﻿Лог утилиты random's system information tool 1.16(автор: random/random)
Run by Artemij.Bobryshev at 2020-10-11 12:15:44
Майкрософт Windows 10 Pro 
Системный раздел C: размер 50 GB (13%) Свободно 376 GB
Total RAM: 8078 MB (67% free)
X64

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:15:45, on 11.10.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.17319)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Windows\CCM\SCNotification.exe
C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe
C:\Users\Artemij.Bobryshev\Desktop\AutoLogger-test.exe
C:\Users\Artemij.Bobryshev\Desktop\AutoLogger\AVZ\avz.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Artemij.Bobryshev\Desktop\AutoLogger\RSIT\Artemij.Bobryshev_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKCU\..\Run: [Simple Sticky Notes] C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: OneDrive для бизнеса.lnk = C:\Program Files (x86)\Microsoft Office\Office16\GROOVE.EXE
O4 - Global Startup: vpngui.exe.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Отправить в OneNote - res://C:\PROGRA~2\MICROS~1\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office16\EXCEL.EXE/3000
O9 - Extra button: Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: &Связанные заметки OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Связанные заметки OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} (SurveillanceCtrl Control) - http://10.136.112.206/webrec.cab
O16 - DPF: {22CCC812-6369-4469-8E46-E5B69CE6C2E6} (LG DVR WebViewer Control) - http://10.136.32.201/lg_dvr_webviewer.cab
O16 - DPF: {357A8DEC-0CAC-4D8D-9869-C2C356B844F7} (RSVideo Control) - http://10.136.240.193/RSVideoOcx.cab
O16 - DPF: {8DC2E270-3620-405E-9A4E-07D37ACB6B27} (RMSViewer Control) - http://10.136.112.205/W2WebViewer.cab
O16 - DPF: {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} (Web Control) - http://10.140.112.135/web.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = 1plt.ru
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = 1plt.ru
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = 1plt.ru
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = 1plt.ru
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Remote Administrator Agent (EraAgentSvc) - Unknown owner - C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.75\elevation_service.exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: ImDisk Virtual Disk Driver Helper (ImDskSvc) - Unknown owner - C:\Windows\system32\imdsksvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SAP BW Precalculation Service - SAP AG - C:\Program Files (x86)\SAP\Business Explorer\BI_Prec\BExPreCalcWindowsService.exe
O23 - Service: SAP BW Precalculation Service Multi Instance - SAP AG - C:\Program Files (x86)\SAP\Business Explorer\BI_Prec\BExPreCalcWindowsServiceMulti.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: Time Control Service v3 (TimeSvc3) - RapidLights, Inc. - C:\Windows\SysWOW64\TimeControlSvc\vmnetdrv64.exe
O23 - Service: Time Control Service v3 Guard (TimeSvc3G) - Unknown owner - C:\Windows\SysWOW64\TimeControlSvc\sysprotect64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13890 bytes

