﻿Лог утилиты random's system information tool 1.17(автор: random/random)
Run by Avalon at 2024-09-23 10:49:39
Microsoft Windows 7 Максимальная  Service Pack 1
Системный раздел C:  Свободно 185 GB (39%) размер 477 GB
Total RAM: 8129 MB (57% free)
X64


====== Список процессов ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\winlogon.exe
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\amdfendrsr.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --service
C:\Windows\system32\taskhost.exe
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
\??\C:\Windows\system32\conhost.exe
"C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c066f760-2663-4e6e-93f6-e9db4ef7d822 -SystemEventPortName:HostProcess-5424b496-9025-424c-a953-ac92ca47340c -IoCancelEventPortName:HostProcess-84654bd3-b54f-4ad1-80ae-293b7b9870f5 -NonStateChangingEventPortName:HostProcess-5628c286-4795-4f00-b51c-969667815666 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:96b95541-86e7-4d76-be3d-0ed40b5d955a -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6a95ac56-5916-44fc-8f28-1e8d2aed1036 -SystemEventPortName:HostProcess-29ade7e6-7085-4939-b26d-d4e8bfbdff25 -IoCancelEventPortName:HostProcess-469d3246-c263-481e-b95a-d71ae1ae8609 -NonStateChangingEventPortName:HostProcess-193f498a-dfb8-48e8-a7b2-cdbb942e0df6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a0f70c86-a88e-4004-90e4-b3ff047b55bc -DeviceGroupId:
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\ESET\ESET NOD32 Antivirus\eguiproxy.exe" /hide
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\ProgramData\Lesta\GameCenter\lgc.exe" --background
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --no-startup-window --atlogin-bgr-mark /prefetch:5
"C:\Users\Avalon\AppData\Roaming\NCALayer\NCALayer.exe" 
C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1487598445 --annotation=last_update_date=1726942349 --annotation=launches_after_update=24 --annotation=machine_id=c913cc70e20601fa7f5f67b488b215b6 --annotation=main_process_pid=3232 --annotation=metrics_client_id=a244c3ad52ff4b0ea180eb74f5807fba --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.7.3.1231 --initial-client-data=0xd8,0xdc,0xe0,0xac,0xe4,0x7feee9bdf90,0x7feee9bdf9c,0x7feee9bdfa8
C:\Users\Avalon\AppData\Roaming\NCALayer\jre\bin\javaw.exe
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --gpu-process-kind=sandboxed --field-trial-handle=1308,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=1256 /prefetch:2
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=ru --service-sandbox-type=none --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --process-name="Network Service" --field-trial-handle=1100,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=1592 --brver=24.7.3.1231 /prefetch:3
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=ru --service-sandbox-type=service --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --process-name="Storage Service" --field-trial-handle=1768,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=1892 --brver=24.7.3.1231 /prefetch:8
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=ru --service-sandbox-type=audio --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --process-name="Audio Service" --field-trial-handle=3936,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=3940 --brver=24.7.3.1231 /prefetch:8
C:\Windows\system32\wbem\wmiprvse.exe
"C:\ProgramData\Lesta\GameCenter\dlls\lgc_renderer_host.exe" --type=gpu-process --field-trial-handle=1372,4995011087389085017,12052343643297786981,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,WebRtcHideLocalIpsWithMdns --no-sandbox --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_104132_470.log" --log-severity=info --product-version="Chrome/84.0.4147.105 LGC/24.02.00.0494" --lang=en-US --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_104132_470.log" --mojo-platform-channel-handle=1424 /prefetch:2
"C:\ProgramData\Lesta\GameCenter\dlls\lgc_renderer_host.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1372,4995011087389085017,12052343643297786981,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,WebRtcHideLocalIpsWithMdns --lang=en-US --service-sandbox-type=network --no-sandbox --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_104132_470.log" --log-severity=info --product-version="Chrome/84.0.4147.105 LGC/24.02.00.0494" --lang=en-US --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_104132_470.log" --mojo-platform-channel-handle=1880 /prefetch:8
"C:\ProgramData\Lesta\GameCenter\dlls\lgc_renderer_host.exe" --type=renderer --no-sandbox --force-device-scale-factor=1 --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_104132_470.log" --field-trial-handle=1372,4995011087389085017,12052343643297786981,131072 --enable-features=CastMediaRouteProvider --disable-features=CookiesWithoutSameSiteMustBeSecure,OutOfBlinkCors,SameSiteByDefaultCookies,WebRtcHideLocalIpsWithMdns --lang=en-US --log-file="C:\ProgramData\Lesta\GameCenter\logs\cef_20240923_104132_470.log" --log-severity=info --product-version="Chrome/84.0.4147.105 LGC/24.02.00.0494" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2284 /prefetch:1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --allow-prefetch --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=258961558 --field-trial-handle=3896,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=3888 /prefetch:1
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=260377025 --field-trial-handle=4428,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=4424 /prefetch:1
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=261199795 --field-trial-handle=4400,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=4324 /prefetch:1
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=285840187 --field-trial-handle=5248,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=5292 /prefetch:1
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=354435970 --field-trial-handle=4644,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=4232 /prefetch:1
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=354446554 --field-trial-handle=5072,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=5056 /prefetch:1
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=354492750 --field-trial-handle=5252,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=5260 /prefetch:1
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=354537842 --field-trial-handle=5536,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=5532 /prefetch:1
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=page_dssm.mojom.PageDSSMServiceFactory --lang=ru --service-sandbox-type=utility --utility-enable-page-dssm --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --process-name=page_dssm --field-trial-handle=6164,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=6192 --brver=24.7.3.1231 /prefetch:8
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=381715142 --field-trial-handle=6128,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=5804 /prefetch:1
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=419480404 --field-trial-handle=6676,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=6476 /prefetch:1
"C:\Users\Avalon\Desktop\AutoLogger.exe" 
"C:\Users\Avalon\Desktop\AutoLogger\AV\AV_Z.exe" Script=AV\GeneralScript.txt HiddenMode=0 AM=Y
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://google.ru
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:5020 CREDAT:79873
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=ru --service-sandbox-type=none --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --process-name="DeepLinks service" --field-trial-handle=6304,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=6428 --brver=24.7.3.1231 /prefetch:8
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 
"C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=3C144653-06FA-4F0A-93D2-FA0A49696DBE --brand-id=yandex --partner-id=13070 --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=56 --time-ticks-at-unix-epoch=-1727069962334548 --launch-time-ticks=600029134 --field-trial-handle=6772,i,18239224507944374404,11418242559331763693,262144 --enable-features=InstallerNewIdentity2024 --disable-features=activationStepBG --variations-seed-version --mojo-platform-channel-handle=6780 /prefetch:2
"C:\Users\Avalon\Desktop\AutoLogger\RSIT\RSITx64.exe" /silent /m3 /autolog /logfolder "C:\Users\Avalon\Desktop\AutoLogger\RSIT\Log" /nohjt /rus 

