﻿Лог утилиты random's system information tool 1.17(автор: random/random)
Run by Avalon at 2024-09-23 12:57:17
Microsoft Windows 7 Максимальная  Service Pack 1
Системный раздел C:  Свободно 187 GB (39%) размер 477 GB
Total RAM: 8129 MB (72% free)
X64


====== Список процессов ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\amdfendrsr.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --service
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
\??\C:\Windows\system32\conhost.exe
"C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-30a17915-f7d6-46a0-a702-82c35d9b4e02 -SystemEventPortName:HostProcess-a24b134a-1db1-4886-9fc4-1a9975d26f2e -IoCancelEventPortName:HostProcess-3d9a682e-cf3b-4ac4-8eb1-aa372a84eb0b -NonStateChangingEventPortName:HostProcess-817c1ae1-3569-48c2-8238-493ab29d1315 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4163b576-45bd-4738-b00b-585e3d3c58a6 -DeviceGroupId:
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\ProgramData\Lesta\GameCenter\lgc.exe" --background
"C:\Program Files\ESET\ESET NOD32 Antivirus\eguiproxy.exe" /hide
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\Avalon\AppData\Roaming\NCALayer\NCALayer.exe" 
C:\Users\Avalon\AppData\Roaming\NCALayer\jre\bin\javaw.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\taskeng.exe
"C:\ProgramData\Lesta\GameCenter\dlls\lgc_renderer_host.exe" --type=gpu-process --field-trial-handle=1436,4864137188784809773,5086431941705855591,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,WebRtcHideLocalIpsWithMdns --no-sandbox --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_125403_705.log" --log-severity=info --product-version="Chrome/84.0.4147.105 LGC/24.02.00.0494" --lang=en-US --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_125403_705.log" --mojo-platform-channel-handle=1456 /prefetch:2
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\crashpad_handler.exe" --no-rate-limit --database=C:\Users\Avalon\AppData\Local\TeamViewer\Logs\ErrorReports --metrics-dir=C:\Users\Avalon\AppData\Local\TeamViewer\Logs\ErrorReports --url=https://errorreporting.teamviewer.com:443/api/3/minidump/?sentry_client=sentry.native/0.4.17&sentry_key=ab2b65e79a501de39a5e47e7bc23e13b --attachment=C:\Users\Avalon\AppData\Local\TeamViewer\Logs\ErrorReports\14b653fa-b7ed-44ed-dbca-b65ae8c16cbb.run\__sentry-event --attachment=C:\Users\Avalon\AppData\Local\TeamViewer\Logs\ErrorReports\14b653fa-b7ed-44ed-dbca-b65ae8c16cbb.run\__sentry-breadcrumb1 --attachment=C:\Users\Avalon\AppData\Local\TeamViewer\Logs\ErrorReports\14b653fa-b7ed-44ed-dbca-b65ae8c16cbb.run\__sentry-breadcrumb2 --initial-client-data=0x204,0x208,0x20c,0x200,0x210,0x4a21b90,0x4a21ba4,0x4a21bb4
"C:\Users\Avalon\Desktop\AutoLogger.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Avalon\Desktop\AutoLogger\AV\AV_Z.exe" Script=AV\GeneralScript.txt HiddenMode=0 AM=Y
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks  --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log  
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks  --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log  
"C:\Program Files (x86)\TeamViewer\crashpad_handler.exe" --no-rate-limit --database=C:\Users\Avalon\AppData\Local\TeamViewer\Logs\ErrorReports --metrics-dir=C:\Users\Avalon\AppData\Local\TeamViewer\Logs\ErrorReports --url=https://errorreporting.teamviewer.com:443/api/3/minidump/?sentry_client=sentry.native/0.4.17&sentry_key=ab2b65e79a501de39a5e47e7bc23e13b --attachment=C:\Users\Avalon\AppData\Local\TeamViewer\Logs\ErrorReports\0bfdbee9-2739-4e3f-76b9-7f2f5aa8500f.run\__sentry-event --attachment=C:\Users\Avalon\AppData\Local\TeamViewer\Logs\ErrorReports\0bfdbee9-2739-4e3f-76b9-7f2f5aa8500f.run\__sentry-breadcrumb1 --attachment=C:\Users\Avalon\AppData\Local\TeamViewer\Logs\ErrorReports\0bfdbee9-2739-4e3f-76b9-7f2f5aa8500f.run\__sentry-breadcrumb2 --initial-client-data=0x780,0x784,0x788,0x77c,0x78c,0x4a21b90,0x4a21ba4,0x4a21bb4
"C:\ProgramData\Lesta\GameCenter\dlls\lgc_renderer_host.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1436,4864137188784809773,5086431941705855591,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,WebRtcHideLocalIpsWithMdns --lang=en-US --service-sandbox-type=network --no-sandbox --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_125403_705.log" --log-severity=info --product-version="Chrome/84.0.4147.105 LGC/24.02.00.0494" --lang=en-US --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_125403_705.log" --mojo-platform-channel-handle=1948 /prefetch:8
"C:\ProgramData\Lesta\GameCenter\dlls\lgc_renderer_host.exe" --type=renderer --no-sandbox --force-device-scale-factor=1 --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_125403_705.log" --field-trial-handle=1436,4864137188784809773,5086431941705855591,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,WebRtcHideLocalIpsWithMdns --lang=en-US --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_125403_705.log" --log-severity=info --product-version="Chrome/84.0.4147.105 LGC/24.02.00.0494" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2264 /prefetch:1
C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://google.ru
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3984 CREDAT:79873
C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1854963628-2713006132-4040804188-10001_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1854963628-2713006132-4040804188-10001 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"  "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Users\Avalon\Desktop\AutoLogger\RSIT\RSITx64.exe" /silent /m3 /autolog /logfolder "C:\Users\Avalon\Desktop\AutoLogger\RSIT\Log" /nohjt /rus 

