Поймал майнер, не могу удалить

[KetoM]

Информация: Win 11 21H1

Не могу установить касперский, пишет неизвестная ошибка. Почитав форум понял что это из-за вирусни, пробовал скачать AV block remover (вирус не даёт это сделать), пробовал качать автологер (вирус тоже не даёт это сделать) закрывается вкладки в браузере, закрывает диспетчер задач (и аналоги диспетчера), смог сделать логи только в безопасном режиме с поддержкой сетевых драйверов

Логи вот: 

Спойлер

Лог утилиты random's system information tool 1.16(автор: random/random)
Run by aleks at 2023-07-22 16:06:18
Майкрософт Windows 11 Pro 
Системный раздел ? размер 95 GB (42%) Свободно 228 GB
Total RAM: 24513 MB (87% free)
X64

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:06:19, on 22.07.2023
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22000.0120)

Boot mode: Safe mode with network support

Running processes:
C:\Users\aleks\OneDrive\Рабочий стол\Новая папка\AutoLogger.exe
C:\Users\aleks\OneDrive\Рабочий стол\Новая папка\AutoLogger\AV\AV_Z.exe
C:\Users\aleks\OneDrive\Рабочий стол\Новая папка\AutoLogger\RSIT\aleks_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ya.ru/?win=599&clid=2422901-24
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=
O1 - Hosts: 8.8.8.8 codeload.github.com
O1 - Hosts: 8.8.8.8 support.kaspersky.ru
O1 - Hosts: 8.8.8.8 kaspersky.ru
O1 - Hosts: 8.8.8.8 virusinfo.info
O1 - Hosts: 8.8.8.8 forum.kasperskyclub.ru
O1 - Hosts: 8.8.8.8 cyberforum.ru
O1 - Hosts: 8.8.8.8 soft-file.ru
O1 - Hosts: 8.8.8.8 360totalsecurity.com
O1 - Hosts: 8.8.8.8 cezurity.com
O1 - Hosts: 8.8.8.8 www.dropbox.com
O1 - Hosts: 8.8.8.8 193.228.54.23
O1 - Hosts: 8.8.8.8 spec-komp.com
O1 - Hosts: 8.8.8.8 eset.ua
O1 - Hosts: 8.8.8.8 regist.safezone.cc
O1 - Hosts: 8.8.8.8 programki.net
O1 - Hosts: 8.8.8.8 safezone.cc
O1 - Hosts: 8.8.8.8 www.esetnod32.ru
O1 - Hosts: 8.8.8.8 www.comss.ru
O1 - Hosts: 8.8.8.8 forum.oszone.net
O1 - Hosts: 8.8.8.8 blog-pc.ru
O1 - Hosts: 8.8.8.8 securrity.ru
O1 - Hosts: 8.8.8.8 norton.com
O1 - Hosts: 8.8.8.8 vellisa.ru
O1 - Hosts: 8.8.8.8 download-software.ru
O1 - Hosts: 8.8.8.8 drweb-cureit.ru
O1 - Hosts: 8.8.8.8 softpacket.ru
O1 - Hosts: 8.8.8.8 www.kaspersky.com
O1 - Hosts: 8.8.8.8 www.avast.ua
O1 - Hosts: 8.8.8.8 www.avast.ru
O1 - Hosts: 8.8.8.8 zillya.ua
O1 - Hosts: 8.8.8.8 safezone.ua
O1 - Hosts: 8.8.8.8 vms.drweb.ru
O1 - Hosts: 8.8.8.8 www.drweb.ua
O1 - Hosts: 8.8.8.8 free.drweb.ru
O1 - Hosts: 8.8.8.8 biblprog.org.ua
O1 - Hosts: 8.8.8.8 free-software.com.ua
O1 - Hosts: 8.8.8.8 free.dataprotection.com.ua
O1 - Hosts: 8.8.8.8 www.drweb.com
O1 - Hosts: 8.8.8.8 www.softportal.com
O1 - Hosts: 8.8.8.8 www.nashnet.ua
O1 - Hosts: 8.8.8.8 softlist.com.ua
O1 - Hosts: 8.8.8.8 it-doc.info
O1 - Hosts: 8.8.8.8 esetnod32.ru
O1 - Hosts: 8.8.8.8 blog-bridge.ru
O1 - Hosts: 8.8.8.8 remontka.pro
O1 - Hosts: 8.8.8.8 securos.org.ua
O1 - Hosts: 8.8.8.8 pc-helpp.com
O1 - Hosts: 8.8.8.8 softdroid.net
O1 - Hosts: 8.8.8.8 malwarebytes.com
O1 - Hosts: 8.8.8.8 ru.vessoft.com
O1 - Hosts: 8.8.8.8 AlpineFile.ru
O1 - Hosts: 8.8.8.8 malwarebytes-anti-malware.ru.uptodown.com
O1 - Hosts: 8.8.8.8 ProgramDownloadFree.com
O1 - Hosts: 8.8.8.8 download.cnet.com
O1 - Hosts: 8.8.8.8 soft.mydiv.net
O1 - Hosts: 8.8.8.8 spyware-ru.com
O1 - Hosts: 8.8.8.8 remontcompa.ru
O1 - Hosts: 8.8.8.8 www.hitmanpro.com
O1 - Hosts: 8.8.8.8 hitman-pro.ru.uptodown.com
O1 - Hosts: 8.8.8.8 www.bleepingcomputer.com
O1 - Hosts: 8.8.8.8 soft.oszone.net
O1 - Hosts: 8.8.8.8 krutor.org
O1 - Hosts: 8.8.8.8 www.greatis.com
O1 - Hosts: 8.8.8.8 unhackme.ru.uptodown.com
O1 - Hosts: 8.8.8.8 programy.com.ua
O1 - Hosts: 8.8.8.8 rsload.net
O1 - Hosts: 8.8.8.8 softobase.com
O1 - Hosts: 8.8.8.8 www.besplatnoprogrammy.ru
O1 - Hosts: 8.8.8.8 unhackme.en.softonic.com
O1 - Hosts: 8.8.8.8 unhackme.com
O1 - Hosts: 8.8.8.8 unhackme.ru
O1 - Hosts: 8.8.8.8 nnm-club.name
O1 - Hosts: 8.8.8.8 vgrom.com
O1 - Hosts: 8.8.8.8 moneropool.com
O1 - Hosts: 8.8.8.8 mine.moneropool.com
O1 - Hosts: 8.8.8.8 xmr.cryptopool.org
O1 - Hosts: 8.8.8.8 pool.monero.org
O1 - Hosts: 8.8.8.8 minexmr.com
O1 - Hosts: 8.8.8.8 monero.crypto-pool.fr
O1 - Hosts: 8.8.8.8 dwarfpool.com
O1 - Hosts: 8.8.8.8 yadi.su
O1 - Hosts: 8.8.8.8 pool.minexmr.to
O1 - Hosts: 8.8.8.8 eset.com
O1 - Hosts: 8.8.8.8 mywot.com
O1 - Hosts: 8.8.8.8 z-oleg.com
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.86\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RadminVPN] "C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe" /minimized
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_5BDEC6DC312BF813B78A502D81A184DB] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\Run: [YandexBrowserAutoLaunch_7D37B53B17E73830CA8B458CF9DF395B] "C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --shutdown-if-not-closed-by-system-restart
O4 - HKCU\..\Run: [Discord] "C:\Users\aleks\AppData\Local\Discord\Update.exe" --processStart Discord.exe
O4 - HKCU\..\Run: [Steam] "A:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [electron.app.BlueStacks Services] C:\Users\aleks\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe --hidden
O4 - HKCU\..\Run: [Lesta Game Center] "A:\Steam Games\Lesta\GameCenter\lgc.exe" --background
O4 - HKCU\..\Run: [ut] "C:\Users\aleks\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [vidnotifier.exe] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_57113 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Easy Anti-Cheat (Epic Online Services) (EasyAntiCheat_EOS) - Epic Games, Inc. - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nvle.inf_amd64_c4410ab03e8e99d7\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - A:\Programs\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Radmin VPN Control Service (RvControlSvc) - Famatech Corp. - C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yandex.Browser Update Service (YandexBrowserService) - YANDEX LLC - C:\Program Files (x86)\Yandex\YandexBrowser\23.7.0.2526\service_update.exe

--
End of file - 13855 bytes

====== Список процессов ======

C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k NetworkService -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\AUDIODG.EXE 0x0000000000000418
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\svchost.exe -k netprofm -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\helppane.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument microsoft-edge:https://go.microsoft.com/fwlink/?LinkId=517009
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\aleks\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\aleks\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=114.0.5735.201 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=114.0.1823.86 --initial-client-data=0x170,0x174,0x178,0x14c,0x184,0x7ffecd524210,0x7ffecd524220,0x7ffecd524230
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2036 --field-trial-handle=1904,i,10647970286334563256,10016875080355126084,262144 /prefetch:2
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=ru --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1904,i,10647970286334563256,10016875080355126084,262144 /prefetch:3
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=ru --service-sandbox-type=service --mojo-platform-channel-handle=2588 --field-trial-handle=1904,i,10647970286334563256,10016875080355126084,262144 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --lang=ru --js-flags=--ms-user-locale=ru_RU --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --time-ticks-at-unix-epoch=-1690016459087238 --launch-time-ticks=54701452 --mojo-platform-channel-handle=3828 --field-trial-handle=1904,i,10647970286334563256,10016875080355126084,262144 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" 
C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1679770741 --annotation=last_update_date=1689754710 --annotation=launches_after_update=16 --annotation=machine_id= --annotation=main_process_pid=4416 --annotation=metrics_client_id=2494482de4b24888b3136ac559f312a9 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=23.7.0.2526 --initial-client-data=0x138,0x13c,0x140,0x114,0x144,0x7ffeb7966248,0x7ffeb7966258,0x7ffeb7966268
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1788 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:2
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=ru --service-sandbox-type=none --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --process-name="Network Service" --mojo-platform-channel-handle=2012 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 --brver=23.7.0.2526 /prefetch:8
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=ru --service-sandbox-type=service --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --process-name="Storage Service" --mojo-platform-channel-handle=2228 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 --brver=23.7.0.2526 /prefetch:8
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=speechkit.mojom.Speechkit --lang=ru --service-sandbox-type=none --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --process-name="Speechkit Service" --mojo-platform-channel-handle=3100 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 --brver=23.7.0.2526 /prefetch:8
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=ru --service-sandbox-type=audio --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --process-name="Audio Service" --mojo-platform-channel-handle=3108 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 --brver=23.7.0.2526 /prefetch:8
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --first-renderer-process --allow-prefetch --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74528507 --mojo-platform-channel-handle=4040 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --allow-prefetch --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74542218 --mojo-platform-channel-handle=4216 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74551020 --mojo-platform-channel-handle=4252 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74614033 --mojo-platform-channel-handle=4752 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74653964 --mojo-platform-channel-handle=5096 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74711703 --mojo-platform-channel-handle=5440 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74757784 --mojo-platform-channel-handle=5888 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74834791 --mojo-platform-channel-handle=6204 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74847224 --mojo-platform-channel-handle=6440 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74857897 --mojo-platform-channel-handle=5044 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=74868556 --mojo-platform-channel-handle=6600 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=76577200 --mojo-platform-channel-handle=7420 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=76703215 --mojo-platform-channel-handle=7444 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=76765296 --mojo-platform-channel-handle=7688 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=80465494 --mojo-platform-channel-handle=9412 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=86631326 --mojo-platform-channel-handle=9812 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=ru --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6004 --field-trial-handle=1904,i,10647970286334563256,10016875080355126084,262144 /prefetch:8
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --disable-gpu-compositing --lang=ru --js-flags=--ms-user-locale=ru_RU --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --time-ticks-at-unix-epoch=-1690016459087238 --launch-time-ticks=115803065 --mojo-platform-channel-handle=5660 --field-trial-handle=1904,i,10647970286334563256,10016875080355126084,262144 /prefetch:1
"C:\Users\aleks\OneDrive\Рабочий стол\Новая папка\AutoLogger.exe" 
"C:\Users\aleks\OneDrive\Рабочий стол\Новая папка\AutoLogger\AV\AV_Z.exe" Script=AV\GeneralScript.txt HiddenMode=0
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=autofill.mojom.TflPredictionsService --lang=ru --service-sandbox-type=utility --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --process-name="Autofill Tfl Predictions" --mojo-platform-channel-handle=11456 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 --brver=23.7.0.2526 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=ru --js-flags=--ms-user-locale=ru_RU --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --time-ticks-at-unix-epoch=-1690016459087238 --launch-time-ticks=211303219 --mojo-platform-channel-handle=5564 --field-trial-handle=1904,i,10647970286334563256,10016875080355126084,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=211779715 --mojo-platform-channel-handle=4968 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=ru --js-flags=--ms-user-locale=ru_RU --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --time-ticks-at-unix-epoch=-1690016459087238 --launch-time-ticks=211964071 --mojo-platform-channel-handle=5788 --field-trial-handle=1904,i,10647970286334563256,10016875080355126084,262144 /prefetch:1
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=ru --service-sandbox-type=none --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --process-name="DeepLinks service" --mojo-platform-channel-handle=9588 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 --brver=23.7.0.2526 /prefetch:8
"C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=4B5B3F55-3249-4D09-ABF7-20294DE82049 --brand-id=yandex --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --disable-gpu-compositing --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --time-ticks-at-unix-epoch=-1690016459099383 --launch-time-ticks=219313878 --mojo-platform-channel-handle=11608 --field-trial-handle=1808,i,4226600404808474994,17418712369771103459,262144 /prefetch:1
\\?\C:\WINDOWS\system32\wbem\WMIADAP.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\aleks\OneDrive\Рабочий стол\Новая папка\AutoLogger\RSIT\RSITx64.exe" /silent /m3 /autolog /logfolder "C:\Users\aleks\OneDrive\Рабочий стол\Новая папка\AutoLogger\RSIT\Log" /hjtp "C:\Users\aleks\OneDrive\Рабочий стол\Новая папка\AutoLogger\RSIT\HiJackThis.exe" /rus 
C:\WINDOWS\system32\wbem\wmiprvse.exe