====== Папка назначенных заданий ======

C:\Windows\tasks\Восстановление сервиса обновлений Яндекс.Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\22.9.1.1094\service_update.exe  --repair
C:\Windows\tasks\Восстановление сервиса обновлений Яндекс Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\22.11.0.2423\service_update.exe  --repair
C:\Windows\tasks\Системное обновление Браузера Яндекс.job - C:\Program Files (x86)\Yandex\YandexBrowser\22.11.0.2423\service_update.exe  --run-as-launcher
C:\Windows\system32\tasks\AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
C:\Windows\system32\tasks\BlueStacksHelper - C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe -sr
C:\Windows\system32\tasks\DownloadStudio Standalone Updater - "C:\Program Files (x86)\Download Studio\dstudio-gui.exe" --self-update
C:\Windows\system32\tasks\Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\6.5.0\Scheduler.exe /scheduler
C:\Windows\system32\tasks\Driver Booster SkipUAC (Avalon) - C:\Program Files (x86)\IObit\Driver Booster\6.5.0\DriverBooster.exe /skipuac
C:\Windows\system32\tasks\DriverPack Cloud - "C:\Program Files (x86)\DriverPack Cloud\cloud.exe"
C:\Windows\system32\tasks\ESET Windows 10 upgrade – Refresh settings - C:\Program Files\Common Files\AV\ESET Internet Security 13.0.22.0\upgrade.exe
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
C:\Windows\system32\tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
C:\Windows\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\Windows\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\Windows\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\Windows\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
C:\Windows\system32\tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
C:\Windows\system32\tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
C:\Windows\system32\tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
C:\Windows\system32\tasks\Opera scheduled assistant Autoupdate 1582728592 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1495034904 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\StartCN - "C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay
C:\Windows\system32\tasks\StartCNBM - "C:\Program Files\AMD\CNext\CNext\cncmd.exe" benchmark
C:\Windows\system32\tasks\StartDVR - "C:\Program Files\AMD\CNext\CNext\RSServCmd.exe"
C:\Windows\system32\tasks\Восстановление сервиса обновлений Яндекс.Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\22.9.1.1094\service_update.exe --repair
C:\Windows\system32\tasks\Восстановление сервиса обновлений Яндекс Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\22.11.0.2423\service_update.exe --repair
C:\Windows\system32\tasks\Системное обновление Браузера Яндекс - C:\Program Files (x86)\Yandex\YandexBrowser\22.11.0.2423\service_update.exe --run-as-launcher
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1854963628-2713006132-4040804188-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Mozilla\Firefox Background Update E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
C:\Windows\system32\tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\CheckGlobalP\6GRuuKXEbfe8urdU - C:\Programdata\ReaItekHD\taskhost.exe
C:\Windows\system32\tasks\Microsoft\Windows\CheckGlobalP\RecoveryHosts - C:\ProgramData\Microsoft\Windows\6GRuuKXEbfe8urdU\CheckGlobalP.bat
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\ASUS\i-Setup171440 - C:\Windows\Install\AsusSetup.exe -reboot -log171440

=========Mozilla firefox=========

ProfilePath - C:\Users\Avalon\AppData\Roaming\Mozilla\Firefox\Profiles\a7p0za1g.default-1570892109110

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files (x86)\Winamp Detect\npwachk.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.271.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.271.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Avalon\AppData\Roaming\Mozilla\Firefox\Profiles\a7p0za1g.default-1570892109110\addons.json

C:\Users\Avalon\AppData\Roaming\Mozilla\Firefox\Profiles\a7p0za1g.default-1570892109110\extensions.json
Визуальные закладки - extension - vb@yandex.ru - 
Советник Яндекс.Маркета - extension - sovetnik-yandex@yandex.ru - 
Form Autofill - extension - formautofill@mozilla.org - 
Firefox Screenshots - extension - screenshots@mozilla.org - 
WebCompat Reporter - extension - webcompat-reporter@mozilla.org - 
Web Compatibility Interventions - extension - webcompat@mozilla.org - 
Picture-In-Picture - extension - pictureinpicture@mozilla.org - 
Yandex - extension - yandex@search.mozilla.org - 
Google - extension - google@search.mozilla.org - 
DuckDuckGo - extension - ddg@search.mozilla.org - 
Wikipedia (en) - extension - wikipedia@search.mozilla.org - 
Поиск Mail.Ru - extension - mailru@search.mozilla.org - 
Firefox Alpenglow - theme - firefox-alpenglow@mozilla.org - 
System theme — auto - theme - default-theme@mozilla.org - 
Light - theme - firefox-compact-light@mozilla.org - 
Dark - theme - firefox-compact-dark@mozilla.org - 
Add-ons Search Detection - extension - addons-search-detection@mozilla.com - 

C:\Users\Avalon\AppData\Roaming\Mozilla\Firefox\Profiles\a7p0za1g.default-1570892109110\pluginreg.dat

WMI error encountered
WMI error encountered
=========Google Chrome=========

C:\Users\Avalon\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Интернет-магазин Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake   
Extension apdfllckaahabafndbhieahigkjlhalf   
Extension ekmeppjgajofkpiofbebgcbohbmfldaf 0 OrangeMonkey 1.0.4
Extension fdjdjkkjoiomafnihnobkinnfjnnlhdg   
Extension felcaaldnbdncclmgdcncolpebgiejap   
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Google Документы офлайн 1.60.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.74
Extension ldgpjdiadomhinpimgchmeembbgojnjk 0 Поиск  Яндексa 2.0.0.23
Extension llcdellnofncikmhimjdbkdjgpmcjbik 0 Internet-Start 0.0.8
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mjmpfdkmpojoeemjmfiddlhkkndcdpno 0 Поиск  Яндексa 2.0.2.20
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.21
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Платежная система Интернет-магазина Chrome 1.0.0.6
Extension pjkljhegncpnkpknbcohdijeoejaedia   
Homepage: 
default_search_provider.search_url: 
C:\Users\Avalon\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ekmeppjgajofkpiofbebgcbohbmfldaf]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fdjdjkkjoiomafnihnobkinnfjnnlhdg]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\llcdellnofncikmhimjdbkdjgpmcjbik]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mjmpfdkmpojoeemjmfiddlhkkndcdpno]
"Path"=


