﻿Лог утилиты random's system information tool 1.17(автор: random/random)
Run by User at 2025-03-18 08:46:39
Microsoft Windows 7 Профессиональная  Service Pack 1
Системный раздел C:  Свободно 16 GB (16%) размер 99 GB
Total RAM: 7370 MB (67% free)
X64


====== Список процессов ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exe" -r
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe" -s DefaultInstance
C:\Windows\SysWOW64\FUSServices.exe
"C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe"  -run
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\locator.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.4.848\service_update.exe" --run-as-service
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.4.848\service_update.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=101a7cb2d1bd835baf5aab6451ac2690 --annotation=main_process_pid=2516 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.4.848 --initial-client-data=0x120,0x124,0x128,0xf4,0x12c,0x13fcfdaf0,0x13fcfdafc,0x13fcfdb08
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplmv.exe
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\LF2GRPOW.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avpsus.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\taskhost.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avpui.exe" -hidden
C:\Windows\Explorer.EXE
"C:\Program Files\IDT\WDM\sttray64.exe" 
"C:\GG\SFTP\sftp.exe" 
"C:\GG\BW\MENU.EXE" 
C:\Windows\system32\taskhost.exe
"C:\GG\GGMaster.exe" "F:\ZPW.FDB"
"C:\Windows\system32\wbengine.exe"
C:\Windows\System32\vds.exe
"E:\AutoLogger.exe" 
"E:\AutoLogger\AV\AV_Z.exe" Script=AV\GeneralScript.txt HiddenMode=0 AM=Y
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --single-argument http://google.ru/
C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\User\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1415008652 --annotation=last_update_date=1738235212 --annotation=launches_after_update=47 --annotation=machine_id=101a7cb2d1bd835baf5aab6451ac2690 --annotation=main_process_pid=5984 --annotation=metrics_client_id=c81347397b234d9dbddcff793aa2b4af --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.4.848 --initial-client-data=0xe0,0xe4,0xe8,0xb4,0xec,0x7fef03eff70,0x7fef03eff7c,0x7fef03eff88
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" http://google.ru
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6836 CREDAT:275457 /prefetch:2
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --gpu-process-kind=sandboxed --field-trial-handle=1316,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1332 /prefetch:2
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=ru --service-sandbox-type=none --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --process-name="Network Service" --field-trial-handle=1576,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1716 --brver=24.10.4.848 /prefetch:3
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=ru --service-sandbox-type=service --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --process-name="Storage Service" --field-trial-handle=1892,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1904 --brver=24.10.4.848 /prefetch:8
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=speechkit.mojom.Speechkit --lang=ru --service-sandbox-type=none --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --process-name="Speechkit Service" --field-trial-handle=2256,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2436 --brver=24.10.4.848 /prefetch:8
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=ru --service-sandbox-type=audio --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --process-name="Audio Service" --field-trial-handle=2440,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2464 --brver=24.10.4.848 /prefetch:8
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --allow-prefetch --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --time-ticks-at-unix-epoch=-1742188877764269 --launch-time-ticks=87672053977 --field-trial-handle=2792,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2672 /prefetch:1
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --time-ticks-at-unix-epoch=-1742188877764269 --launch-time-ticks=87672120535 --field-trial-handle=3668,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3660 /prefetch:1
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --time-ticks-at-unix-epoch=-1742188877764269 --launch-time-ticks=87673355983 --field-trial-handle=2580,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3296 /prefetch:1
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --time-ticks-at-unix-epoch=-1742188877764269 --launch-time-ticks=87683348789 --field-trial-handle=1652,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1692 /prefetch:1
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=autofill.mojom.TflPredictionsService --lang=ru --service-sandbox-type=utility --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --process-name="Autofill Tfl Predictions" --field-trial-handle=4228,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4248 --brver=24.10.4.848 /prefetch:8
"E:\AutoLogger\HijackThis\HiJackThis.exe" /accepteula /silentautolog /default /skipIgnoreList /timeout:120
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=ru --service-sandbox-type=none --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --process-name="DeepLinks service" --field-trial-handle=4320,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4220 --brver=24.10.4.848 /prefetch:8
"C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=9C0F8316-321D-4F0C-A8EA-31AC4127E1DA --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=ru --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --time-ticks-at-unix-epoch=-1742188877764269 --launch-time-ticks=87860295448 --field-trial-handle=4880,i,11167643420601659278,15642317095248185826,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4896 /prefetch:1
"E:\AutoLogger\RSIT\RSITx64.exe" /silent /m3 /autolog /logfolder "E:\AutoLogger\RSIT\Log" /nohjt /rus 
C:\Windows\system32\wbem\wmiprvse.exe