====== Папка назначенных заданий ======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NoUACCheck
C:\WINDOWS\tasks\Восстановление сервиса обновлений Яндекс Браузера.job - C:\Program Files (x86)\Yandex\YandexBrowser\23.7.0.2526\service_update.exe  --repair
C:\WINDOWS\tasks\Обновление Браузера Яндекс.job - C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe  --background-update --noerrdialogs
C:\WINDOWS\tasks\Системное обновление Браузера Яндекс.job - C:\Program Files (x86)\Yandex\YandexBrowser\23.7.0.2526\service_update.exe  --run-as-launcher
C:\WINDOWS\system32\tasks\BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr
C:\WINDOWS\system32\tasks\Driver Booster Scheduler - "A:\Drivers\Driver Booster\10.3.0\Scheduler.exe" /scheduler
C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (aleks) - "A:\Drivers\Driver Booster\10.3.0\DriverBooster.exe" /skipuac
C:\WINDOWS\system32\tasks\Driver Booster Update - "A:\Drivers\Driver Booster\10.3.0\AutoUpdate.exe" /auto
C:\WINDOWS\system32\tasks\MicrosoftEdgeUpdateTaskMachineCore - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
C:\WINDOWS\system32\tasks\MicrosoftEdgeUpdateTaskMachineUA - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\OneDrive Reporting Task-S-1-5-21-2118527501-3012163230-3361547287-1002 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-2118527501-3012163230-3361547287-1002 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe 
C:\WINDOWS\system32\tasks\Opera GX scheduled assistant Autoupdate 1689958913 - A:\Sai\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="A:\Sai\assistant" $(Arg0)
C:\WINDOWS\system32\tasks\Opera GX scheduled Autoupdate 1689174350 - A:\Sai\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Восстановление сервиса обновлений Яндекс Браузера - C:\Program Files (x86)\Yandex\YandexBrowser\23.7.0.2526\service_update.exe --repair
C:\WINDOWS\system32\tasks\Обновление Браузера Яндекс - C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --background-update --noerrdialogs
C:\WINDOWS\system32\tasks\Системное обновление Браузера Яндекс - C:\Program Files (x86)\Yandex\YandexBrowser\23.7.0.2526\service_update.exe --run-as-launcher
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe $(Arg0) $(Arg1) $(Arg2)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Recovery-Check - %SystemRoot%\System32\dsregcmd.exe /checkrecovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Wininet\winser - "C:\ProgramData\Windows Tasks Service\winserv.exe" Task Service\winserv.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Wininet\winsers - "C:\ProgramData\Windows Tasks Service\winserv.exe" Task Service\winserv.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ManagerService - C:\Programdata\ReaItekHD\taskhostw.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\MicrosoftCheck - C:\Programdata\ReaItekHD\taskhost.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\OnlogonCheck - C:\Programdata\ReaItekHD\taskhostw.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\WinlogonCheck - C:\Programdata\ReaItekHD\taskhost.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Report policies - %systemroot%\system32\usoclient.exe ReportPolicies
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - %systemroot%\system32\usoclient.exe StartMaintenanceWork
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - %systemroot%\system32\usoclient.exe StartWork
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Work - %systemroot%\system32\usoclient.exe StartWork
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Start Oobe Expedite Work - %systemroot%\system32\usoclient.exe StartWork
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan - %systemroot%\system32\usoclient.exe StartOobeAppsScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\UpdateModelTask - %systemroot%\system32\usoclient.exe StartModelUpdates
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - %systemroot%\system32\MusNotification.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - %systemroot%\system32\usoclient.exe HandleUusFailoverSignal
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr - %windir%\System32\UNP\UpdateNotificationMgr.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\StateRepository\MaintenanceTasks - %windir%\system32\rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\LoginCheck - %windir%\system32\sc.exe start pushtoinstall login
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\Registration - %windir%\system32\sc.exe start pushtoinstall registration
C:\WINDOWS\system32\tasks\Microsoft\Windows\Printing\EduPrintProv - %windir%\system32\eduprintprov.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI - %WINDIR%\system32\SecureBootEncodeUEFI.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - %windir%\system32\MdmDiagnosticsTool.exe /clean
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Retry - %windir%\system32\ProvTool.exe /turn 5 /source ProvRetryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\RunOnReboot - %windir%\system32\ProvTool.exe /turn 5 /source ContinueSessionTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Kernel\La57Cleanup - %windir%\system32\la57setup.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autocleanstoragesense /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater - %windir%\system32\directxdatabaseupdater.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DirectX\DXGIAdapterCache - %windir%\system32\dxgiadaptercache.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe SystemCxt
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device User - %windir%\system32\devicecensus.exe UserCxt
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\LicenseImdsIntegration - %SystemRoot%\system32\fclip.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Chkdsk\SyspartRepair - %windir%\system32\bcdboot.exe %windir% /sysrepair
C:\WINDOWS\system32\tasks\Microsoft\Windows\CheckGlobalI\RecoveryHosts - C:\Programdata\Microsoft\stiqa\script.bat
C:\WINDOWS\system32\tasks\Microsoft\Windows\CheckGlobalI\RecoveryTask - C:\Programdata\ReaItekHD\taskhostw.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\CheckGlobalI\stiqa - C:\Programdata\ReaItekHD\taskhost.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\capabilityaccessmanager\maintenancetasks - %windir%\system32\rundll32.exe %windir%\system32\CapabilityAccessManager.dll,CapabilityAccessManagerDoStoreMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask - %windir%\system32\rundll32.exe %windir%\system32\PcaSvc.dll,PcaPatchSdbTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\VisualStudio\Updates\BackgroundDownload - C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates 2.0 - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /frequentupdate SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Feature Updates - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Feature Updates Logon - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /onlogon

=========Google Chrome=========

C:\Users\aleks\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

======Снимок реестра ======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.86\BHO\ie_to_edge_bho_64.dll [2023-07-17 589208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2023-04-11 737440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2023-04-11 351392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.86\BHO\ie_to_edge_bho.dll [2023-07-17 454552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-06-23 152392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2021-12-08 266240]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2023-03-27 19572536]
"Realtek HD Audio"=C:\ProgramData\ReaItekHD\taskhostw.exe [2023-05-23 31202832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MicrosoftEdgeAutoLaunch_5BDEC6DC312BF813B78A502D81A184DB"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2023-07-17 4113816]
"YandexBrowserAutoLaunch_7D37B53B17E73830CA8B458CF9DF395B"=C:\Users\aleks\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2023-07-13 4891800]
"Discord"=C:\Users\aleks\AppData\Local\Discord\Update.exe [2023-02-13 1525016]
"Steam"=A:\Steam\steam.exe [2023-07-11 4371816]
"electron.app.BlueStacks Services"=C:\Users\aleks\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [2023-03-23 157858648]
"Lesta Game Center"=A:\Steam Games\Lesta\GameCenter\lgc.exe [2023-06-21 1938048]
"ut"=C:\Users\aleks\AppData\Roaming\uTorrent\uTorrent.exe [2023-06-15 2065928]
"vidnotifier.exe"=C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [2023-07-20 1792360]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2022-09-15 711288]
"RadminVPN"=C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2023-04-17 2137152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nvdimm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966cb1-4d46-4166-bf23-c522403cd495}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nvdimm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{53966cb1-4d46-4166-bf23-c522403cd495}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"FilterAdministratorToken"=1
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"DisallowRun"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}]
"StubPath" = "C:\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.86\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave5"=wdmaud.drv
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll

====== Ассоциации файлов ======

.inf - open - 
.inf - install - 
.ini - open - 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - 