====== Список процессов ======

C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bdd9aa6e-da47-445d-a020-c93d3ae77b0c -SystemEventPortName:HostProcess-ffc47824-2c73-41ae-a078-7845b2574be4 -IoCancelEventPortName:HostProcess-2a195381-797d-4d9c-b884-5d6612b16eb5 -NonStateChangingEventPortName:HostProcess-39a000c6-339c-4dd7-87ee-5a6686b61253 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0acf4533-fd62-4515-822c-2c26dc9bf351 -DeviceGroupId:
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
C:\Windows\system32\igfxCUIService.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\dashost.exe
C:\Windows\system32\imdsksvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
"C:\Windows\SysWOW64\nlssrv32.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\Windows\system32\rundll32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\locator.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\CCM\CcmExec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Microsoft Policy Platform\policyHost.exe" /service
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000  -c
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
C:\Windows\system32\sihost.exe
C:\Windows\system32\taskhostw.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" 
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
"C:\Windows\CCM\SCNotification.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" 
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" -hide -runkey
"C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe" 
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe" 
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe" 
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe" 
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Users\Artemij.Bobryshev\Desktop\AutoLogger-test.exe" 
"C:\Users\Artemij.Bobryshev\Desktop\AutoLogger\AVZ\avz.exe" Script=AVZ\GeneralScript.txt HiddenMode=0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -url http://google.ru/
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" http://google.ru
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8044.0.610805859\640762093" -parentBuildID 20200930150533 -prefsHandle 1452 -prefMapHandle 1440 -prefsLen 1 -prefMapSize 282503 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 8044 "\\.\pipe\gecko-crash-server-pipe.8044" 1532 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8044.6.925436161\1260342991" -childID 1 -isForBrowser -prefsHandle 2056 -prefMapHandle 2052 -prefsLen 411 -prefMapSize 282503 -parentBuildID 20200930150533 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 8044 "\\.\pipe\gecko-crash-server-pipe.8044" 2068 tab
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8072 CREDAT:82945 /prefetch:2
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8044.13.660250384\1080883975" -childID 2 -isForBrowser -prefsHandle 3536 -prefMapHandle 3532 -prefsLen 6716 -prefMapSize 282503 -parentBuildID 20200930150533 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 8044 "\\.\pipe\gecko-crash-server-pipe.8044" 3500 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8044.20.423733441\1042471705" -childID 3 -isForBrowser -prefsHandle 4000 -prefMapHandle 4004 -prefsLen 7514 -prefMapSize 282503 -parentBuildID 20200930150533 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 8044 "\\.\pipe\gecko-crash-server-pipe.8044" 4080 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8044.34.1388150913\2045229024" -childID 5 -isForBrowser -prefsHandle 4432 -prefMapHandle 4428 -prefsLen 7514 -prefMapSize 282503 -parentBuildID 20200930150533 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 8044 "\\.\pipe\gecko-crash-server-pipe.8044" 4448 tab
C:\Windows\system32\fontdrvhost.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 640 644 652 8192 648 
"C:\Users\Artemij.Bobryshev\Desktop\AutoLogger\RSIT\RSITx64.exe" /silent /m3 /autolog /logfolder "C:\Users\Artemij.Bobryshev\Desktop\AutoLogger\RSIT\Log" /hjtp "C:\Users\Artemij.Bobryshev\Desktop\AutoLogger\RSIT\HiJackThis.exe"

====== Папка назначенных заданий ======

C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe /NOUACCHECK
C:\Windows\system32\tasks\ASUS Smart Gesture Launcher - "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe"
C:\Windows\system32\tasks\ASUS Splendid ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
C:\Windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\Windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\Windows\system32\tasks\Microsoft\Windows\Wininet\Cleaner - C:\Programdata\WindowsTask\winlogon.exe
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\Windows\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - C:\Windows\system32\MusNotification.exe Display
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - C:\Windows\system32\MusNotification.exe Reboot
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\Windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\Windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\Windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\Windows\system32\tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} - gpupdate.exe /target:computer
C:\Windows\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\Windows\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe generaltel.dll,RunTelemetry -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload mininterval:2880
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload
C:\Windows\system32\tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation - C:\Windows\CCM\ccmeval.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Artemij.Bobryshev\AppData\Roaming\Mozilla\Firefox\Profiles\dkzgwzk3.default

prefs.js - "browser.startup.homepage" -  "about:blank"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.433 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IPC/npmedia3.0.0.3,version=3.0.0.3]
"Description"=
"Path"=C:\Program Files\webrec\Torch\3.0.0.3\npmedia3.0.0.3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Skype for Business Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@vmware.com/vmrc,version=5.5.0.00000]
"Description"=VMware VMRC Browser Plugin
"Path"=C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\vmware.com/client-support-plugin]
"Description"=
"Path"=C:\Program Files (x86)\VMware\Client Integration Plug-in 5.5\npVMwareClientSupportPlugin-5-5-0.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.433 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nppdf32.JPN

C:\Users\Artemij.Bobryshev\AppData\Roaming\Mozilla\Firefox\Profiles\dkzgwzk3.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
SaveFrom.net помощник: скачать Ютуб, ВКонтакт и др - extension - helper@savefrom.net
ZenMate VPN бесплатно - Лучший VPN - extension - firefox-webext@zenmate.com
Auto Reload Tab - extension - {0ed335eb-9779-4d7f-b9d8-7ec2e96a1f43}
Matte Black (White) - theme - {bcf9bb24-1417-4c9e-b901-1ffa328ba873}
Сохранение историй ВК. Анонимно. - extension - {2f10e122-5c4d-47b2-aee3-39b97cad45a2}

