﻿Лог утилиты random's system information tool 1.17(автор: random/random)
Run by User at 2024-06-14 12:04:33
Microsoft Windows 7 Максимальная  Service Pack 1
Системный раздел C:  Свободно 109 GB (22%) размер 500 GB
Total RAM: 6143 MB (50% free)
X64


====== Список процессов ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x25c
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\DrWeb\dwservice.exe" --logfile="C:\ProgramData\Doctor Web\Logs\dwservice.log"
"C:\Program Files\DrWeb\wsc-service.exe" --logfile="C:\ProgramData\Doctor Web\Logs\wsc-service.log"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\Dwm.exe"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\Explorer.EXE
"C:\Program Files\DrWeb\spideragent.exe" 
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\nr_plugin\ServerHandler.exe" 
"C:\Program Files (x86)\МоёДело.Плагин\StekTrustPlugin.exe" /srv
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" 
"C:\Users\User\AppData\Local\IntelDrivers.exe" 
"C:\Program Files (x86)\EGAIS Crypto 2\EGAISCrypto.exe" 
"C:\Users\Public\Privoxy\privoxy.exe" 
"C:\Program Files (x86)\nr_plugin\nr_server.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Users\Public\proxy-pac\webserv.exe" -h
\??\C:\Windows\system32\conhost.exe "1618269114-1707097144-471102140-297690082-695130121956244690910129238-2131795939
"C:\Users\User\AppData\Local\AgzrtCryptProvider\AgzrtCryptProviderEx.exe" 
"C:\Program Files\Google\Chrome\Application\chrome.exe" --profile-directory="Profile 10"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\User\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=109.0.5414.120 --initial-client-data=0xb0,0xb4,0xb8,0x84,0xbc,0x7fef3236b58,0x7fef3236b68,0x7fef3236b78
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1096 --field-trial-handle=1200,i,11165578407825568579,6704336355441876667,131072 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=ru --service-sandbox-type=none --disable-quic --mojo-platform-channel-handle=1380 --field-trial-handle=1200,i,11165578407825568579,6704336355441876667,131072 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=ru --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=1592 --field-trial-handle=1200,i,11165578407825568579,6704336355441876667,131072 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --lang=ru --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=5 --time-ticks-at-unix-epoch=-1718354835893162 --launch-time-ticks=118199507 --mojo-platform-channel-handle=2984 --field-trial-handle=1200,i,11165578407825568579,6704336355441876667,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=proxy_resolver.mojom.ProxyResolverFactory --lang=ru --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=3416 --field-trial-handle=1200,i,11165578407825568579,6704336355441876667,131072 /prefetch:8
"C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe" atlogon
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=14 --time-ticks-at-unix-epoch=-1718354835893162 --launch-time-ticks=176841447 --mojo-platform-channel-handle=660 --field-trial-handle=1200,i,11165578407825568579,6704336355441876667,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=15 --time-ticks-at-unix-epoch=-1718354835893162 --launch-time-ticks=181545380 --mojo-platform-channel-handle=5328 --field-trial-handle=1200,i,11165578407825568579,6704336355441876667,131072 /prefetch:1
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
C:\Windows\System32\alg.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=ru --service-sandbox-type=audio --disable-quic --mojo-platform-channel-handle=2416 --field-trial-handle=1200,i,11165578407825568579,6704336355441876667,131072 /prefetch:8
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files\AMD\CNext\CNext\cncmd.exe" watch 1760
"C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe" 
"C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe"
"C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe" -pipe:ASServer.Dr.Web
"C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe" -arkpipe:\pipe\ARServer1718355137 -arkinitflags:29 -name:DrWebEngine
"C:\Program Files\AMD\CNext\CNext\amdow.exe" 4752
C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwwatcher.exe
"C:\Program Files\DrWeb\dwnetfilter.exe" --ats
"C:\Users\User\Desktop\5\AutoLogger.exe" 
"C:\Users\User\Desktop\5\AutoLogger\AV\AV_Z.exe" Script=AV\GeneralScript.txt HiddenMode=0 AM=Y
"C:\Program Files\Intel\dwm.exe" 
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=32 --time-ticks-at-unix-epoch=-1718354835893162 --launch-time-ticks=746459357 --mojo-platform-channel-handle=6348 --field-trial-handle=1200,i,11165578407825568579,6704336355441876667,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=33 --time-ticks-at-unix-epoch=-1718354835893162 --launch-time-ticks=746982501 --mojo-platform-channel-handle=5772 --field-trial-handle=1200,i,11165578407825568579,6704336355441876667,131072 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --no-startup-window --external-app-data=null_data --external-app-null-path /prefetch:5
C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1602853690 --annotation=last_update_date=1718182960 --annotation=launches_after_update=21 --annotation=machine_id=0de26b8afdd28e963836e639d90e3544 --annotation=main_process_pid=6412 --annotation=metrics_client_id=81b44a61fcc34f899e094c47ab67e50a --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.4.5.498 --initial-client-data=0xe0,0xe4,0xe8,0xb4,0xec,0x7fef46bff50,0x7fef46bff5c,0x7fef46bff68
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=AF59F04F-F87A-4147-BA14-0B34BC6E1E57 --brand-id=yandex --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --gpu-process-kind=sandboxed --mojo-platform-channel-handle=1092 --field-trial-handle=1220,i,4355842632457124698,18127774965551445026,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version /prefetch:2
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=ru --service-sandbox-type=none --user-id=AF59F04F-F87A-4147-BA14-0B34BC6E1E57 --brand-id=yandex --no-appcompat-clear --process-name="Network Service" --mojo-platform-channel-handle=1940 --field-trial-handle=1220,i,4355842632457124698,18127774965551445026,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --brver=24.4.5.498 /prefetch:3
C:\Program Files\Common Files\Doctor Web\Updater\drwupsrv.exe
\??\C:\Windows\system32\conhost.exe "-1776577178-9929727561180264815762702267-1614694136432767390-1364465473-1197748117
"C:\Users\User\Desktop\5\AutoLogger\HijackThis\HiJackThis.exe" /accepteula /silentautolog /default /skipIgnoreList /timeout:120
"C:\Users\User\Desktop\5\AutoLogger\RSIT\RSITx64.exe" /silent /m3 /autolog /logfolder "C:\Users\User\Desktop\5\AutoLogger\RSIT\Log" /nohjt /rus 