====== Список файлов и папок, созданных за последние 3 месяца ======

2023-07-22 10:59:08 ----D---- C:\WINDOWS\Microsoft Antimalware
2023-07-22 07:26:46 ----A---- C:\WINDOWS\ntbtlog.txt
2023-07-22 01:59:08 ----D---- C:\Program Files\Unlocker
2023-07-22 01:53:23 ----SHD---- C:\Program Files (x86)\SpeedFan
2023-07-22 01:53:22 ----SHD---- C:\Program Files\RogueKiller
2023-07-22 01:53:22 ----SHD---- C:\Program Files (x86)\Moo0
2023-07-22 01:53:21 ----SHD---- C:\Program Files\SUPERAntiSpyware
2023-07-22 01:53:21 ----SHD---- C:\Program Files\EnigmaSoft
2023-07-22 01:53:20 ----SHD---- C:\ProgramData\princeton-produce
2023-07-22 01:53:19 ----SHD---- C:\Program Files\Transmission
2023-07-22 01:53:19 ----SHD---- C:\Program Files\Process Hacker 2
2023-07-22 01:53:19 ----SHD---- C:\Program Files (x86)\Transmission
2023-07-22 01:53:18 ----SHD---- C:\Program Files (x86)\IObit
2023-07-22 01:53:17 ----SHD---- C:\ProgramData\FingerPrint
2023-07-22 01:53:17 ----SHD---- C:\ProgramData\BookManager
2023-07-22 01:53:17 ----SHD---- C:\Program Files (x86)\Panda Security
2023-07-22 01:53:16 ----SHD---- C:\ProgramData\PuzzleMedia
2023-07-22 01:53:16 ----SHD---- C:\ProgramData\ESET
2023-07-22 01:53:15 ----SHD---- C:\ProgramData\WavePad
2023-07-22 01:53:15 ----SHD---- C:\ProgramData\RobotDemo
2023-07-22 01:53:15 ----SHD---- C:\ProgramData\Evernote
2023-07-22 01:53:14 ----SHD---- C:\Program Files\Ravantivirus
2023-07-22 01:53:14 ----SHD---- C:\Program Files\Process Lasso
2023-07-22 01:53:13 ----SHD---- C:\Program Files\Loaris Trojan Remover
2023-07-22 01:53:13 ----SHD---- C:\Program Files\ESET
2023-07-22 01:53:13 ----SHD---- C:\Program Files (x86)\GRIZZLY Antivirus
2023-07-22 01:53:13 ----D---- C:\ProgramData\Avira
2023-07-22 01:53:12 ----SHD---- C:\ProgramData\McAfee
2023-07-22 01:53:12 ----SHD---- C:\Program Files\Rainmeter
2023-07-22 01:53:12 ----SHD---- C:\Program Files\Common Files\McAfee
2023-07-22 01:53:12 ----SHD---- C:\Program Files\Cezurity
2023-07-22 01:53:11 ----SHD---- C:\ProgramData\grizzly
2023-07-22 01:53:11 ----SHD---- C:\ProgramData\Doctor Web
2023-07-22 01:53:11 ----SHD---- C:\Program Files (x86)\Cezurity
2023-07-22 01:53:10 ----SHD---- C:\Program Files\DrWeb
2023-07-22 01:53:10 ----SHD---- C:\Program Files\Common Files\Doctor Web
2023-07-22 01:53:10 ----SHD---- C:\Program Files\Common Files\AV
2023-07-22 01:53:09 ----SHD---- C:\Program Files\Bitdefender Agent
2023-07-22 01:53:09 ----SHD---- C:\Program Files (x86)\Kaspersky Lab
2023-07-22 01:53:08 ----SHD---- C:\Program Files\Kaspersky Lab
2023-07-22 01:53:08 ----SHD---- C:\Program Files\HitmanPro
2023-07-22 01:53:07 ----SHD---- C:\ProgramData\Kaspersky Lab
2023-07-22 01:53:06 ----SHD---- C:\ProgramData\Norton
2023-07-22 01:53:06 ----SHD---- C:\ProgramData\Kaspersky Lab Setup Files
2023-07-22 01:53:06 ----SHD---- C:\Program Files\AVG
2023-07-22 01:53:06 ----SHD---- C:\Program Files (x86)\AVG
2023-07-22 01:53:05 ----SHD---- C:\ProgramData\AVAST Software
2023-07-22 01:53:05 ----SHD---- C:\Program Files\SpyHunter
2023-07-22 01:53:05 ----SHD---- C:\Program Files\AVAST Software
2023-07-22 01:53:05 ----SHD---- C:\Program Files (x86)\AVAST Software
2023-07-22 01:53:04 ----SHD---- C:\Program Files\Enigma Software Group
2023-07-22 01:53:04 ----SHD---- C:\Program Files\COMODO
2023-07-22 01:53:03 ----SHD---- C:\ProgramData\360safe
2023-07-22 01:53:03 ----SHD---- C:\Program Files\Malwarebytes
2023-07-22 01:53:03 ----SHD---- C:\Program Files (x86)\SpyHunter
2023-07-22 01:53:02 ----SHD---- C:\Program Files (x86)\360
2023-07-22 01:53:02 ----SHD---- C:\FRST
2023-07-22 01:53:01 ----SHD---- C:\Program Files\ByteFence
2023-07-22 01:53:01 ----SHD---- C:\KVRT2020_Data
2023-07-22 01:53:00 ----SHD---- C:\AdwCleaner
2023-07-22 01:52:58 ----SHD---- C:\Program Files (x86)\Microsoft JDX
2023-07-22 01:52:58 ----D---- C:\WINDOWS\fonts\Mysql
2023-07-22 01:52:57 ----SHD---- C:\ProgramData\MB3Install
2023-07-22 01:52:57 ----SHD---- C:\ProgramData\Malwarebytes
2023-07-22 01:52:57 ----D---- C:\WINDOWS\speechstracing
2023-07-22 01:52:53 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2023-07-22 01:52:52 ----HD---- C:\Program Files\RDP Wrapper
2023-07-22 01:52:51 ----D---- C:\Users\aleks\AppData\Roaming\RMS_settings
2023-07-22 01:52:47 ----SHD---- C:\ProgramData\Windows Tasks Service
2023-07-22 01:52:33 ----SHD---- C:\KVRT_Data
2023-07-22 01:52:10 ----SHD---- C:\ProgramData\WindowsTask
2023-07-22 01:52:10 ----SHD---- C:\ProgramData\RunDLL
2023-07-22 01:52:10 ----SHD---- C:\ProgramData\ReaItekHD
2023-07-22 01:52:10 ----D---- C:\ProgramData\System32
2023-07-22 01:51:56 ----SHD---- C:\ProgramData\Install
2023-07-22 01:51:43 ----SHD---- C:\ProgramData\Setup
2023-07-22 01:33:15 ----D---- C:\Program Files (x86)\FreeCodecPack
2023-07-22 01:32:23 ----D---- C:\Users\aleks\AppData\Roaming\DVDVideoSoft
2023-07-22 01:21:12 ----D---- C:\Users\aleks\AppData\Roaming\Techsmith
2023-07-22 01:20:23 ----D---- C:\Program Files\Common Files\TechSmith Shared
2023-07-22 01:20:22 ----D---- C:\ProgramData\TechSmith
2023-07-20 21:57:48 ----D---- C:\Users\aleks\AppData\Roaming\com.adobe.dunamis
2023-07-20 21:56:17 ----D---- C:\Program Files\Common Files\Adobe
2023-07-20 21:54:40 ----D---- C:\ProgramData\Adobe
2023-07-17 20:27:27 ----A---- C:\WINDOWS\SYSWOW64\WinTab32.dll
2023-07-17 20:26:51 ----D---- C:\Users\aleks\AppData\Roaming\Pentablet V3
2023-07-17 20:26:50 ----A---- C:\WINDOWS\system32\WdfCoInstaller01009.dll
2023-07-17 20:26:49 ----A---- C:\WINDOWS\system32\drivers\hanvonugeemfilter.sys
2023-07-17 20:26:48 ----A---- C:\WINDOWS\system32\drivers\XPPenTablet.sys
2023-07-17 20:26:47 ----A---- C:\WINDOWS\system32\drivers\hidkmdf.sys
2023-07-14 01:25:31 ----A---- C:\WINDOWS\SYSWOW64\dfshim.dll
2023-07-14 01:25:31 ----A---- C:\WINDOWS\system32\dfshim.dll
2023-07-13 01:27:39 ----A---- C:\WINDOWS\system32\HoYoKProtect.sys
2023-07-12 22:09:22 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2023-07-12 22:09:20 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2023-07-12 22:09:20 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2023-07-12 22:09:20 ----A---- C:\WINDOWS\system32\wmp.dll
2023-07-12 22:09:20 ----A---- C:\WINDOWS\system32\fveapibase.dll
2023-07-12 22:09:20 ----A---- C:\WINDOWS\system32\fveapi.dll
2023-07-12 22:09:19 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2023-07-12 22:09:17 ----A---- C:\WINDOWS\system32\cdp.dll
2023-07-12 22:09:14 ----A---- C:\WINDOWS\SYSWOW64\quickassist.exe
2023-07-12 22:09:14 ----A---- C:\WINDOWS\system32\quickassist.exe
2023-07-12 22:09:13 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2023-07-12 22:09:13 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2023-07-12 22:09:13 ----A---- C:\WINDOWS\system32\ntkrla57.exe
2023-07-12 22:09:12 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2023-07-12 22:09:12 ----A---- C:\WINDOWS\SYSWOW64\MFPlay.dll
2023-07-12 22:09:12 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2023-07-12 22:09:12 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2023-07-12 22:09:12 ----A---- C:\WINDOWS\system32\HoloSHExtensions.dll
2023-07-12 22:09:12 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2023-07-12 22:09:11 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2023-07-12 22:09:11 ----A---- C:\WINDOWS\system32\mfsvr.dll
2023-07-12 22:09:11 ----A---- C:\WINDOWS\system32\mfps.dll
2023-07-12 22:09:11 ----A---- C:\WINDOWS\system32\MFPlay.dll
2023-07-12 22:09:11 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2023-07-12 22:09:11 ----A---- C:\WINDOWS\system32\mfcore.dll
2023-07-12 22:09:11 ----A---- C:\WINDOWS\system32\mf.dll
2023-07-12 22:09:10 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.AppAgent.dll
2023-07-12 22:09:10 ----A---- C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2023-07-12 22:09:10 ----A---- C:\WINDOWS\system32\drivers\AppvVfs.sys
2023-07-12 22:09:10 ----A---- C:\WINDOWS\system32\drivers\AppvVemgr.sys
2023-07-12 22:09:10 ----A---- C:\WINDOWS\system32\drivers\AppVStrm.sys
2023-07-12 22:09:10 ----A---- C:\WINDOWS\system32\CustomShellHost.exe
2023-07-12 22:09:10 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2023-07-12 22:09:10 ----A---- C:\WINDOWS\system32\AppVClient.exe
2023-07-12 22:09:09 ----A---- C:\WINDOWS\system32\fclip.exe
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\lsmproxy.dll
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\drttransport.dll
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\drtprov.dll
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\drt.dll
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\AcXtrnal.dll
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2023-07-12 22:09:08 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2023-07-12 22:09:07 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2023-07-12 22:09:07 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2023-07-12 22:09:07 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2023-07-12 22:09:07 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2023-07-12 22:09:07 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2023-07-12 22:09:07 ----A---- C:\WINDOWS\SYSWOW64\certreq.exe
2023-07-12 22:09:06 ----A---- C:\WINDOWS\SYSWOW64\WlanMM.dll
2023-07-12 22:09:06 ----A---- C:\WINDOWS\SYSWOW64\sqlsrv32.dll
2023-07-12 22:09:06 ----A---- C:\WINDOWS\SYSWOW64\odbc32.dll
2023-07-12 22:09:06 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2023-07-12 22:09:06 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2023-07-12 22:09:06 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2023-07-12 22:09:06 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2023-07-12 22:09:05 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2023-07-12 22:09:05 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2023-07-12 22:09:05 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2023-07-12 22:09:03 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2023-07-12 22:09:02 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2023-07-12 22:09:02 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\upnphost.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\mtxclu.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\msdtcuiu.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\msdtcspoffln.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\iassvcs.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\iassdo.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\iashlpr.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\iasdatastore.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\dswave.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\dmusic.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\dmsynth.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\dmstyle.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\dmscript.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\dmloader.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\dmime.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\dmcompos.dll
2023-07-12 22:09:00 ----A---- C:\WINDOWS\SYSWOW64\dmband.dll
2023-07-12 22:08:59 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2023-07-12 22:08:59 ----A---- C:\WINDOWS\system32\SIHClient.exe
2023-07-12 22:08:59 ----A---- C:\WINDOWS\system32\RDSAppXHelper.dll
2023-07-12 22:08:59 ----A---- C:\WINDOWS\system32\drttransport.dll
2023-07-12 22:08:59 ----A---- C:\WINDOWS\system32\drtprov.dll
2023-07-12 22:08:59 ----A---- C:\WINDOWS\system32\drt.dll
2023-07-12 22:08:59 ----A---- C:\WINDOWS\system32\CXHProvisioningServer.dll
2023-07-12 22:08:59 ----A---- C:\WINDOWS\system32\AcXtrnal.dll
2023-07-12 22:08:59 ----A---- C:\WINDOWS\system32\AcLayers.dll
2023-07-12 22:08:59 ----A---- C:\WINDOWS\system32\AcGenral.dll
2023-07-12 22:08:58 ----A---- C:\WINDOWS\system32\tsgqec.dll
2023-07-12 22:08:58 ----A---- C:\WINDOWS\system32\termsrv.dll
2023-07-12 22:08:58 ----A---- C:\WINDOWS\system32\SessEnv.dll
2023-07-12 22:08:58 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2023-07-12 22:08:58 ----A---- C:\WINDOWS\system32\mstsc.exe
2023-07-12 22:08:58 ----A---- C:\WINDOWS\system32\lsmproxy.dll
2023-07-12 22:08:57 ----A---- C:\WINDOWS\system32\wsp_health.dll
2023-07-12 22:08:57 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2023-07-12 22:08:57 ----A---- C:\WINDOWS\system32\rdpudd.dll
2023-07-12 22:08:57 ----A---- C:\WINDOWS\system32\rdpclip.exe
2023-07-12 22:08:57 ----A---- C:\WINDOWS\system32\nltest.exe
2023-07-12 22:08:57 ----A---- C:\WINDOWS\system32\mstscax.dll
2023-07-12 22:08:57 ----A---- C:\WINDOWS\system32\certutil.exe
2023-07-12 22:08:57 ----A---- C:\WINDOWS\system32\certreq.exe
2023-07-12 22:08:56 ----A---- C:\WINDOWS\system32\rdpcredentialprovider.dll
2023-07-12 22:08:56 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2023-07-12 22:08:56 ----A---- C:\WINDOWS\system32\offreg.dll
2023-07-12 22:08:56 ----A---- C:\WINDOWS\system32\nshwfp.dll
2023-07-12 22:08:56 ----A---- C:\WINDOWS\system32\msimsg.dll
2023-07-12 22:08:56 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2023-07-12 22:08:55 ----A---- C:\WINDOWS\system32\wshrm.dll
2023-07-12 22:08:55 ----A---- C:\WINDOWS\system32\WlanMM.dll
2023-07-12 22:08:55 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2023-07-12 22:08:55 ----A---- C:\WINDOWS\system32\odbc32.dll
2023-07-12 22:08:55 ----A---- C:\WINDOWS\system32\msi.dll
2023-07-12 22:08:55 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2023-07-12 22:08:55 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2023-07-12 22:08:55 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2023-07-12 22:08:53 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2023-07-12 22:08:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2023-07-12 22:08:51 ----A---- C:\WINDOWS\system32\mshtml.dll
2023-07-12 22:08:50 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2023-07-12 22:08:50 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2023-07-12 22:08:46 ----A---- C:\WINDOWS\system32\wiatrace.dll
2023-07-12 22:08:46 ----A---- C:\WINDOWS\system32\wiaservc.dll
2023-07-12 22:08:46 ----A---- C:\WINDOWS\system32\wiarpc.dll
2023-07-12 22:08:46 ----A---- C:\WINDOWS\system32\sti.dll
2023-07-12 22:08:46 ----A---- C:\WINDOWS\system32\edgehtml.dll
2023-07-12 22:08:45 ----A---- C:\WINDOWS\system32\iassvcs.dll