======Снимок реестра ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-11-02 734376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-02 348328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2019-08-24 9269352]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [2019-10-26 180736]
"Realtek HD Audio"=C:\ProgramData\ReaItekHD\taskhostw.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Lesta Game Center"=C:\ProgramData\Lesta\GameCenter\lgc.exe [2024-06-13 1934488]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-05 1305408]
"YandexBrowserAutoLaunch_D65F749BEA77066B46465931FD75176D"=C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2024-09-18 4570288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Manager]
C:\Users\Avalon\AppData\Local\Yandex\BrowserManager\MBLauncher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_D65F749BEA77066B46465931FD75176D]
C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2024-09-18 4570288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-05-28 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2]
C:\Users\Avalon\MediaGet2\mediaget.exe --minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OKGames]
C:\Users\Avalon\AppData\Local\ОК Игры\OKApp.exe [2022-01-26 2711864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opera Browser Assistant]
C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [2023-03-08 4140448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pora]
123 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Realtek HD Audio]
C:\ProgramData\ReaItekHD\taskhostw.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2020-09-16 706680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YandexBrowserAutoLaunch_D65F749BEA77066B46465931FD75176D]
C:\Users\Avalon\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2024-09-18 4570288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AnyDesk.lnk]
C:\PROGRA~2\AnyDesk\AnyDesk.exe [2024-02-11 3910472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Avalon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OrbitumUpdate.lnk]
C:\Users\Avalon\AppData\Local\Orbitum\APPLIC~1\ORBITU~1\ORBITU~1.EXE [2017-07-20 2722752]

C:\Users\Avalon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
NCALayer.lnk - C:\Users\Avalon\AppData\Roaming\NCALayer\NCALayer.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMInstallerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMInstallerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"vidc.mjpg_backup"=bdmjpeg64.dll
"vidc.mpeg_backup"=bdmpegv64.dll
"msacm.bdmpeg_backup"=bdmpega64.acm
"msacm.bdmpeg"=bdmpega64.acm
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"MSVideo8"=VfWWDM32.dll
"aux1"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"aux4"=wdmaud.drv
"aux5"=wdmaud.drv

====== Ассоциации файлов ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== Список файлов и папок, созданных за последние 3 месяца ======

