.planetvpn_2.9.1.0_x64__b2qrq2z57ppd2\bin\xray\xray.exe (61FF30D8-22EB-4823-80CA-7C5E75905A66 -> ) FirewallRules: [TCP Query User{468E9480-F415-4CEB-9891-E8F4F90062C6}C:\program files\windowsapps\freevpnplanet.planetvpn_2.9.1.0_x64__b2qrq2z57ppd2\bin\xray\xray.exe] => (Allow) C:\program files\windowsapps\freevpnplanet.planetvpn_2.9.1.0_x64__b2qrq2z57ppd2\bin\xray\xray.exe (61FF30D8-22EB-4823-80CA-7C5E75905A66 -> ) FirewallRules: [UDP Query User{B900B14F-C5EC-4645-B948-514D93752781}C:\users\светик\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\светик\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC) FirewallRules: [TCP Query User{21800DBC-B525-4E11-8C53-CEF9A1401036}C:\users\светик\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\светик\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC) FirewallRules: [{FE69DD17-891F-44A5-ABE2-912B8FD3733B}] => (Allow) C:\Users\Светик\Desktop\Рабочая папка\AnyDesk.exe => Нет файла FirewallRules: [{2C20584A-7A26-4168-BED0-6263C9362A26}] => (Allow) C:\Users\Светик\Desktop\Рабочая папка\AnyDesk.exe => Нет файла FirewallRules: [{CEACBA58-F9D4-4825-8907-BD24B2B45CEB}] => (Allow) C:\Users\Светик\Desktop\Рабочая папка\AnyDesk.exe => Нет файла FirewallRules: [{71AA9CFE-7E71-489E-844E-BA5CD78460B3}] => (Allow) C:\Users\Светик\Desktop\Рабочая папка\AnyDesk.exe => Нет файла FirewallRules: [UDP Query User{8FD3B82B-1CD0-4F1A-A440-6B8780735C29}C:\users\светик\appdata\roaming\yandex\yandextelemost\2.0.5.1751\yandextelemost.exe] => (Allow) C:\users\светик\appdata\roaming\yandex\yandextelemost\2.0.5.1751\yandextelemost.exe (YANDEX LLC -> Yandex) FirewallRules: [TCP Query User{A5D1058B-B606-4514-A827-C0B8D8E79C45}C:\users\светик\appdata\roaming\yandex\yandextelemost\2.0.5.1751\yandextelemost.exe] => (Allow) C:\users\светик\appdata\roaming\yandex\yandextelemost\2.0.5.1751\yandextelemost.exe (YANDEX LLC -> Yandex) FirewallRules: [UDP Query User{0CA1FF13-0ACB-4BBD-B15A-BF43CF659CCB}C:\program files (x86)\direct commander\direct commander.exe] => (Allow) C:\program files (x86)\direct commander\direct commander.exe (YANDEX LLC -> Yandex) FirewallRules: [TCP Query User{D4FBFD67-0C5F-4744-BA0B-56DF97A48F5C}C:\program files (x86)\direct commander\direct commander.exe] => (Allow) C:\program files (x86)\direct commander\direct commander.exe (YANDEX LLC -> Yandex) FirewallRules: [UDP Query User{4B117C88-24CF-4943-AB40-6144C863E786}C:\users\светик\appdata\local\programs\direct commander\direct commander.exe] => (Allow) C:\users\светик\appdata\local\programs\direct commander\direct commander.exe (YANDEX LLC -> Yandex) FirewallRules: [TCP Query User{731592C7-7ACD-4EAE-872F-2B7B8C972D31}C:\users\светик\appdata\local\programs\direct commander\direct commander.exe] => (Allow) C:\users\светик\appdata\local\programs\direct commander\direct commander.exe (YANDEX LLC -> Yandex) FirewallRules: [UDP Query User{3D4480DD-F5B9-4306-A4B7-5B3F17117AA4}C:\users\светик\appdata\local\direct-commander\app-3.77.0\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.77.0\direct commander.exe => Нет файла FirewallRules: [TCP Query User{88130B92-9CAC-44C6-AEEF-B4093C929362}C:\users\светик\appdata\local\direct-commander\app-3.77.0\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.77.0\direct commander.exe => Нет файла FirewallRules: [UDP Query User{FF13ACAD-C88A-45AC-BE9B-31ED0D3953A9}C:\users\светик\appdata\local\direct-commander\app-3.76.0\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.76.0\direct commander.exe => Нет файла FirewallRules: [TCP Query User{C88892A7-D8B9-4596-868A-3958DCDC7C3D}C:\users\светик\appdata\local\direct-commander\app-3.76.0\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.76.0\direct commander.exe => Нет файла FirewallRules: [UDP Query User{31A3A973-DF5F-4819-9F68-CEA23393F2A8}C:\users\светик\appdata\local\direct-commander\app-3.75.2\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.75.2\direct commander.exe => Нет файла FirewallRules: [TCP Query