2023-07-12 22:08:45 ----A---- C:\WINDOWS\system32\iassdo.dll
2023-07-12 22:08:45 ----A---- C:\WINDOWS\system32\iashlpr.dll
2023-07-12 22:08:45 ----A---- C:\WINDOWS\system32\iasdatastore.dll
2023-07-12 22:08:45 ----A---- C:\WINDOWS\system32\EsclWiaDriver.dll
2023-07-12 22:08:44 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2023-07-12 22:08:44 ----A---- C:\WINDOWS\system32\werconcpl.dll
2023-07-12 22:08:44 ----A---- C:\WINDOWS\system32\dswave.dll
2023-07-12 22:08:42 ----A---- C:\WINDOWS\system32\dmusic.dll
2023-07-12 22:08:42 ----A---- C:\WINDOWS\system32\dmsynth.dll
2023-07-12 22:08:41 ----A---- C:\WINDOWS\system32\dmloader.dll
2023-07-12 22:08:36 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2023-07-12 22:08:35 ----A---- C:\WINDOWS\system32\xolehlp.dll
2023-07-12 22:08:35 ----A---- C:\WINDOWS\system32\mtxclu.dll
2023-07-12 22:08:35 ----A---- C:\WINDOWS\system32\msdtctm.dll
2023-07-12 22:08:35 ----A---- C:\WINDOWS\system32\msdtcspoffln.dll
2023-07-12 22:08:35 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2023-07-12 22:08:35 ----A---- C:\WINDOWS\system32\msdtclog.dll
2023-07-12 22:08:35 ----A---- C:\WINDOWS\system32\msdtckrm.dll
2023-07-12 22:08:35 ----A---- C:\WINDOWS\system32\msdtc.exe
2023-07-12 22:08:32 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2023-07-12 22:08:32 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2023-07-12 22:08:32 ----A---- C:\WINDOWS\system32\computestorage.dll
2023-07-12 22:08:30 ----A---- C:\WINDOWS\system32\sdshext.dll
2023-07-12 22:08:30 ----A---- C:\WINDOWS\system32\sdrsvc.dll
2023-07-12 22:08:30 ----A---- C:\WINDOWS\system32\sdclt.exe
2023-07-12 22:08:29 ----A---- C:\WINDOWS\system32\skci.dll
2023-07-12 22:08:29 ----A---- C:\WINDOWS\system32\sdengin2.dll
2023-07-12 22:08:28 ----A---- C:\WINDOWS\system32\tcbloader.dll
2023-07-12 22:08:28 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2023-07-12 22:08:27 ----A---- C:\WINDOWS\system32\upnphost.dll
2023-07-12 22:08:27 ----A---- C:\WINDOWS\system32\SecureBootEncodeUEFI.exe
2023-07-12 22:08:27 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2023-07-12 22:08:27 ----A---- C:\WINDOWS\system32\hvloader.dll
2023-07-12 22:08:27 ----A---- C:\WINDOWS\system32\hvix64.exe
2023-07-12 22:08:27 ----A---- C:\WINDOWS\system32\hvax64.exe
2023-07-12 22:08:26 ----A---- C:\WINDOWS\SYSWOW64\SmartcardCredentialProvider.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\WLanConn.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\rtm.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\msaatext.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\mprdim.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\iprtprio.dll
2023-07-12 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\drvsetup.dll
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.ProxyStub.dll
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundPlayback.exe
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\proquota.exe
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2023-07-12 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\wutrust.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\WerEnc.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\userenv.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\schedcli.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\ocsetapi.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\keyiso.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\devrtl.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\devobj.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\credprovslegacy.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\console.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\cfgmgr32.dll
2023-07-12 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\bcrypt.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.Search.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\tdhres.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\negoexts.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2023-07-12 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2023-07-12 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2023-07-12 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2023-07-12 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryCore.dll
2023-07-12 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2023-07-12 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2023-07-12 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2023-07-12 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2023-07-12 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2023-07-12 22:08:18 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2023-07-12 22:08:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2023-07-12 22:08:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2023-07-12 22:08:18 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2023-07-12 22:08:18 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2023-07-12 22:08:18 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2023-07-12 22:08:17 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2023-07-12 22:08:17 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2023-07-12 22:08:17 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2023-07-12 22:08:17 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2023-07-12 22:08:17 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2023-07-12 22:08:17 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2023-07-12 22:08:17 ----A---- C:\WINDOWS\SYSWOW64\InkObjCore.dll
2023-07-12 22:08:16 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2023-07-12 22:08:16 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2023-07-12 22:08:16 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2023-07-12 22:08:16 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2023-07-12 22:08:16 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2023-07-12 22:08:16 ----A---- C:\WINDOWS\SYSWOW64\crypttpmeksvc.dll
2023-07-12 22:08:16 ----A---- C:\WINDOWS\SYSWOW64\ApiSetHost.AppExecutionAlias.dll
2023-07-12 22:08:15 ----A---- C:\WINDOWS\SYSWOW64\winsta.dll
2023-07-12 22:08:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2023-07-12 22:08:15 ----A---- C:\WINDOWS\SYSWOW64\ReAgentc.exe
2023-07-12 22:08:15 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2023-07-12 22:08:15 ----A---- C:\WINDOWS\SYSWOW64\IDStore.dll
2023-07-12 22:08:15 ----A---- C:\WINDOWS\SYSWOW64\dot3msm.dll
2023-07-12 22:08:15 ----A---- C:\WINDOWS\SYSWOW64\dot3api.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\wscproxystub.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\wscisvif.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\profapi.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\fcon.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\dsound.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\dsdmo.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\system32\ServicingUAPI.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\system32\rtm.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\system32\mprdim.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\system32\iprtprio.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\system32\drvsetup.dll
2023-07-12 22:08:14 ----A---- C:\WINDOWS\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\WLanConn.dll
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\umb.dll
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\sppobjs.dll
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\sppcext.dll
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\setupapi.dll
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\SetProxyCredential.dll
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\pnputil.exe
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\pnppolicy.dll
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\newdev.dll
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\msaatext.dll
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\drvinst.exe
2023-07-12 22:08:13 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2023-07-12 22:08:12 ----A---- C:\WINDOWS\system32\tpmvscmgrsvr.exe
2023-07-12 22:08:12 ----A---- C:\WINDOWS\system32\sppsvc.exe
2023-07-12 22:08:12 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2023-07-12 22:08:12 ----A---- C:\WINDOWS\system32\rmttpmvscmgrsvr.exe
2023-07-12 22:08:12 ----A---- C:\WINDOWS\system32\immersivetpmvscmgrsvr.exe
2023-07-12 22:08:12 ----A---- C:\WINDOWS\system32\certprop.dll
2023-07-12 22:08:10 ----A---- C:\WINDOWS\system32\twext.dll
2023-07-12 22:08:10 ----A---- C:\WINDOWS\system32\shell32.dll
2023-07-12 22:08:10 ----A---- C:\WINDOWS\system32\msIso.dll
2023-07-12 22:08:10 ----A---- C:\WINDOWS\system32\lapscsp.dll
2023-07-12 22:08:10 ----A---- C:\WINDOWS\system32\laps.dll
2023-07-12 22:08:10 ----A---- C:\WINDOWS\system32\iertutil.dll
2023-07-12 22:08:10 ----A---- C:\WINDOWS\system32\gpapi.dll
2023-07-12 22:08:10 ----A---- C:\WINDOWS\system32\edgeIso.dll
2023-07-12 22:08:09 ----A---- C:\WINDOWS\system32\proquota.exe
2023-07-12 22:08:09 ----A---- C:\WINDOWS\system32\profsvcext.dll
2023-07-12 22:08:09 ----A---- C:\WINDOWS\system32\profprov.dll
2023-07-12 22:08:09 ----A---- C:\WINDOWS\system32\LocationFrameworkPS.dll
2023-07-12 22:08:09 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2023-07-12 22:08:09 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2023-07-12 22:08:09 ----A---- C:\WINDOWS\system32\gpsvc.dll
2023-07-12 22:08:08 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2023-07-12 22:08:08 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2023-07-12 22:08:08 ----A---- C:\WINDOWS\system32\policymanager.dll
2023-07-12 22:08:08 ----A---- C:\WINDOWS\system32\omadmclient.exe
2023-07-12 22:08:08 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2023-07-12 22:08:08 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2023-07-12 22:08:08 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2023-07-12 22:08:08 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2023-07-12 22:08:08 ----A---- C:\WINDOWS\system32\credprovslegacy.dll
2023-07-12 22:08:08 ----A---- C:\WINDOWS\system32\configmanager2.dll
2023-07-12 22:08:08 ----A---- C:\WINDOWS\fonts\StaticCache.dat
2023-07-12 22:08:07 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2023-07-12 22:08:07 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2023-07-12 22:08:07 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2023-07-12 22:08:07 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundPlayback.exe
2023-07-12 22:08:07 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2023-07-12 22:08:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2023-07-12 22:08:07 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2023-07-12 22:08:07 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2023-07-12 22:08:07 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2023-07-12 22:08:07 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2023-07-12 22:08:06 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2023-07-12 22:08:05 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\wuuhext.dll
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\wuuhdrv.dll
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\winlogon.exe
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\ReAgentc.exe
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\netlogon.dll
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\Facilitator.dll
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\drivers\tcpipreg.sys
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2023-07-12 22:08:05 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2023-07-12 22:08:04 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2023-07-12 22:08:04 ----A---- C:\WINDOWS\system32\KernelBase.dll
2023-07-12 22:08:04 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2023-07-12 22:08:04 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2023-07-12 22:08:03 ----A---- C:\WINDOWS\system32\profapi.dll
2023-07-12 22:08:03 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2023-07-12 22:08:03 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2023-07-12 22:08:03 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2023-07-12 22:08:02 ----A---- C:\WINDOWS\system32\WerEnc.dll
2023-07-12 22:08:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2023-07-12 22:08:02 ----A---- C:\WINDOWS\system32\ntdll.dll
2023-07-12 22:08:02 ----A---- C:\WINDOWS\system32\Faultrep.dll
2023-07-12 22:08:02 ----A---- C:\WINDOWS\system32\dab.dll
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\WerFault.exe
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\utcutil.dll
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\utcapi.dll
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\runexehelper.exe
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\lsaadt.dll
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\dtdump.exe
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\diagtrack.dll
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\diagnosticdataquery.dll
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\devrtl.dll
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\devobj.dll
2023-07-12 22:08:01 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\wkscli.dll
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\userenv.dll
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\srvcli.dll
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\schedcli.dll
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\oleaut32.dll
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\logoncli.dll
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\keyiso.dll
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\drivers\http.sys
2023-07-12 22:08:00 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2023-07-12 22:07:59 ----A---- C:\WINDOWS\system32\wldp.dll
2023-07-12 22:07:59 ----A---- C:\WINDOWS\system32\samsrv.dll
2023-07-12 22:07:59 ----A---- C:\WINDOWS\system32\samlib.dll
2023-07-12 22:07:59 ----A---- C:\WINDOWS\system32\profsvc.dll
2023-07-12 22:07:59 ----A---- C:\WINDOWS\system32\offlinesam.dll
2023-07-12 22:07:59 ----A---- C:\WINDOWS\system32\crypt32.dll
2023-07-12 22:07:59 ----A---- C:\WINDOWS\system32\ci.dll