2024-09-22 20:27:23 ----D---- C:\Users\Avalon\AppData\Roaming\WinTools
2024-09-22 20:27:22 ----D---- C:\Program Files (x86)\WinTools Software
2024-09-21 23:04:32 ----SHD---- C:\Users\Avalon\AppData\Roaming\Sysfiles
2024-09-21 23:04:29 ----SHD---- C:\Program Files\ReasonLabs
2024-09-21 23:04:29 ----SHD---- C:\Program Files (x86)\Wise
2024-09-21 23:04:28 ----SHD---- C:\Program Files\NETGATE
2024-09-21 23:04:27 ----SHD---- C:\Program Files\QuickCPU
2024-09-21 23:04:27 ----D---- C:\Program Files (x86)\MSI
2024-09-21 23:04:26 ----D---- C:\Program Files\CPUID
2024-09-21 23:04:25 ----SHD---- C:\Program Files (x86)\SpeedFan
2024-09-21 23:04:25 ----SHD---- C:\Program Files (x86)\GPU Temp
2024-09-21 23:04:24 ----SHD---- C:\Program Files (x86)\Moo0
2024-09-21 23:04:23 ----SHD---- C:\Program Files\SUPERAntiSpyware
2024-09-21 23:04:23 ----SHD---- C:\Program Files\RogueKiller
2024-09-21 23:04:23 ----D---- C:\Users\Avalon\AppData\Roaming\RMS_settings
2024-09-21 23:04:22 ----SHD---- C:\Program Files\EnigmaSoft
2024-09-21 23:04:21 ----SHD---- C:\ProgramData\princeton-produce
2024-09-21 23:04:21 ----SHD---- C:\Program Files\Process Hacker 2
2024-09-21 23:04:20 ----SHD---- C:\Program Files\Transmission
2024-09-21 23:04:20 ----SHD---- C:\Program Files (x86)\Transmission
2024-09-21 23:04:19 ----SHD---- C:\Program Files (x86)\Panda Security
2024-09-21 23:04:18 ----SHD---- C:\ProgramData\FingerPrint
2024-09-21 23:04:18 ----SHD---- C:\ProgramData\BookManager
2024-09-21 23:04:17 ----SHD---- C:\ProgramData\PuzzleMedia
2024-09-21 23:04:16 ----SHD---- C:\ProgramData\RobotDemo
2024-09-21 23:04:15 ----SHD---- C:\ProgramData\WavePad
2024-09-21 23:04:14 ----SHD---- C:\ProgramData\Evernote
2024-09-21 23:04:14 ----SHD---- C:\Program Files\Ravantivirus
2024-09-21 23:04:13 ----SHD---- C:\Program Files\Process Lasso
2024-09-21 23:04:13 ----SHD---- C:\Program Files (x86)\GRIZZLY Antivirus
2024-09-21 23:04:12 ----SHD---- C:\Program Files\Rainmeter
2024-09-21 23:04:12 ----SHD---- C:\Program Files\Loaris Trojan Remover
2024-09-21 23:04:12 ----D---- C:\ProgramData\Avira
2024-09-21 23:04:11 ----SHD---- C:\ProgramData\McAfee
2024-09-21 23:04:11 ----SHD---- C:\Program Files\Common Files\McAfee
2024-09-21 23:04:11 ----SHD---- C:\Program Files\Cezurity
2024-09-21 23:04:11 ----HD---- C:\Program Files\RDP Wrapper
2024-09-21 23:04:10 ----SHD---- C:\ProgramData\grizzly