====== Папка назначенных заданий ======

C:\Windows\tasks\Восстановление сервиса обновлений Яндекс.Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\22.9.1.1095\service_update.exe  --repair
C:\Windows\tasks\Восстановление сервиса обновлений Яндекс Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\24.10.4.848\service_update.exe  --repair
C:\Windows\tasks\Обновление Браузера Яндекс.job - C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe  --background-update --noerrdialogs
C:\Windows\tasks\Системное обновление Браузера Яндекс.job - C:\Program Files (x86)\Yandex\YandexBrowser\24.10.4.848\service_update.exe  --run-as-launcher
C:\Windows\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe -check pepperplugin
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Восстановление сервиса обновлений Яндекс.Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\19.7.0.1635\service_update.exe --repair
C:\Windows\system32\tasks\Восстановление сервиса обновлений Яндекс Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\24.10.4.848\service_update.exe --repair
C:\Windows\system32\tasks\Обновление Браузера Яндекс - C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --background-update --noerrdialogs
C:\Windows\system32\tasks\Системное обновление Браузера Яндекс - C:\Program Files (x86)\Yandex\YandexBrowser\19.7.0.1635\service_update.exe --run-as-launcher
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-4280061729-3294663579-1238447288-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - C:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe /send
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport

=========Google Chrome=========


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm]
"Path"=https://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm


======Снимок реестра ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_441\bin\ssv.dll [2024-12-04 757888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_441\bin\jp2ssv.dll [2024-12-04 375424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Помощник по входу с учетной записью Майкрософт - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-05 1702912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"YandexBrowserAutoLaunch_B64B7D5D07784CD66F00CA43360BB68B"=C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2025-01-13 4495536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AccelerometerSysTrayApplet]
C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-10-16 77088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2014-02-17 389368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLWCSM]
C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [2013-02-20 249096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_9FA856F50EC5015A86C42FA3A4308ABD]
C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2025-01-13 4495536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFFSum_Pro_LL2]
C:\Program Files (x86)\Xerox Companion Suite\MFFSUM.exe [2010-02-11 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFPrintServer_Pro_LL2]
C:\Program Files (x86)\Xerox Companion Suite\MFPrintServer.exe [2010-02-11 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-10-16 337184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2024-12-04 752208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30 2804976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2013-02-05 1702912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VtbUpdateComponentNotification]
C:\Program Files (x86)\VtbInstall\NotificationWindows.exe [2024-08-30 137616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YandexBrowserAutoLaunch_B64B7D5D07784CD66F00CA43360BB68B]
C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2025-01-13 4495536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YandexSearchBand]
C:\Users\User\AppData\Local\Yandex\SearchBand\Application\5.5.0.1923\searchbandapp64.exe /auto []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SFTP.lnk - C:\GG\SFTP\sftp.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

====== Ассоциации файлов ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== Список файлов и папок, созданных за последние 3 месяца ======