2023-07-12 22:07:58 ----A---- C:\WINDOWS\system32\ocsetapi.dll
2023-07-12 22:07:58 ----A---- C:\WINDOWS\system32\dwmcore.dll
2023-07-12 22:07:58 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2023-07-12 22:07:58 ----A---- C:\WINDOWS\system32\console.dll
2023-07-12 22:07:58 ----A---- C:\WINDOWS\system32\conhost.exe
2023-07-12 22:07:58 ----A---- C:\WINDOWS\system32\comsvcs.dll
2023-07-12 22:07:58 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2023-07-12 22:07:58 ----A---- C:\WINDOWS\system32\bcrypt.dll
2023-07-12 22:07:57 ----A---- C:\WINDOWS\system32\winresume.exe
2023-07-12 22:07:57 ----A---- C:\WINDOWS\system32\winload.exe
2023-07-12 22:07:54 ----A---- C:\WINDOWS\system32\tier2punctuations.dll
2023-07-12 22:07:53 ----A---- C:\WINDOWS\system32\SRH.dll
2023-07-12 22:07:53 ----A---- C:\WINDOWS\system32\ShellAppRuntime.exe
2023-07-12 22:07:53 ----A---- C:\WINDOWS\system32\osk.exe
2023-07-12 22:07:53 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2023-07-12 22:07:53 ----A---- C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2023-07-12 22:07:52 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2023-07-12 22:07:52 ----A---- C:\WINDOWS\system32\wups2.dll
2023-07-12 22:07:52 ----A---- C:\WINDOWS\system32\wuauclt.exe
2023-07-12 22:07:52 ----A---- C:\WINDOWS\system32\UpdateDeploy.dll
2023-07-12 22:07:52 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2023-07-12 22:07:52 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2023-07-12 22:07:51 ----A---- C:\WINDOWS\system32\wutrust.dll
2023-07-12 22:07:51 ----A---- C:\WINDOWS\system32\wups.dll
2023-07-12 22:07:51 ----A---- C:\WINDOWS\system32\wuaueng.dll
2023-07-12 22:07:51 ----A---- C:\WINDOWS\system32\wuapi.dll
2023-07-12 22:07:51 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2023-07-12 22:07:51 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2023-07-12 22:07:51 ----A---- C:\WINDOWS\system32\NetworkUXBroker.dll
2023-07-12 22:07:51 ----A---- C:\WINDOWS\system32\EthernetMediaManager.dll
2023-07-12 22:07:50 ----A---- C:\WINDOWS\system32\tdhres.dll
2023-07-12 22:07:50 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2023-07-12 22:07:50 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2023-07-12 22:07:50 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2023-07-12 22:07:50 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2023-07-12 22:07:49 ----A---- C:\WINDOWS\system32\winsta.dll
2023-07-12 22:07:49 ----A---- C:\WINDOWS\system32\Windows.Internal.ShellCommon.dll
2023-07-12 22:07:49 ----A---- C:\WINDOWS\system32\wcimage.dll
2023-07-12 22:07:49 ----A---- C:\WINDOWS\system32\wc_storage.dll
2023-07-12 22:07:49 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2023-07-12 22:07:49 ----A---- C:\WINDOWS\system32\lsm.dll
2023-07-12 22:07:49 ----A---- C:\WINDOWS\system32\kernel32.dll
2023-07-12 22:07:49 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2023-07-12 22:07:49 ----A---- C:\WINDOWS\system32\daxexec.dll
2023-07-12 22:07:49 ----A---- C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2023-07-12 22:07:48 ----A---- C:\WINDOWS\system32\win32u.dll
2023-07-12 22:07:48 ----A---- C:\WINDOWS\system32\win32kfull.sys
2023-07-12 22:07:48 ----A---- C:\WINDOWS\system32\win32k.sys
2023-07-12 22:07:48 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2023-07-12 22:07:48 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2023-07-12 22:07:48 ----A---- C:\WINDOWS\system32\rdpbase.dll
2023-07-12 22:07:48 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2023-07-12 22:07:47 ----A---- C:\WINDOWS\system32\wpnservice.dll
2023-07-12 22:07:47 ----A---- C:\WINDOWS\system32\wpncore.dll
2023-07-12 22:07:47 ----A---- C:\WINDOWS\system32\Windows.Storage.Search.dll
2023-07-12 22:07:47 ----A---- C:\WINDOWS\system32\negoexts.dll
2023-07-12 22:07:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2023-07-12 22:07:47 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2023-07-12 22:07:47 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2023-07-12 22:07:47 ----A---- C:\WINDOWS\system32\cdd.dll
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\wpnapps.dll
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\kerberos.dll
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2023-07-12 22:07:46 ----A---- C:\WINDOWS\system32\BFE.DLL
2023-07-12 22:07:45 ----A---- C:\WINDOWS\system32\wintrust.dll
2023-07-12 22:07:45 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2023-07-12 22:07:45 ----A---- C:\WINDOWS\system32\profext.dll
2023-07-12 22:07:45 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2023-07-12 22:07:44 ----A---- C:\WINDOWS\system32\windows.storage.dll
2023-07-12 22:07:43 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2023-07-12 22:07:43 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2023-07-12 22:07:43 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2023-07-12 22:07:43 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2023-07-12 22:07:43 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2023-07-12 22:07:43 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2023-07-12 22:07:43 ----A---- C:\WINDOWS\system32\storewuauth.dll
2023-07-12 22:07:43 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2023-07-12 22:07:43 ----A---- C:\WINDOWS\system32\InstallService.dll
2023-07-12 22:07:42 ----A---- C:\WINDOWS\system32\tquery.dll
2023-07-12 22:07:42 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2023-07-12 22:07:42 ----A---- C:\WINDOWS\system32\mssrch.dll
2023-07-12 22:07:42 ----A---- C:\WINDOWS\system32\mssprxy.dll
2023-07-12 22:07:42 ----A---- C:\WINDOWS\system32\ISM.dll
2023-07-12 22:07:42 ----A---- C:\WINDOWS\system32\InkObjCore.dll
2023-07-12 22:07:41 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2023-07-12 22:07:41 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2023-07-12 22:07:41 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2023-07-12 22:07:41 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2023-07-12 22:07:41 ----A---- C:\WINDOWS\system32\mssvp.dll
2023-07-12 22:07:41 ----A---- C:\WINDOWS\system32\mssph.dll
2023-07-12 22:07:41 ----A---- C:\WINDOWS\system32\mssitlb.dll
2023-07-12 22:07:41 ----A---- C:\WINDOWS\system32\msscntrs.dll
2023-07-12 22:07:40 ----A---- C:\WINDOWS\system32\win32kbase.sys
2023-07-12 22:07:39 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2023-07-12 22:07:26 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2023-07-12 22:07:26 ----A---- C:\WINDOWS\system32\IDStore.dll
2023-07-12 22:07:26 ----A---- C:\WINDOWS\system32\GameInput.dll
2023-07-12 22:07:26 ----A---- C:\WINDOWS\system32\crypttpmeksvc.dll
2023-07-12 22:07:26 ----A---- C:\WINDOWS\system32\appinfo.dll
2023-07-12 22:07:26 ----A---- C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2023-07-12 22:07:25 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2023-07-12 22:07:22 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2023-07-12 22:07:22 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2023-07-12 22:07:22 ----A---- C:\WINDOWS\system32\usbmon.dll
2023-07-12 22:07:22 ----A---- C:\WINDOWS\system32\localui.dll
2023-07-12 22:07:22 ----A---- C:\WINDOWS\system32\dot3svc.dll
2023-07-12 22:07:22 ----A---- C:\WINDOWS\system32\dot3msm.dll
2023-07-12 22:07:22 ----A---- C:\WINDOWS\system32\dot3mm.dll
2023-07-12 22:07:22 ----A---- C:\WINDOWS\system32\dot3api.dll
2023-07-12 22:07:22 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\wscsvc.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\wscproxystub.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\wscisvif.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\wscapi.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\wpx.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\PrintIsolationProxy.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\printfilterpipelineprxy.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\PrinterCleanupTask.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\localspl.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\system32\browcli.dll
2023-07-12 22:07:21 ----A---- C:\WINDOWS\explorer.exe
2023-07-12 22:07:20 ----A---- C:\WINDOWS\system32\tssrvlic.dll
2023-07-12 22:07:20 ----A---- C:\WINDOWS\system32\spoolsv.exe
2023-07-12 22:07:20 ----A---- C:\WINDOWS\system32\spoolss.dll
2023-07-12 22:07:20 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2023-07-12 22:07:20 ----A---- C:\WINDOWS\system32\ManageCI.dll
2023-07-12 22:07:20 ----A---- C:\WINDOWS\system32\hspfw.dll
2023-07-12 22:07:20 ----A---- C:\WINDOWS\system32\fcon.dll
2023-07-12 22:07:20 ----A---- C:\WINDOWS\system32\dsound.dll
2023-07-12 22:07:20 ----A---- C:\WINDOWS\system32\dsdmo.dll
2023-07-12 22:07:20 ----A---- C:\WINDOWS\system32\bcdedit.exe
2023-07-12 22:07:20 ----A---- C:\WINDOWS\splwow64.exe
2023-07-12 22:07:17 ----A---- C:\WINDOWS\system32\mssecwfpu.dll
2023-07-12 22:07:17 ----A---- C:\WINDOWS\system32\mssecuser.dll
2023-07-12 22:07:17 ----A---- C:\WINDOWS\system32\drivers\mssecwfp.sys
2023-07-12 22:07:17 ----A---- C:\WINDOWS\system32\drivers\mssecflt.sys
2023-07-12 22:07:17 ----A---- C:\WINDOWS\system32\drivers\msseccore.sys
2023-07-12 22:07:16 ----A---- C:\WINDOWS\system32\tellib.dll
2023-07-12 22:07:15 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2023-07-12 22:07:15 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2023-07-12 22:07:15 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2023-07-12 22:07:15 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys
2023-07-12 22:07:15 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2023-07-12 22:07:15 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2023-07-12 22:07:15 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2023-07-12 22:07:15 ----A---- C:\WINDOWS\system32\drivers\usbd.sys
2023-07-12 22:07:15 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2023-07-12 22:07:15 ----A---- C:\WINDOWS\system32\drivers\pmem.sys
2023-07-12 22:07:13 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2023-07-12 22:07:13 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2023-07-12 21:59:44 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2023-07-12 21:59:43 ----A---- C:\WINDOWS\system32\poqexec.exe
2023-07-12 21:59:39 ----HD---- C:\$WinREAgent
2023-07-12 17:30:28 ----A---- C:\WINDOWS\system32\vcruntime140_clr0400.dll
2023-07-12 17:30:28 ----A---- C:\WINDOWS\system32\vcruntime140_1_clr0400.dll
2023-07-12 17:30:25 ----A---- C:\WINDOWS\SYSWOW64\vcruntime140_clr0400.dll
2023-07-12 17:29:51 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2023-07-12 17:29:48 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2023-07-12 17:29:48 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2023-07-12 17:29:47 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase_clr0400.dll
2023-07-12 17:29:47 ----A---- C:\WINDOWS\SYSWOW64\msvcp140_clr0400.dll
2023-07-12 17:29:47 ----A---- C:\WINDOWS\system32\msvcp140_clr0400.dll
2023-07-12 17:29:46 ----A---- C:\WINDOWS\system32\ucrtbase_clr0400.dll
2023-07-12 17:29:31 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2023-07-06 21:44:15 ----D---- C:\Users\aleks\AppData\Roaming\01STUDIO
2023-07-04 20:24:11 ----D---- C:\Users\aleks\AppData\Roaming\SpinTires
2023-06-30 18:42:43 ----D---- C:\WINDOWS\system32\MpEngineStore
2023-06-25 20:56:13 ----D---- C:\ProgramData\Ubisoft
2023-06-25 20:53:53 ----D---- C:\Program Files (x86)\Ubisoft
2023-06-24 21:20:28 ----D---- C:\Users\aleks\AppData\Roaming\Psiphon3
2023-06-24 19:05:21 ----D---- C:\Users\aleks\AppData\Roaming\Opera Software
2023-06-24 19:05:21 ----D---- C:\Users\aleks\AppData\Roaming\Mozilla
2023-06-23 23:42:23 ----D---- C:\WINDOWS\AAct_Tools
2023-06-23 23:41:55 ----D---- C:\Program Files\Common Files\DESIGNER
2023-06-23 23:38:32 ----D---- C:\Program Files\Microsoft Office
2023-06-23 23:38:31 ----D---- C:\Program Files\Microsoft Office 15
2023-06-19 17:15:04 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\nvml.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\nvidia-smi.exe
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\nvdebugdump.exe
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\nvcuda.dll
2023-06-19 17:15:04 ----A---- C:\WINDOWS\system32\MCU.exe
2023-06-14 01:23:08 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2023-06-14 01:23:08 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2023-06-14 01:23:07 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2023-06-14 01:23:07 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2023-06-14 01:23:07 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2023-06-14 01:23:06 ----A---- C:\WINDOWS\SYSWOW64\gpprefcl.dll
2023-06-14 01:23:06 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2023-06-14 01:23:06 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2023-06-14 01:23:05 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2023-06-14 01:22:55 ----A---- C:\WINDOWS\system32\CPFilters.dll
2023-06-14 01:22:54 ----A---- C:\WINDOWS\system32\iscsiwmiv2.dll
2023-06-14 01:22:54 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2023-06-14 01:22:54 ----A---- C:\WINDOWS\system32\iscsium.dll
2023-06-14 01:22:54 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2023-06-14 01:22:54 ----A---- C:\WINDOWS\system32\iscsied.dll
2023-06-14 01:22:54 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2023-06-14 01:22:54 ----A---- C:\WINDOWS\system32\iscsicli.exe
2023-06-14 01:22:49 ----A---- C:\WINDOWS\system32\computecore.dll
2023-06-14 01:22:47 ----A---- C:\WINDOWS\system32\drivers\winhvr.sys
2023-06-14 01:22:46 ----A---- C:\WINDOWS\SYSWOW64\rtutils.dll
2023-06-14 01:22:46 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2023-06-14 01:22:46 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2023-06-14 01:22:45 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2023-06-14 01:22:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2023-06-14 01:22:45 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2023-06-14 01:22:45 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2023-06-14 01:22:45 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2023-06-14 01:22:45 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2023-06-14 01:22:45 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2023-06-14 01:22:45 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2023-06-14 01:22:44 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2023-06-14 01:22:43 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2023-06-14 01:22:42 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2023-06-14 01:22:41 ----A---- C:\WINDOWS\SYSWOW64\XInputUap.dll
