﻿Лог утилиты random's system information tool 1.16(автор: random/random)
Run by Александр at 2021-04-05 13:58:14
Майкрософт Windows 8.1 для одного языка 
Системный раздел C: размер 594 GB (66%) Свободно 905 GB
Total RAM: 8056 MB (19% free)
X64

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 13:58:49, on 05.04.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!

FIREFOX: 56.0 (x86 ru)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Yandex\Punto Switcher\punto.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Александр\Desktop\temp1\OpOfic\AutoLogger\AutoLogger.exe
C:\Users\Александр\Desktop\temp1\OpOfic\AutoLogger\AutoLogger\AV\AV_Z.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera_crashreporter.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Users\Александр\Desktop\temp1\OpOfic\AutoLogger\AutoLogger\RSIT\Александр_RSITx64.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe
C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [Opera Browser Assistant] C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Александр\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Александр\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Александр\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Александр\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
O4 - Startup: Punto Switcher.lnk = C:\Program Files (x86)\Yandex\Punto Switcher\punto.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O4 - Global Startup: TVR Scheduler.lnk = C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Служба %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: Служба %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Служба Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\elevation_service.exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2017 64-bit (mi-raysat_3dsmax2017_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Common Connectivity Framework (STCServ) - Intel Corporation - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yandex.Browser Update Service (YandexBrowserService) - YANDEX LLC - C:\Program Files (x86)\Yandex\YandexBrowser\21.2.4.165\service_update.exe
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13287 bytes