====== Папка назначенных заданий ======

C:\Windows\tasks\Восстановление сервиса обновлений Яндекс.Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\22.9.1.1094\service_update.exe  --repair
C:\Windows\tasks\Восстановление сервиса обновлений Яндекс Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\22.11.0.2423\service_update.exe  --repair
C:\Windows\tasks\Системное обновление Браузера Яндекс.job - C:\Program Files (x86)\Yandex\YandexBrowser\22.11.0.2423\service_update.exe  --run-as-launcher
C:\Windows\system32\tasks\AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
C:\Windows\system32\tasks\BlueStacksHelper - C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe -sr
C:\Windows\system32\tasks\DownloadStudio Standalone Updater - "C:\Program Files (x86)\Download Studio\dstudio-gui.exe" --self-update
C:\Windows\system32\tasks\Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\6.5.0\Scheduler.exe /scheduler
C:\Windows\system32\tasks\Driver Booster SkipUAC (Avalon) - C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DriverBooster.exe /skipuac
C:\Windows\system32\tasks\DriverPack Cloud - "C:\Program Files (x86)\DriverPack Cloud\cloud.exe"
C:\Windows\system32\tasks\ESET Windows 10 upgrade – Refresh settings - C:\Program Files\Common Files\AV\ESET Internet Security 13.0.22.0\upgrade.exe
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
C:\Windows\system32\tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
C:\Windows\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\Windows\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\Windows\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\Windows\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
C:\Windows\system32\tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
C:\Windows\system32\tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
C:\Windows\system32\tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
C:\Windows\system32\tasks\Opera scheduled assistant Autoupdate 1582728592 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1495034904 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\StartCN - "C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay
C:\Windows\system32\tasks\StartCNBM - "C:\Program Files\AMD\CNext\CNext\cncmd.exe" benchmark
C:\Windows\system32\tasks\StartDVR - "C:\Program Files\AMD\CNext\CNext\RSServCmd.exe"
C:\Windows\system32\tasks\Восстановление сервиса обновлений Яндекс.Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\22.9.1.1094\service_update.exe --repair
C:\Windows\system32\tasks\Восстановление сервиса обновлений Яндекс Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\22.11.0.2423\service_update.exe --repair
C:\Windows\system32\tasks\Системное обновление Браузера Яндекс - C:\Program Files (x86)\Yandex\YandexBrowser\22.11.0.2423\service_update.exe --run-as-launcher
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1854963628-2713006132-4040804188-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Mozilla\Firefox Background Update E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
C:\Windows\system32\tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\ASUS\i-Setup171440 - C:\Windows\Install\AsusSetup.exe -reboot -log171440

=========Mozilla firefox=========

ProfilePath - C:\Users\Avalon\AppData\Roaming\Mozilla\Firefox\Profiles\a7p0za1g.default-1570892109110