2024-09-21 23:04:10 ----SHD---- C:\ProgramData\Doctor Web
2024-09-21 23:04:10 ----SHD---- C:\Program Files (x86)\Cezurity
2024-09-21 23:04:09 ----SHD---- C:\Program Files\Common Files\Doctor Web
2024-09-21 23:04:07 ----SHD---- C:\Program Files\DrWeb
2024-09-21 23:04:07 ----SHD---- C:\Program Files\Bitdefender Agent
2024-09-21 23:04:06 ----SHD---- C:\Program Files (x86)\Kaspersky Lab
2024-09-21 23:04:05 ----SHD---- C:\Program Files\Kaspersky Lab
2024-09-21 23:04:03 ----SHD---- C:\Program Files\HitmanPro
2024-09-21 23:04:02 ----SHD---- C:\ProgramData\Norton
2024-09-21 23:04:02 ----SHD---- C:\ProgramData\Kaspersky Lab Setup Files
2024-09-21 23:04:02 ----SHD---- C:\ProgramData\Kaspersky Lab
2024-09-21 23:04:01 ----SHD---- C:\ProgramData\AVAST Software
2024-09-21 23:04:01 ----SHD---- C:\Program Files\AVG
2024-09-21 23:04:01 ----SHD---- C:\Program Files (x86)\AVG
2024-09-21 23:04:01 ----SHD---- C:\Program Files (x86)\AVAST Software
2024-09-21 23:04:00 ----SHD---- C:\Program Files\SpyHunter
2024-09-21 23:04:00 ----SHD---- C:\Program Files\AVAST Software
2024-09-21 23:03:59 ----SHD---- C:\Program Files\Enigma Software Group
2024-09-21 23:03:59 ----SHD---- C:\Program Files\COMODO
2024-09-21 23:03:58 ----SHD---- C:\Program Files (x86)\SpyHunter
2024-09-21 23:03:57 ----SHD---- C:\ProgramData\360safe
2024-09-21 23:03:56 ----SHD---- C:\FRST
2024-09-21 23:03:55 ----SHD---- C:\Program Files\ByteFence
2024-09-21 23:03:55 ----SHD---- C:\KVRT2020_Data
2024-09-21 23:03:55 ----SHD---- C:\AdwCleaner
2024-09-21 23:03:53 ----D---- C:\Windows\fonts\Mysql
2024-09-21 23:03:51 ----SHD---- C:\Program Files (x86)\Microsoft JDX
2024-09-21 23:03:50 ----D---- C:\Windows\speechstracing
2024-09-21 23:03:49 ----SHD---- C:\ProgramData\MB3Install
2024-09-21 23:03:34 ----SHD---- C:\ProgramData\Windows Tasks Service
2024-09-21 23:03:24 ----SHD---- C:\KVRT_Data
2024-09-21 23:02:54 ----SHD---- C:\ProgramData\WindowsTask
2024-09-21 23:02:54 ----SHD---- C:\ProgramData\RunDLL
2024-09-21 23:02:54 ----SHD---- C:\ProgramData\Install
2024-09-21 23:02:54 ----D---- C:\ProgramData\System32
2024-09-21 23:01:28 ----SHD---- C:\ProgramData\Setup
2024-09-01 11:21:19 ----D---- C:\GOG Games
2024-08-10 14:23:37 ----SHD---- C:\Program Files (x86)\360
2024-08-10 14:21:28 ----D---- C:\Program Files\Cheat Engine 7.5
2024-07-28 14:18:22 ----D---- C:\Program Files (x86)\SmallGames