====== Папка назначенных заданий ======

C:\Windows\tasks\CCleanerCrashReporting.job -                                                                                                                                                                                                                                                                                                                                  
C:\Windows\tasks\update-S-1-5-21-718437350-3454518100-2172079934-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\Восстановление сервиса обновлений Яндекс.Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\22.9.1.1094\service_update.exe  --repair
C:\Windows\tasks\Восстановление сервиса обновлений Яндекс Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\24.4.5.498\service_update.exe  --repair
C:\Windows\tasks\Обновление Браузера Яндекс.job - C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe  --background-update --noerrdialogs
C:\Windows\tasks\Системное обновление Браузера Яндекс.job - C:\Program Files (x86)\Yandex\YandexBrowser\24.4.5.498\service_update.exe  --run-as-launcher
C:\Windows\system32\tasks\ActionLauncher_User - C:\Program Files (x86)\Mirillis\Action!\ActionLauncher.exe 5
C:\Windows\system32\tasks\Altening Alt Loader - %windir%\System32\cmd.exe /C start %AppData%\altening\altening.launcher.exe --background
C:\Windows\system32\tasks\AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
C:\Windows\system32\tasks\AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
C:\Windows\system32\tasks\Avira_Security_Installation - C:\Users\User\AppData\Local\Temp\.CR.27369\Avira.Spotlight.Bootstrapper.Runner.exe "C:\Users\User\AppData\Local\Temp\.CR.27369\avira_ru_vpnb0_1951934257-1674324758__pvpnws-spotlightvpnadw-test.exe"  RunMode=Resume
C:\Windows\system32\tasks\dwm - "C:\Program Files\Intel\dwm.exe"
C:\Windows\system32\tasks\dwmd - "C:\Program Files\Intel\dwm.exe"
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
C:\Windows\system32\tasks\Idle - "C:\AMD\Radeon-Software-Adrenalin-2020-22.6.1-Win10-Win11-64Bit-LegacyASICs-June23-2022-LEGACY\Bin64\localization\tr_TR\Idle.exe"
C:\Windows\system32\tasks\IdleI - "C:\AMD\Radeon-Software-Adrenalin-2020-22.6.1-Win10-Win11-64Bit-LegacyASICs-June23-2022-LEGACY\Bin64\localization\tr_TR\Idle.exe"
C:\Windows\system32\tasks\iTop Sump Task(One-Time) - "C:\Program Files (x86)\iTop VPN\SumpiTop.exe" /sup
C:\Windows\system32\tasks\Kontur.Plugin.Assistant-v3.17.1.682-S-1-5-21-718437350-3454518100-2172079934-1000 - kontur.plugin.assistant.exe
C:\Windows\system32\tasks\Kontur.Updater-v1.3.0.267-S-1-5-21-718437350-3454518100-2172079934-1000 - "C:\Users\User\AppData\Local\SkbKontur\Updater\1.3.0.267\kontur.updater.exe"
C:\Windows\system32\tasks\MicrosoftEdgeUpdateTaskMachineCore - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
C:\Windows\system32\tasks\MicrosoftEdgeUpdateTaskMachineUA - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Users\User\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe"
C:\Windows\system32\tasks\Opera GX scheduled assistant Autoupdate 1615638998 - C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\User\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
C:\Windows\system32\tasks\Opera GX scheduled assistant Autoupdate 1622221723 - C:\Users\Астема\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Астема\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
C:\Windows\system32\tasks\Opera GX scheduled Autoupdate 1605030412 - C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Opera GX scheduled Autoupdate 1621962401 - C:\Users\Астема\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Realtek - "C:\Program Files\Realtek\Realtek High Definition Audio\Updater.exe"
C:\Windows\system32\tasks\StartCN - "C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay
C:\Windows\system32\tasks\StartDVR - "C:\Program Files\AMD\CNext\CNext\RSServCmd.exe"
C:\Windows\system32\tasks\UninstallTool_SkipUAC_User - C:\Program Files\Uninstall Tool\UninstallTool.exe $(Arg0) /tasksch
C:\Windows\system32\tasks\update-S-1-5-21-718437350-3454518100-2172079934-1000 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\system32\tasks\update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\system32\tasks\User_Feed_Synchronization-{57F39B7E-7D59-49A5-8719-E5B27AB6F21E} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\Yandex.Stroka.User.S-1-5-21-718437350-3454518100-2172079934-1002 - C:\Users\Астема\AppData\Local\Yandex\SearchBand\Application\5.5.0.1923\searchbandapp64.exe /logon
C:\Windows\system32\tasks\ZoogVPNRunner - "C:\Program Files (x86)\ZoogVPN\ZoogVPN.exe"
C:\Windows\system32\tasks\{4177C6D5-DF13-43CF-AC9A-020DF87641A7} - C:\Program Files (x86)\Grand\UpdateManager\GrandUM.exe
C:\Windows\system32\tasks\{561B14E4-D29C-49C5-B7A8-37C3D149933D} - C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\Trigon Evo Installer v2.5\TrigonLauncher_v2.exe" -d "C:\Users\User\Desktop\Trigon Evo Installer v2.5"
C:\Windows\system32\tasks\{71560CBC-4EB7-4D43-9C23-150080D70401} - C:\Program Files (x86)\Grand\UpdateManager\GrandUM.exe
C:\Windows\system32\tasks\{828E798D-E031-45F8-9909-4668831222FF} - C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\PSU\PSU_Installer.exe -d C:\Users\User\Desktop\PSU
C:\Windows\system32\tasks\{82BE6FC7-026C-48BE-80A3-64CE7A76B80E} - C:\Program Files (x86)\Grand\UpdateManager\GrandUM.exe
C:\Windows\system32\tasks\{8E4F7D14-6616-42BD-B070-F25FE0433C4E} - C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\GLP_Installer_900205958_brawlstars.exe -d C:\Users\User\Downloads
C:\Windows\system32\tasks\{A695DA1F-9795-4154-BC51-A48600002315} - C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\LA_Setup_v4.11.1.exe -d C:\Users\User\Downloads
C:\Windows\system32\tasks\{AAA42161-EC5D-4A96-8514-760DA464BAD6} - C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Local\Temp\scoped_dir3800_1303213606\VMware-player-12.5.3-5115892.exe -d C:\Users\User\AppData\Local\Temp\scoped_dir3800_1303213606
C:\Windows\system32\tasks\{C9C21FE9-E0F5-46ED-B8E9-A16F686D71E1} - C:\Windows\system32\pcalua.exe -a "C:\Users\User\Downloads\GLP_Installer_900208074_Standoff 2.exe" -d C:\Users\User\Downloads
C:\Windows\system32\tasks\Восстановление сервиса обновлений Яндекс.Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\22.9.1.1094\service_update.exe --repair
C:\Windows\system32\tasks\Восстановление сервиса обновлений Яндекс Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\24.4.5.498\service_update.exe --repair
C:\Windows\system32\tasks\Обновление Браузера Яндекс - C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --background-update --noerrdialogs
C:\Windows\system32\tasks\Плагин фиксации действий пользователя - "C:\Windows\System32\wscript.exe" "C:\Program Files\Плагин фиксации действий пользователя\ffmpeg\run.vbs"
C:\Windows\system32\tasks\Системное обновление Браузера Яндекс - C:\Program Files (x86)\Yandex\YandexBrowser\24.4.5.498\service_update.exe --run-as-launcher
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-718437350-3454518100-2172079934-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-718437350-3454518100-2172079934-1002 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\System\SystemCheck - "%userprofile%\AppData\Roaming\Microsoft\Windows\Helper.exe" -SystemCheck
C:\Windows\system32\tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\EOSNotify - %windir%\system32\EOSNotify.exe
C:\Windows\system32\tasks\Microsoft\Windows\Setup\EOSNotify2 - %windir%\system32\EOSNotify.exe -Daily
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\WinKernel - C:\Windows\System32\WinKernel.exe /kernel
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Doctor Web\Dr.Web Daily scan - C:\Program Files\DrWeb\dwscanner.exe /full