====== Список процессов ======

C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe" /runassvc
"C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe" /runassvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\system32\CxAudMsg64.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\system32\dashost.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\WINDOWS\system32\locator.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\21.2.4.165\service_update.exe" --run-as-service
"C:\Program Files (x86)\Yandex\YandexBrowser\21.2.4.165\service_update.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\WINDOWS\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=63902a3ab9335f136cd00c8959aa8481 --annotation=main_process_pid=2248 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=21.2.4.165 --initial-client-data=0x138,0x13c,0x140,0x114,0x144,0x7ff76db1ba88,0x7ff76db1ba98,0x7ff76db1baa8
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="0EF94961-BD35-57C1-F0A4-AA77CD7D7546" /binpath="C:\Program Files\AVAST Software\Avast"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-47411787-7964-401c-b6e1-679f4581ab70 -SystemEventPortName:HostProcess-e99a6f08-6874-4f14-8069-200079736df5 -IoCancelEventPortName:HostProcess-d0278e91-d6ab-4a6f-b49a-df16d69a54ba -NonStateChangingEventPortName:HostProcess-18d1ba89-1ffe-45e3-9509-73535063ea89 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9069a7f5-d2ef-4656-923e-a914a9263eb4 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /c
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\system32\taskhostex.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
"C:\Program Files\Elantech\ETDIntelligent.exe" 
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" 
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe" 
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe" 
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files (x86)\Yandex\Punto Switcher\punto.exe" 
"C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe" 
"C:\Program Files (x86)\Yandex\Punto Switcher\ps64ldr.exe" -ps64start
C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Intel\STCServ\STCServ.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Александр\AppData\Local\Apps\2.0\K6JKNZOE.5H4\8LM4QTWT.R57\lsb...tion_91a10ba61c75c82d_0001.0006_f185aae74f563194\LSB.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Александр\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Александр\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Александр\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xa8,0xac,0xb0,0x84,0xb4,0x7ffc864b4f50,0x7ffc864b4f60,0x7ffc864b4f70
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1316 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --service-sandbox-type=network --mojo-platform-channel-handle=1444 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --service-sandbox-type=utility --mojo-platform-channel-handle=1904 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --extension-process --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2984 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --extension-process --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3124 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --extension-process --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=proxy_resolver.mojom.ProxyResolverFactory --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --service-sandbox-type=proxy_resolver --mojo-platform-channel-handle=5736 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --extension-process --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --service-sandbox-type=audio --mojo-platform-channel-handle=2028 /prefetch:8
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=7592,13678081408444380101,1409696128209323018,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\Александр\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (21.2.2455)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=MAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Users\Александр\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=8772 /prefetch:2
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=7592,13678081408444380101,1409696128209323018,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=en-US --service-sandbox-type=network --no-sandbox --force-wave-audio --log-file="C:\Users\Александр\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (21.2.2455)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Александр\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=7792 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1
C:\WINDOWS\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\Users\Александр\Documents\ТипыПамяти.tpl
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7888 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9076 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,1143803416681166588,13973530502130422992,131072 --lang=ru --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=194 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4332 /prefetch:1
"C:\WINDOWS\SysWOW64\GroupPolicy\S-1-5-90\TiWorker.exe" Oh~i+[GwfsXFlaaOU[Wl3PYUAXF+iAif|_L]&cGLtjUnU4SaUxFc{EqgW6p|6p|[
"C:\Users\Александр\Desktop\temp1\OpOfic\AutoLogger\AutoLogger.exe" 
"C:\Users\Александр\Desktop\temp1\OpOfic\AutoLogger\AutoLogger\AV\AV_Z.exe" Script=AV\GeneralScript.txt HiddenMode=0
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" -noautoupdate --ran-launcher --flag-switches-begin --flag-switches-end --enable-quic --lowered-browser -- http://google.ru/
"C:\Program Files (x86)\Opera\74.0.3911.218\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Александр\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Александр\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=74.0.3911.218 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x703178c8,0x703178d8,0x703178e4
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=gpu-process --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --gpu-preferences=OAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAABQAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAEAAAAFAAAAEAAAAAAAAAABAAAABgAAAA== --mojo-platform-channel-handle=1312 /prefetch:2
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --service-sandbox-type=network --enable-quic --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --mojo-platform-channel-handle=1480 /prefetch:8
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --service-sandbox-type=utility --enable-quic --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --mojo-platform-channel-handle=1924 /prefetch:8
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2232 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --extension-process --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1796 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --extension-process --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2740 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --extension-process --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2872 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3796 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3840 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4224 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4364 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4472 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --service-sandbox-type=audio --enable-quic --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --mojo-platform-channel-handle=5504 /prefetch:8
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --extension-process --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6536 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1248 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Users\Александр\Desktop\temp1\OpOfic\AutoLogger\AutoLogger\RSIT\RSITx64.exe" /silent /m3 /autolog /logfolder "C:\Users\Александр\Desktop\temp1\OpOfic\AutoLogger\AutoLogger\RSIT\Log" /hjtp "C:\Users\Александр\Desktop\temp1\OpOfic\AutoLogger\AutoLogger\RSIT\HiJackThis.exe" /rus 
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8136 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8388 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8368 /prefetch:1
"C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe" --type=renderer --field-trial-handle=1304,15357289944431256829,7756740010963649698,131072 --lang=ru --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36 OPR/74.0.3911.218 (Edition Campaign 34)" --with-feature:address-bar-yandex-box=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests=DNA-86173-test:DNA-86173,DNA-90363-test5:DNA-90363,DNA-90394-ref:DNA-90394 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1

