﻿Лог утилиты random's system information tool 1.17(автор: random/random)
Run by Anatoliy at 2024-08-04 20:55:20
Microsoft Windows 7 Профессиональная  Service Pack 1
Системный раздел C:  Свободно 56 GB (49%) размер 114 GB
Total RAM: 4094 MB (82% free)
X64


====== Список процессов ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\system32\taskhost.exe
"C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\NortonSecurity.exe" /s "NortonSecurity" /m "C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\diMaster.dll" /prefetch:1
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe" --run-as-service
"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=60f1c72ca80246898ad808ce55f47c3f --annotation=main_process_pid=2500 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.4.580 --initial-client-data=0x128,0x12c,0x130,0xfc,0x134,0x140238aa0,0x140238aac,0x140238ab8
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Punto Switcher\punto.exe" 
"C:\Program Files (x86)\hide.me VPN\hidemesvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\NortonSecurity.exe" /c /a /s UserSession
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\Punto Switcher\ps64ldr.exe" -ps64start
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --no-startup-window --external-app-data=null_data --external-app-null-path /prefetch:5
C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1486162624 --annotation=last_update_date=1722369813 --annotation=launches_after_update=7 --annotation=machine_id=60f1c72ca80246898ad808ce55f47c3f --annotation=main_process_pid=5932 --annotation=metrics_client_id=09a48a5f56cf4ccaa4196e64c2898720 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.4.580 --initial-client-data=0xe8,0xec,0xf0,0xbc,0xf4,0x7feee36bf90,0x7feee36bf9c,0x7feee36bfa8
"C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=ff5fe6a7-ea63-11e6-b631-00241dd081a1 --brand-id=yandex --partner-id=pseudoportal-ru --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --gpu-process-kind=sandboxed --field-trial-handle=1156,i,11092988250924119650,4001290792069435879,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1240 /prefetch:2
"C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=ru --service-sandbox-type=none --user-id=ff5fe6a7-ea63-11e6-b631-00241dd081a1 --brand-id=yandex --partner-id=pseudoportal-ru --no-appcompat-clear --process-name="Network Service" --field-trial-handle=992,i,11092988250924119650,4001290792069435879,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2108 --brver=24.6.4.580 /prefetch:3
"C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=ru --service-sandbox-type=service --user-id=ff5fe6a7-ea63-11e6-b631-00241dd081a1 --brand-id=yandex --partner-id=pseudoportal-ru --no-appcompat-clear --process-name="Storage Service" --field-trial-handle=1704,i,11092988250924119650,4001290792069435879,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2332 --brver=24.6.4.580 /prefetch:8
"C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=ff5fe6a7-ea63-11e6-b631-00241dd081a1 --brand-id=yandex --partner-id=pseudoportal-ru --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --allow-prefetch --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2784,i,11092988250924119650,4001290792069435879,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2700 /prefetch:2
"C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=ff5fe6a7-ea63-11e6-b631-00241dd081a1 --brand-id=yandex --partner-id=pseudoportal-ru --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --allow-prefetch --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=2980,i,11092988250924119650,4001290792069435879,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2904 /prefetch:2
"C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=ff5fe6a7-ea63-11e6-b631-00241dd081a1 --brand-id=yandex --partner-id=pseudoportal-ru --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3436,i,11092988250924119650,4001290792069435879,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3432 /prefetch:1
"C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=ru --service-sandbox-type=audio --user-id=ff5fe6a7-ea63-11e6-b631-00241dd081a1 --brand-id=yandex --partner-id=pseudoportal-ru --no-appcompat-clear --process-name="Audio Service" --field-trial-handle=3872,i,11092988250924119650,4001290792069435879,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3908 --brver=24.6.4.580 /prefetch:8
"C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=ru --service-sandbox-type=none --user-id=ff5fe6a7-ea63-11e6-b631-00241dd081a1 --brand-id=yandex --partner-id=pseudoportal-ru --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=4072,i,11092988250924119650,4001290792069435879,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4088 --brver=24.6.4.580 /prefetch:8
C:\Windows\system32\taskhost.exe
"C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=autofill.mojom.TflPredictionsService --lang=ru --service-sandbox-type=utility --user-id=ff5fe6a7-ea63-11e6-b631-00241dd081a1 --brand-id=yandex --partner-id=pseudoportal-ru --no-appcompat-clear --process-name="Autofill Tfl Predictions" --field-trial-handle=5252,i,11092988250924119650,4001290792069435879,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2072 --brver=24.6.4.580 /prefetch:8
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Total Commander\Totalcmd.exe" 
"B:\111\лечение оперы\AutoLogger\AutoLogger.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
"B:\111\лечение оперы\AutoLogger\AutoLogger\AV\AV_Z.exe" Script=AV\GeneralScript.txt HiddenMode=0 AM=Y
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" http://google.ru
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2708 CREDAT:275457 /prefetch:2
C:\Windows\system32\taskeng.exe
"B:\111\лечение оперы\AutoLogger\AutoLogger\RSIT\RSITx64.exe" /silent /m3 /autolog /logfolder "B:\111\лечение оперы\AutoLogger\AutoLogger\RSIT\Log" /nohjt /rus 