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files (x86)\Winamp Detect\npwachk.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.271.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.271.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Avalon\AppData\Roaming\Mozilla\Firefox\Profiles\a7p0za1g.default-1570892109110\addons.json

C:\Users\Avalon\AppData\Roaming\Mozilla\Firefox\Profiles\a7p0za1g.default-1570892109110\extensions.json
Визуальные закладки - extension - vb@yandex.ru - 
Советник Яндекс.Маркета - extension - sovetnik-yandex@yandex.ru - 
Form Autofill - extension - formautofill@mozilla.org - 
Firefox Screenshots - extension - screenshots@mozilla.org - 
WebCompat Reporter - extension - webcompat-reporter@mozilla.org - 
Web Compatibility Interventions - extension - webcompat@mozilla.org - 
Picture-In-Picture - extension - pictureinpicture@mozilla.org - 
Yandex - extension - yandex@search.mozilla.org - 
Google - extension - google@search.mozilla.org - 
DuckDuckGo - extension - ddg@search.mozilla.org - 
Wikipedia (en) - extension - wikipedia@search.mozilla.org - 
Поиск Mail.Ru - extension - mailru@search.mozilla.org - 
Firefox Alpenglow - theme - firefox-alpenglow@mozilla.org - 
System theme — auto - theme - default-theme@mozilla.org - 
Light - theme - firefox-compact-light@mozilla.org - 
Dark - theme - firefox-compact-dark@mozilla.org - 
Add-ons Search Detection - extension - addons-search-detection@mozilla.com - 

C:\Users\Avalon\AppData\Roaming\Mozilla\Firefox\Profiles\a7p0za1g.default-1570892109110\pluginreg.dat

WMI error encountered
WMI error encountered
=========Google Chrome=========

C:\Users\Avalon\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Интернет-магазин Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake   
Extension apdfllckaahabafndbhieahigkjlhalf   
Extension ekmeppjgajofkpiofbebgcbohbmfldaf 0 OrangeMonkey 1.0.4
Extension fdjdjkkjoiomafnihnobkinnfjnnlhdg   
Extension felcaaldnbdncclmgdcncolpebgiejap   
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Google Документы офлайн 1.60.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.74
Extension ldgpjdiadomhinpimgchmeembbgojnjk 0 Поиск  Яндексa 2.0.0.23
Extension llcdellnofncikmhimjdbkdjgpmcjbik 0 Internet-Start 0.0.8
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mjmpfdkmpojoeemjmfiddlhkkndcdpno 0 Поиск  Яндексa 2.0.2.20
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.21
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Платежная система Интернет-магазина Chrome 1.0.0.6
Extension pjkljhegncpnkpknbcohdijeoejaedia   
Homepage: 
default_search_provider.search_url: 
C:\Users\Avalon\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ekmeppjgajofkpiofbebgcbohbmfldaf]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fdjdjkkjoiomafnihnobkinnfjnnlhdg]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\llcdellnofncikmhimjdbkdjgpmcjbik]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mjmpfdkmpojoeemjmfiddlhkkndcdpno]
"Path"=


======Снимок реестра ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-11-02 734376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-02 348328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2019-08-24 9269352]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [2019-10-26 180736]
"Realtek HD Audio"=C:\ProgramData\ReaItekHD\taskhostw.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Lesta Game Center"=C:\ProgramData\Lesta\GameCenter\lgc.exe [2024-06-13 1934488]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-05 1305408]
"YandexBrowserAutoLaunch_D65F749BEA77066B46465931FD75176D"=C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2024-09-18 4570288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Manager]
C:\Users\Avalon\AppData\Local\Yandex\BrowserManager\MBLauncher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_D65F749BEA77066B46465931FD75176D]
C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2024-09-18 4570288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-05-28 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2]
C:\Users\Avalon\MediaGet2\mediaget.exe --minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OKGames]
C:\Users\Avalon\AppData\Local\ОК Игры\OKApp.exe [2022-01-26 2711864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opera Browser Assistant]
C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [2023-03-08 4140448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pora]
123 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Realtek HD Audio]
C:\ProgramData\ReaItekHD\taskhostw.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2020-09-16 706680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YandexBrowserAutoLaunch_D65F749BEA77066B46465931FD75176D]
C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2024-09-18 4570288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AnyDesk.lnk]
C:\PROGRA~2\AnyDesk\AnyDesk.exe [2024-02-11 3910472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Avalon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OrbitumUpdate.lnk]
C:\Users\Avalon\AppData\Local\Orbitum\APPLIC~1\ORBITU~1\ORBITU~1.EXE [2017-07-20 2722752]