====== Папка назначенных заданий ======

C:\WINDOWS\tasks\TrackerAutoUpdate.job - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate
C:\WINDOWS\tasks\update-S-1-5-21-1652166641-4265355984-1551046396-1002.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\WINDOWS\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\WINDOWS\tasks\Восстановление сервиса обновлений Яндекс.Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\21.2.4.165\service_update.exe  --repair
C:\WINDOWS\tasks\Обновление Браузера Яндекс.job - C:\Users\Александр\AppData\Local\Yandex\YandexBrowser\Application\browser.exe  --background-update --noerrdialogs
C:\WINDOWS\tasks\Системное обновление Браузера Яндекс.job - C:\Program Files (x86)\Yandex\YandexBrowser\21.2.4.165\service_update.exe  --run-as-launcher
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-halexan@mail.ru - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\Anvirlauncher - "C:\Program Files (x86)\AnVir Task Manager\anvirlauncher.exe"
C:\WINDOWS\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\WINDOWS\system32\tasks\AvastUpdateTaskMachineCore - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
C:\WINDOWS\system32\tasks\AvastUpdateTaskMachineUA - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\IntelBootstrapCCDashExe - C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe /tasktrayonly
C:\WINDOWS\system32\tasks\MirageAgent - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\WINDOWS\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\WINDOWS\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\OFFICE2010ACT - C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs
C:\WINDOWS\system32\tasks\Opera scheduled assistant Autoupdate 1582796853 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1513605045 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\TrackerAutoUpdate - "C:\Program Files\Tracker Software\Update\TrackerUpdate.exe" -CheckUpdate
C:\WINDOWS\system32\tasks\update-S-1-5-21-1652166641-4265355984-1551046396-1002 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\WINDOWS\system32\tasks\update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\WINDOWS\system32\tasks\{3AF4F817-16E3-444C-A811-942F32566806} - C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Александр\Music\7444_Karaoke_Songs+Player_By_Ambush\VanBasco's Karaoke Player 2.53.exe" -d C:\Users\Александр\Music\7444_Karaoke_Songs+Player_By_Ambush
C:\WINDOWS\system32\tasks\Восстановление сервиса обновлений Яндекс.Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\21.2.4.165\service_update.exe --repair
C:\WINDOWS\system32\tasks\Обновление Браузера Яндекс - C:\Users\Александр\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --background-update --noerrdialogs
C:\WINDOWS\system32\tasks\Системное обновление Браузера Яндекс - C:\Program Files (x86)\Yandex\YandexBrowser\21.2.4.165\service_update.exe --run-as-launcher
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineIS - C:\WINDOWS\SysWOW64\XPSViewer\TasksG\G-1-28-21\TG_1.4.16.95.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe \\?\Volume{7a42ba2c-7166-4a98-945b-72e27e39c9be}\ \\?\Volume{06dca5e2-756a-4aff-8ee0-846586784968}\ \\?\Volume{271fc96d-6460-4b93-adb1-514c798966a8}\ \\?\Volume{82898636-fe27-4966-b90a-8520b43f6079}\ -e -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Solution Center Launcher - %programfiles%\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe UpdateStatus
C:\WINDOWS\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScanPostpone - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCTaskService - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe
C:\WINDOWS\system32\tasks\Lenovo\LSC\RebootCountTask - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount
C:\WINDOWS\system32\tasks\Lenovo\LSC\Time72Task - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1652166641-4265355984-1551046396-1002 - "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Александр\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
C:\WINDOWS\system32\tasks\AVAST Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1

=========Mozilla firefox=========

ProfilePath - C:\Users\Александр\AppData\Roaming\Mozilla\Firefox\Profiles\abwxci53.default

prefs.js - "browser.search.useDBForOrder" -  false
prefs.js - "browser.startup.homepage" -  "https://www.yandex.ru/?win=312&clid=2256428-306"
prefs.js - "keyword.URL" -  "http://go.mail.ru/search?fr=ntg&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.126 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.126 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Users\Александр\AppData\Roaming\Mozilla\Firefox\Profiles\abwxci53.default\extensions\
anttoolbar@ant.com
staged

C:\Users\Александр\AppData\Roaming\Mozilla\Firefox\Profiles\abwxci53.default\searchplugins\
yandex.ru-191214.xml
yandex.ru-20173918.xml
yandex.ru-20175118.xml
yqs-barff-yandex.xml

C:\Users\Александр\AppData\Roaming\Mozilla\Firefox\Profiles\abwxci53.default\addons.json
Ant Video Downloader - extension - anttoolbar@ant.com
Визуальные закладки от Яндекс - extension - vb@yandex.ru
Ant.com add-on - extension - antmark@ant.com
Советник Яндекс.Маркета - extension - sovetnik@metabar.ru
Avast Online Security - extension - wrc@avast.com