=========Mozilla firefox=========

ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7oayy4pb.default-release-1

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.371 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cryptopro.ru/CAdES,version=1.0]
"Description"=КриптоПро ЭЦП Browser Plug-in
"Path"=C:\Program Files (x86)\Crypto Pro\CAdES Browser Plug-in\npcades.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.411.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.411.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@skbkontur.ru/diagplugin]
"Description"=SKB Kontur Diagnostics
"Path"=C:\Program Files (x86)\SkbKontur\DiagPlugin\3.0.27.541\npapikd.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\www.croc.ru/CrocXmlSigner]
"Description"=
"Path"=C:\Program Files (x86)\CrocInc\Croc.XmlSigner\CurrentVersion\npCrocXmlSigner.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.371 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tongbu.com/tongbu,version=0.1]
"Description"=npTongbuAddin
"Path"=C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\www.croc.ru/CrocXmlSigner]
"Description"=
"Path"=C:\Program Files (x86)\CrocInc\Croc.XmlSigner\CurrentVersion\x64\npCrocXmlSigner.dll


C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7oayy4pb.default-release-1\addons.json

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7oayy4pb.default-release-1\extensions.json
Form Autofill - extension - formautofill@mozilla.org - 
Firefox Screenshots - extension - screenshots@mozilla.org - 
WebCompat Reporter - extension - webcompat-reporter@mozilla.org - 
Web Compatibility Interventions - extension - webcompat@mozilla.org - 
Picture-In-Picture - extension - pictureinpicture@mozilla.org - 
Yandex - extension - yandex@search.mozilla.org - 
Google - extension - google@search.mozilla.org - 
DuckDuckGo - extension - ddg@search.mozilla.org - 
Wikipedia (en) - extension - wikipedia@search.mozilla.org - 
Поиск Mail.Ru - extension - mailru@search.mozilla.org - 
System theme — auto - theme - default-theme@mozilla.org - 
Add-ons Search Detection - extension - addons-search-detection@mozilla.com - 
Light - theme - firefox-compact-light@mozilla.org - 
Dark - theme - firefox-compact-dark@mozilla.org - 
Firefox Alpenglow - theme - firefox-alpenglow@mozilla.org - 

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7oayy4pb.default-release-1\pluginreg.dat

=========Google Chrome=========

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Интернет-магазин Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake   
Extension apdfllckaahabafndbhieahigkjlhalf   
Extension caaclfkfmcnlppkambfehbfhlekhpenf 1 panda dumpling 1.0
Extension cdjkkeofanojcdolaakkckkmfcjejlij 1 Плагин ГИС НР 2.10
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Отзыв 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Google Документы офлайн 1.62.0
Extension hnhppcgejeffnbnioloohhmndpmclaga 1 Контур.Плагин 3.0.18
Extension iifchhfnnmpdbibifmljnfjhpififfog 1 CryptoPro Extension for CAdES Browser Plug-in 1.2.13
Extension inlmamahcfioibldbpbaechbpeeaelin 1 Помощник диагностики 3.0.13
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.74
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension ndhkcelnoeacagmhbidalbidnkjeokma 1 ESEP Crypto Extension 1.1.0
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.21
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Платежная система Интернет-магазина Chrome 1.0.0.6
Extension pbefkdcndngodfeigfdgiodgnmbgcfha 1 Расширение для плагина Госуслуг 1.2.8
Extension pjkljhegncpnkpknbcohdijeoejaedia   
Homepage: 
default_search_provider.search_url: 
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cdjkkeofanojcdolaakkckkmfcjejlij]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iifchhfnnmpdbibifmljnfjhpififfog]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\imhlianhlhdicjchlbmbfaefhhjencbe]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\moihledlmchhofenpacbhphnbnpakgmo]
"Path"=