C:\Users\Avalon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
NCALayer.lnk - C:\Users\Avalon\AppData\Roaming\NCALayer\NCALayer.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMInstallerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMInstallerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"vidc.mjpg_backup"=bdmjpeg64.dll
"vidc.mpeg_backup"=bdmpegv64.dll
"msacm.bdmpeg_backup"=bdmpega64.acm
"msacm.bdmpeg"=bdmpega64.acm
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"MSVideo8"=VfWWDM32.dll
"aux1"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"aux4"=wdmaud.drv
"aux5"=wdmaud.drv

====== Ассоциации файлов ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== Список файлов и папок, созданных за последние 3 месяца ======

2024-09-23 12:47:00 ----D---- C:\AAA
2024-09-22 20:27:23 ----D---- C:\Users\Avalon\AppData\Roaming\WinTools
2024-09-22 20:27:22 ----D---- C:\Program Files (x86)\WinTools Software
2024-09-01 11:21:19 ----D---- C:\GOG Games
2024-08-10 14:21:28 ----D---- C:\Program Files\Cheat Engine 7.5
2024-07-28 14:18:22 ----D---- C:\Program Files (x86)\SmallGames

====== Список файлов и папок, измененных за последние 3 месяца ======

2024-09-23 12:57:16 ----D---- C:\Windows\Temp
2024-09-23 12:54:55 ----D---- C:\Program Files (x86)\Google
2024-09-23 12:54:47 ----D---- C:\ProgramData\NVIDIA
2024-09-23 12:53:33 ----D---- C:\Windows\Prefetch
2024-09-23 12:52:51 ----D---- C:\Program Files (x86)\TeamViewer
2024-09-23 12:51:12 ----D---- C:\Windows\system32\drivers\etc
2024-09-23 12:48:35 ----SD---- C:\ProgramData\Microsoft
2024-09-23 12:48:29 ----RD---- C:\Program Files (x86)
2024-09-23 12:48:29 ----RD---- C:\Program Files
2024-09-23 12:48:28 ----D---- C:\Program Files (x86)\IObit
2024-09-23 12:48:27 ----D---- C:\Program Files\Common Files
2024-09-23 12:48:27 ----D---- C:\Program Files (x86)\Common Files
2024-09-23 12:48:26 ----HD---- C:\ProgramData
2024-09-23 12:48:24 ----RSD---- C:\Windows\Fonts
2024-09-23 12:48:24 ----D---- C:\Windows
2024-09-23 10:52:59 ----D---- C:\Windows\system32\config
2024-09-23 10:38:54 ----A---- C:\Windows\ntbtlog.txt
2024-09-23 10:38:50 ----D---- C:\Windows\SYSWOW64\drivers
2024-09-23 10:38:32 ----D---- C:\Windows\Logs
2024-09-23 00:37:12 ----D---- C:\Windows\system32\catroot2
2024-09-23 00:35:53 ----D---- C:\Games
2024-09-22 22:48:45 ----SHD---- C:\System Volume Information
2024-09-22 22:33:05 ----D---- C:\Users\Avalon\AppData\Roaming\uTorrent
2024-09-22 22:32:30 ----D---- C:\Windows\Minidump
2024-09-22 22:32:30 ----D---- C:\Windows\AsusInstAll
2024-09-22 22:32:30 ----D---- C:\Program Files (x86)\Steam
2024-09-22 22:32:30 ----D---- C:\Program Files (x86)\Opera
2024-09-22 22:32:04 ----D---- C:\NVIDIA
2024-09-22 22:31:45 ----D---- C:\AMD
2024-09-22 22:31:43 ----D---- C:\Intel
2024-09-22 21:54:34 ----SHD---- C:\Windows\Installer
2024-09-22 21:54:31 ----SHD---- C:\Config.Msi
2024-09-22 21:54:20 ----D---- C:\Windows\System32
2024-09-22 21:02:03 ----D---- C:\Windows\system32\drivers
2024-09-22 20:57:32 ----D---- C:\Windows\SysWOW64
2024-09-21 23:10:15 ----D---- C:\Windows\SYSWOW64\directx
2024-09-21 23:10:06 ----HD---- C:\Windows\msdownld.tmp
2024-09-21 23:03:52 ----D---- C:\Program Files\Common Files\System
2024-09-21 23:03:51 ----D---- C:\Program Files\Internet Explorer
2024-09-21 06:57:58 ----D---- C:\Users\Avalon\AppData\Roaming\NCALayer
2024-09-20 07:30:08 ----D---- C:\Windows\system32\Tasks
2024-08-28 09:05:30 ----D---- C:\ProgramData\AlawarWrapper
2024-08-27 19:32:27 ----D---- C:\Windows\inf
2024-08-27 19:32:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2024-08-15 08:31:13 ----D---- C:\Windows\Tasks
2024-08-15 08:31:13 ----D---- C:\Windows\system32\wfp
2024-08-15 08:31:13 ----D---- C:\Windows\system32\DriverStore
2024-08-15 08:31:11 ----D---- C:\Windows\AppCompat
2024-08-15 08:31:05 ----D---- C:\Windows\system32\wbem
2024-08-15 08:31:05 ----D---- C:\Windows\registration