C:\Users\Александр\AppData\Roaming\Mozilla\Firefox\Profiles\abwxci53.default\extensions.json
Antmark extensions - extension - antmark@ant.com - 
Ant Video Downloader - extension - anttoolbar@ant.com - 
Avast Online Security - webextension - wrc@avast.com - C:\Users\Александр\AppData\Roaming\Mozilla\Firefox\Profiles/abwxci53.default\extensions\wrc@avast.com.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - 
Pocket - extension - firefox@getpocket.com - 
Application Update Service Helper - extension - aushelper@mozilla.org - 
Click-to-Play staged rollout - extension - clicktoplay-rollout@mozilla.org - 
Follow-on Search Telemetry - extension - followonsearch@mozilla.com - 
Firefox Screenshots - extension - screenshots@mozilla.org - 
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - 
Web Compat - extension - webcompat@mozilla.org - 
Activity Stream - extension - activity-stream@mozilla.org - 
Form Autofill - extension - formautofill@mozilla.org - 
Photon onboarding - extension - onboarding@mozilla.org - 
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - 
Поиск Mail.Ru - webextension - search@mail.ru - 
Avast SafePrice | Comparison, deals, coupons - webextension - sp@avast.com - C:\Users\Александр\AppData\Roaming\Mozilla\Firefox\Profiles/abwxci53.default\extensions\sp@avast.com.xpi
Визуальные закладки - webextension - vb@yandex.ru - 
Домашняя страница Mail.Ru - webextension - homepage@mail.ru - 
Пульт - webextension - {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} - 
Советник Яндекс.Маркета - webextension - sovetnik@metabar.ru - 

C:\Users\Александр\AppData\Roaming\Mozilla\Firefox\Profiles\abwxci53.default\pluginreg.dat
Plugin - Shockwave Flash - 28.0.0.126 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll

=========Google Chrome=========

C:\Users\Александр\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Интернет-магазин Chrome 0.2
Extension alkkcjoolajbfbbogkchgokenllclcjc 1 Корректор произношения 1.1
Extension apdfllckaahabafndbhieahigkjlhalf 1 Диск Google 14.5
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0  
Extension cppnjmdljhemhdachecffocboniemifa 1 vidIQ for Chrome 1.0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension fdjdjkkjoiomafnihnobkinnfjnnlhdg   
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Google Документы офлайн 1.27.0
Extension gomekmidlodglbbmalcneegieacbdmki 1 Avast Online Security 20.3.10
Extension jeaompkpfafalmlchhmehhfhmojmmkol 1 ePN Webmaster Plugin 1.5.2
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.74
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension nbpagnldghgfoolbancepceaanlmhfmd 1 Hotword triggering 0.0.1.4
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.16
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Платежная система Интернет-магазина Chrome 1.0.0.6
Extension odijcgafkhpobjlnfdgiacpdenpmbgme   
Extension omghfjlpggmjjaagoclmmobgdodcjboh 1 Browsec VPN - Free VPN for Chrome 3.31.0
Extension pachckjkecffpdphbpmfolblodfkgbhl 1 vidIQ Vision for YouTube 3.44.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pehlbpmpoabkgenppepoaihkacolpdcf 1 Голосовой ввод текста 9.9
Extension pfjibkklgpfcfdlhijfglamdnkjnpdeg 1 AliRadar - помощник в покупках 1.1.2
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 8921.104.0.3
Homepage: 
default_search_provider.search_url: 
C:\Users\Александр\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejnpnkhfgfkcpgikiinojlmdcjimobi]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\daanglpcpkjjlkhcbladppjphglbigam]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fdjdjkkjoiomafnihnobkinnfjnnlhdg]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hdpgllbnilfcbckbdchjcfgopijgllcm]
"Path"=


======Снимок реестра ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={3FE593F8-ED8C-481B-A005-51A945BF3354}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3FE593F8-ED8C-481B-A005-51A945BF3354}]
"URL"=http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={3FE593F8-ED8C-481B-A005-51A945BF3354}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{3FE593F8-ED8C-481B-A005-51A945BF3354}]
"URL"=http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-19 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}]
Визуальные закладки

