﻿Лог утилиты random's system information tool 1.16(автор: random/random)
Run by 0000 at 2018-11-20 17:47:13
Microsoft Windows 7 Ultimate  Service Pack 1
Системный раздел C: размер 15 GB (6%) Свободно 238 GB
Total RAM: 3071 MB (52% free)
X86

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 17:47:14, on 20.11.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)


Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Kaspersky Lab\Kaspersky Security Cloud 19.0.0\avp.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files\GlassWire\GWCtlSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Password Manager 9.0.1\kpm_service.exe
C:\Windows\system32\lxcgcoms.exe
c:\windows\system32\mpk\lsynchost.exe
c:\windows\system32\mpk\lsynchost.exe
C:\Users\0000\Desktop\Новая папка (5)\AutoLogger\AVZ\avz.exe
C:\Program Files\OpenVPN\bin\openvpnserv.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\viakaraokesrv.exe
C:\Program Files\Windows Firewall Control\wfcs.exe
C:\Program Files\Shadow Defender\DefenderDaemon.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files\Windows Firewall Control\wfc.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Windscribe\WindscribeService.exe
C:\Program Files\GlassWire\GWIdlMon.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\ctfmon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Zemana AntiLogger\ZAM.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Wise\Wise Reminder\WiseReminder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Security Cloud 19.0.0\avpui.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\sppsvc.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Users\0000\AppData\Local\Epic Privacy Browser\Application\epic.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Windows\System32\svchost.exe
C:\Users\0000\Desktop\Новая папка (5)\AutoLogger\RSIT\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\0000\Desktop\Новая папка (5)\AutoLogger\RSIT\0000_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://yandex.ru/?clid=2101081
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://yandex.ru/?clid=2101081
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://127.0.0.1:8445/okayfreedom.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: 178.154.131.216 localhost
O1 - Hosts: 178.154.131.217 localhost
O1 - Hosts: 208.112.85.179 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: IE 4.x-6.x BHO for Download Master - {9961627E-4059-41B4-8E0E-A7D6B3854ADF} - C:\PROGRA~1\DOWNLO~1\dmiehlp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files\Kaspersky Lab\Kaspersky Security Cloud 19.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files\Kaspersky Lab\Kaspersky Security Cloud 19.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [Shadow Defender Daemon] "C:\Program Files\Shadow Defender\DefenderDaemon.exe" /Auto
O4 - HKLM\..\Run: [Classic Start Menu] "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
O4 - HKLM\..\Run: [Windows Firewall Control] "C:\Program Files\Windows Firewall Control\wfc.exe"
O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\System32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WiseReminder] C:\Program Files\Wise\Wise Reminder\WiseReminder.exe -os
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Закачать ВСЕ при помощи Download Master - C:\Program Files\Download Master\dmieall.htm
O8 - Extra context menu item: Закачать при помощи Download Master - C:\Program Files\Download Master\dmie.htm
O8 - Extra context menu item: Передать на удаленную закачку DM - C:\Program Files\Download Master\remdown.htm
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - C:\Program Files\Download Master\dmaster.exe
O9 - Extra 'Tools' menuitem: &Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - C:\Program Files\Download Master\dmaster.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - (no file) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F70BDC1-A701-4EB3-90F9-CBA6EDE91D56}: NameServer = 10.223.4.9 10.222.4.9