====== Папка назначенных заданий ======

C:\Windows\tasks\Восстановление сервиса обновлений Яндекс.Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\22.7.5.947\service_update.exe  --repair
C:\Windows\tasks\Восстановление сервиса обновлений Яндекс Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe  --repair
C:\Windows\tasks\Обновление Браузера Яндекс.job - C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe  --background-update --noerrdialogs
C:\Windows\tasks\Системное обновление Браузера Яндекс.job - C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe  --run-as-launcher
C:\Windows\system32\tasks\doPDF Update - "C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe" /oem=doPdf8_Softland /silent
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
C:\Windows\system32\tasks\Norton WSC Integration - "C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\WSCStub.exe" /taskschd
C:\Windows\system32\tasks\Opera scheduled assistant Autoupdate 1579279233 - C:\Program Files\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1486161588 - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\{7B37537B-8E5F-430A-8042-E1168342D240} - C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe
C:\Windows\system32\tasks\{96A30D07-4CA6-4835-9771-29203CC2DFD6} - C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe
C:\Windows\system32\tasks\{BBB6E10D-79FC-485E-B118-8F689FF19E44} - C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe
C:\Windows\system32\tasks\{E58D3A15-6FD2-44A4-86EB-7FD266A7D76B} - "c:\program files (x86)\mozilla firefox\firefox.exe" https://www.skype.com/go/downloading?source=lightinstaller&ver=7.36.66.101&LastError=12002
C:\Windows\system32\tasks\Восстановление сервиса обновлений Яндекс.Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\22.7.5.947\service_update.exe --repair
C:\Windows\system32\tasks\Восстановление сервиса обновлений Яндекс Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe --repair
C:\Windows\system32\tasks\Обновление Браузера Яндекс - C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --background-update --noerrdialogs
C:\Windows\system32\tasks\Системное обновление Браузера Яндекс - C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe --run-as-launcher
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2718760368-2247427329-101744534-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Remediation\AntimalwareMigrationTask - "C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe" /upgrade /user_logon
C:\Windows\system32\tasks\Norton Security\Norton Security Error Analyzer - C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\SymErr.exe /analyze
C:\Windows\system32\tasks\Norton Security\Norton Security Error Processor - C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\SymErr.exe /submit
C:\Windows\system32\tasks\Norton 360\Norton 360 Error Analyzer - C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\SymErr.exe /analyze
C:\Windows\system32\tasks\Norton 360\Norton 360 Error Processor - C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\SymErr.exe /submit
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Anatoliy\AppData\Roaming\Mozilla\Firefox\Profiles\npjv418q.default

prefs.js - "browser.startup.homepage" -  "www.google.ru"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.231.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.231.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npFoxitReaderPlugin.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Users\Anatoliy\AppData\Roaming\Mozilla\Firefox\Profiles\npjv418q.default\searchplugins\
yandex.ru-20175603.xml
yandex.ru-20221416.xml

C:\Users\Anatoliy\AppData\Roaming\Mozilla\Firefox\Profiles\npjv418q.default\addons.json
Tab Session Manager - extension - Tab-Session-Manager@sienori
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Norton Safe Web - extension - nortonsafeweb@symantec.com
Browsec VPN - бесплатный ВПН для Фаерфокс - extension - browsec@browsec.com
SaveFrom.net помощник: скачать Ютуб, ВКонтакт и др - extension - helper@savefrom.net
Доступ к Рутрекеру - extension - public.proartex@gmail.com
Telegram - extension - {ed387cfb-e57a-49e0-9bf3-017a1f7f2378}