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2012-06-14 887968]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-19 127616]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-12-26 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-12-26 191544]
"IntelConnectCenter"=C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16 90112]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2021-03-27 117472]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-12-22 4701888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Александр\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"=C:\WINDOWS\system32\cmd.exe [2014-10-29 357376]
"Uninstall C:\Users\Александр\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"=C:\WINDOWS\system32\cmd.exe [2014-10-29 357376]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2019-07-21 226728]
"Opera Browser Assistant"=C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [2020-11-25 3154456]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
TVR Scheduler.lnk - C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe

C:\Users\Александр\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Punto Switcher.lnk - C:\Program Files (x86)\Yandex\Punto Switcher\punto.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aswSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSecurityTab"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoWindowsUpdate"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

====== Ассоциации файлов ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== Список файлов и папок, созданных за последние 3 месяца ======

2021-03-31 15:42:40 ----HD---- C:\$AV_ASW
2021-03-27 13:43:49 ----A---- C:\WINDOWS\system32\aswBoot.exe
2021-03-27 13:43:47 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2021-03-25 14:18:20 ----D---- C:\Program Files (x86)\AnVir Task Manager
2021-03-24 09:06:06 ----D---- C:\FRST
2021-03-24 09:04:48 ----D---- C:\WINDOWS\ABR
2021-03-22 15:56:01 ----D---- C:\WINDOWS\pss
2021-03-22 14:36:49 ----D---- C:\AdwCleaner
2021-03-19 13:50:10 ----D---- C:\Open_Broker_QUIK
2021-03-15 17:37:35 ----D---- C:\Users\Александр\AppData\Roaming\Notepad++
2021-03-15 17:37:35 ----D---- C:\Program Files\Notepad++