O17 - HKLM\System\CCS\Services\Tcpip\..\{934E20CD-A398-48E7-998F-3173085045C5}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: 2GIS UpdateService (2GISUpdateService) - ООО ДубльГИС - C:\Program Files\2gis\3.0\2GISUpdateService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Kaspersky Anti-Virus Service 19.0.0 (AVP19.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Security Cloud 19.0.0\avp.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Connect Manager. OUC (Connect Manager. RunOuc) - Unknown owner - C:\Program Files\Connect Manager\UpdateDog\ouc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GlassWire Control Service (GlassWire) - SecureMix LLC - C:\Program Files\GlassWire\GWCtlSrv.exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Kaspersky Password Manager Service (kpm_launch_service) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Password Manager 9.0.1\kpm_service.exe
O23 - Service: Kaspersky Secure Connection Service 3.0.0 (KSDE3.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
O23 - Service: lxcg_device -   - C:\Windows\system32\lxcgcoms.exe
O23 - Service: Local Synchronization Host (MainLSyncHost) - Unknown owner - c:\windows\system32\mpk\lsynchost.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OpenVPNService -   - C:\Program Files\OpenVPN\bin\openvpnserv2.exe
O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: OpenVPN Legacy Service (OpenVPNServiceLegacy) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe
O23 - Service: Windows Firewall Control (wfcs) - BiniSoft.org - C:\Program Files\Windows Firewall Control\wfcs.exe
O23 - Service: WindscribeService - Windscribe Limited - C:\Program Files\Windscribe\WindscribeService.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiLogger\ZAM.exe
O23 - Service: Shadow Defender Service ({0CBD4F48-3751-475D-BE88-4F271385B672}) - SHADOWDEFENDER.COM - C:\Program Files\Shadow Defender\Service.exe

--
End of file - 12584 bytes

======Папка назначенных заданий======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 
C:\Windows\tasks\AdwCleaner_onReboot.job - C:\Users\0000\Downloads\Программы\adwcleaner_7.2.4.0.exe /r
C:\Windows\tasks\CCleaner Update.job - C:\Program Files\CCleaner\CCUpdate.exe 
C:\Windows\tasks\Crystal Security.job - C:\Program Files\Crystal Security\Crystal Security.exe 
C:\Windows\tasks\GlaryInitialize 5.job - C:\Program Files\Glary Utilities 5\Initialize.exe 
C:\Windows\tasks\GlaryUpdate 5.job - C:\Program Files\Glary Utilities 5\CheckUpdate.exe /schedulestart
C:\Windows\tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
C:\Windows\tasks\RegOrganizerQuickLaunch.job - C:\Program Files\Reg Organizer\RegOrganizer.exe -RegistryEditor -ForceForeground -NoSplash
C:\Windows\tasks\SidebarExecute.job - C:\Program Files\Windows Sidebar\sidebar.exe 
C:\Windows\tasks\Восстановление сервиса обновлений Яндекс.Браузера.job - C:\Program Files\Yandex\YandexBrowser\18.7.1.855\service_update.exe  --repair
C:\Windows\tasks\Обновление Браузера Яндекс.job - C:\Users\0000\AppData\Local\Yandex\YandexBrowser\Application\browser.exe  --background-update --noerrdialogs
C:\Windows\tasks\Системное обновление Браузера Яндекс.job - C:\Program Files\Yandex\YandexBrowser\18.7.1.855\service_update.exe  --run-as-launcher
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Google Chrome=========

C:\Users\0000\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 0 Презентации 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Интернет-магазин Chrome 0.2
Extension ahjaciijnoiaklcomgnblndopackapon 1 Identity API Scope Approval UI 1.1
Extension akpelnjfckgfiplcikojhomllgombffc 1 Theme Creator 2.6
Extension aleggpabliehgbeagmfhnodcijcmbonb 0 Онлайн-проверка ссылок антивирусом Dr.Web 3.9.14
Extension amkpcclbbgegoafihnpgomddadjhcadd 1 Kaspersky Protection 20.0.543.85
Extension aohghmighlieiainnegkcijnfilokake 0 Документы 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Диск Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0  
Extension bgnkhhnnamicmpeenaelnjfhikgbkllg 1 AdGuard Антибаннер 2.10.11
Extension bhmmomiinigofkjcapegjjndpbikblnp 0 WOT: Web of Trust, оценка репутации сайтов 4.0.10.21
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 1 Блокировщик… 3.3.2
Extension cfnpidifppmenkapgihekkeednfoenal 0 TrafficLight 2.0.1