2023-06-14 01:22:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2023-06-14 01:22:41 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2023-06-14 01:22:41 ----A---- C:\WINDOWS\SYSWOW64\d3d9on12.dll
2023-06-14 01:22:41 ----A---- C:\WINDOWS\SYSWOW64\d3d11on12.dll
2023-06-14 01:22:41 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2023-06-14 01:22:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2023-06-14 01:22:40 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2023-06-14 01:22:38 ----A---- C:\WINDOWS\SYSWOW64\windowsudk.shellcommon.dll
2023-06-14 01:22:38 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2023-06-14 01:22:37 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2023-06-14 01:22:37 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2023-06-14 01:22:37 ----A---- C:\WINDOWS\SYSWOW64\sppc.dll
2023-06-14 01:22:36 ----A---- C:\WINDOWS\system32\sppnp.dll
2023-06-14 01:22:36 ----A---- C:\WINDOWS\system32\rtutils.dll
2023-06-14 01:22:36 ----A---- C:\WINDOWS\system32\nlmsprep.dll
2023-06-14 01:22:36 ----A---- C:\WINDOWS\system32\LsaIso.exe
2023-06-14 01:22:36 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2023-06-14 01:22:36 ----A---- C:\WINDOWS\system32\drvstore.dll
2023-06-14 01:22:36 ----A---- C:\WINDOWS\system32\drivers\rassstp.sys
2023-06-14 01:22:36 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2023-06-14 01:22:35 ----A---- C:\WINDOWS\system32\witnesswmiv2provider.dll
2023-06-14 01:22:35 ----A---- C:\WINDOWS\system32\nlmproxy.dll
2023-06-14 01:22:35 ----A---- C:\WINDOWS\system32\nlaapi.dll
2023-06-14 01:22:35 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2023-06-14 01:22:35 ----A---- C:\WINDOWS\system32\ncsi.dll
2023-06-14 01:22:32 ----A---- C:\WINDOWS\system32\urlmon.dll
2023-06-14 01:22:32 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2023-06-14 01:22:32 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2023-06-14 01:22:32 ----A---- C:\WINDOWS\system32\comctl32.dll
2023-06-14 01:22:31 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2023-06-14 01:22:31 ----A---- C:\WINDOWS\system32\wow64base.dll
2023-06-14 01:22:31 ----A---- C:\WINDOWS\system32\wow64.dll
2023-06-14 01:22:31 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2023-06-14 01:22:31 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2023-06-14 01:22:27 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2023-06-14 01:22:26 ----A---- C:\WINDOWS\system32\sscore.dll
2023-06-14 01:22:26 ----A---- C:\WINDOWS\system32\srvsvc.dll
2023-06-14 01:22:23 ----A---- C:\WINDOWS\system32\ntfsres.dll
2023-06-14 01:22:23 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2023-06-14 01:22:22 ----A---- C:\WINDOWS\system32\Wldap32.dll
2023-06-14 01:22:22 ----A---- C:\WINDOWS\system32\schannel.dll
2023-06-14 01:22:22 ----A---- C:\WINDOWS\system32\msv1_0.dll
2023-06-14 01:22:22 ----A---- C:\WINDOWS\system32\KdsCli.dll
2023-06-14 01:22:21 ----A---- C:\WINDOWS\system32\rpcss.dll
2023-06-14 01:22:21 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2023-06-14 01:22:21 ----A---- C:\WINDOWS\system32\dnsapi.dll
2023-06-14 01:22:21 ----A---- C:\WINDOWS\system32\dcomp.dll
2023-06-14 01:22:20 ----A---- C:\WINDOWS\system32\uReFS.dll
2023-06-14 01:22:20 ----A---- C:\WINDOWS\system32\refsutil.exe
2023-06-14 01:22:19 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2023-06-14 01:22:16 ----A---- C:\WINDOWS\system32\Taskbar.dll
2023-06-14 01:22:15 ----A---- C:\WINDOWS\system32\windowsudkservices.shellcommon.dll
2023-06-14 01:22:15 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2023-06-14 01:22:15 ----A---- C:\WINDOWS\system32\usosvcimpl.dll
2023-06-14 01:22:15 ----A---- C:\WINDOWS\system32\usosvc.dll
2023-06-14 01:22:15 ----A---- C:\WINDOWS\system32\UsoClient.exe
2023-06-14 01:22:14 ----A---- C:\WINDOWS\system32\windowsudk.shellcommon.dll
2023-06-14 01:22:14 ----A---- C:\WINDOWS\system32\twinui.dll
2023-06-14 01:22:14 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2023-06-14 01:22:13 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2023-06-14 01:22:13 ----A---- C:\WINDOWS\system32\vaultcli.dll
2023-06-14 01:22:13 ----A---- C:\WINDOWS\system32\drivers\msgpioclx.sys
2023-06-14 01:22:11 ----A---- C:\WINDOWS\system32\PushToInstall.dll
2023-06-14 01:22:11 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2023-06-14 01:22:10 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2023-06-14 01:22:10 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2023-06-14 01:22:10 ----A---- C:\WINDOWS\system32\TextInputMethodFormatter.dll
2023-06-14 01:22:10 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2023-06-14 01:22:10 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2023-06-14 01:22:09 ----A---- C:\WINDOWS\system32\InputService.dll
2023-06-14 01:22:08 ----A---- C:\WINDOWS\system32\dosvc.dll
2023-06-14 01:22:08 ----A---- C:\WINDOWS\system32\d3d9on12.dll
2023-06-14 01:22:08 ----A---- C:\WINDOWS\system32\d3d11on12.dll
2023-06-14 01:22:02 ----A---- C:\WINDOWS\system32\XInputUap.dll
2023-06-14 01:22:02 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2023-06-14 01:22:02 ----A---- C:\WINDOWS\system32\smartscreen.exe
2023-06-14 01:22:02 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2023-06-14 01:22:02 ----A---- C:\WINDOWS\system32\cloudAP.dll
2023-06-14 01:22:01 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2023-06-14 01:21:59 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2023-06-14 01:21:59 ----A---- C:\WINDOWS\system32\wlansvc.dll
2023-06-14 01:21:59 ----A---- C:\WINDOWS\system32\wlansec.dll
2023-06-14 01:21:59 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2023-06-14 01:21:59 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2023-06-14 01:21:59 ----A---- C:\WINDOWS\system32\wlanapi.dll
2023-06-14 01:21:59 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2023-06-14 01:21:59 ----A---- C:\WINDOWS\system32\wfdprov.dll
2023-06-14 01:21:59 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2023-06-14 01:21:58 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2023-06-14 01:21:58 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2023-06-14 01:21:58 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2023-06-14 01:21:58 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2023-06-14 01:21:58 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2023-06-14 01:21:58 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2023-06-14 01:21:58 ----A---- C:\WINDOWS\system32\audiodg.exe
2023-06-14 01:21:57 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2023-06-14 01:21:57 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2023-06-14 01:21:57 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2023-06-14 01:21:57 ----A---- C:\WINDOWS\system32\MitigationClient.dll
2023-06-14 01:21:57 ----A---- C:\WINDOWS\system32\audiosrv.dll
2023-06-14 01:21:57 ----A---- C:\WINDOWS\system32\AudioEng.dll
2023-06-14 01:21:55 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2023-06-14 01:21:54 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2023-06-05 21:59:08 ----D---- C:\Users\aleks\AppData\Roaming\FLT
2023-06-05 21:58:26 ----D---- C:\WINDOWS\SYSWOW64\directx
2023-06-05 20:26:15 ----D---- C:\Users\aleks\AppData\Roaming\utorrent
2023-05-25 15:08:51 ----D---- C:\Users\aleks\AppData\Roaming\Lesta
2023-05-25 15:08:02 ----D---- C:\ProgramData\Lesta
2023-05-18 18:42:19 ----D---- C:\Users\aleks\AppData\Roaming\NuGet
2023-05-18 18:41:22 ----D---- C:\Program Files\Unity Hub
2023-05-18 18:40:49 ----D---- C:\Program Files\IIS
2023-05-18 18:40:49 ----D---- C:\Program Files (x86)\IIS
2023-05-18 18:40:16 ----D---- C:\Program Files\IIS Express
2023-05-18 18:40:16 ----D---- C:\Program Files (x86)\IIS Express
2023-05-18 18:40:12 ----D---- C:\Program Files (x86)\Microsoft Web Tools
2023-05-18 18:25:11 ----D---- C:\Program Files\Common Files\Microsoft
2023-05-18 18:23:09 ----D---- C:\Program Files (x86)\NuGet
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\3082
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\2052
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1055
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1049
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1046
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1045
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1042
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1041
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1040
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1036
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1033
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1031
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1029
2023-05-18 18:22:22 ----D---- C:\WINDOWS\SYSWOW64\1028
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\3082
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\2052
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1055
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1049
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1046
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1045
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1042
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1041
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1040
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1036
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1033
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1031
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1029
2023-05-18 18:22:22 ----D---- C:\WINDOWS\system32\1028
2023-05-18 18:18:56 ----D---- C:\Program Files\dotnet
2023-05-18 18:18:55 ----D---- C:\Program Files (x86)\dotnet
2023-05-18 18:18:20 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2023-05-18 18:17:51 ----D---- C:\Program Files\Microsoft SQL Server
2023-05-18 18:17:03 ----D---- C:\Program Files (x86)\Windows Kits
2023-05-18 18:17:03 ----D---- C:\Program Files (x86)\Microsoft SDKs
2023-05-18 18:03:41 ----D---- C:\Users\aleks\AppData\Roaming\Visual Studio Setup
2023-05-18 18:03:37 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2023-05-18 18:03:06 ----D---- C:\ProgramData\Microsoft Visual Studio
2023-05-13 11:49:37 ----D---- C:\Program Files (x86)\Radmin VPN
2023-05-11 16:10:22 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2023-05-11 16:09:03 ----A---- C:\WINDOWS\system32\securekernella57.exe
2023-05-11 16:09:00 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2023-05-11 16:09:00 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2023-05-11 16:08:59 ----A---- C:\WINDOWS\system32\MSMPEG2ENC.DLL
2023-05-11 16:08:58 ----A---- C:\WINDOWS\system32\mfplat.dll
2023-05-11 16:08:58 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2023-05-11 16:08:57 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2023-05-11 16:08:56 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2023-05-11 16:08:56 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2023-05-11 16:08:51 ----A---- C:\WINDOWS\SYSWOW64\msvidc32.dll
2023-05-11 16:08:51 ----A---- C:\WINDOWS\SYSWOW64\msvfw32.dll
2023-05-11 16:08:51 ----A---- C:\WINDOWS\SYSWOW64\msrle32.dll
2023-05-11 16:08:51 ----A---- C:\WINDOWS\SYSWOW64\mciavi32.dll
2023-05-11 16:08:51 ----A---- C:\WINDOWS\SYSWOW64\fwcfg.dll
2023-05-11 16:08:51 ----A---- C:\WINDOWS\SYSWOW64\CheckNetIsolation.exe
2023-05-11 16:08:51 ----A---- C:\WINDOWS\SYSWOW64\avifil32.dll
2023-05-11 16:08:51 ----A---- C:\WINDOWS\SYSWOW64\avicap32.dll
2023-05-11 16:08:51 ----A---- C:\WINDOWS\SYSWOW64\authfwcfg.dll
2023-05-11 16:08:50 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2023-05-11 16:08:46 ----A---- C:\WINDOWS\SYSWOW64\imapi.dll
2023-05-11 16:08:45 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2023-05-11 16:08:45 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2023-05-11 16:08:42 ----A---- C:\WINDOWS\system32\msvidc32.dll
2023-05-11 16:08:42 ----A---- C:\WINDOWS\system32\msvfw32.dll
2023-05-11 16:08:42 ----A---- C:\WINDOWS\system32\msrle32.dll
2023-05-11 16:08:42 ----A---- C:\WINDOWS\system32\mciavi32.dll
2023-05-11 16:08:42 ----A---- C:\WINDOWS\system32\fwcfg.dll
2023-05-11 16:08:42 ----A---- C:\WINDOWS\system32\CheckNetIsolation.exe
2023-05-11 16:08:42 ----A---- C:\WINDOWS\system32\avifil32.dll
2023-05-11 16:08:42 ----A---- C:\WINDOWS\system32\avicap32.dll
2023-05-11 16:08:42 ----A---- C:\WINDOWS\system32\authfwcfg.dll
2023-05-11 16:08:41 ----A---- C:\WINDOWS\system32\ieproxy.dll
2023-05-11 16:08:33 ----A---- C:\WINDOWS\system32\wsecedit.dll
2023-05-11 16:08:33 ----A---- C:\WINDOWS\system32\StorSvc.dll
2023-05-11 16:08:33 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2023-05-11 16:08:33 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2023-05-11 16:08:33 ----A---- C:\WINDOWS\system32\imapi.dll
2023-05-11 16:08:33 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2023-05-11 16:08:33 ----A---- C:\WINDOWS\system32\DAFESCL.dll
2023-05-11 16:08:31 ----A---- C:\WINDOWS\system32\securekernel.exe
2023-05-11 16:08:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.Native.dll
2023-05-11 16:08:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2023-05-11 16:08:30 ----A---- C:\WINDOWS\SYSWOW64\scesrv.dll
2023-05-11 16:08:30 ----A---- C:\WINDOWS\SYSWOW64\scecli.dll
2023-05-11 16:08:30 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2023-05-11 16:08:30 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2023-05-11 16:08:30 ----A---- C:\WINDOWS\SYSWOW64\PrintWorkflowService.dll
2023-05-11 16:08:30 ----A---- C:\WINDOWS\SYSWOW64\Print.Workflow.Source.dll
2023-05-11 16:08:30 ----A---- C:\WINDOWS\SYSWOW64\Print.PrintSupport.Source.dll
2023-05-11 16:08:30 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2023-05-11 16:08:29 ----A---- C:\WINDOWS\SYSWOW64\npmproxy.dll
2023-05-11 16:08:29 ----A---- C:\WINDOWS\SYSWOW64\nlmsprep.dll
2023-05-11 16:08:29 ----A---- C:\WINDOWS\SYSWOW64\nlmproxy.dll
2023-05-11 16:08:29 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2023-05-11 16:08:29 ----A---- C:\WINDOWS\SYSWOW64\netprovisionsp.dll