C:\Users\Artemij.Bobryshev\AppData\Roaming\Mozilla\Firefox\Profiles\dkzgwzk3.default\extensions.json
ReloadEvery - extension - {888d99e7-e8b5-46a3-851e-1ec45da1e644} - 
ZenMate Security, Privacy & Unblock VPN - extension - firefox@zenmate.com - 
friGate3 proxy helper - extension - e67f8350-7edf-11e3-baa7-0800200c9a66@fri-gate.org - 
Auto Reload Tab - extension - {0ed335eb-9779-4d7f-b9d8-7ec2e96a1f43} - 
Сохранение историй ВК. Анонимно. - extension - {2f10e122-5c4d-47b2-aee3-39b97cad45a2} - 
Matte Black (White) - theme - {bcf9bb24-1417-4c9e-b901-1ffa328ba873} - 
Adblock Plus - free ad blocker - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - 
ZenMate Free VPN – Best VPN - extension - firefox-webext@zenmate.com - 
SaveFrom.net helper - extension - helper@savefrom.net - 
Web Compat - extension - webcompat@mozilla.org - 
Firefox Screenshots - extension - screenshots@mozilla.org - 
Form Autofill - extension - formautofill@mozilla.org - 
WebCompat Reporter - extension - webcompat-reporter@mozilla.org - 
DoH Roll-Out - extension - doh-rollout@mozilla.org - 
Default - theme - default-theme@mozilla.org - 
Light - theme - firefox-compact-light@mozilla.org - 
Dark - theme - firefox-compact-dark@mozilla.org - 
Yandex - extension - yandex@search.mozilla.org - 
Google - extension - google@search.mozilla.org - 
DuckDuckGo - extension - ddg@search.mozilla.org - 
OZON.ru - extension - ozonru@search.mozilla.org - 
Price.ru - extension - priceru@search.mozilla.org - 
Wikipedia (en) - extension - wikipedia@search.mozilla.org - 
Поиск Mail.Ru - extension - mailru@search.mozilla.org - 
Firefox Alpenglow - theme - firefox-alpenglow@mozilla.org - 

C:\Users\Artemij.Bobryshev\AppData\Roaming\Mozilla\Firefox\Profiles\dkzgwzk3.default\pluginreg.dat

=========Google Chrome=========

C:\Users\Artemij.Bobryshev\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Homepage: 
default_search_provider.search_url: 
C:\Users\Artemij.Bobryshev\AppData\Local\Google\Chrome\User Data\Default\Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Презентации 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Интернет-магазин Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Документы 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Диск Google 14.2
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension bmanlajnpdncmhfkiccmbgeocgbncfln 1 Slinky Элегантный 20.0
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Таблицы 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Google Документы офлайн 1.13.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.74
Extension lmjnegcaeklhafolokijcfjliaokphfk 1 Video DownloadHelper 7.3.9.0
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.15
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Платежная система Интернет-магазина Chrome 1.0.0.5
Extension pbhelknnhilelbnhfpcjlcabhmfangik 1 Расширение для работы с 1С:Предприятием 1.0.0.55
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.2
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 8520.615.0.5
Homepage: 
default_search_provider.search_url: 

======Снимок реестра ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-03-17 238384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2018-05-15 2353944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-12-17 172840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2018-07-22 1525016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCui.exe [2016-10-25 1322496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-09-25 132736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Simple Sticky Notes"=C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe [2020-05-24 1450944]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUS InstantKey"=C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [2013-04-16 13936]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2018-09-10 3268176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-09-25 132736]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

C:\Users\Artemij.Bobryshev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneDrive для бизнеса.lnk - C:\Program Files (x86)\Microsoft Office\Office16\GROOVE.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RManService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.75\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.vorbis"=vorbis.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

====== Ассоциации файлов ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== Список файлов и папок, созданных за последние 3 месяца ======

2020-10-11 12:11:54 ----D---- C:\Windows\ABR
2020-10-11 01:10:21 ----A---- C:\Users\Artemij.Bobryshev\AppData\Roaming\sp_data.sys
2020-10-10 21:48:08 ----D---- C:\ProgramData\ASUS Smart Gesture
2020-10-10 07:30:31 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\Atheros
2020-10-10 07:23:43 ----D---- C:\FRST
2020-10-10 00:29:43 ----D---- C:\AdwCleaner
2020-10-10 00:13:20 ----D---- C:\KVRT_Data
2020-10-09 23:59:34 ----A---- C:\Windows\system32\PerfStringBackup.TMP
2020-10-09 23:57:15 ----D---- C:\ProgramData\Doctor Web
2020-10-09 23:54:21 ----A---- C:\Windows\ntbtlog.txt
2020-10-09 23:50:43 ----D---- C:\ProgramData\NVIDIA
2020-10-09 23:46:48 ----D---- C:\ProgramData\ESET
2020-10-09 13:48:42 ----SHD---- C:\Program Files\Common Files\McAfee
2020-09-16 13:06:39 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\Nextcloud
2020-08-27 15:28:22 ----D---- C:\Program Files (x86)\IObit
2020-08-10 13:05:41 ----D---- C:\ProgramData\tstn-screensaver
2020-08-03 15:32:00 ----D---- C:\Program Files (x86)\DiskInternals