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension dhnkblpjbkfklfloegejegedcafpliaa 0 Kaspersky Password Manager 4.1.3
Extension dljdacfojgikogldjffnkdcielnklkce 0 Download Master 3.11.0
Extension dmpojjilddefgnhiicjcmhbkjgbbclob 0 Chameleon 1.8.7
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 0 Таблицы 1.2
Extension fjnbnpbmkenffdnngjfgmeleoegfcffe 0 Stylish – кастомные темы для любого сайта 1.7.12
Extension fmaceifghnbklhhcekcolajngfpaejib 1 Applejack Theme 1
Extension gannpgaobkkhmpomoijebaigcapoeebl 2 Bitdefender Wallet 21.1.6
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 0 Google Документы офлайн 1.7
Extension gomekmidlodglbbmalcneegieacbdmki   
Extension haebnnbpedcbhciplfhjjkbafijpncjl 0 TinEye Reverse Image Search 1.3.0
Extension hhnjdplhmcnkiecampfdgfjilccfpfoe 0  
Extension hphffohcfcaeoekbkfibilcmmoakhmfc 1 ZenMate Web Firewall (Free, Plus Ad Blocker) 1.0.5
Extension ifhennnjohomemnfhcgmmffakbfjjkji 1 Кто украл мои картинки? 0.0.1
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.10
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Платежная система Интернет-магазина Chrome 1.0.0.4
Extension nneajnkjbffgblleaoojgaacokifdkhm 0 DivX Plus Web Player HTML5 <video> 2.1.2.145
Extension omghfjlpggmjjaagoclmmobgdodcjboh 0 Browsec VPN - Free and Unlimited VPN 3.21.10
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6518.129.0.1
Homepage: 
default_search_provider.search_url: 
C:\Users\0000\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\amkpcclbbgegoafihnpgomddadjhcadd]
"Path"=https://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dljdacfojgikogldjffnkdcielnklkce]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm]
"Path"=C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx


======Снимок реестра======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={3CB12E97-BDDF-4488-8C61-217335DD319F}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3CB12E97-BDDF-4488-8C61-217335DD319F}]
"URL"=http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13 760632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-28 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master - C:\PROGRA~1\DOWNLO~1\dmiehlp.dll [2015-10-16 167824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-28 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13 507192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0}]
Kaspersky Protection - C:\Program Files\Kaspersky Lab\Kaspersky Security Cloud 19.0.0\IEExt\ie_plugin.dll [2018-10-09 1178320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13 760632]
{C500C267-63BF-451F-8797-4D720C9A2ED9} - Kaspersky Protection Toolbar - C:\Program Files\Kaspersky Lab\Kaspersky Security Cloud 19.0.0\IEExt\ie_plugin.dll [2018-10-09 1178320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Shadow Defender Daemon"=C:\Program Files\Shadow Defender\DefenderDaemon.exe [2017-04-22 200416]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2017-08-13 150840]
"Windows Firewall Control"=C:\Program Files\Windows Firewall Control\wfc.exe [2018-08-18 639192]
"USB Security"=C:\Program Files\USB Disk Security\USBGuard.exe [2015-01-31 695528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\Windows\System32\ctfmon.exe [2009-07-14 8704]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1174016]
"WiseReminder"=C:\Program Files\Wise\Wise Reminder\WiseReminder.exe [2018-06-25 3687080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IE 3.0 RegSvr schannel.dll]
C:\Windows\system32\regsvr32.exe [2009-07-14 14848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap.dll [2016-05-02 1377800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZAM]
C:\Program Files\Zemana AntiLogger\ZAM.exe [2017-08-09 15775888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{0CBD4F48-3751-475D-BE88-4F271385B672}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PFNet]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{0CBD4F48-3751-475D-BE88-4F271385B672}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\OpenVPN_UserSetup]
"StubPath"=reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\70.0.3538.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=IYVU9_32.DLL