C:\Users\Anatoliy\AppData\Roaming\Mozilla\Firefox\Profiles\npjv418q.default\extensions.json
Session Manager - extension - {1280606b-2510-4fe0-97ef-9b5a22eafe30} - 
YouTube Downloader and Converter - extension - {b9bfaf1c-a63f-47cd-0829-29526ced3775} - 
friGate3 proxy helper - extension - e67f8350-7edf-11e3-baa7-0800200c9a66@fri-gate.org - 
Визуальные закладки - extension - vb@yandex.ru - 
SaveFrom.net helper - extension - helper-sig@savefrom.net - 
Советник Яндекс.Маркета - extension - sovetnik@metabar.ru - 
Доступ к Рутрекеру - extension - public.proartex@gmail.com - 
Norton Safe Web - extension - nortonsafeweb@symantec.com - 
Web Compatibility Interventions - extension - webcompat@mozilla.org - 
Firefox Screenshots - extension - screenshots@mozilla.org - 
Form Autofill - extension - formautofill@mozilla.org - 
WebCompat Reporter - extension - webcompat-reporter@mozilla.org - 
Picture-In-Picture - extension - pictureinpicture@mozilla.org - 
Google - extension - google@search.mozilla.org - 
DuckDuckGo - extension - ddg@search.mozilla.org - 
Wikipedia (en) - extension - wikipedia@search.mozilla.org - 
System theme — auto - theme - default-theme@mozilla.org - 
Light - theme - firefox-compact-light@mozilla.org - 
Dark - theme - firefox-compact-dark@mozilla.org - 
Firefox Alpenglow - theme - firefox-alpenglow@mozilla.org - 
Add-ons Search Detection - extension - addons-search-detection@mozilla.com - 
Telegram Web - extension - {ed387cfb-e57a-49e0-9bf3-017a1f7f2378} - 
Tab Session Manager - extension - Tab-Session-Manager@sienori - 
SaveFrom.net helper - extension - helper@savefrom.net - 
Browsec VPN - Free VPN for Firefox - extension - browsec@browsec.com - 
Adblock Plus - free ad blocker - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - 

C:\Users\Anatoliy\AppData\Roaming\Mozilla\Firefox\Profiles\npjv418q.default\pluginreg.dat

=========Google Chrome=========

C:\Users\Anatoliy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek   
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Интернет-магазин Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake   
Extension apdfllckaahabafndbhieahigkjlhalf   
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo   
Extension ceibjdigmfbbgcpkkdpmjokkokklodmc 0 VK Styles - Темы для вк 1.0.250.8
Extension cjabmdjcfcfdmffimndhafhblfmpjdpe   
Extension felcaaldnbdncclmgdcncolpebgiejap   
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Google Документы офлайн 1.62.0
Extension iikflkcanblccfahdhdonehdalibjnif   
Extension jdfonankhfnhihdcpaagpabbaoclnjfp 0 Поиск  Яндексa 2.0.1.15
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.74
Extension ldgpjdiadomhinpimgchmeembbgojnjk 0 Поиск Яндексa 3.0.0.24
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mokknliiomknodkdmpcellamkopbdmao 0 Repeek (formerly FACEIT Enhancer) 4.2.14
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.21
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Платежная система Интернет-магазина Chrome 1.0.0.6
Extension pfigaoamnncijbgomifamkmkidnnlikl 0 Поиск и стартовая  – Яндекс 2.0.1.15
Extension pjfkgjlnocfakoheoapicnknoglipapd 0 Стартовая — Яндекс 2.0.1.15
Extension pjkljhegncpnkpknbcohdijeoejaedia   
Homepage: 
default_search_provider.search_url: 
C:\Users\Anatoliy\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jdfonankhfnhihdcpaagpabbaoclnjfp]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfigaoamnncijbgomifamkmkidnnlikl]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pjfkgjlnocfakoheoapicnknoglipapd]
"Path"=