2023-05-11 16:08:29 ----A---- C:\WINDOWS\SYSWOW64\netprovfw.dll
2023-05-11 16:08:29 ----A---- C:\WINDOWS\SYSWOW64\netprofm.dll
2023-05-11 16:08:29 ----A---- C:\WINDOWS\SYSWOW64\netjoin.dll
2023-05-11 16:08:29 ----A---- C:\WINDOWS\SYSWOW64\joinutil.dll
2023-05-11 16:08:29 ----A---- C:\WINDOWS\SYSWOW64\joinproviderol.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\AuthFWWizFwk.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\AuthFWSnapin.dll
2023-05-11 16:08:28 ----A---- C:\WINDOWS\SYSWOW64\AuthFWGP.dll
2023-05-11 16:08:27 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2023-05-11 16:08:27 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2023-05-11 16:08:27 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2023-05-11 16:08:27 ----A---- C:\WINDOWS\SYSWOW64\shimeng.dll
2023-05-11 16:08:27 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2023-05-11 16:08:27 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2023-05-11 16:08:27 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2023-05-11 16:08:27 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2023-05-11 16:08:26 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2023-05-11 16:08:26 ----A---- C:\WINDOWS\SYSWOW64\webauthn.dll
2023-05-11 16:08:26 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2023-05-11 16:08:26 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2023-05-11 16:08:26 ----A---- C:\WINDOWS\SYSWOW64\fwbase.dll
2023-05-11 16:08:26 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2023-05-11 16:08:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2023-05-11 16:08:25 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountWAMExtension.dll
2023-05-11 16:08:25 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2023-05-11 16:08:25 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2023-05-11 16:08:25 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2023-05-11 16:08:23 ----A---- C:\WINDOWS\SYSWOW64\WsmWmiPl.dll
2023-05-11 16:08:23 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2023-05-11 16:08:23 ----A---- C:\WINDOWS\SYSWOW64\WsmRes.dll
2023-05-11 16:08:23 ----A---- C:\WINDOWS\SYSWOW64\wsmprovhost.exe
2023-05-11 16:08:23 ----A---- C:\WINDOWS\SYSWOW64\wsmplpxy.dll
2023-05-11 16:08:23 ----A---- C:\WINDOWS\SYSWOW64\WsmAuto.dll
2023-05-11 16:08:23 ----A---- C:\WINDOWS\SYSWOW64\WSManMigrationPlugin.dll
2023-05-11 16:08:23 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2023-05-11 16:08:23 ----A---- C:\WINDOWS\SYSWOW64\WsmAgent.dll
2023-05-11 16:08:22 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2023-05-11 16:08:22 ----A---- C:\WINDOWS\SYSWOW64\TpmCertResources.dll
2023-05-11 16:08:22 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2023-05-11 16:08:22 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2023-05-11 16:08:22 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.Native.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\sstpsvc.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\scesrv.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\scecli.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\rastlsext.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\rastls.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\PrintWorkflowService.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\Print.Workflow.Source.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\Print.PrintSupport.Source.dll
2023-05-11 16:08:21 ----A---- C:\WINDOWS\system32\APMon.dll
2023-05-11 16:08:20 ----A---- C:\WINDOWS\system32\npmproxy.dll
2023-05-11 16:08:20 ----A---- C:\WINDOWS\system32\netprovisionsp.dll
2023-05-11 16:08:20 ----A---- C:\WINDOWS\system32\netprovfw.dll
2023-05-11 16:08:20 ----A---- C:\WINDOWS\system32\netprofm.dll
2023-05-11 16:08:20 ----A---- C:\WINDOWS\system32\netjoin.dll
2023-05-11 16:08:20 ----A---- C:\WINDOWS\system32\joinutil.dll
2023-05-11 16:08:20 ----A---- C:\WINDOWS\system32\joinproviderol.dll
2023-05-11 16:08:20 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2023-05-11 16:08:20 ----A---- C:\WINDOWS\system32\drivers\NdisImPlatform.sys
2023-05-11 16:08:16 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2023-05-11 16:08:16 ----A---- C:\WINDOWS\system32\gdi32full.dll
2023-05-11 16:08:16 ----A---- C:\WINDOWS\system32\efscore.dll
2023-05-11 16:08:16 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2023-05-11 16:08:16 ----A---- C:\WINDOWS\system32\AuthFWWizFwk.dll
2023-05-11 16:08:16 ----A---- C:\WINDOWS\system32\AuthFWSnapin.dll
2023-05-11 16:08:16 ----A---- C:\WINDOWS\system32\AuthFWGP.dll
2023-05-11 16:08:15 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2023-05-11 16:08:15 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2023-05-11 16:08:14 ----A---- C:\WINDOWS\system32\wsmprovhost.exe
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\WsmRes.dll
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\wsmplpxy.dll
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\WsmAgent.dll
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\usermgr.dll
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2023-05-11 16:08:13 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2023-05-11 16:08:12 ----A---- C:\WINDOWS\system32\wkssvc.dll
2023-05-11 16:08:11 ----A---- C:\WINDOWS\system32\sspicli.dll
2023-05-11 16:08:11 ----A---- C:\WINDOWS\system32\sechost.dll
2023-05-11 16:08:09 ----A---- C:\WINDOWS\system32\winhttp.dll
2023-05-11 16:08:09 ----A---- C:\WINDOWS\system32\wermgr.exe
2023-05-11 16:08:09 ----A---- C:\WINDOWS\system32\weretw.dll
2023-05-11 16:08:09 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2023-05-11 16:08:09 ----A---- C:\WINDOWS\system32\wer.dll
2023-05-11 16:08:09 ----A---- C:\WINDOWS\system32\webio.dll
2023-05-11 16:08:09 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2023-05-11 16:08:08 ----A---- C:\WINDOWS\system32\tzres.dll
2023-05-11 16:08:08 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2023-05-11 16:08:08 ----A---- C:\WINDOWS\system32\authz.dll
2023-05-11 16:08:07 ----A---- C:\WINDOWS\system32\ole32.dll
2023-05-11 16:08:05 ----A---- C:\WINDOWS\system32\shimeng.dll
2023-05-11 16:08:05 ----A---- C:\WINDOWS\system32\sdbinst.exe
2023-05-11 16:08:05 ----A---- C:\WINDOWS\system32\devinv.dll
2023-05-11 16:08:05 ----A---- C:\WINDOWS\system32\apphelp.dll
2023-05-11 16:08:02 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2023-05-11 16:08:02 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2023-05-11 16:08:02 ----A---- C:\WINDOWS\system32\MusNotification.exe
2023-05-11 16:08:01 ----A---- C:\WINDOWS\system32\winlogonext.dll
2023-05-11 16:08:01 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2023-05-11 16:08:01 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2023-05-11 16:08:00 ----A---- C:\WINDOWS\system32\tzsync.exe
2023-05-11 16:07:59 ----A---- C:\WINDOWS\system32\wfapigp.dll
2023-05-11 16:07:59 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2023-05-11 16:07:59 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2023-05-11 16:07:59 ----A---- C:\WINDOWS\system32\icfupgd.dll
2023-05-11 16:07:59 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2023-05-11 16:07:59 ----A---- C:\WINDOWS\system32\fwbase.dll
2023-05-11 16:07:59 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2023-05-11 16:07:58 ----A---- C:\WINDOWS\system32\webauthn.dll
2023-05-11 16:07:58 ----A---- C:\WINDOWS\system32\fwmdmcsp.dll
2023-05-11 16:07:57 ----A---- C:\WINDOWS\system32\gdi32.dll
2023-05-11 16:07:57 ----A---- C:\WINDOWS\system32\d3d11.dll
2023-05-11 16:07:56 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2023-05-11 16:07:56 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2023-05-11 16:07:56 ----A---- C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2023-05-11 16:07:56 ----A---- C:\WINDOWS\system32\MicrosoftAccount.TokenProvider.Core.dll
2023-05-11 16:07:56 ----A---- C:\WINDOWS\system32\aadtb.dll
2023-05-11 16:07:53 ----A---- C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2023-05-11 16:07:53 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2023-05-11 16:07:52 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2023-05-11 16:07:52 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2023-05-11 16:07:52 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2023-05-11 16:07:52 ----A---- C:\WINDOWS\system32\secproc.dll
2023-05-11 16:07:52 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2023-05-11 16:07:52 ----A---- C:\WINDOWS\system32\advapi32.dll
2023-05-11 16:07:49 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2023-05-11 16:07:49 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2023-05-11 16:07:49 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2023-05-11 16:07:48 ----A---- C:\WINDOWS\system32\iscsilog.dll
2023-05-11 16:07:48 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2023-05-11 16:07:48 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2023-05-11 16:07:48 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2023-05-11 16:07:47 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2023-05-11 16:07:47 ----A---- C:\WINDOWS\system32\SysFxUI.dll
2023-05-11 16:07:47 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2023-05-11 16:07:47 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2023-05-11 16:07:47 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2023-05-10 07:02:16 ----A---- C:\WINDOWS\SYSWOW64\mfc140rus.dll
2023-05-10 07:02:16 ----A---- C:\WINDOWS\SYSWOW64\mfc140esn.dll
2023-05-10 07:02:16 ----A---- C:\WINDOWS\SYSWOW64\mfc140enu.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\vcomp140.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\vccorlib140.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\vcamp140.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\mfcm140.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\mfc140kor.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\mfc140jpn.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\mfc140ita.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\mfc140fra.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\mfc140deu.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\mfc140cht.dll
2023-05-10 07:02:14 ----A---- C:\WINDOWS\SYSWOW64\mfc140chs.dll
2023-05-10 07:02:12 ----A---- C:\WINDOWS\SYSWOW64\vcruntime140.dll
2023-05-10 07:02:12 ----A---- C:\WINDOWS\SYSWOW64\msvcp140_2.dll
2023-05-10 07:02:12 ----A---- C:\WINDOWS\SYSWOW64\msvcp140.dll
2023-05-10 07:02:12 ----A---- C:\WINDOWS\SYSWOW64\mfc140u.dll
2023-05-10 07:02:12 ----A---- C:\WINDOWS\SYSWOW64\mfc140.dll
2023-05-10 07:02:10 ----A---- C:\WINDOWS\SYSWOW64\msvcp140_codecvt_ids.dll
2023-05-10 07:02:10 ----A---- C:\WINDOWS\SYSWOW64\concrt140.dll
2023-05-10 07:02:08 ----A---- C:\WINDOWS\SYSWOW64\msvcp140_atomic_wait.dll
2023-05-10 07:02:08 ----A---- C:\WINDOWS\SYSWOW64\msvcp140_1.dll
2023-05-10 07:02:06 ----A---- C:\WINDOWS\SYSWOW64\mfcm140u.dll
2023-05-10 07:01:22 ----A---- C:\WINDOWS\system32\vcruntime140.dll
2023-05-10 07:01:22 ----A---- C:\WINDOWS\system32\vcomp140.dll
2023-05-10 07:01:22 ----A---- C:\WINDOWS\system32\mfc140esn.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\vccorlib140.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\vcamp140.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\mfcm140.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\mfc140rus.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\mfc140kor.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\mfc140jpn.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\mfc140ita.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\mfc140fra.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\mfc140enu.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\mfc140deu.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\mfc140cht.dll
2023-05-10 07:01:20 ----A---- C:\WINDOWS\system32\mfc140chs.dll
2023-05-10 07:01:18 ----A---- C:\WINDOWS\system32\vcruntime140_1.dll
2023-05-10 07:01:18 ----A---- C:\WINDOWS\system32\msvcp140_2.dll
2023-05-10 07:01:18 ----A---- C:\WINDOWS\system32\msvcp140.dll
2023-05-10 07:01:18 ----A---- C:\WINDOWS\system32\mfc140u.dll
2023-05-10 07:01:18 ----A---- C:\WINDOWS\system32\mfc140.dll
2023-05-10 07:01:14 ----A---- C:\WINDOWS\system32\msvcp140_codecvt_ids.dll
2023-05-10 07:01:14 ----A---- C:\WINDOWS\system32\msvcp140_atomic_wait.dll
2023-05-10 07:01:14 ----A---- C:\WINDOWS\system32\msvcp140_1.dll
2023-05-10 07:01:14 ----A---- C:\WINDOWS\system32\concrt140.dll
2023-05-10 07:01:12 ----A---- C:\WINDOWS\system32\mfcm140u.dll
2023-05-05 22:21:44 ----A---- C:\Program Files (x86)\zipnew.dat
2023-05-05 22:21:44 ----A---- C:\Program Files (x86)\rarnew.dat
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\WinRAR.exe
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\WhatsNew.txt
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\UnRAR.exe
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\Uninstall.exe
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\ReadMe.txt
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\ReadMe.rus.txt
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\RarLng.dll
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\RarExtInstaller.exe
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\RarExt32.dll
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\RarExt.dll
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\Rar.txt
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\Rar.exe
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\License.txt
2023-05-05 22:21:40 ----A---- C:\Program Files (x86)\7zxa.dll
2023-05-05 22:20:43 ----SHD---- C:\Program Files\7-Zip
2023-05-04 21:15:26 ----D---- C:\ProgramData\Famatech
2023-05-02 22:22:01 ----D---- C:\Users\aleks\AppData\Roaming\EasyAntiCheat
2023-05-02 22:22:01 ----D---- C:\Program Files (x86)\EasyAntiCheat_EOS
2023-05-02 22:16:12 ----D---- C:\Users\aleks\AppData\Roaming\majestic-launcher
2023-05-02 17:05:29 ----D---- C:\ProgramData\Rockstar Games
2023-05-02 17:05:29 ----D---- C:\Program Files\Rockstar Games
2023-05-02 17:05:29 ----D---- C:\Program Files (x86)\Rockstar Games
2023-05-02 01:08:45 ----D---- C:\ProgramData\boost_interprocess
2023-05-02 01:08:32 ----D---- C:\Users\aleks\AppData\Roaming\bluestacks-services
2023-05-02 01:08:16 ----D---- C:\Program Files\BlueStacks_nxt