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.dvsd"=pdvcodec.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.tscc"=C:\Windows\system32\tsccvid.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.tsc2"=C:\Windows\system32\tsc2_codec32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"VIDC.IV41"=IR41_32.DLL
"VIDC.IV32"=IR32_32.DLL
"VIDC.IV31"=IR32_32.DLL
"VIDC.VP80"=vp8vfw.dll
"vidc.iv50"=ir50_32.dll
"msacm.iac2"=C:\Windows\system32\iac25_32.ax
"msacm.vorbis"=vorbis.acm

======Ассоциации файлов======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Windows\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======Список файлов и папок, созданных за последние 3 месяца======

2018-11-19 22:12:56 ----D---- C:\Program Files\KStars Desktop Planetarium
2018-11-19 14:49:29 ----HD---- C:\Program Files\Zero G Registry
2018-11-17 13:11:37 ----D---- C:\Users\0000\AppData\Roaming\Wise_Reminder
2018-11-16 12:42:25 ----D---- C:\Windows\1DACE7E00711405B9176D849224E6957.TMP
2018-11-13 19:22:35 ----D---- C:\Users\0000\AppData\Roaming\Need for Speed - Hot Pursuit 2
2018-11-13 18:08:55 ----D---- C:\Users\0000\AppData\Roaming\Lifeless Planet
2018-11-12 23:17:29 ----D---- C:\Users\0000\AppData\Roaming\Rocketcat
2018-11-11 18:47:05 ----D---- C:\Users\0000\AppData\Roaming\com.lunime.gachaversepc
2018-11-07 12:02:33 ----D---- C:\Users\0000\AppData\Roaming\Artogon
2018-11-05 23:23:26 ----D---- C:\ProgramData\Cateia Games
2018-11-04 15:49:49 ----D---- C:\Users\0000\AppData\Roaming\Sonic World
2018-11-04 13:37:07 ----D---- C:\Users\0000\AppData\Roaming\8floor
2018-11-04 13:06:35 ----D---- C:\Users\0000\AppData\Roaming\Godot
2018-11-01 11:58:06 ----D---- C:\Users\0000\AppData\Roaming\ShamanGS
2018-11-01 10:42:59 ----D---- C:\Users\0000\AppData\Roaming\Joybits
2018-10-31 23:10:12 ----A---- C:\Windows\DAYTONA USA Deluxe.INI
2018-10-31 23:06:30 ----N---- C:\Windows\MsgV3US.DLL
2018-10-31 23:06:30 ----N---- C:\Windows\DDXUS.DLL
2018-10-31 23:06:30 ----N---- C:\Windows\DDUNINST.EXE
2018-10-28 18:45:52 ----D---- C:\Program Files\SoftMaker FreeOffice 2018
2018-10-26 16:37:29 ----A---- C:\Windows\system32\RDXP5.DLL
2018-10-26 16:37:28 ----A---- C:\Windows\system32\RDXMMX.DLL
2018-10-26 16:37:28 ----A---- C:\Windows\system32\DMIX.DLL
2018-10-26 16:37:28 ----A---- C:\Windows\system32\DINOAV.DLL
2018-10-26 16:37:28 ----A---- C:\Windows\system32\DINO2D.DLL
2018-10-24 12:00:03 ----D---- C:\Program Files\GUMEEF5.tmp
2018-10-16 23:40:04 ----D---- C:\Users\0000\AppData\Roaming\AlawarEntertainment
2018-10-16 23:40:04 ----D---- C:\ProgramData\AlawarEntertainment
2018-10-11 11:39:57 ----D---- C:\Users\0000\AppData\Roaming\Alawar Stargaze
2018-10-10 17:17:02 ----D---- C:\ProgramData\OpenRA
2018-10-09 15:57:09 ----D---- C:\AdwCleaner
2018-10-09 15:47:03 ----D---- C:\ProgramData\Чистилка
2018-10-07 12:55:17 ----AD---- C:\Config.msi
2018-10-07 12:55:17 ----A---- C:\bzrpcss.log.virtual.lnk
2018-10-02 20:37:20 ----D---- C:\Program Files\GhostMouse
2018-10-02 19:50:54 ----D---- C:\Users\0000\AppData\Roaming\RobotSoft
2018-09-22 20:04:59 ----A---- C:\Windows\system32\x3daudio1_1.dll
2018-09-22 18:44:07 ----D---- C:\FutureRunners
2018-09-18 18:20:51 ----D---- C:\Program Files\Steganos Privacy Suite 19
2018-09-12 00:21:59 ----D---- C:\Users\0000\AppData\Roaming\HdO Adventure
2018-09-06 15:30:13 ----D---- C:\Users\0000\AppData\Roaming\TMNT
2018-09-03 16:26:54 ----N---- C:\Windows\WTTF.INI
2018-09-03 16:25:56 ----N---- C:\Windows\WAVEMIX.INI
2018-09-03 16:24:25 ----A---- C:\Windows\CTL3DV2.DLL
2018-09-03 14:46:19 ----N---- C:\Windows\GAMEBIOS.DLL
2018-09-03 14:46:19 ----A---- C:\Windows\ADCOP.INI
2018-08-27 12:04:10 ----D---- C:\ProgramData\20 дней на поиск Ани
2018-08-24 13:06:20 ----D---- C:\Program Files\Common Files\Steam
2018-08-24 13:06:17 ----D---- C:\Program Files\Steam
2018-08-23 22:28:24 ----D---- C:\Program Files\ProcessMonitor
2018-08-23 14:43:40 ----A---- C:\Program Files\pipedlg.dat
2018-08-23 14:41:43 ----D---- C:\Program Files\3DO
2018-08-22 09:56:59 ----D---- C:\Users\0000\AppData\Roaming\Zbshareware Lab
2018-08-22 00:43:06 ----D---- C:\Users\0000\AppData\Roaming\Rifter
2018-08-22 00:14:27 ----D---- C:\Program Files\USB Disk Security