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2020-11-07 98416]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2019-10-26 103264]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-05-28 672104]
R0 iaStorE;iaStorE; C:\Windows\system32\DRIVERS\iaStorE.sys [2019-05-16 1054088]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2019-05-16 37768]
R0 iusb3hcs;Драйвер хост-контроллера и коммутатора Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-08-25 20464]
R0 oem-drv64;OEM-SLP2.1 Driver (HPD64); C:\Windows\system32\DRIVERS\oem-drv64.sys [2024-09-23 42496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; SysWow64\drivers\AsIO.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2017-12-16 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2019-10-26 149944]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2019-10-26 189512]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2019-10-26 77184]
R1 EpfwLWF;ESET Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2019-10-26 61640]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2019-10-26 114136]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2019-06-26 27552]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2007-11-07 104912]
R2 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\BstkDrv_bgp.sys [2020-10-05 315976]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2019-10-26 50712]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\amdkmdag.sys [2021-02-25 79104800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2019-08-24 6486608]
R3 iusb3hub;Драйвер концентратора Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2017-05-12 401408]
R3 iusb3xhc;Драйвер расширяемого хост-контроллера Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2019-08-24 816640]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2019-08-24 201296]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-03-24 58816]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2019-08-24 1121288]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2019-08-24 51808]
S2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys []
S3 amdfendr;AMD Crash Defender Driver; C:\Windows\system32\DRIVERS\amdfendr.sys [2021-02-09 98744]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2020-11-10 105392]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2019-08-24 131984]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2019-08-24 60928]
S3 GPU-Z;GPU-Z; \??\C:\Users\Avalon\AppData\Local\Temp\GPU-Z.sys []
S3 iVCam;e2eSoft iVCam; C:\Windows\system32\DRIVERS\iVCam.sys [2020-11-03 1089912]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2019-08-24 228608]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2019-08-24 166288]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2020-06-07 35112]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usb_rndisx;Адаптер USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2020-04-15 54784]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

====== Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-24 81088]
R2 AMD Crash Defender Service;AMD Crash Defender Service; C:\Windows\system32\amdfendrsr.exe [2021-02-09 517536]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2021-02-25 519456]
R2 AnyDesk;AnyDesk Service; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [2024-02-11 3910472]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2020-09-24 96056]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-01-28 936728]
R2 AUEPLauncher;AMD User Experience Program Launcher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [2021-02-24 60704]
R2 Bonjour Service;Служба Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2019-10-26 2243136]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2017-02-20 8192]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-03-24 464272]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 TeamViewer;TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2024-09-03 19335992]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2021-02-24 190464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-10-16 153168]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-05-28 16232]
S2 ICEsoundService;ICEsound Service; C:\Windows\system32\ICEsoundService64.exe [2019-08-24 806352]
S2 TenorshareDataRecoveryService;TenorshareDataRecoveryService; C:\Program Files (x86)\Tenorshare Any Data Recovery\service\TenorshareDataRecoveryService []
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2019-10-26 2243136]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\elevation_service.exe [2023-01-24 1443608]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-10-16 153168]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2022-11-16 232776]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2023-09-29 2661736]
S4 aspnet_state;Служба состояний ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------