====== Список файлов и папок, измененных за последние 3 месяца ======

2021-04-05 13:58:48 ----D---- C:\WINDOWS\system32\drivers\etc
2021-04-05 13:55:23 ----D---- C:\WINDOWS\Temp
2021-04-05 13:02:00 ----D---- C:\WINDOWS\system32\sru
2021-04-05 12:25:11 ----D---- C:\ProgramData\NVIDIA
2021-04-05 11:37:30 ----SHD---- C:\System Volume Information
2021-04-05 11:36:15 ----D---- C:\WINDOWS\Microsoft.NET
2021-04-05 11:20:42 ----D---- C:\ProgramData\AVAST Software
2021-04-05 11:10:46 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2021-04-05 11:07:43 ----D---- C:\Program Files (x86)\TeamViewer
2021-04-05 10:52:07 ----D---- C:\Windows
2021-04-05 10:52:07 ----D---- C:\Program Files (x86)\IObit
2021-04-05 10:51:55 ----D---- C:\ProgramData
2021-04-05 10:31:04 ----RD---- C:\WINDOWS\System32
2021-04-05 10:31:04 ----D---- C:\WINDOWS\Inf
2021-04-05 10:31:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-04 20:43:17 ----D---- C:\Users\Александр\AppData\Roaming\Telegram Desktop
2021-04-02 17:36:46 ----RD---- C:\Program Files (x86)
2021-04-02 17:36:44 ----HD---- C:\WINDOWS\system32\GroupPolicy
2021-04-02 17:36:44 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2021-04-02 12:28:11 ----D---- C:\mScreens
2021-04-02 12:10:52 ----D---- C:\Program Files (x86)\Amazon
2021-04-02 11:39:02 ----SHD---- C:\$RECYCLE.BIN
2021-04-02 11:38:46 ----D---- C:\WINDOWS\Tasks
2021-04-02 11:38:46 ----D---- C:\WINDOWS\system32\Tasks
2021-04-02 11:33:57 ----SHD---- C:\WINDOWS\Installer
2021-04-02 09:32:59 ----D---- C:\Program Files (x86)\BraveSoftware
2021-03-30 12:12:32 ----D---- C:\Games
2021-03-30 11:21:45 ----D---- C:\myFlashKing
2021-03-30 11:21:07 ----D---- C:\KMPlayer
2021-03-30 11:17:54 ----D---- C:\Program Files (x86)\Google
2021-03-30 08:55:51 ----D---- C:\Program Files (x86)\MetaTrader 4_2
2021-03-30 08:51:30 ----D---- C:\Program Files (x86)\Alpari MT4
2021-03-29 13:33:29 ----D---- C:\Program Files (x86)\MetaTrader 4_1
2021-03-29 13:26:47 ----D---- C:\ProgramData\ProductData
2021-03-27 13:46:51 ----D---- C:\WINDOWS\system32\drivers
2021-03-27 13:23:41 ----D---- C:\WINDOWS\system32\config
2021-03-27 13:23:28 ----D---- C:\WINDOWS\system32\wbem
2021-03-27 13:20:50 ----D---- C:\WINDOWS\WinSxS
2021-03-27 13:20:50 ----D---- C:\WINDOWS\system32\catroot2
2021-03-27 13:20:50 ----AD---- C:\WINDOWS\SysWOW64
2021-03-27 13:20:23 ----D---- C:\WINDOWS\system32\drivers\UMDF
2021-03-27 13:20:23 ----D---- C:\WINDOWS\system32\CodeIntegrity
2021-03-27 13:20:23 ----D---- C:\Users\Александр\AppData\Roaming\uTorrent
2021-03-27 13:19:37 ----D---- C:\ProgramData\Autodesk
2021-03-27 13:19:37 ----D---- C:\Program Files\CCleaner
2021-03-27 13:19:22 ----D---- C:\Program Files (x86)\USB Camera
2021-03-27 13:19:19 ----D---- C:\Program Files (x86)\Lenovo
2021-03-27 13:19:17 ----D---- C:\Program Files (x86)\Imperium Romanum
2021-03-27 13:19:04 ----D---- C:\Program Files (x86)\Autodesk
2021-03-27 13:18:49 ----D---- C:\NVIDIA
2021-03-27 13:13:35 ----HD---- C:\Program Files\WindowsApps
2021-03-27 13:01:09 ----D---- C:\WINDOWS\registration
2021-03-27 12:55:47 ----D---- C:\Users\Александр\AppData\Roaming\OEMSoftwareEngine
2021-03-27 12:55:27 ----D---- C:\Users\Александр\AppData\Roaming\MetaQuotes
2021-03-27 12:50:28 ----D---- C:\ProgramDataIObit
2021-03-27 12:49:03 ----D---- C:\Program Files
2021-03-21 13:23:35 ----D---- C:\WINDOWS\debug
2021-03-20 19:41:47 ----D---- C:\WINDOWS\SoftwareDistribution
2021-03-20 19:41:47 ----D---- C:\WINDOWS\Logs
2021-03-18 11:54:05 ----D---- C:\Program Files (x86)\Opera
2021-03-16 17:55:53 ----D---- C:\Users\Александр\AppData\Roaming\Zoom
2021-02-28 11:40:40 ----D---- C:\WINDOWS\AppReadiness
2021-02-23 13:12:12 ----D---- C:\Program Files\Tracker Software
2021-01-12 09:57:55 ----D---- C:\Program Files (x86)\MetaTrader 4_6025
2021-01-12 09:54:41 ----D---- C:\Program Files (x86)\MetaTrader 4_959