2018-08-21 11:24:58 ----D---- C:\ProgramData\s6ds
2018-08-21 11:07:43 ----A---- C:\Windows\system32\drivers\utg0nde3.sys
2018-08-21 11:07:36 ----D---- C:\ProgramData\s5rs
2018-08-21 11:07:35 ----D---- C:\ProgramData\s124
2018-08-21 10:52:59 ----D---- C:\ProgramData\s5vc
2018-08-21 10:52:58 ----D---- C:\ProgramData\s544
2018-08-21 10:52:58 ----D---- C:\ProgramData\s51g

======Список файлов и папок, измененных за последние 3 месяца======

2018-11-20 17:44:14 ----D---- C:\ProgramData\Kaspersky Lab
2018-11-20 17:40:01 ----D---- C:\Windows\Temp
2018-11-20 17:39:29 ----SHD---- C:\System Volume Information
2018-11-20 17:39:22 ----AD---- C:\Windows
2018-11-20 17:38:14 ----D---- C:\Program Files\USB-модем Билайн
2018-11-20 14:17:56 ----AHD---- C:\ProgramData
2018-11-20 13:11:15 ----AD---- C:\Program Files\Opera
2018-11-19 22:12:56 ----AD---- C:\Program Files
2018-11-19 17:31:18 ----AD---- C:\Games
2018-11-19 16:24:13 ----AD---- C:\Users\0000\AppData\Roaming\AIMP
2018-11-18 16:59:34 ----D---- C:\Windows\System32
2018-11-18 16:59:34 ----D---- C:\Windows\inf
2018-11-18 16:59:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-11-18 16:31:55 ----D---- C:\Users\0000\AppData\Roaming\DAEMON Tools Lite
2018-11-18 12:18:00 ----A---- C:\Windows\hegames.ini
2018-11-18 10:57:58 ----D---- C:\hegames
2018-11-17 13:11:32 ----D---- C:\Program Files\Wise
2018-11-17 12:29:37 ----A---- C:\Windows\Sandboxie.ini
2018-11-16 13:30:43 ----A---- C:\Windows\system32\OpenAL32.dll
2018-11-16 13:22:47 ----D---- C:\Windows\system32\drivers
2018-11-16 13:21:58 ----HD---- C:\Windows\msdownld.tmp
2018-11-16 13:10:36 ----D---- C:\Users\0000\AppData\Roaming\Convertilla
2018-11-16 12:43:24 ----SHD---- C:\Windows\Installer
2018-11-16 08:57:56 ----A---- C:\LongFileName.txt
2018-11-15 00:25:21 ----D---- C:\Users\0000\AppData\Roaming\MPC-HC
2018-11-15 00:25:20 ----AD---- C:\Users\0000\AppData\Roaming\uTorrent
2018-11-14 21:49:41 ----AD---- C:\Users\0000\AppData\Roaming\VK
2018-11-11 19:04:39 ----D---- C:\Program Files\Advanced Diary
2018-11-11 12:45:01 ----D---- C:\ProgramData\BlueStacksSetup
2018-11-09 20:25:17 ----D---- C:\Program Files\MyLib
2018-11-09 12:49:26 ----D---- C:\Program Files\VKMusic 4
2018-11-06 21:27:57 ----A---- C:\Windows\system32\ssprs.dll
2018-11-06 21:27:57 ----A---- C:\Windows\system32\lsprst7.dll
2018-11-06 19:36:33 ----A---- C:\Windows\goldwave.ini
2018-11-05 12:11:36 ----A---- C:\Windows\Diamonds.INI
2018-11-01 10:17:46 ----D---- C:\Program Files\WinRAR
2018-10-31 16:59:59 ----D---- C:\Program Files\VK
2018-10-29 17:05:46 ----A---- C:\Windows\ntbtlog.txt
2018-10-28 18:46:01 ----D---- C:\Users\0000\AppData\Roaming\SoftMaker
2018-10-28 18:45:57 ----RSD---- C:\Windows\Fonts
2018-10-27 16:03:07 ----D---- C:\Users\0000\AppData\Roaming\Alawar
2018-10-27 15:58:53 ----A---- C:\log.txt
2018-10-26 20:24:57 ----A---- C:\Windows\win.ini
2018-10-26 19:58:55 ----HD---- C:\Program Files\InstallShield Installation Information
2018-10-24 18:43:34 ----D---- C:\Program Files\Bandizip
2018-10-24 14:22:31 ----D---- C:\Users\0000\AppData\Roaming\Skype
2018-10-23 10:31:16 ----AD---- C:\Windows\system32\catroot2
2018-10-12 16:50:49 ----D---- C:\Windows\Prefetch
2018-10-09 23:58:05 ----A---- C:\Windows\piano.ini
2018-10-09 16:05:52 ----D---- C:\Windows\Tasks
2018-10-09 15:44:14 ----D---- C:\Windows\system32\catroot
2018-10-09 15:43:46 ----D---- C:\Windows\system32\DriverStore
2018-10-09 15:04:14 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-10-09 15:03:32 ----D---- C:\Windows\system32\Macromed
2018-10-07 13:59:03 ----D---- C:\Program Files\Download Master
2018-09-29 00:47:56 ----D---- C:\Fraps
2018-09-28 13:02:48 ----D---- C:\Program Files\System Ninja
2018-09-25 15:37:38 ----D---- C:\Users\0000\AppData\Roaming\RenPy
2018-09-24 22:17:05 ----D---- C:\Windows\system32\FxsTmp
2018-09-22 20:04:56 ----RSD---- C:\Windows\assembly
2018-09-18 18:29:47 ----D---- C:\Program Files\Common Files\Steganos
2018-09-18 17:50:25 ----D---- C:\Users\0000\AppData\Roaming\Steganos
2018-09-15 13:43:12 ----D---- C:\Program Files\XMedia Recode
2018-09-13 11:19:44 ----D---- C:\Windows\system32\config
2018-09-09 13:59:38 ----D---- C:\Windows\system