User{C9F0C539-78CE-419D-992B-B5CDE695EF43}C:\users\светик\appdata\local\direct-commander\app-3.75.2\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.75.2\direct commander.exe => Нет файла FirewallRules: [UDP Query User{FB8F9555-5396-4424-9DD6-48987149E0B4}C:\users\светик\appdata\local\direct-commander\app-3.74.1\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.74.1\direct commander.exe => Нет файла FirewallRules: [TCP Query User{B5EDA00B-7616-42DF-A8FD-52F8108A817A}C:\users\светик\appdata\local\direct-commander\app-3.74.1\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.74.1\direct commander.exe => Нет файла FirewallRules: [UDP Query User{48E3DBA4-9C0C-412B-A5FD-7F1885331940}C:\users\светик\appdata\local\direct-commander\app-3.74.0\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.74.0\direct commander.exe => Нет файла FirewallRules: [TCP Query User{9DE3F1C5-4935-4340-A36D-E7F13647862B}C:\users\светик\appdata\local\direct-commander\app-3.74.0\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.74.0\direct commander.exe => Нет файла FirewallRules: [UDP Query User{82E8D5D5-0EF1-4C22-BAAA-0776EA74A8D3}C:\users\светик\appdata\local\direct-commander\app-3.71.2\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.71.2\direct commander.exe => Нет файла FirewallRules: [TCP Query User{2232B110-26BB-44DB-B738-E13F2653CA1B}C:\users\светик\appdata\local\direct-commander\app-3.71.2\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.71.2\direct commander.exe => Нет файла FirewallRules: [UDP Query User{D5DABBB2-9155-4355-9944-2039E3D1E737}C:\users\светик\appdata\local\direct-commander\app-3.70.0\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.70.0\direct commander.exe => Нет файла FirewallRules: [TCP Query User{9DC10B72-53F8-42E3-917C-EABE9427AD85}C:\users\светик\appdata\local\direct-commander\app-3.70.0\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.70.0\direct commander.exe => Нет файла FirewallRules: [UDP Query User{564016FA-48E8-465D-ADAD-F817910B4C74}C:\users\светик\appdata\local\direct-commander\app-3.69.0\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.69.0\direct commander.exe => Нет файла FirewallRules: [TCP Query User{5BCFF738-315A-47BD-94F5-4B744A335296}C:\users\светик\appdata\local\direct-commander\app-3.69.0\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.69.0\direct commander.exe => Нет файла FirewallRules: [UDP Query User{6070CCB2-E568-4C03-B783-82DF56C76D9C}C:\users\светик\desktop\sitewatcher-v0.9.3.1-beta-win64\libs\cefsharp.browsersubprocess.exe] => (Allow) C:\users\светик\desktop\sitewatcher-v0.9.3.1-beta-win64\libs\cefsharp.browsersubprocess.exe => Нет файла FirewallRules: [TCP Query User{770DC873-2EA5-4648-A7FE-D41938A949AA}C:\users\светик\desktop\sitewatcher-v0.9.3.1-beta-win64\libs\cefsharp.browsersubprocess.exe] => (Allow) C:\users\светик\desktop\sitewatcher-v0.9.3.1-beta-win64\libs\cefsharp.browsersubprocess.exe => Нет файла FirewallRules: [UDP Query User{4669249E-8A3B-4AB8-97AB-8883C5344EEF}C:\users\светик\appdata\local\direct-commander\app-3.68.63\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.63\direct commander.exe => Нет файла FirewallRules: [TCP Query User{EDD4C2A3-30B7-4A42-96DD-884C0E2884BD}C:\users\светик\appdata\local\direct-commander\app-3.68.63\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.63\direct commander.exe => Нет файла FirewallRules: [UDP Query User{DDF03321-2034-40A9-99F4-AE57E79D1F51}C:\users\светик\appdata\local\direct-commander\app-3.68.62\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.62\direct commander.exe => Нет файла FirewallRules: [TCP Query User{95D6DB7B-77B2-4C42-885D-FDC391A32A0F}C:\users\светик\appdata\local\direct-commander\app-3.68.62\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.62\direct commander.exe => Нет файла FirewallRules: [UDP Query User{A4117575-EC42-4D42-BBE0-213D32E2BBCE}C:\users\светик\appdata\local\direct-commander\app-3.68.61\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.61\direct commander.exe => Нет файла FirewallRules: [TCP Query User{90C9AD2C-F927-4164-8577-89A4AC50C939}C:\users\светик\appdata\local\direct-commander\app-3.68.61\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.61\direct commander.exe => Нет файла FirewallRules: [UDP Query User{D2A6E904-B6DA-42FE-8F0F-E49B8ADB1C99}C:\users\светик\appdata\local\direct-commander\app-3.68.60\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.60\direct commander.exe => Нет файла FirewallRules: [TCP Query User{E9252399-44AB-4D22-A614-F156A6B68B8E}C:\users\светик\appdata\local\direct-commander\app-3.68.60\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.60\direct commander.exe => Нет файла FirewallRules: [UDP Query User{98C0674C-23CC-48F7-8D64-28662A1211EE}C:\users\светик\appdata\local\direct-commander\app-3.68.59\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.59\direct commander.exe => Нет файла FirewallRules: [TCP Query User{69A0D591-B4AC-4CAA-A3B7-103EFA1EA300}C:\users\светик\appdata\local\direct-commander\app-3.68.59\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.59\direct commander.exe => Нет файла FirewallRules: [UDP Query User{38AD38C5-6294-403C-9FEE-51D9610AA98B}C:\users\светик\appdata\local\direct-commander\app-3.68.58\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.58\direct commander.exe => Нет файла FirewallRules: [TCP Query User{CC9A75FC-7838-4986-803E-7170DC95713C}C:\users\светик\appdata\local\direct-commander\app-3.68.58\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.58\direct commander.exe => Нет файла FirewallRules: [{59AE37DF-68CD-4A0C-ADB7-045325BB77AB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.) FirewallRules: [{F313CFAD-7EDC-411E-8830-3D5F37EC8283}] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Файл не подписан] FirewallRules: [{FE8C2E3A-9FA9-40B2-B543-6E7FCA7DD1FC}] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Файл не подписан] FirewallRules: [UDP Query User{F37B35B3-5299-4E44-8B7F-ADB3A8494352}C:\users\светик\appdata\local\direct-commander\app-3.68.57\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.57\direct commander.exe => Нет файла FirewallRules: [TCP Query User{45028341-6149-499C-A352-276E0D675CFB}C:\users\светик\appdata\local\direct-commander\app-3.68.57\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.57\direct commander.exe => Нет файла FirewallRules: [{1EE61561-B0BD-45F8-AAFE-A3BA4C415F56}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{993F4B57-867A-4EB3-A6E6-486404B8AFFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{92F84E0D-DAC0-4235-9618-8BFA03A9A1FE}C:\users\светик\appdata\local\direct-commander\app-3.68.56\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.56\direct commander.exe => Нет файла FirewallRules: [TCP Query User{69993AE2-1D09-42BB-82F5-388B890603B4}C:\users\светик\appdata\local\direct-commander\app-3.68.56\direct commander.exe] => (Allow) C:\users\светик\appdata\local\direct-commander\app-3.68.56\direct commander.exe => Нет файла FirewallRules: [UDP Query User{AA9EC483-D13E-4EB5-8F58-280002C88487}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{6D855511-65D9-4C1E-8257-B2A0405F9DD4}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{BC5B07C9-A6EE-4947-83C1-DD436BF68F80}] => (Allow) C:\Users\Светик\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC -> YANDEX LLC) FirewallRules: [{E3D6B45C-88F0-475A-95D2-EBB48A4DBC65}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{69C502E1-E274-4789-B642-C17A39DF5784}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{A3DB5B8F-37C1-47CC-B655-1C571C3150D3}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\136.0.7103.19\remoting_host.exe (Google LLC -> Google LLC) FirewallRules: [{C79507C5-B85C-4EBF-A472-943312FE7BAE}] => (Allow) D:\SteamLibrary\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games) FirewallRules: [{0DF010B1-FC84-4BE6-8303-EC41EC23F283}] => (Allow) D:\SteamLibrary\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games) FirewallRules: [{50F08A72-1ED1-4AFD-9BED-4BFEAAC304E6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Файл не подписан] FirewallRules: [{714D3EFF-2CB9-46BD-9119-1CA900D87F42}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Файл не подписан] FirewallRules: [{8207B0AA-8973-42D0-8490-40C9C6A60A93}] => (Allow) C:\Users\Светик\Desktop\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{D7871640-6B0B-4DD9-8A24-1C6AA8A74D06}] => (Allow) C:\Users\Светик\Desktop\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{F3EEB528-9E9E-474F-B178-2DF7384D7AD5}] => (Allow) C:\Users\Светик\Desktop\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{29780C1C-8CF4-4246-BF42-ABEA01D92C10}] => (Allow) C:\Users\Светик\Desktop\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) ==================== Точки восстановления ========================= 16-04-2025 09:27:33 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 17-04-2025 13:09:05 Removed Bonjour 17-04-2025 14:54:14 Restore Point Created by FRST 17-04-2025 14:55:23 Restore Point Created by FRST ==================== Неисправное Устройство в Менеджере Устройств ============ ==================== Ошибки журнала событий: ======================== Ошибки приложения: ================== Error: (04/17/2025 03:04:17 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Программа FRST64.exe версии 1.4.2025.0 прекратила взаимодействие с Windows и была закрыта. Чтобы узнать, имеются ли дополнительные сведения о проблеме, просмотрите журнал проблем в разделе "Безопасность и обслуживание" в панели управления. Идентификатор процесса: aa0 Время запуска: 01dbaf90beac3460 Время завершения: 4294967295 Путь к приложению: D:\oszone\FRST64.exe Идентификатор отчета: 88c06829-67e0-4f72-8c3d-1cbd8dd26528 Полное имя пакета сбоя: Код приложения, связанного со сбойным пакетом: Тип зависания: Top level window is idle Error: (04/17/2025 02:58:05 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Ошибка теневого копирования тома: Непредвиденная ошибка при вызове подпрограммы CoCreateInstance.. hr = 0x8007045b, Идет завершение работы системы.. Error: (04/17/2025 02:58:05 PM) (Source: VSS) (EventID: 13) (User: ) Description: Информация теневого копирования тома: не удается запустить COM-сервер с CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} под именем CEventSystem. [0x8007045b, Идет завершение работы системы.] Error: (04/17/2025 02:54:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Программа FRST64.exe версии 1.4.2025.0 прекратила взаимодействие с Windows и была закрыта. Чтобы узнать, имеются ли дополнительные сведения о проблеме, просмотрите журнал проблем в разделе "Безопасность и обслуживание" в панели управления. Идентификатор процесса: 1598 Время запуска: 01dbaf8f6c2ff4b6 Время завершения: 4294967295 Путь к приложению: D:\Ифобезопасность\FRST64.exe Идентификатор отчета: c035451c-c5d6-475b-ad8a-930d8cd0af25 Полное имя пакета сбоя: Код приложения, связанного со сбойным пакетом: Тип зависания: Top level window is idle Error: (04/17/2025 02:54:13 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Ошибка теневого копирования тома: непредвиденная ошибка при запросе интерфейса IVssWriterCallback. hr = 0x80070005, Отказано в доступе..Наиболее вероятная причина - неправильные параметры безопасности запрашивающего процесса или записывающего процесса. Операция: Сбор данных модуля записи Контекст: Код класса модуля записи: {e8132975-6f93-4464-a53e-1050253ae220} Имя модуля записи: System Writer Код экземпляра модуля записи: {34c13f4a-7ca4-4a7a-9df7-d8a0ae1d13fe} Error: (04/17/2025 02:00:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Имя сбойного приложения: psloglist.exe, версия: 2.82.0.0, метка времени: 0x6424d98d Имя сбойного модуля: ntdll.dll, версия: 10.0.19041.5438, метка времени: 0x2f8c0a5c Код исключения: 0xc0000374 Смещение ошибки: 0x000e6d23 Идентификатор сбойного процесса: 0x7f4 Время запуска сбойного приложения: 0x01dbaf87e731ea67 Путь сбойного приложения: D:\SysinternalsSuite\psloglist.exe Путь сбойного