======Снимок реестра ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2024-03-13 628864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2024-03-13 288896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]
{DD72DF3C-1DAB-4201-BE52-92EEE96C42C6} - Независимый регистратор - C:\Program Files (x86)\nr_plugin\Toolbar64.dll [2020-07-21 2133992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]
{DD72DF3C-1DAB-4201-BE52-92EEE96C42C6} - Независимый регистратор - C:\Program Files (x86)\nr_plugin\Toolbar.dll [2020-07-21 724456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"SpIDerAgent"=C:\Program Files\DrWeb\spideragent.exe [2024-01-18 24152856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"YandexBrowserAutoLaunch_B64B7D5D07784CD66F00CA43360BB68B"=C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2024-06-07 4568368]
"Windscribe"=C:\Program Files (x86)\Windscribe\Windscribe.exe -os_restart []
"Vidalia"=C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe []
"uTorrent"=C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe []
"Spotify"=C:\Users\User\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"ProtonVPN"=C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe []
"PlanetVPN"=C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe []
"Parsec.App.0"=C:\Program Files\Parsec\parsecd.exe app_silent=1 []
"Opera GX Stable"=C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe []
"nr_server"=C:\Program Files (x86)\nr_plugin\ServerHandler.exe [2020-07-21 112674]
"moedelo_plugin_setup"=C:\Program Files (x86)\МоёДело.Плагин\StekTrustPlugin.exe [2022-04-21 968040]
"Loudplay"=C:\Users\User\AppData\Local\Programs\loudplay\Loudplay.exe --hidden []
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2020-09-08 67384]
"GrandUpdateManager"=C:\Program Files (x86)\Grand\UpdateManager\GrandUM.exe []
"GoogleChromeAutoLaunch_E2A62F2EFCF52D2AD105647B23C0A2FD"=C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe --no-startup-window /prefetch:5 []
"EpicGamesLauncher"=C:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent []
"Discord"=C:\Users\User\AppData\Local\Discord\Update.exe --processStart Discord.exe []
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2022-09-17 482168]
"CursorFX"=C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe []
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe /MONITOR []
"Brotorrent - Torrent Client"=C:\Users\User\AppData\Local\Programs\com.brotorrent.torrent-client\Brotorrent - Torrent Client.exe []
"Brave Browser"=C:\Users\User\AppData\Local\IntelDrivers.exe [2024-06-05 314304]
"AltServer"=C:\Program Files (x86)\AltServer\AltServer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-11-01 1160408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AltServer]
C:\Program Files (x86)\AltServer\AltServer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Brotorrent - Torrent Client]
C:\Users\User\AppData\Local\Programs\com.brotorrent.torrent-client\Brotorrent - Torrent Client.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2013-05-02 1282120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe /MONITOR []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CursorFX]
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2022-09-17 482168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Discord]
C:\Users\User\AppData\Local\Discord\Update.exe --processStart Discord.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EpicGamesLauncher]
C:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Genshin Impact_launcher_mihoyo_1_0]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE]
C:\Program Files\Google\Chrome\Application\chrome.exe [2023-01-24 3151128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_E2A62F2EFCF52D2AD105647B23C0A2FD]
C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe --no-startup-window /prefetch:5 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrandUpdateManager]
C:\Program Files (x86)\Grand\UpdateManager\GrandUM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2020-09-08 67384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2021-03-31 333784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JavaUpdate]
C:\Users\User\AppData\Local\Java\Update\Updater_1.1.jar []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore]
C:\Program Files\Logitech Gaming Software\LCore.exe /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lightshot]
C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Loudplay]
C:\Users\User\AppData\Local\Programs\loudplay\Loudplay.exe --hidden []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\moedelo_plugin_setup]
C:\Program Files (x86)\МоёДело.Плагин\StekTrustPlugin.exe [2022-04-21 968040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nr_server]
C:\Program Files (x86)\nr_plugin\ServerHandler.exe [2020-07-21 112674]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opera GX Stable]
C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Parsec.App.0]
C:\Program Files\Parsec\parsecd.exe app_silent=1 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlanetVPN]
C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProtonVPN]
C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RadminVPN]
C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2023-07-10 2089536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Riot Vanguard]
C:\Program Files\Riot Vanguard\vgtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftEther VPN Client UI Helper]
C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe /uihelp []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\User\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SteelSeriesGG]
C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath=C:\ProgramData\SteelSeries\GG -dbEnv=production -auto=true []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2024-03-13 750672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray.exe]
D:\Games\vmware-tray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windscribe]
C:\Program Files (x86)\Windscribe\Windscribe.exe -os_restart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^$McRebootA5E6DEAA56$.lnk]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^EGAISCrypto.lnk]
C:\PROGRA~2\EGAISC~1\EGAISC~1.EXE [2020-07-22 778240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^privoxy.lnk]
C:\Users\Public\Privoxy\privoxy.exe [2018-12-30 443392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk]
C:\PROGRA~1\SOFTET~1\VPNCMG~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^webserv.lnk]
C:\Users\Public\PROXY-~1\webserv.exe [2011-06-11 704512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk]
C:\PROGRA~2\PDANET~1\PdaNetPC.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Вырезка экрана и программа запуска для OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Плагин криптографии АГЗРТ.lnk]
C:\Users\User\AppData\Local\AGZRTC~1\AGZRTC~1.EXE [2019-05-01 2644992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Плагин ЭТП.lnk]
C:\Users\User\AppData\Local\AGZRTC~1\AGZRTC~1.EXE [2019-05-01 2644992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2024-03-13 750672]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
$McRebootA5E6DEAA56$.lnk - 
EGAISCrypto.lnk - C:\Program Files (x86)\EGAIS Crypto 2\EGAISCrypto.exe
privoxy.lnk - C:\Users\Public\Privoxy\privoxy.exe
SoftEther VPN Client Manager Startup.lnk - C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
webserv.lnk - C:\Users\Public\proxy-pac\webserv.exe

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
PdaNet Desktop.lnk - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
Вырезка экрана и программа запуска для OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
Плагин криптографии АГЗРТ.lnk - C:\Users\User\AppData\Local\AgzrtCryptProvider\AgzrtCryptProviderEx.exe
Плагин ЭТП.lnk - C:\Users\User\AppData\Local\AgzrtCryptProvider\AgzrtCryptProviderEx.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avgSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DrWebEngine]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableInstallerDetection"=0
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"HideSCAHealth"=1
"DisableCurrentUserRun"=0
"DisableLocalMachineRun"=0
"TurnOffSPIAnimations"=1
"NoWelcomeScreen"=1
"EnforceShellExtensionSecurity"=0
"SettingsPageVisibility"=hide:windowsdefender;
"NoDriveTypeAutorun"=158

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.X264"=x264vfw64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.l3codecp"=l3codecp.acm
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv

====== Ассоциации файлов ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== Список файлов и папок, созданных за последние 3 месяца ======