2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\Vb40032.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\msvcrt10.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\msvcr70.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MSVCP70.DLL
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\msvci70.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\msvbvm50.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71u.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71KOR.DLL
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71JPN.DLL
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71ITA.DLL
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71FRA.DLL
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71ESP.DLL
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71ENU.DLL
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71DEU.DLL
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71CHT.DLL
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71CHS.DLL
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\MFC71.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70u.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70kor.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70jpn.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70ita.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70fra.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70esp.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70enu.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70deu.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70cht.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70chs.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\mfc70.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\atl71.dll
2025-03-14 14:56:12 ----A---- C:\Windows\SYSWOW64\atl70.dll
2025-03-14 14:49:31 ----A---- C:\Windows\system32\drivers\klhk.sys
2025-03-14 14:49:31 ----A---- C:\Windows\system32\drivers\klhk.dll
2025-03-14 14:49:31 ----A---- C:\Windows\system32\drivers\klgse.sys
2025-03-14 14:49:31 ----A---- C:\Windows\system32\drivers\klgse.dll
2025-03-14 14:45:47 ----D---- C:\Program Files (x86)\Kaspersky Lab
2025-03-14 14:45:11 ----A---- C:\Windows\system32\drivers\klif.sys
2025-03-14 14:45:11 ----A---- C:\Windows\system32\drivers\klflt.sys
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\klif.dll
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\klflt.dll
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\kldlnio.sys
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\kldlndis.sys
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\kldlksl.sys
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\kldlksec.sys
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\kldlimpc.sys
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\kldlhidp.sys
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\kldlfwpk.sys
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\kldlfmgr.sys
2025-03-14 14:45:10 ----A---- C:\Windows\system32\drivers\kldl.sys
2025-03-14 14:26:59 ----D---- C:\ProgramData\Kaspersky Lab
2025-03-14 14:06:59 ----HD---- C:\kleaner.tmp
2025-03-13 15:12:04 ----A---- C:\Windows\system32\drivers\OLD23E6.tmp
2025-03-13 14:51:27 ----ASH---- C:\pagefile.sys
2025-03-13 11:26:08 ----A---- C:\Windows\SYSWOW64\drivers\vdexndu2.sys
2025-03-12 09:18:53 ----D---- C:\KVRT2020_Data
2025-02-13 15:54:25 ----D---- C:\Users\User\AppData\Roaming\MPC-HC
2025-01-27 09:54:25 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2025-01-27 09:54:05 ----D---- C:\Program Files\Java
2024-12-28 14:12:09 ----D---- C:\ProgramData\AnyMP4 Studio
2024-12-28 14:10:15 ----D---- C:\Program Files\AnyMP4 Studio

====== Список файлов и папок, измененных за последние 3 месяца ======

2025-03-18 08:45:12 ----D---- C:\Windows\Prefetch
2025-03-18 08:40:55 ----D---- C:\Windows\System32
2025-03-18 08:40:55 ----D---- C:\Windows\inf
2025-03-18 08:40:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2025-03-18 08:40:06 ----SHD---- C:\System Volume Information
2025-03-18 08:33:25 ----D---- C:\GG
2025-03-18 08:31:36 ----D---- C:\ProgramData\firebird
2025-03-17 10:09:14 ----D---- C:\Windows\Temp
2025-03-17 10:08:45 ----HD---- C:\ProgramData
2025-03-17 10:08:44 ----D---- C:\Windows\system32\drivers
2025-03-17 10:08:43 ----D---- C:\Windows\SYSWOW64\drivers
2025-03-17 08:32:05 ----D---- C:\Windows\system32\config
2025-03-17 08:22:58 ----D---- C:\Windows\system32\DriverStore
2025-03-14 15:57:46 ----AD---- C:\Windows\SysWOW64
2025-03-14 15:44:38 ----SHD---- C:\Windows\Installer
2025-03-14 15:03:24 ----D---- C:\ProgramData\Package Cache
2025-03-14 15:01:59 ----D---- C:\Windows\winsxs
2025-03-14 14:45:47 ----RD---- C:\Program Files (x86)
2025-03-14 14:27:00 ----D---- C:\Program Files (x86)\Common Files
2025-03-14 14:09:46 ----A---- C:\Windows\ntbtlog.txt
2025-03-14 09:06:29 ----D---- C:\Program Files\Common Files
2025-03-13 17:04:58 ----D---- C:\Windows\system32\wbem
2025-03-13 16:45:17 ----D---- C:\Windows\system32\Tasks
2025-03-13 11:30:15 ----D---- C:\Windows
2025-03-13 09:01:24 ----D---- C:\Windows\SYSWOW64\rserver30
2025-03-13 08:54:02 ----D---- C:\Windows\SYSWOW64\Macromed
2025-03-12 12:12:44 ----D---- C:\Windows\Tasks
2025-03-12 12:12:44 ----D---- C:\Windows\system32\wfp
2025-03-12 12:08:46 ----HD---- C:\Windows\system32\GroupPolicy
2025-03-12 12:08:46 ----D---- C:\Windows\system32\drivers\UMDF
2025-03-12 12:08:44 ----D---- C:\Windows\system32\catroot2
2025-03-12 12:08:37 ----D---- C:\Windows\registration
2025-01-27 09:54:05 ----RD---- C:\Program Files