======Снимок реестра ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Password Manager - C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\coIEPlg.dll [2022-11-28 1502352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-03 582200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-03 245304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Password Manager - C:\Program Files (x86)\Norton Internet Security\Engine32\22.22.11.12\coIEPlg.dll [2022-11-28 1127568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7D2CB77-6E2D-4C1F-B485-D50506B9FA6B}]
WebMoneyAdvisorBHO - C:\Program Files (x86)\WebMoney Advisor\2.2.4\wmadvisor.dll [2011-07-20 288224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\coIEPlg.dll [2022-11-28 1502352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{405DFEAE-1D2F-4649-BE08-C92313C3E1CE} - WebMoney Advisor - C:\Program Files (x86)\WebMoney Advisor\2.2.4\wmadvisor.dll [2011-07-20 288224]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine32\22.22.11.12\coIEPlg.dll [2022-11-28 1127568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"YandexBrowserAutoLaunch_04359F53DDBD3AC2EA4B56C057C50C98"=C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2024-07-19 4608176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2Gis Update Notifier]
C:\Program Files (x86)\2gis\3.0\2GISTrayNotifier.exe [2016-02-29 4593384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adguard]
C:\Program Files (x86)\Adguard\Adguard.exe /nosplash []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BNM]
C:\Users\Anatoliy\AppData\Local\Beeline Network Manager\notifier.exe [2013-04-15 48489]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BNM Updater]
C:\Users\Anatoliy\AppData\Local\Beeline Network Manager\updater\chp.exe [2013-04-11 7168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FACEIT]
C:\Users\Anatoliy\AppData\Local\FACEITApp\update.exe [2018-06-20 2203608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaijin.Net Agent]
C:\Users\Anatoliy\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2018-01-22 2116168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_04359F53DDBD3AC2EA4B56C057C50C98]
C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2024-07-19 4608176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files (x86)\QIP 2012\qip.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opera Browser Assistant]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\Anatoliy\AppData\Roaming\QipGuard\QipGuard.exe /p []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Service for Navitel Navigator Update Center]
C:\Program Files (x86)\Navitel Navigator update center\NavitelUpdaterService.exe [2022-06-27 1676824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
o:\Steam\steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
C:\Users\Anatoliy\AppData\Local\Viber\Viber.exe [2022-05-01 52602696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wmagent.exe]
C:\Program Files (x86)\WebMoney Agent\wmagent.exe [2009-10-19 210400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YandexBrowserAutoLaunch_04359F53DDBD3AC2EA4B56C057C50C98]
C:\Users\Anatoliy\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2024-07-19 4608176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Total Commander.lnk]
C:\PROGRA~2\TOTALC~1\Totalcmd.exe [2009-11-01 3520256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Anatoliy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hide.me VPN.lnk]
C:\PROGRA~2\HIDE~1.MEV\HIDEME~1.EXE [2024-03-22 3864128]

C:\Users\Anatoliy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Punto Switcher.lnk - C:\Program Files (x86)\Punto Switcher\punto.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
"DisableTaskmgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=0
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutorun"=149
"NoRun"=0
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv

====== Ассоциации файлов ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== Список файлов и папок, созданных за последние 3 месяца ======

2024-08-04 19:35:54 ----D---- C:\Program Files\ChromiumTemp4352_536436607
2024-07-30 23:07:53 ----A---- C:\Windows\system32\drivers\hideFirewall.sys
2024-07-30 23:07:51 ----D---- C:\Users\Anatoliy\AppData\Roaming\Hide.me
2024-07-30 23:07:20 ----D---- C:\Program Files (x86)\hide.me VPN

====== Список файлов и папок, измененных за последние 3 месяца ======

2024-08-04 20:54:44 ----D---- C:\Windows\Temp
2024-08-04 20:54:08 ----RD---- C:\Program Files
2024-08-04 20:44:54 ----SHD---- C:\System Volume Information
2024-08-04 20:22:45 ----D---- C:\Windows\system32\Tasks
2024-08-04 20:07:25 ----D---- C:\Program Files (x86)\Google
2024-08-04 19:55:17 ----D---- C:\Windows\system32\config
2024-08-04 19:32:57 ----D---- C:\Windows
2024-08-01 01:05:27 ----D---- C:\Windows\system32\catroot
2024-08-01 00:45:46 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-08-01 00:42:26 ----D---- C:\Program Files (x86)\hidemy.name VPN
2024-08-01 00:41:04 ----D---- C:\Windows\system32\drivers
2024-08-01 00:41:04 ----D---- C:\Windows\inf
2024-08-01 00:40:58 ----D---- C:\Windows\system32\DriverStore
2024-07-30 23:07:43 ----SHD---- C:\Windows\Installer
2024-07-30 23:07:20 ----RD---- C:\Program Files (x86)
2024-07-30 23:04:29 ----D---- C:\Program Files\Opera
2024-06-28 01:36:53 ----D---- C:\ProgramData\Norton
2024-06-25 17:38:46 ----A---- C:\Windows\NeroDigital.ini
2024-06-21 00:25:35 ----D---- C:\Windows\System32
2024-06-21 00:25:35 ----A---- C:\Windows\system32\PerfStringBackup.INI