====== Список файлов и папок, измененных за последние 3 месяца ======

2020-10-11 12:11:54 ----AD---- C:\Windows
2020-10-11 12:11:42 ----D---- C:\Windows\Prefetch
2020-10-11 12:05:24 ----D---- C:\Windows\Temp
2020-10-11 12:05:24 ----D---- C:\Windows\System32
2020-10-11 12:03:31 ----A---- C:\Windows\SMSCFG.ini
2020-10-11 12:00:31 ----D---- C:\Windows\system32\sru
2020-10-11 01:02:27 ----HD---- C:\ProgramData
2020-10-11 00:58:56 ----SHD---- C:\Windows\Installer
2020-10-11 00:58:55 ----SHD---- C:\Config.Msi
2020-10-11 00:58:55 ----D---- C:\Windows\system32\Tasks
2020-10-11 00:58:46 ----D---- C:\Program Files (x86)\ASUS
2020-10-11 00:45:02 ----D---- C:\Windows\INF
2020-10-11 00:39:56 ----D---- C:\Program Files (x86)\Mozilla Firefox
2020-10-11 00:36:46 ----D---- C:\Windows\system32\drivers
2020-10-10 17:53:17 ----D---- C:\Windows\system32\config
2020-10-10 17:35:13 ----D---- C:\Windows\Microsoft.NET
2020-10-10 00:47:34 ----D---- C:\Windows\Tasks
2020-10-10 00:44:06 ----RD---- C:\Program Files (x86)
2020-10-10 00:44:05 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\IObit
2020-10-09 15:57:33 ----SD---- C:\Windows\system32\Microsoft
2020-10-09 15:48:03 ----RSD---- C:\Windows\Fonts
2020-10-09 15:31:11 ----RD---- C:\Program Files
2020-10-09 15:27:00 ----SD---- C:\ProgramData\Microsoft
2020-10-09 15:17:31 ----SHD---- C:\$Recycle.Bin
2020-10-09 13:55:11 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\uTorrent
2020-10-09 13:48:42 ----D---- C:\Program Files\Common Files
2020-10-09 13:48:31 ----D---- C:\Windows\system32\AppLocker-
2020-10-09 13:48:29 ----D---- C:\Program Files\Internet Explorer
2020-10-09 13:48:29 ----D---- C:\Program Files\Common Files\System
2020-10-09 13:05:45 ----SHD---- C:\System Volume Information
2020-10-09 10:04:11 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\mRemoteNG
2020-10-08 23:08:20 ----D---- C:\Games
2020-10-08 21:39:20 ----D---- C:\Windows\SYSWOW64\directx
2020-10-08 21:39:03 ----HD---- C:\Windows\msdownld.tmp
2020-10-08 12:34:43 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\ViberPC
2020-10-06 17:42:54 ----D---- C:\Windows\SysWOW64
2020-10-01 14:48:05 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\VMware
2020-10-01 09:05:24 ----D---- C:\ProgramData\Mozilla
2020-09-17 17:32:25 ----D---- C:\Program Files (x86)\TeamViewer
2020-09-17 10:34:50 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\obs-studio
2020-09-15 11:01:28 ----D---- C:\Program Files\Image-Line
2020-09-14 13:47:55 ----D---- C:\Program Files (x86)\Trassir-4.0-client
2020-09-14 10:30:50 ----D---- C:\ProgramData\boost_interprocess
2020-09-09 13:32:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2020-09-09 13:32:18 ----D---- C:\Windows\system32\Macromed
2020-09-09 13:32:14 ----D---- C:\Windows\SYSWOW64\Macromed
2020-09-08 12:14:29 ----D---- C:\Windows\system32\FxsTmp
2020-09-01 11:05:44 ----D---- C:\Oktell
2020-08-31 17:15:14 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\CEF
2020-08-27 15:28:23 ----D---- C:\ProgramData\IObit
2020-08-25 11:06:30 ----D---- C:\Temp
2020-08-22 13:39:20 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\AIMP
2020-08-22 13:06:29 ----D---- C:\Windows\AppReadiness
2020-08-20 11:28:12 ----D---- C:\Program Files (x86)\AOMEI Partition Assistant Technician Edition 5.6
2020-08-02 11:56:22 ----D---- C:\Windows\system32\NDF
2020-07-31 09:46:27 ----D---- C:\TVP
2020-07-13 22:33:39 ----D---- C:\Users\Artemij.Bobryshev\AppData\Roaming\1C