2024-06-14 11:04:54 ----D---- C:\KVRT2020_Data
2024-06-14 11:02:22 ----D---- C:\Program Files\ChromiumTemp908_1218745250
2024-06-14 10:38:49 ----D---- C:\Program Files\chrome_url_fetcher_2908_2122241164
2024-06-13 14:00:24 ----D---- C:\Program Files\chrome_url_fetcher_5636_712309030
2024-06-13 12:39:46 ----D---- C:\Program Files\CrystalDiskInfo
2024-06-12 22:37:52 ----D---- C:\Program Files\chrome_url_fetcher_3476_1997026362
2024-06-12 12:11:05 ----A---- C:\Windows\system32\drivers\farflt.sys
2024-06-12 12:11:02 ----A---- C:\Windows\system32\drivers\mwac.sys
2024-06-12 12:09:31 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2024-06-12 12:09:15 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2024-06-12 12:08:19 ----A---- C:\Windows\system32\drivers\mbae64.sys
2024-06-12 12:07:14 ----D---- C:\ProgramData\Malwarebytes
2024-06-12 12:07:00 ----D---- C:\Program Files\Malwarebytes
2024-06-11 19:56:05 ----SHD---- C:\found.002
2024-06-11 16:25:01 ----A---- C:\Windows\SYSWOW64\AMDBugReportTool.exe
2024-06-11 16:24:38 ----D---- C:\Program Files\Common Files\ATI Technologies
2024-06-11 16:18:50 ----D---- C:\ProgramData\AMD
2024-06-11 16:18:49 ----D---- C:\Program Files\AMD
2024-06-11 14:52:21 ----D---- C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping2804_830251007
2024-06-10 18:31:06 ----D---- C:\Program Files\chrome_url_fetcher_5932_1816986407
2024-06-10 12:53:23 ----D---- C:\Program Files\chrome_url_fetcher_5792_1868843906
2024-06-10 09:33:55 ----A---- C:\Windows\ntbtlog.txt
2024-06-08 22:27:43 ----D---- C:\Program Files\chrome_url_fetcher_6264_1461238115
2024-06-08 18:43:01 ----D---- C:\Program Files\chrome_url_fetcher_6436_797297929
2024-06-08 17:11:17 ----D---- C:\Program Files (x86)\Far Cry 4
2024-06-08 12:03:30 ----D---- C:\Program Files\chrome_url_fetcher_2156_688500592
2024-06-07 15:53:16 ----D---- C:\Users\User\AppData\Roaming\Pears Project
2024-06-07 15:53:10 ----D---- C:\Program Files\Pears Project Launcher
2024-06-07 15:49:35 ----D---- C:\Program Files\chrome_url_fetcher_4660_672978991
2024-06-07 15:48:36 ----D---- C:\Program Files\chrome_url_fetcher_4660_463483250
2024-06-05 21:49:16 ----D---- C:\Program Files\chrome_url_fetcher_7704_1773465439
2024-06-05 21:26:57 ----D---- C:\Program Files\chrome_url_fetcher_3560_1259389365
2024-06-04 21:09:19 ----D---- C:\Program Files\chrome_url_fetcher_9408_783616672
2024-06-04 16:28:20 ----D---- C:\Program Files\chrome_url_fetcher_2840_1545160989
2024-06-03 17:38:49 ----D---- C:\Program Files\chrome_url_fetcher_4484_435048747
2024-06-03 12:54:55 ----D---- C:\Program Files\chrome_url_fetcher_3080_260418477
2024-06-02 17:29:54 ----D---- C:\Program Files\chrome_url_fetcher_5456_1215938505
2024-06-01 15:06:03 ----D---- C:\Program Files (x86)\Hotline Miami 2 Wrong Number
2024-06-01 15:00:00 ----D---- C:\Program Files (x86)\Hotline Miami
2024-06-01 13:23:32 ----D---- C:\Program Files (x86)\PROXIMA
2024-06-01 10:50:34 ----D---- C:\Users\User\AppData\Roaming\Sun
2024-06-01 10:50:13 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2024-06-01 10:48:43 ----D---- C:\Program Files (x86)\Java
2024-05-27 21:13:13 ----D---- C:\Program Files\chrome_url_fetcher_5736_1587078243
2024-05-26 22:25:40 ----D---- C:\Program Files\chrome_url_fetcher_6016_47144354
2024-05-25 19:46:24 ----D---- C:\Program Files (x86)\Windows Media Player
2024-05-23 19:49:01 ----D---- C:\Program Files\chrome_url_fetcher_17836_2133307617
2024-05-23 17:30:30 ----D---- C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping12968_241517119
2024-05-22 16:47:06 ----D---- C:\Program Files\Ben and Ed
2024-05-22 16:43:30 ----D---- C:\Program Files (x86)\Guns Gore and Cannoli 2
2024-05-19 16:35:49 ----D---- C:\Program Files\chrome_url_fetcher_5184_582404359
2024-05-18 21:10:26 ----D---- C:\Program Files\chrome_url_fetcher_3648_2083703251
2024-05-18 16:58:41 ----D---- C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping6300_932365229
2024-05-17 20:29:42 ----D---- C:\Program Files\chrome_url_fetcher_4016_908218370
2024-05-16 17:02:49 ----D---- C:\Program Files (x86)\MyHome Launcher
2024-05-13 12:11:16 ----D---- C:\Users\User\AppData\Roaming\Mechvibes
2024-05-12 18:50:22 ----D---- C:\Program Files\chrome_url_fetcher_6136_1701764166
2024-05-11 17:00:25 ----D---- C:\Program Files\chrome_url_fetcher_11532_86798660
2024-05-09 14:27:32 ----D---- C:\Program Files\chrome_url_fetcher_4312_1828972517
2024-05-09 11:25:18 ----D---- C:\Program Files\chrome_url_fetcher_2136_1930543555
2024-05-09 11:25:18 ----D---- C:\Program Files\chrome_url_fetcher_2136_168619414
2024-05-08 19:06:51 ----D---- C:\Program Files\chrome_url_fetcher_3656_1064203809
2024-05-01 20:29:43 ----D---- C:\Program Files\chrome_url_fetcher_2492_1354538725
2024-04-30 21:45:43 ----D---- C:\Program Files (x86)\TI
2024-04-29 11:07:03 ----D---- C:\Program Files\chrome_url_fetcher_4060_1480557057
2024-04-28 20:34:01 ----D---- C:\Program Files\chrome_url_fetcher_4140_1743684579
2024-04-28 19:28:02 ----D---- C:\Program Files\chrome_url_fetcher_5076_244235689
2024-04-28 19:08:10 ----D---- C:\ProgramData\iTop VPN
2024-04-28 19:08:09 ----D---- C:\Users\User\AppData\Roaming\iTop VPN
2024-04-28 19:04:55 ----D---- C:\ProgramData\{150F4013-6884-4350-8DDC-6BFCB4C5DC15}
2024-04-28 13:33:37 ----AD---- C:\ProgramData\MTA San Andreas All
2024-04-28 13:31:07 ----D---- C:\Program Files\chrome_url_fetcher_4904_1046561879
2024-04-28 13:29:20 ----D---- C:\Program Files (x86)\Province Launcher
2024-04-28 12:59:01 ----D---- C:\Users\User\AppData\Roaming\Vortex
2024-04-28 09:52:37 ----A---- C:\Windows\system32\avgBoot.exe
2024-04-27 20:53:12 ----D---- C:\Program Files (x86)\Manhunt
2024-04-27 20:51:27 ----D---- C:\Program Files\chrome_url_fetcher_7408_1631971729
2024-04-27 16:42:18 ----D---- C:\Program Files\chrome_url_fetcher_4560_1504407696
2024-04-13 10:57:32 ----D---- C:\ProgramData\Elcomsoft Password Recovery
2024-04-13 10:57:32 ----D---- C:\Program Files (x86)\Elcomsoft Password Recovery
2024-04-13 10:57:32 ----D---- C:\Program Files (x86)\Elcomsoft
2024-04-06 20:48:20 ----D---- C:\Amazing Games
2024-04-06 12:47:27 ----A---- C:\Windows\system32\eac_usermode_14154299135002.dll
2024-04-06 12:31:54 ----D---- C:\Program Files\Process Hacker 2
2024-03-31 12:40:47 ----D---- C:\Program Files (x86)\Roblox
2024-03-31 11:31:37 ----D---- C:\Program Files\chrome_url_fetcher_2512_607053781
2024-03-26 19:54:30 ----D---- C:\ProgramData\Norton
2024-03-26 13:59:36 ----D---- C:\Users\User\AppData\Roaming\Goldberg EOS Emu Saves
2024-03-22 21:31:36 ----D---- C:\Program Files (x86)\RADMIR LAUNCHER
2024-03-18 19:29:59 ----D---- C:\Program Files\Black Tree Gaming Ltd
2024-03-18 15:06:23 ----ASH---- C:\pagefile.sys
2024-03-17 20:12:53 ----D---- C:\Users\User\AppData\Roaming\Steam