====== Список файлов и папок, измененных за последние 3 месяца ======

2024-09-23 10:49:39 ----D---- C:\Windows\Temp
2024-09-23 10:48:59 ----D---- C:\Windows\Prefetch
2024-09-23 10:42:54 ----D---- C:\Windows\system32\config
2024-09-23 10:42:22 ----D---- C:\Program Files (x86)\Google
2024-09-23 10:42:00 ----D---- C:\ProgramData\NVIDIA
2024-09-23 10:40:46 ----D---- C:\Program Files (x86)\TeamViewer
2024-09-23 10:38:54 ----A---- C:\Windows\ntbtlog.txt
2024-09-23 10:38:50 ----RD---- C:\Program Files (x86)
2024-09-23 10:38:50 ----HD---- C:\ProgramData
2024-09-23 10:38:50 ----D---- C:\Windows\SYSWOW64\drivers
2024-09-23 10:38:32 ----D---- C:\Windows\Logs
2024-09-23 07:05:15 ----D---- C:\Windows
2024-09-23 00:37:12 ----D---- C:\Windows\system32\catroot2
2024-09-23 00:35:53 ----D---- C:\Games
2024-09-22 22:48:45 ----SHD---- C:\System Volume Information
2024-09-22 22:33:05 ----D---- C:\Users\Avalon\AppData\Roaming\uTorrent
2024-09-22 22:32:30 ----D---- C:\Windows\Minidump
2024-09-22 22:32:30 ----D---- C:\Windows\AsusInstAll
2024-09-22 22:32:30 ----D---- C:\Program Files (x86)\Steam
2024-09-22 22:32:30 ----D---- C:\Program Files (x86)\Opera
2024-09-22 22:32:04 ----D---- C:\NVIDIA
2024-09-22 22:31:45 ----D---- C:\AMD
2024-09-22 22:31:43 ----D---- C:\Intel
2024-09-22 21:54:34 ----SHD---- C:\Windows\Installer
2024-09-22 21:54:31 ----SHD---- C:\Config.Msi
2024-09-22 21:54:20 ----RD---- C:\Program Files
2024-09-22 21:54:20 ----D---- C:\Windows\System32
2024-09-22 21:02:03 ----D---- C:\Windows\system32\drivers
2024-09-22 20:58:49 ----D---- C:\Windows\system32\drivers\etc
2024-09-22 20:57:32 ----D---- C:\Windows\SysWOW64
2024-09-22 20:46:50 ----SD---- C:\ProgramData\Microsoft
2024-09-21 23:10:15 ----D---- C:\Windows\SYSWOW64\directx
2024-09-21 23:10:06 ----HD---- C:\Windows\msdownld.tmp
2024-09-21 23:04:20 ----SHD---- C:\Program Files (x86)\IObit
2024-09-21 23:04:11 ----D---- C:\Program Files\Common Files
2024-09-21 23:03:53 ----RSD---- C:\Windows\Fonts
2024-09-21 23:03:52 ----D---- C:\Program Files\Common Files\System
2024-09-21 23:03:51 ----D---- C:\Program Files\Internet Explorer
2024-09-21 06:57:58 ----D---- C:\Users\Avalon\AppData\Roaming\NCALayer
2024-09-20 07:30:08 ----D---- C:\Windows\system32\Tasks
2024-08-28 09:05:30 ----D---- C:\ProgramData\AlawarWrapper
2024-08-27 19:32:27 ----D---- C:\Windows\inf
2024-08-27 19:32:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2024-08-15 08:31:13 ----D---- C:\Windows\Tasks
2024-08-15 08:31:13 ----D---- C:\Windows\system32\wfp
2024-08-15 08:31:13 ----D---- C:\Windows\system32\DriverStore
2024-08-15 08:31:11 ----D---- C:\Windows\AppCompat
2024-08-15 08:31:05 ----D---- C:\Windows\system32\wbem
2024-08-15 08:31:05 ----D---- C:\Windows\registration