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2019-04-10 57216]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 DNE;@oem62.inf,%DneLwf_Desc%;DNE LightWeight Filter; C:\Windows\system32\DRIVERS\dnelwf64.sys [2015-10-14 327976]
R1 dokan1;dokan1; C:\Windows\system32\DRIVERS\dokan1.sys [2017-11-28 102376]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2018-11-06 27552]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 AWEAlloc;AWE Memory Allocation Driver; C:\Windows\system32\DRIVERS\awealloc.sys [2015-12-15 21048]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-05-05 53464]
R2 ImDisk;ImDisk Virtual Disk Driver; C:\Windows\system32\DRIVERS\imdisk.sys [2015-12-15 48704]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-03-02 11576]
R3 AsusTP;@oem8.inf,%PS2.DeviceDesc%;ASUS Input Touchpad Device; C:\Windows\System32\drivers\AsusTP.sys [2017-03-09 128024]
R3 athr;@oem95.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athw10x.sys [2018-11-06 4320176]
R3 BTATH_BUS;@oem14.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-09-25 34384]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2018-11-26 609992]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 dc3d;@oem66.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\Windows\System32\drivers\dc3d.sys [2015-12-09 95024]
R3 HIDSwitch;@oem92.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsRadioControl.sys [2018-11-06 34184]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2015-06-26 39480]
R3 L1C;@oem80.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\System32\drivers\L1C63x64.sys [2016-09-19 161096]
R3 necbatt;@oem88.inf,%necbatt.SvcDesc%;Battery Filter Driver; C:\Windows\System32\drivers\necbatt.sys [2018-11-06 54648]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2019-04-10 20747736]
R3 nvvad_WaveExtensible;@oem76.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2019-04-17 69840]
R3 nvvhci;@oem100.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\Windows\System32\drivers\nvvhci.sys [2019-04-17 75600]
R3 Point64;@oem87.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\Windows\System32\drivers\point64.sys [2018-11-06 68904]
R3 prepdrvr;SMS Process Event Driver; C:\Windows\system32\DRIVERS\prepdrv.sys [2015-04-14 26984]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-03-02 53816]
S2 DOSMEMIO;MEMIO; \??\C:\Windows\syswow64\MEMIO.SYS [2000-08-24 4300]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2013-12-18 17008]
S3 AmUStor;@oem96.inf,%SERVICE_NAME%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2018-11-06 117728]
S3 androidusb;@oem50.inf,%SAMSUNG.Adb.SvcDesc%;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2016-03-12 36328]
S3 AthBTPort;@oem17.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-09-25 89800]
S3 AtomNe;AtomNe; \??\C:\Windows\SysWOW64\TimeControlSvc\AtomNe.sys [2020-01-27 70256]
S3 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv.sys [2019-04-10 313112]
S3 BTATH_A2DP;@oem16.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-09-25 338120]
S3 btath_avdt;@oem16.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-09-25 116424]
S3 BTATH_HCRP;@oem19.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-09-25 179432]
S3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-09-25 77464]
S3 BTATH_RCP;@oem23.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-09-25 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2016-03-16 238080]
S3 BthMtpEnum;@bthmtpenum.inf,%BthMtpEnum.SVCDESC%;Bluetooth MTP Device Enumerator; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [2015-07-10 67584]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 CaptureFileMonitor;CaptureFileMonitor; C:\Windows\system32\DRIVERS\CaptureFileMonitor.sys [2020-01-27 62976]
S3 CH341SER_A64;CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [2019-12-09 69024]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\System32\drivers\CVirtA64.sys [2010-02-08 14992]
S3 dg_ssudbus;@oem33.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2018-03-07 131712]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 HTCAND64;@oem59.inf,%HTCAND64.SvcDesc%;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 HtcVCom32;@oem61.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [2015-07-10 26112]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-06-26 50232]
S3 kmloop;@netloop.inf,%kmloop.Service.DispName%;Microsoft KM-TEST Loopback Adapter Driver; C:\Windows\System32\drivers\loop.sys [2015-07-10 16384]
S3 kx1avs;@oem112.inf,%kx1avs.SvcDesc%;Traktor Kontrol X1 Midi; C:\Windows\System32\Drivers\kx1avs.sys [2011-07-07 357968]
S3 kx1usb_svc;@oem111.inf,%kx1usb.SvcDesc%;Traktor Kontrol X1; C:\Windows\System32\Drivers\kx1usb.sys [2011-07-07 70224]
S3 MAYA44;@oem107.inf,%USBDRIVER.SvcDesc%;usb-audio.de driver for Maya44; C:\Windows\System32\Drivers\Maya44.sys []
S3 NdisImPlatformMp;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-531; C:\Windows\System32\drivers\NdisImPlatform.sys [2015-07-10 129024]
S3 netvsc;netvsc; C:\Windows\System32\drivers\netvsc.sys [2015-07-10 94720]
S3 nikz1audio;@oem109.inf,%MediaDevice.Desc%;Traktor Kontrol Z1 WDM Audio; C:\Windows\System32\Drivers\nikz1audio.sys [2015-09-09 383928]
S3 nikz1usb;@oem110.inf,%USBDriver.SvcDesc%;Traktor Kontrol Z1; C:\Windows\system32\DRIVERS\nikz1usb.sys [2015-09-09 100200]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-05-10 30336]
S3 pgusbmme;@oem108.inf,%PGUSBMME.SvcDesc%;usb-audio.de MME-Adapter; C:\Windows\system32\drivers\pgusbmm3.sys []
S3 PortTalk;PortTalk; C:\Windows\System32\Drivers\PortTalk.sys []
S3 ProcObsrv;ProcObsrv; \??\C:\Windows\System32\drivers\ProcObsrv.sys [2020-01-27 38880]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 ssadbus;@oem47.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\System32\drivers\ssadbus.sys [2016-03-12 157672]
S3 ssadmdfl;@oem48.inf,%Samsung.Filter.Name%;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2016-03-12 16872]
S3 ssadmdm;@oem48.inf,%Samsung.Service.Name%;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2016-03-12 177640]
S3 ssadserd;@oem49.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2016-03-12 146920]
S3 ssudmdm;@oem22.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2019-05-16 165504]

====== Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 CcmExec;SMS Agent Host; C:\Windows\CCM\CcmExec.exe [2016-01-13 1773744]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-09-09 328608]
R2 ImDskSvc;ImDisk Virtual Disk Driver Helper; C:\Windows\system32\imdsksvc.exe [2015-12-15 19552]
R2 Net Driver HPZ12;Net Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\System32\HPZinw12.dll
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2017-02-24 13988976]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2010-11-22 66560]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-02-27 782136]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-04-09 767472]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2019-05-22 782136]
R2 OneSyncSvc_Session1;Синхронизация узла_Session1; C:\Windows\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = 
R2 Pml Driver HPZ12;Pml Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\System32\HPZipm12.dll
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 lpasvc;Microsoft Policy Platform Local Authority; C:\Program Files\Microsoft Policy Platform\policyHost.exe [2012-08-02 50280]
S2 EraAgentSvc;ESET Remote Administrator Agent; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [2016-07-01 1708192]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2014-06-24 176128]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.75\elevation_service.exe [2020-10-05 1406448]
S3 lppsvc;Microsoft Policy Platform Processor; C:\Program Files\Microsoft Policy Platform\policyHost.exe [2012-08-02 50280]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-02-27 782136]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-13 213696]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PimIndexMaintenanceSvc_Session1;Служба контактных данных_Session1; C:\Windows\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = 
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SAP BW Precalculation Service Multi Instance;SAP BW Precalculation Service Multi Instance; C:\Program Files (x86)\SAP\Business Explorer\BI_Prec\BExPreCalcWindowsServiceMulti.exe [2015-03-19 51224]
S3 SAP BW Precalculation Service;SAP BW Precalculation Service; C:\Program Files (x86)\SAP\Business Explorer\BI_Prec\BExPreCalcWindowsService.exe [2015-03-19 50712]
S3 smstsmgr;ConfigMgr Task Sequence Agent; C:\Windows\CCM\TSManager.exe [2015-04-14 316600]
S4 CmRcService;Configuration Manager Remote Control; C:\Windows\CCM\RemCtrl\CmRcService.exe [2015-04-14 671928]

-----------------EOF-----------------