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymEFASI;Symantec Extended File Attributes (SI); C:\Windows\System32\drivers\NGCx64\16160B0.00C\SYMEFASI64.SYS [2022-11-28 2180248]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.22.9.11\Definitions\BASHDefs\20240731.001\BHDrvx64.sys [2024-07-29 1706496]
R1 ccSet_NGC;NGC Settings Manager; C:\Windows\System32\drivers\NGCx64\16160B0.00C\ccSetx64.sys [2022-11-28 198280]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2022-09-19 527832]
R1 hideFirewall;hideFirewall; C:\Windows\system32\drivers\hideFirewall.sys [2024-03-20 104000]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.22.9.11\Definitions\IPSDefs\20240731.064\IDSvia64.sys [2024-07-29 1554432]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2007-04-13 105176]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\System32\drivers\NGCx64\16160B0.00C\SRTSPX64.SYS [2022-11-28 52872]
R1 SymIRON;Symantec Iron Driver; C:\Windows\System32\drivers\NGCx64\16160B0.00C\Ironx64.SYS [2022-11-28 306824]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\drivers\NGCx64\16160B0.00C\symnets.sys [2022-11-28 490656]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2023-03-24 159720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\drivers\NGCx64\16160B0.00C\SRTSP64.SYS [2022-11-28 956048]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2023-03-24 100328]
R3 SymEvnt;Symantec Eventing Platform; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.22.9.11\SymPlatform\SymEvnt.sys [2022-07-11 722400]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2020-11-03 40664]
S1 adgnetworktdidrv;adgnetworktdidrv; C:\Windows\system32\drivers\adgnetworktdidrv.sys []
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S3 BthEnum;Драйвер блока запроса Bluetooth; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Устройства Bluetooth (личной сети); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Драйвер порта Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.1.14\Definitions\SDSDefs\20170203.008\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.1.14\Definitions\SDSDefs\20170203.008\EX64.SYS []
S3 nsvst_NGC;NortonLifeLock Split Tunneling WFP Callout driver; C:\Windows\System32\drivers\NGCx64\16160B0.00C\nsvst.sys [2022-11-28 57120]
S3 nvvad_WaveExtensible;nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbser;USB RS-232 Emulation Driver; C:\Windows\system32\DRIVERS\USBSER.sys [2013-08-29 33280]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-08-16 159936]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 wpCtrlDrv_NGC;NortonLifeLock Webcam Control functional driver; C:\Windows\System32\drivers\NGCx64\16160B0.00C\wpCtrlDrv.sys [2022-11-28 1016792]
S4 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S4 hwinterface;hwinterface; C:\Windows\System32\Drivers\hwinterface.sys []
S4 NVHDA;NVHDA; C:\Windows\system32\drivers\nvhda64v.sys []

====== Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 hmevpnsvc;hide.me VPN Service; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [2024-03-22 184384]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NortonSecurity;Norton Security; C:\Program Files (x86)\Norton Internet Security\Engine\22.22.11.12\NortonSecurity.exe [2022-11-28 344888]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-03-03 50600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-01-31 878400]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2015-01-31 1258312]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2017-06-24 76888]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2006-05-07 206400]
R2 YandexBrowserService;Yandex.Browser Update Service; C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe [2024-07-30 3013808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-04-20 156104]
S3 2GISUpdateService;2GIS UpdateService; C:\Program Files (x86)\2gis\3.0\2GISUpdateService.exe [2016-02-29 3772648]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\elevation_service.exe [2023-01-24 1725720]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-04-20 156104]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2024-02-18 241056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S4 aspnet_state;Служба состояний ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------