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2021-03-27 35680]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2021-03-27 250328]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2021-03-27 99288]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2021-03-27 83368]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2021-03-27 326976]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-05-29 646408]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2012-12-26 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2018-02-25 47088]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2021-03-27 208552]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2021-03-27 365520]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2021-03-27 41304]
R1 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2021-03-27 177872]
R1 aswNetHub;aswNetHub; C:\WINDOWS\system32\drivers\aswNetHub.sys [2021-03-27 524416]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2021-03-27 107808]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2021-03-27 850120]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2021-03-27 466696]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2015-08-01 26528]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2013-11-21 115448]
R3 ACPIVPC;@oem52.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-04-27 35576]
R3 ApkbfiltrService;@oem48.inf,%kbfiltr.SvcDesc%;Alps Keyboard Filter; C:\WINDOWS\System32\drivers\Apkbfiltr.sys [2015-07-23 31016]
R3 athr;@oem58.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2017-08-07 4319632]
R3 BTATH_BUS;@oem5.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-08-19 33944]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2017-01-19 66968]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Драйвер порта USB радиомодуля Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-06-10 81920]
R3 clwvd;@oem60.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\WINDOWS\system32\DRIVERS\clwvd.sys [2012-06-26 36336]
R3 CnxtHdAudService;@oem45.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-07-10 1299648]
R3 dtlitescsibus;@oem27.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-01-08 30264]
R3 dtliteusbbus;@oem28.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-01-08 47672]
R3 ETD;@oem50.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2017-03-24 607312]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2017-03-24 32328]
R3 ICCWDT;@oem2.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2017-05-08 38480]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcDAud;@oem47.inf,%IntcDAud.SvcDesc%;Аудио Intel(R) для дисплеев; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-07-10 480800]
R3 L1C;@oem57.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-11-29 130248]
R3 MEIx64;@oem26.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-03-29 186424]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2018-02-25 17353248]
R3 nvvad_WaveExtensible;@oem75.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2018-02-24 59240]
R3 nvvhci;@oem77.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-02-24 57928]
R3 vm331avs;@oem10.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\WINDOWS\System32\Drivers\vm331avs.sys [2012-08-24 975104]
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2021-03-27 216376]
S3 AthBTPort;@oem9.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-19 88728]
S3 BTATH_A2DP;@oem8.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-19 344216]
S3 btath_avdt;@oem8.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-19 114840]
S3 BTATH_HCRP;@oem11.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-19 178840]
S3 BTATH_LWFLT;@oem12.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-19 76952]
S3 BTATH_RCP;@oem15.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-19 135832]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Служба перечислителя Bluetooth; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-06-10 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Драйвер Bluetooth с низким энергопотреблением; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Устройства Bluetooth (личной сети); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Драйвер порта Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-06-10 1201664]
S3 cdrombus;@oem34.inf,%CdromBusSvcDesc%;Android BUS Service; C:\WINDOWS\System32\Drivers\cdrombus.sys [2012-08-22 25088]
S3 CH341SER_A64;CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [2015-02-06 59904]
S3 dg_ssudbus;@oem73.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2019-09-26 136040]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-02-24 30280]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Устройство Bluetooth (протокол RFCOMM TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBVSTOR;@oem22.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
S3 ssudmdm;@oem74.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2019-09-26 166760]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Адаптер USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2015-04-25 20992]
S3 usbser;@oem37.inf,%ServiceName%;USB RS-232 Emulation Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2014-11-04 33280]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-видеоустройство (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]

====== Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-01-25 169672]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\apphostsvc.dll
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-19 211584]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2021-03-27 623216]
R2 avast! Tools;Avast Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2021-03-27 353504]
R2 Bonjour Service;Служба Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2012-06-08 201376]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2017-03-24 134880]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-02-24 462864]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-02-24 460872]
R2 STCServ;Intel(R) Common Connectivity Framework; C:\Program Files\Intel\STCServ\STCServ.exe [2015-03-16 8095456]
R2 TeamViewer;TeamViewer 14; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2019-07-03 11969880]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 avast;Служба %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-13 164984]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-07 144200]
S3 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2016-07-01 1295376]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2021-03-29 7888408]
S3 avastm;Служба %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-13 164984]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-12-22 1471168]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2017-01-12 1591264]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2015-07-20 1104176]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\elevation_service.exe [2021-03-29 1509488]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-07 144200]
S3 mi-raysat_3dsmax2017_64;mental ray Satellite for Autodesk 3ds Max 2017 64-bit; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [2011-09-15 86016]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-08-07 175568]
S3 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-02-24 519240]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-02-24 519240]

-----------------EOF-----------------