====== Список файлов и папок, измененных за последние 3 месяца ======

2024-11-07 11:10:59 ----AD---- C:\Windows\System32
2024-11-07 11:10:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2024-11-07 10:38:31 ----D---- C:\Windows\pss
2024-06-14 12:03:21 ----D---- C:\Windows\Temp
2024-06-14 11:58:33 ----AD---- C:\Windows\system32\drivers
2024-06-14 11:56:50 ----RD---- C:\Program Files
2024-06-14 11:54:49 ----D---- C:\Program Files (x86)\Google
2024-06-14 11:52:38 ----D---- C:\ProgramData\Doctor Web
2024-06-14 11:50:10 ----D---- C:\Windows\Prefetch
2024-06-14 11:48:38 ----D---- C:\ProgramData\firebird
2024-06-14 11:23:11 ----HD---- C:\msdownld.tmp
2024-06-14 11:23:11 ----D---- C:\Windows\system32\Tasks
2024-06-14 11:23:11 ----D---- C:\sessionmonitornetcommon
2024-06-14 11:23:11 ----D---- C:\Logs
2024-06-14 11:02:53 ----SHD---- C:\DrWeb Quarantine
2024-06-14 10:49:37 ----D---- C:\Windows\system32\config
2024-06-13 22:03:11 ----D---- C:\Users\User\AppData\Roaming\arizona-launcher
2024-06-13 14:11:19 ----SHD---- C:\Windows\Installer
2024-06-13 14:11:19 ----SHD---- C:\Config.Msi
2024-06-13 14:10:08 ----RSD---- C:\Windows\assembly
2024-06-13 14:09:08 ----D---- C:\Games
2024-06-13 12:52:47 ----D---- C:\Windows\system32\catroot
2024-06-13 12:43:58 ----D---- C:\Windows\SYSWOW64\drivers
2024-06-13 12:43:58 ----D---- C:\Program Files (x86)
2024-06-13 12:43:58 ----AHD---- C:\ProgramData
2024-06-12 14:35:45 ----D---- C:\Program Files (x86)\Steam
2024-06-12 12:08:47 ----D---- C:\Windows\system32\DriverStore
2024-06-12 12:08:47 ----D---- C:\Windows\inf
2024-06-11 16:34:07 ----D---- C:\Windows
2024-06-11 16:25:01 ----D---- C:\Windows\SysWOW64
2024-06-11 16:24:38 ----D---- C:\Program Files\Common Files
2024-06-11 16:13:46 ----D---- C:\Windows\system32\catroot2
2024-06-11 10:46:29 ----D---- C:\Вторая часть заявки
2024-06-10 10:02:02 ----AD---- C:\Windows\system32\drivers\etc
2024-06-09 22:43:45 ----AD---- C:\Licenses
2024-06-09 22:43:44 ----SHD---- C:\found.000
2024-06-09 22:43:39 ----D---- C:\Program Files (x86)\Outline
2024-06-08 17:57:04 ----D---- C:\ProgramData\Orbit
2024-06-06 15:08:58 ----D---- C:\ProgramData\modloader
2024-06-05 10:39:41 ----D---- C:\Medal
2024-06-04 21:56:14 ----RSD---- C:\Windows\Fonts
2024-06-04 21:01:01 ----D---- C:\Users\User\AppData\Roaming\radmir-launcher
2024-06-02 19:19:48 ----D---- C:\Users\User\AppData\Roaming\.tlauncher
2024-06-02 19:18:03 ----D---- C:\Redmi Note 10S
2024-06-01 14:29:41 ----AD---- C:\ProgramData\Application Data
2024-06-01 13:29:32 ----D---- C:\Windows\SYSWOW64\directx
2024-06-01 13:29:27 ----HD---- C:\Windows\msdownld.tmp
2024-06-01 10:56:41 ----D---- C:\Users\User\AppData\Roaming\.minecraft
2024-06-01 10:51:00 ----D---- C:\Program Files (x86)\Common Files
2024-05-29 14:38:19 ----D---- C:\Program Files\Intel
2024-05-29 14:38:13 ----D---- C:\.android
2024-05-29 14:38:05 ----D---- C:\Program Files (x86)\DXBX
2024-05-28 16:49:44 ----D---- C:\Users\User\AppData\Roaming\Lightcord
2024-05-26 15:08:07 ----D---- C:\Windows\Microsoft.NET
2024-05-26 10:41:05 ----D---- C:\Windows\winsxs
2024-05-25 19:46:24 ----D---- C:\Windows\ehome
2024-05-25 19:46:24 ----D---- C:\Program Files\Windows Media Player
2024-05-25 19:46:24 ----D---- C:\Program Files\DVD Maker
2024-05-25 19:46:23 ----D---- C:\Windows\SYSWOW64\wbem
2024-05-25 19:46:23 ----D---- C:\Windows\SYSWOW64\ru-RU
2024-05-25 19:46:23 ----D---- C:\Windows\SYSWOW64\migration
2024-05-25 19:46:23 ----D---- C:\Windows\system32\wbem
2024-05-25 19:46:23 ----D---- C:\Windows\system32\ru-RU
2024-05-25 19:46:23 ----D---- C:\Windows\PolicyDefinitions
2024-05-25 19:01:52 ----D---- C:\Program Files (x86)\NeoSmart Technologies
2024-05-24 22:56:02 ----D---- C:\Program Files\Sweet Home 3D
2024-05-23 16:10:47 ----D---- C:\Users\User\AppData\Roaming\Leppsoft
2024-05-17 20:21:24 ----SD---- C:\ProgramData\Microsoft
2024-05-17 20:21:24 ----D---- C:\Program Files\Windows Mail
2024-05-01 17:16:22 ----D---- C:\Program Files (x86)\DOSBox-0.74-3
2024-05-01 17:14:42 ----D---- C:\Users\User\AppData\Roaming\Telegram Desktop
2024-05-01 11:47:00 ----D---- C:\Windows\Minidump
2024-04-30 21:46:08 ----D---- C:\Users\User\AppData\Roaming\RenPy
2024-04-28 19:04:55 ----D---- C:\ProgramData\iTop
2024-04-28 10:52:34 ----D---- C:\ProgramData\AVG
2024-04-28 10:50:17 ----D---- C:\Users\User\AppData\Roaming\AVG
2024-04-27 17:10:17 ----D---- C:\Users\User\AppData\Roaming\qBittorrent
2024-04-27 16:47:35 ----D---- C:\Users\User\AppData\Roaming\uTorrent
2024-04-17 10:11:40 ----D---- C:\Users\User\AppData\Roaming\EurekaLog
2024-04-07 14:54:49 ----D---- C:\Users\User\AppData\Roaming\Process Hacker 2
2024-04-06 21:05:17 ----D---- C:\Program Files\dotnet
2024-04-06 21:04:25 ----D---- C:\ProgramData\Package Cache
2024-04-04 19:43:27 ----D---- C:\Users\User\AppData\Roaming\EasyAntiCheat
2024-03-26 19:56:41 ----D---- C:\Windows\Tasks