модуля: C:\WINDOWS\SYSTEM32\ntdll.dll Идентификатор отчета: e1909fa3-1179-4c63-93de-4fc9a847c246 Полное имя сбойного пакета: Код приложения, связанного со сбойным пакетом: Error: (04/17/2025 01:55:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Имя сбойного приложения: psloglist.exe, версия: 2.82.0.0, метка времени: 0x6424d98d Имя сбойного модуля: ntdll.dll, версия: 10.0.19041.5438, метка времени: 0x2f8c0a5c Код исключения: 0xc0000374 Смещение ошибки: 0x000e6d23 Идентификатор сбойного процесса: 0x1b94 Время запуска сбойного приложения: 0x01dbaf873b10b9f9 Путь сбойного приложения: D:\SysinternalsSuite\psloglist.exe Путь сбойного модуля: C:\WINDOWS\SYSTEM32\ntdll.dll Идентификатор отчета: 871b85bc-aba7-4c32-830d-a5bcb8aa580b Полное имя сбойного пакета: Код приложения, связанного со сбойным пакетом: Error: (04/17/2025 01:53:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Имя сбойного приложения: psloglist.exe, версия: 2.82.0.0, метка времени: 0x6424d98d Имя сбойного модуля: ntdll.dll, версия: 10.0.19041.5438, метка времени: 0x2f8c0a5c Код исключения: 0xc0000374 Смещение ошибки: 0x000e6d23 Идентификатор сбойного процесса: 0x2290 Время запуска сбойного приложения: 0x01dbaf86ea2d37fb Путь сбойного приложения: D:\SysinternalsSuite\psloglist.exe Путь сбойного модуля: C:\WINDOWS\SYSTEM32\ntdll.dll Идентификатор отчета: 1854a56a-af71-4adf-b85d-cb474f6602bf Полное имя сбойного пакета: Код приложения, связанного со сбойным пакетом: Системные ошибки: ============= Error: (04/17/2025 03:00:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Служба "Брокер мониторинга среды выполнения System Guard" завершена из-за ошибки %%3489660935 Error: (04/17/2025 03:00:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Сбой при запуске службы "Служба Google Update (gupdate)" из-за ошибки Служба не ответила на запрос своевременно. Error: (04/17/2025 03:00:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Превышение времени ожидания (30000 мс) при ожидании подключения службы "Служба Google Update (gupdate)". Error: (04/17/2025 02:58:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Сбой при запуске службы "luafv" из-за ошибки Загрузка драйвера была заблокирована Error: (04/17/2025 02:58:05 PM) (Source: DCOM) (EventID: 10010) (User: WIN-9694A3D6GOF) Description: Регистрация сервера {9BA05972-F6A8-11CF-A442-00A0C90A8F39} DCOM не выполнена за отведенное время ожидания. Error: (04/17/2025 02:58:05 PM) (Source: DCOM) (EventID: 10010) (User: WIN-9694A3D6GOF) Description: Регистрация сервера {9BA05972-F6A8-11CF-A442-00A0C90A8F39} DCOM не выполнена за отведенное время ожидания. Error: (04/17/2025 02:55:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Yandex.Browser Update Service была неожиданно завершена. Это произошло 2 раз(а). Следующее корректирующее действие будет предпринято через 60000 мсек: Перезапуск службы. Error: (04/17/2025 02:55:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Служба Служба "Безопасность Windows" была неожиданно завершена. Это произошло 2 раз(а). Следующее корректирующее действие будет предпринято через 60000 мсек: Перезапуск службы. Windows Defender: ================ Date: 2025-04-17 14:34:24 Description: Антивирусная программа Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Name: HackTool:Win32/AutoKMS Severity: High Category: Tool Path: rootcert:_648384A4DEE53D4C1C87E10D67CC99307CCC9C98 Detection Origin: Unknown Detection Type: Concrete Detection Source: System Process Name: Unknown Security intelligence Version: AV: 1.427.297.0, AS: 1.427.297.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.25030.1, NIS: 0.0.0.0 Date: 2025-04-17 14:33:37 Description: Антивирусная программа Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Name: HackTool:Win32/AutoKMS Severity: High Category: Tool Path: rootcert:_648384A4DEE53D4C1C87E10D67CC99307CCC9C98 Detection Origin: Unknown Detection Type: Concrete Detection Source: System Process Name: Unknown Security intelligence Version: AV: 1.427.297.0, AS: 1.427.297.0, NIS: 1.427.297.0 Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1 Date: 2025-04-17 14:32:51 Description: Антивирусная программа Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Name: HackTool:Win32/Keygen Severity: High Category: Tool Path: file:_C:\Program Files (x86)\Bandicam\loader.