2018-09-09 13:58:43 ----D---- C:\Program Files\Microsoft Games
2018-09-06 15:38:31 ----D---- C:\Windows\winsxs
2018-09-05 17:07:51 ----AD---- C:\Arena_RU
2018-08-29 23:06:59 ----D---- C:\Users\0000\AppData\Roaming\GameSave Manager 3
2018-08-27 18:45:36 ----D---- C:\Program Files\Kaspersky Lab
2018-08-27 12:02:06 ----D---- C:\ProgramData\Playrix Entertainment
2018-08-25 20:12:07 ----D---- C:\Program Files\CCleaner
2018-08-24 13:06:20 ----D---- C:\Program Files\Common Files
2018-08-22 15:25:24 ----D---- C:\Users\0000\AppData\Roaming\SmartSteamEmu

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2012-07-09 23208]
R0 cm_km;AO Kaspersky Lab Cryptographic Module x86 (56 bit); C:\Windows\system32\DRIVERS\cm_km.sys [2018-01-27 178368]
R0 diskpt;diskpt; C:\Windows\SYSTEM32\drivers\diskpt.sys [2017-04-22 351600]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2018-02-20 151240]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2018-10-09 63688]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2009-10-08 243128]
R1 GUBootStartup;GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [2017-04-02 17472]
R1 gwdrv;GlassWire Driver; C:\Windows\system32\DRIVERS\gwdrv.sys [2015-05-29 27568]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2018-10-09 102152]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2018-10-09 680232]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2018-10-09 876128]
R1 klim6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2018-02-12 49344]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2017-05-30 45520]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2017-11-07 75488]
R1 klwtp;KLwtp - WFP callout traffic inspector; C:\Windows\system32\DRIVERS\klwtp.sys [2018-08-18 137016]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2018-02-24 168640]
R1 SLEE_19_DRIVER;Steganos Live Encryption Engine 19 [Driver]; \??\C:\Windows\system32\drivers\Sleen19.sys [2018-03-16 99928]
R2 cdenable;cdenable; C:\Windows\System32\Drivers\cdenable.sys [1999-06-10 6112]
R2 inpout32;inpout32; C:\Windows\System32\Drivers\inpout32.sys [2017-01-03 11936]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2018-10-09 76880]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SysInfoDetectorPro;SysInfoDetectorPro; \??\C:\Windows\system32\SysInfoDetectorPro.sys [2014-12-17 16656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2017-10-19 77824]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2018-10-09 173152]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2018-01-15 51400]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2017-12-11 76328]
R3 kltap;Kaspersky Security Data Escort Adapter; C:\Windows\system32\DRIVERS\kltap.sys [2018-02-12 45496]
R3 NVENETFD;Драйвер сетевого контроллера NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2015-02-06 161424]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2016-04-14 50744]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2016-04-21 23040]
R3 tapwindscribe0901;Windscribe VPN; C:\Windows\system32\DRIVERS\tapwindscribe0901.sys [2017-04-21 41976]
R3 utg0nde3;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\utg0nde3.sys [2018-11-20 7168]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S1 qutmipc;qutmipc; \??\C:\Windows\system32\drivers\qutmipc.sys [2016-04-19 64872]
S1 SASDIFSV;SASDIFSV; \??\D:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
S1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-05 6472192]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-05 228352]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys []
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-05 6472192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BstkDrv;BlueStacks Plus Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv.sys [2017-06-21 220216]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2017-10-19 95232]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2017-10-19 11904]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2017-10-19 199168]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [2017-10-19 108032]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [2017-10-19 315520]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 keycrypt;keycrypt; C:\Windows\system32\DRIVERS\KeyCrypt32.sys [2017-03-22 144416]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2009-11-02 9216]