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R0 amd_sata;amd_sata; C:\Windows\system32\drivers\amd_sata.sys [2012-10-12 82600]
R0 amd_xata;amd_xata; C:\Windows\system32\drivers\amd_xata.sys [2012-10-12 42664]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2016-11-09 74000]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-03-01 30520]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2022-01-14 644320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2022-01-14 78560]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2022-01-14 78560]
R1 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2022-01-14 78560]
R1 klfltdev;Kaspersky Lab KLFltDev; C:\Windows\system32\DRIVERS\klfltdev.sys [2022-01-14 78560]
R1 klgse;Kaspersky Lab Security Extender Driver; C:\Windows\system32\DRIVERS\klgse.sys [2025-03-14 78560]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2025-03-14 176864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2022-01-14 176864]
R1 klim6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2022-01-14 78560]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2022-01-14 78560]
R1 klpnpflt;Kaspersky Lab klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [2022-01-14 78560]
R1 klwfp;klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [2022-01-14 78560]
R1 klwtp;KLwtp - WFP callout traffic inspector; C:\Windows\system32\DRIVERS\klwtp.sys [2022-01-14 78560]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2022-01-14 78560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2020-05-29 389560]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2020-05-29 510800]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2020-05-29 1970104]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2018-08-17 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2013-03-01 43320]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2012-11-29 107688]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-11-09 21645320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-11-09 676360]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2012-11-29 228008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-11-09 104984]
R3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service; C:\Windows\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 clwcsm;CyberLink Webcam Sharing Manager 4.2; C:\Windows\system32\DRIVERS\clwcsm.sys [2013-02-19 42432]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2013-01-28 25912]
R3 R-ImageDisk;R-ImageDisk; \??\E:\R-Studio Network 9.1 Build 191039 RePack (& Portable) by TryRooM\R-StudioPortable\App\RStudio\R-ImageDisk64.sys []
R3 rtbth;RTBTH Bluetooth Device Driver; C:\Windows\system32\DRIVERS\rtbth.sys [2014-12-24 1210480]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-12-20 1037832]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2016-11-16 1513208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10312; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-02-05 544768]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2014-07-01 58536]
S1 vdexndu2;AVZ-BC Kernel Driver; \??\C:\Windows\system32\Drivers\vdexndu2.sys []
S3 BthEnum;Служба перечислителя Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\Windows\System32\Drivers\BtL2caScoIf.sys [2013-04-26 54064]
S3 BthPan;Устройства Bluetooth (личной сети); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Драйвер порта Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2014-01-20 51936]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 iaStor;iaStor; C:\Windows\system32\drivers\iaStor.sys [2012-02-02 568600]
S3 mirrorv3;mirrorv3; C:\Windows\system32\DRIVERS\rminiv3.sys [2009-10-09 5632]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2011-04-04 20480]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2015-04-20 2502288]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-07-27 78848]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-07-27 180224]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2013-01-23 288328]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\Windows\system32\DRIVERS\RtsPer.sys [2013-02-01 448072]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2013-01-11 28400]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2013-01-11 32496]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Драйвер USB-сканера; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

====== Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-11-09 255504]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-19 344064]
R2 AVP;Kaspersky Endpoint Security Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exe [2022-03-27 449760]
R2 avpsus;Kaspersky Seamless Update Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avpsus.exe [2022-01-14 2921040]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
R2 FUSServices;Session Launcher Service; C:\Windows\SysWOW64\FUSServices.exe [2010-02-11 10752]
R2 hasplms;Sentinel LDK License Manager; C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe [2020-05-29 5730312]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-05 332800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2013-09-12 3221392]
R3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-20 125064]
S2 sqldatabaseserv;Network runtime Framework sqldatabaseserv; C:\Windows\Inf\Netframeworksqldataservice\Framework4\vps.exe [1997-05-14 13312]
S2 SQLServiceFWSM;Network runtime Framework SQLService; C:\Windows\Inf\NetframeworkServicesdrv\Famework\vds.exe []
S3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-12-16 145656]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-03-25 114688]
S3 klpsm;klpsm; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\klpsm.exe [2022-01-14 161152]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-01 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-18 271448]
S4 aspnet_state;Служба состояний ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-20 51320]
S4 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2014-02-17 1579880]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
S4 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
S4 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe []
S4 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-03-20 1018680]
S4 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-11 126520]
S4 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-03-01 43320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]

-----------------EOF-----------------