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\explorer.exe Security intelligence Version: AV: 1.427.297.0, AS: 1.427.297.0, NIS: 1.427.297.0 Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1 Date: 2025-04-17 14:07:50 Description: Антивирусная программа Microsoft Defender scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2025-04-17 09:18:45 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS!pz&threatid=2147890609&enterprise=0 Name: HackTool:Win32/AutoKMS!pz Severity: Высокий Category: Программное средство Path: file:_C:\WINDOWS\OInstall.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: System Process Name: Unknown Security intelligence Version: AV: 1.427.283.0, AS: 1.427.283.0, NIS: 1.427.283.0 Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1 Event[0]: Date: 2025-04-17 14:09:16 Description: Антивирусная программа Microsoft Defender has encountered an error trying to restore an item from quarantine. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS!pz&threatid=2147890609&enterprise=0 Name: HackTool:Win32/AutoKMS!pz Severity: High Category: Tool Error Code: 0x80508014 Error description: The quarantined item cannot be restored. Security intelligence Version: AV: 1.427.297.0, AS: 1.427.297.0 Engine Version: 1.1.25030.1 CodeIntegrity: =============== Date: 2025-04-17 14:58:44 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tap0901.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2025-04-17 13:42:35 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2025-04-16 12:15:41 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\vdsldr.exe) attempted to load \Device\HarddiskVolume1\Users\Светик\AppData\Local\Yandex\Punto Switcher\pshook64.dll that did not meet the Microsoft signing level requirements. ==================== Информация о памяти =========================== BIOS: American Megatrends Inc. 1601 06/26/2012 Материнская плата: ASUSTeK Computer INC. P7P55D-E Процессор: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz Процент используемой памяти: 55% Общий объём физической RAM: 8183.05 MB Доступно физической RAM: 3635.38 MB Всего Виртуальной: 16119.05 MB Доступно Виртуальной: 11304.34 MB ==================== Диски ================================ Drive c: (ssd system) (Fixed) (Total:237.09 GB) (Free:101.84 GB) (Model: P3-256 ATA Device) NTFS ==>[диск с загрузочными компонентами (получен из BCD)] Drive d: (ссдшка) (Fixed) (Total:222.72 GB) (Free:198.61 GB) (Model: TOSHIBA-TL100 ATA Device) NTFS Drive e: (hdd data) (Fixed) (Total:931.51 GB) (Free:237.91 GB) (Model: SAMSUNG HD103SJ ATA Device) NTFS Drive g: (zh.infodonsk@gmail.com - Goog...) (Fixed) (Total:15 GB) (Free:7.86 GB) (Model: P3-256 ATA Device) FAT32 Drive h: (m.zhdanov@mgcom.ru - Google D...) (Fixed) (Total:237.09 GB) (Free:96.75 GB) (Model: P3-256 ATA Device) FAT32 \\?\Volume{5e177b1e-0000-0000-0000-10463b000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS \\?\Volume{5e177b1e-0000-0000-0000-a0683b000000}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS \\?\Volume{015b05c4-0000-0000-0000-80ae37000000}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS ==================== MBR & Таблица Разделов ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 5E177B1E) Partition 1: (Active) - (Size=237.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=552 MB) - (Type=27) Partition 3: (Not Active) - (Size=860 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 41E6BD12) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 015B05C4) Partition 1: (Active) - (Size=222.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=862 MB) - (Type=27) ==================== Конец от Addition.txt =======================