S3 monectdevices;Monect Hid Device; C:\Windows\system32\DRIVERS\monectdevices.sys [2013-12-03 14104]
S3 nocashio;nocashio; C:\Windows\system32\drivers\nocashio.sys [2017-07-11 4096]
S3 PortTalk;PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [2002-01-12 3567]
S3 ptun0901;TAP Adapter V9 for Private Tunnel; C:\Windows\system32\DRIVERS\ptun0901.sys [2016-06-15 23040]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 15872]
S3 RHDISK;RHDISK; \??\D:\_rohos\RHDISK.SYS []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 5632]
S3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2018-07-10 193520]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SRS_HDAL_Service;HD Audio Lab; C:\Windows\system32\drivers\SRS_HDAL_i386.sys [2010-11-15 390944]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 28032]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynasUSB.sys [2006-11-23 18432]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 77184]
S3 tapSF0901;Spotflux Virtual Network Device Driver; C:\Windows\system32\DRIVERS\tapSF0901.sys []
S3 tap-tb-0901;TunnelBear Adapter V9; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [2015-08-10 33280]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-21 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 usb_rndisx;Адаптер USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;Драйвер USB-сканера; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [2018-02-26 176224]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2018-02-26 124760]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-05 176128]
R2 AVP19.0.0;Kaspersky Anti-Virus Service 19.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Security Cloud 19.0.0\avp.exe [2018-02-28 619640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-05-02 931896]
R2 GlassWire;GlassWire Control Service; C:\Program Files\GlassWire\GWCtlSrv.exe [2017-08-29 4420048]
R2 kpm_launch_service;Kaspersky Password Manager Service; C:\Program Files\Kaspersky Lab\Kaspersky Password Manager 9.0.1\kpm_service.exe [2018-05-07 211680]
R2 lxcg_device;lxcg_device; C:\Windows\system32\lxcgcoms.exe [2007-04-29 537520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-08-30 645992]
R2 OpenVPNServiceInteractive;OpenVPN Interactive Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2018-03-01 64128]
R2 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
R3 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-22 144200]
S2 MainLSyncHost;Local Synchronization Host; c:\windows\system32\mpk\lsynchost.exe [2014-06-18 1700664]
S2 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2018-07-10 261272]
S3 2GISUpdateService;2GIS UpdateService; C:\Program Files\2gis\3.0\2GISUpdateService.exe [2016-02-29 3772648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09 335872]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;Служба состояний ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2018-03-26 47200]
S3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [2017-09-25 369720]
S3 Connect Manager. RunOuc;Connect Manager. OUC; C:\Program Files\Connect Manager\UpdateDog\ouc.exe [2017-10-19 656976]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2017-04-06 1045256]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-22 144200]
S3 KSDE3.0.0;Kaspersky Secure Connection Service 3.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [2018-02-28 617016]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 4430792]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 2905656]
S3 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2018360]
S3 OpenVPNService;OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [2018-03-01 15872]
S3 OpenVPNServiceLegacy;OpenVPN Legacy Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2018-03-01 64128]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-03-14 317400]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2018-05-22 1672992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------