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2020-11-07 98416]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2019-10-26 103264]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-05-28 672104]
R0 iaStorE;iaStorE; C:\Windows\system32\DRIVERS\iaStorE.sys [2019-05-16 1054088]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2019-05-16 37768]
R0 iusb3hcs;Драйвер хост-контроллера и коммутатора Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-08-25 20464]
R0 oem-drv64;OEM-SLP2.1 Driver (HPD64); C:\Windows\system32\DRIVERS\oem-drv64.sys [2024-09-23 42496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; SysWow64\drivers\AsIO.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2017-12-16 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2019-10-26 149944]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2019-10-26 189512]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2019-10-26 77184]
R1 EpfwLWF;ESET Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2019-10-26 61640]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2019-10-26 114136]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2019-06-26 27552]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2007-11-07 104912]
R2 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\BstkDrv_bgp.sys [2020-10-05 315976]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2019-10-26 50712]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\amdkmdag.sys [2021-02-25 79104800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2019-08-24 6486608]
R3 iusb3hub;Драйвер концентратора Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2017-05-12 401408]
R3 iusb3xhc;Драйвер расширяемого хост-контроллера Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2019-08-24 816640]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2019-08-24 201296]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-03-24 58816]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2019-08-24 1121288]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2019-08-24 51808]
R3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys []
S3 amdfendr;AMD Crash Defender Driver; C:\Windows\system32\DRIVERS\amdfendr.sys [2021-02-09 98744]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2020-11-10 105392]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2019-08-24 131984]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2019-08-24 60928]
S3 GPU-Z;GPU-Z; \??\C:\Users\Avalon\AppData\Local\Temp\GPU-Z.sys []
S3 iVCam;e2eSoft iVCam; C:\Windows\system32\DRIVERS\iVCam.sys [2020-11-03 1089912]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2019-08-24 228608]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2019-08-24 166288]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2020-06-07 35112]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usb_rndisx;Адаптер USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2020-04-15 54784]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

====== Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-24 81088]
R2 AMD Crash Defender Service;AMD Crash Defender Service; C:\Windows\system32\amdfendrsr.exe [2021-02-09 517536]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2021-02-25 519456]
R2 AnyDesk;AnyDesk Service; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [2024-02-11 3910472]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2020-09-24 96056]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-01-28 936728]
R2 AUEPLauncher;AMD User Experience Program Launcher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [2021-02-24 60704]
R2 Bonjour Service;Служба Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2019-10-26 2243136]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2017-02-20 8192]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-03-24 464272]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 TeamViewer;TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2024-09-03 19335992]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2021-02-24 190464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-10-16 153168]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-05-28 16232]
S2 ICEsoundService;ICEsound Service; C:\Windows\system32\ICEsoundService64.exe [2019-08-24 806352]
S2 TenorshareDataRecoveryService;TenorshareDataRecoveryService; C:\Program Files (x86)\Tenorshare Any Data Recovery\service\TenorshareDataRecoveryService []
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2019-10-26 2243136]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\elevation_service.exe [2023-01-24 1443608]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-10-16 153168]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2022-11-16 232776]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2023-09-29 2661736]
S4 aspnet_state;Служба состояний ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------