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R0 amdide64;amdide64; C:\Windows\system32\DRIVERS\amdide64.sys [2012-12-03 11944]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2020-11-07 98416]
R0 DrWebLwf;Dr.Web Firewall Kernel-Mode Driver; C:\Windows\system32\drivers\drweblwf.sys [2024-01-18 544160]
R0 DwDevGuard;Dr.Web Device Guard; C:\Windows\system32\drivers\dwdg.sys [2024-01-18 333280]
R0 DwProt;Dr.Web Protection for Windows; C:\Windows\system32\drivers\dwprot.sys [2024-01-18 1159088]
R0 IaNVMeF;IaNVMeF; C:\Windows\system32\drivers\IaNVMeF.sys [2018-04-25 35824]
R0 ocztrimfilter;SSD Device Filter; C:\Windows\system32\drivers\ocztrimfilter.sys [2016-06-10 29064]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-08-16 213736]
R0 secnvmeF;secnvmeF; C:\Windows\system32\drivers\secnvmeF.sys [2018-02-13 30624]
R0 SpiderG3;Dr.Web File System Monitor; C:\Windows\system32\drivers\spiderg3.sys [2024-01-18 418784]
R1 betternet_netfilter2;betternet_netfilter2; C:\Windows\system32\drivers\betternet_netfilter2.sys [2022-10-07 89088]
R1 CProCtrl;КриптоПро CSP драйвер; C:\Windows\system32\DRIVERS\CProCtrl.5.0.0.10008.sys [2021-06-02 120984]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-08-16 516096]
R1 MEmuDrv;MemuHyperv Service; C:\Windows\system32\DRIVERS\MEmuDrv.sys [2021-01-04 309904]
R1 ndextlag;ExitLag Game Booster; C:\Windows\system32\DRIVERS\ndextlag.sys [2018-04-11 39112]
R1 pango_netfilter2;pango_netfilter2; C:\Windows\system32\drivers\pango_netfilter2.sys [2022-12-30 89088]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2022-08-02 21984]
R2 Ld9BoxSup;Ld9BoxSup; \??\C:\Program Files\ldplayer9box\Ld9BoxSup.sys [2024-02-09 354200]
R2 LdBoxDrv;LdBoxDrv; \??\C:\Program Files\dnplayerext2\LdBoxDrv.sys [2024-02-08 319376]
R2 LdVBoxDrv;LdVBoxDrv; \??\C:\Program Files\ldplayerbox\LdVBoxDrv.sys [2023-10-21 319376]
R3 amdfendr;AMD Crash Defender Driver; C:\Windows\system32\DRIVERS\amdfendr.sys [2022-02-22 118496]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\amdkmdag.sys [2022-08-02 83257312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2021-01-18 279464]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2021-07-29 42256]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2022-09-17 63696]
R3 GrdKey;Guardant LPT Dongle Service; C:\Windows\system32\DRIVERS\grdkey.sys [2009-02-26 1006336]
R3 keyboard;Keyboard Upper Filter Driver; C:\Windows\system32\drivers\keyboard.sys [2022-09-13 18536]
R3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.6.0; C:\Windows\system32\drivers\libusb0.sys [2012-01-17 52832]
R3 mouse;Mouse Upper Filter Driver; C:\Windows\system32\drivers\mouse.sys [2022-09-13 18536]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2013-05-17 17280]
R3 Neo_VPN;VPN Client Device Driver - VPN; C:\Windows\system32\DRIVERS\Neo_0116.sys [2022-12-13 38088]
R3 RTIFDH;RTIFDH; C:\Windows\system32\DRIVERS\rtIFDH.sys [2020-06-23 16256]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2021-12-20 1121128]
R3 ScpVBus;Scp Virtual Bus Driver; C:\Windows\system32\DRIVERS\ScpVBus.sys [2013-05-19 39168]
S0 oem-drv64;OEM-SLP2.1 Driver (HPD64); C:\Windows\system32\DRIVERS\oem-drv64.sys []
S1 adgnetworktdidrv;adgnetworktdidrv; C:\Windows\system32\drivers\adgnetworktdidrv.sys []
S2 AODDriver4.3.0;AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys []
S2 BlueStacksDrv_msi2;BlueStacks Hypervisor_msi2; \??\C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys []
S3 625fd41c47bb5629;625fd41c47bb5629; \??\C:\Windows\TEMP\e344114.sys []
S3 aftap0901;AnchorFree TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\aftap0901.sys [2022-08-17 48624]
S3 bntap;BetterNet TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\bntap.sys []
S3 CisUtMonitor;CisUtMonitor; C:\Windows\system32\DRIVERS\CisUtMonitor.sys [2023-04-09 57400]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DroidCam;DroidCam Virtual Audio; C:\Windows\system32\DRIVERS\droidcam.sys [2020-04-24 31576]
S3 e176f2988c5b06b1;e176f2988c5b06b1; \??\C:\Windows\TEMP\9f72f03.sys []
S3 EQU8_HELPER_19;EQU8_HELPER_19; \??\C:\Windows\system32\DRIVERS\EQU8_HELPER_19.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ewusbmbb;HUAWEI USB-WWAN miniport; C:\Windows\system32\DRIVERS\ewusbwwan.sys []
S3 GPU-Z-v2;GPU-Z-v2; \??\C:\Users\User\AppData\Local\Temp\GPU-Z-v2.sys []
S3 GrdUsb;Guardant USB Dongle Service; C:\Windows\system32\DRIVERS\grdusb.sys [2009-02-26 1060992]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2022-05-18 33856]
S3 hsstap;HotspotShield TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\hsstap.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 IaNVMe;IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [2018-04-25 136680]
S3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2017-08-18 36496]
S3 LGJoyXlCore;Logitech Translation Layer Driver (LGS); C:\Windows\system32\drivers\LGJoyXlCore.sys [2017-08-18 67736]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2017-08-18 26008]
S3 logi_joy_bus_enum;Logitech G HUB Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [2022-02-14 37200]
S3 logi_joy_vir_hid;Logitech G HUB Virtual HID Device Driver; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [2022-02-14 25928]
S3 logi_joy_xlcore;Logitech G HUB Translation Layer Driver; C:\Windows\system32\drivers\logi_joy_xlcore.sys [2022-02-14 66896]
S3 mracdrv;MRAC Driver; C:\Windows\System32\drivers\mracdrv1.sys [2024-02-23 29287768]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2022-01-06 23040]
S3 nvme;nvme; C:\Windows\system32\drivers\nvme.sys [2016-08-17 77488]
S3 ocznvme;ocznvme; C:\Windows\system32\drivers\ocznvme.sys [2016-06-10 99592]
S3 phantomtap;Phantom TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\phantomtap.sys [2022-03-30 39448]
S3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 polarbear-split-tunneling;polarbear-split-tunneling; \??\C:\Program Files (x86)\TunnelBear\Drivers\x64\SplitTunnelingDriver.sys []
S3 ProtonVPNCallout;ProtonVPN Callout; \??\C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.CalloutDriver.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2018-08-16 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2021-11-17 47280]
S3 rtUSB;Rutoken; C:\Windows\system32\DRIVERS\rtUSB.sys [2020-06-23 39296]
S3 RvNetMP60;Famatech Radmin VPN Miniport; C:\Windows\system32\DRIVERS\RvNetMP60.sys [2022-10-18 58288]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 secnvme;secnvme; C:\Windows\system32\drivers\secnvme.sys [2018-02-13 91352]
S3 ssdevfactory;SteelSeries Device Factory Service; C:\Windows\system32\DRIVERS\ssdevfactory.sys [2017-06-29 46440]
S3 stornvme;stornvme; C:\Windows\system32\drivers\stornvme.sys [2018-08-16 50616]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2022-02-03 27136]
S3 tapprotonvpn;TAP-ProtonVPN Windows Adapter V9; C:\Windows\system32\DRIVERS\tapprotonvpn.sys [2021-05-28 39696]
S3 tap-tb-0901;TunnelBear Adapter V9; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [2023-04-27 38656]
S3 tapwindscribe0901;Windscribe VPN; C:\Windows\system32\DRIVERS\tapwindscribe0901.sys [2021-04-18 48544]

====== Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 DrWebAVService;Dr.Web Control Service; C:\Program Files\DrWeb\dwservice.exe [2024-01-18 16687480]
R2 DrWebWscService;Dr.Web Wsc Service; C:\Program Files\DrWeb\wsc-service.exe [2024-01-18 6340928]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2022-09-17 4960120]
R3 DrWebEngine;Dr.Web Scanning Engine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2024-01-18 2816312]
R3 DrWebNetFilter;Dr.Web Net Filtering Service; C:\Program Files\DrWeb\dwnetfilter.exe [2024-01-18 7369896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 edgeupdate;Служба "Обновление Microsoft Edge" (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-06-11 214936]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-10-16 144200]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe []
S3 edgeupdatem;Служба "Обновление Microsoft Edge" (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-06-11 214936]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-10-16 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 mracsvc;MRAC Service; C:\Windows\System32\mracsvc.exe [2024-02-23 29953808]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2021-03-20 75136]
S3 ProtonVPN Service;ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe []
S3 RvControlSvc;Radmin VPN Control Service; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [2023-07-10 1179712]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\steamservice.exe [2023-12-08 2662760]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-11-01 82640]
S4 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2018-09-13 818136]
S4 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-05-11 2128872]
S4 AMD Crash Defender Service;AMD Crash Defender Service; C:\Windows\system32\amdfendrsr.exe [2022-02-22 518592]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2022-08-02 513504]
S4 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2022-08-02 190464]
S4 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe []
S4 aspnet_state;Служба состояний ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 AUEPLauncher;AMD User Experience Program Launcher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe []
S4 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2022-10-05 9712432]
S4 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2019-12-10 1195128]
S4 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2019-12-10 1862776]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2019-12-10 1186936]
S4 Droid4XService;Droid4XService; C:\Program Files (x86)\Droid4X\Droid4XService.exe []
S4 EasyAntiCheat_EOS;Easy Anti-Cheat (Epic Online Services); C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe []
S4 EQU8_19;EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [2021-04-03 5673048]
S4 GoodbyeDPI;GoodbyeDPI; C:\Users\Public\goodbyedpi\x86_64\goodbyedpi.exe [2019-10-31 61952]
S4 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe [2023-01-24 1725720]
S4 iBtSiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2019-12-19 518712]
S4 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
S4 iPod Service;Сервис iPod; C:\Program Files\iPod\bin\iPodService.exe [2021-03-31 674776]
S4 KingoSoftService;KingoSoftService; C:\Users\User\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe [2018-03-08 17384]
S4 Logs service for nr modules;Logs service for nr modules; C:\Program Files (x86)\nr_plugin\nr_logs.exe [2020-07-21 128000]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2023-07-04 247200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 Network service for nr modules;Network service for nr modules; C:\Program Files (x86)\nr_plugin\nr_networking.exe [2020-07-21 483362]
S4 nr_plugin_updater;nr_plugin_updater; C:\Program Files (x86)\nr_plugin\nr_plugin_updater.exe [2020-07-21 352290]

-----------------EOF-----------------