====== Список файлов и папок, измененных за последние 3 месяца ======

2023-07-22 20:00:40 ----D---- C:\WINDOWS\Logs
2023-07-22 16:05:17 ----D---- C:\WINDOWS\system32\catroot2
2023-07-22 16:02:54 ----D---- C:\WINDOWS\SystemTemp
2023-07-22 16:01:49 ----D---- C:\WINDOWS\Tasks
2023-07-22 16:01:14 ----D---- C:\WINDOWS\system32\SleepStudy
2023-07-22 16:01:13 ----ASH---- C:\DumpStack.log.tmp
2023-07-22 15:59:15 ----D---- C:\ProgramData\NVIDIA
2023-07-22 15:58:01 ----D---- C:\WINDOWS\Temp
2023-07-22 15:57:37 ----D---- C:\Users\aleks\AppData\Roaming\discord
2023-07-22 15:57:36 ----D---- C:\WINDOWS\Prefetch
2023-07-22 15:57:02 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2023-07-22 15:56:53 ----D---- C:\WINDOWS\system32\sru
2023-07-22 15:54:11 ----D---- C:\WINDOWS\system32\drivers
2023-07-22 15:47:18 ----D---- C:\WINDOWS\System32
2023-07-22 15:47:18 ----D---- C:\WINDOWS\INF
2023-07-22 15:47:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-22 15:38:27 ----SHD---- C:\System Volume Information
2023-07-22 11:42:29 ----RD---- C:\Program Files
2023-07-22 11:42:29 ----D---- C:\WINDOWS\system32\wbem
2023-07-22 11:42:29 ----D---- C:\Windows
2023-07-22 11:04:07 ----D---- C:\WINDOWS\system32\config
2023-07-22 07:31:08 ----D---- C:\WINDOWS\AppReadiness
2023-07-22 06:42:38 ----A---- C:\WINDOWS\SYSWOW64\pubfreeware.ini
2023-07-22 06:35:27 ----SHDC---- C:\WINDOWS\Installer
2023-07-22 06:08:18 ----RD---- C:\WINDOWS\Microsoft.NET
2023-07-22 02:03:41 ----D---- C:\WINDOWS\SysWOW64
2023-07-22 02:00:05 ----RD---- C:\Program Files (x86)
2023-07-22 01:53:20 ----HD---- C:\ProgramData
2023-07-22 01:53:12 ----D---- C:\Program Files\Common Files
2023-07-22 01:52:58 ----SD---- C:\WINDOWS\system32\Microsoft
2023-07-22 01:52:58 ----SD---- C:\ProgramData\Microsoft
2023-07-22 01:52:58 ----RSD---- C:\WINDOWS\Fonts
2023-07-22 01:52:58 ----D---- C:\Program Files\Common Files\System
2023-07-22 01:52:57 ----D---- C:\Program Files\Internet Explorer
2023-07-22 01:33:15 ----D---- C:\Program Files (x86)\Common Files
2023-07-22 00:13:51 ----D---- C:\WINDOWS\WinSxS
2023-07-22 00:01:53 ----D---- C:\WINDOWS\system32\Tasks
2023-07-20 23:19:54 ----HD---- C:\Program Files\WindowsApps
2023-07-20 21:57:52 ----D---- C:\Users\aleks\AppData\Roaming\Adobe
2023-07-20 21:54:36 ----D---- C:\ProgramData\Package Cache
2023-07-19 22:58:49 ----D---- C:\WINDOWS\LiveKernelReports
2023-07-18 14:41:55 ----RSD---- C:\WINDOWS\assembly
2023-07-17 22:00:28 ----D---- C:\WINDOWS\system32\DriverStore
2023-07-17 20:27:46 ----D---- C:\WINDOWS\system32\CatRoot
2023-07-15 22:49:09 ----D---- C:\WINDOWS\SYSWOW64\wbem
2023-07-15 22:49:09 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2023-07-15 22:49:09 ----D---- C:\WINDOWS\SYSWOW64\setup
2023-07-15 22:49:09 ----D---- C:\WINDOWS\SYSWOW64\migration
2023-07-15 22:49:09 ----D---- C:\WINDOWS\SYSWOW64\Dism
2023-07-15 22:49:08 ----SD---- C:\WINDOWS\system32\ru-RU
2023-07-15 22:49:08 ----SD---- C:\WINDOWS\system32\en-US
2023-07-15 22:49:08 ----D---- C:\WINDOWS\SystemResources
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\setup
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\oobe
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\migration
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\fr-CA
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\drivers\ru-RU
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\drivers\en-US
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\Dism
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\Boot
2023-07-15 22:49:08 ----D---- C:\WINDOWS\system32\appraiser
2023-07-15 22:49:07 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2023-07-15 22:49:07 ----D---- C:\WINDOWS\bcastdvr
2023-07-15 22:49:07 ----D---- C:\WINDOWS\apppatch
2023-07-15 22:49:07 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-15 22:49:07 ----D---- C:\Program Files (x86)\Internet Explorer
2023-07-15 22:49:05 ----D---- C:\WINDOWS\system32\CodeIntegrity
2023-07-14 16:57:05 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2023-07-14 01:26:50 ----D---- C:\WINDOWS\CbsTemp
2023-07-12 22:56:51 ----D---- C:\WINDOWS\system32\MRT
2023-07-12 22:56:40 ----AC---- C:\WINDOWS\system32\MRT.exe
2023-07-12 22:13:57 ----RD---- C:\WINDOWS\PrintDialog
2023-07-12 22:07:16 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2023-07-12 21:59:19 ----HD---- C:\OneDriveTemp
2023-07-12 21:58:25 ----SHD---- C:\$Recycle.Bin
2023-07-12 21:58:06 ----D---- C:\ProgramData\Packages
2023-07-12 21:57:24 ----RD---- C:\Users
2023-07-12 17:28:48 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2023-07-06 03:05:11 ----D---- C:\WINDOWS\system32\SecurityHealth
2023-07-03 02:47:16 ----SD---- C:\Users\aleks\AppData\Roaming\Microsoft
2023-06-27 00:40:44 ----D---- C:\Users\aleks\AppData\Roaming\Kinoplay
2023-06-24 19:05:19 ----D---- C:\Users\aleks\AppData\Roaming\Yandex
2023-06-23 23:41:54 ----D---- C:\Program Files\Common Files\microsoft shared
2023-06-20 03:43:51 ----D---- C:\Users\aleks\AppData\Roaming\WeMod
2023-06-19 17:16:38 ----D---- C:\WINDOWS\system32\drivers\NVIDIA Corporation
2023-06-15 02:30:55 ----D---- C:\WINDOWS\SYSWOW64\sppui
2023-06-15 02:30:55 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2023-06-15 02:30:55 ----D---- C:\WINDOWS\SYSWOW64\en-US
2023-06-15 02:30:55 ----D---- C:\WINDOWS\system32\sppui
2023-06-15 02:30:55 ----D---- C:\WINDOWS\system32\nl-NL
2023-06-15 02:30:55 ----D---- C:\WINDOWS\system32\fr-FR
2023-06-15 02:30:54 ----D---- C:\WINDOWS\servicing
2023-06-14 01:03:59 ----D---- C:\WINDOWS\system32\drivers\wd
2023-05-18 23:34:21 ----D---- C:\Users\aleks\AppData\Roaming\.minecraft
2023-05-18 23:33:47 ----D---- C:\Users\aleks\AppData\Roaming\.tlauncher
2023-05-18 18:17:03 ----D---- C:\Program Files (x86)\Microsoft.NET
2023-05-18 18:16:49 ----D---- C:\Program Files (x86)\MSBuild
2023-05-14 12:48:28 ----D---- C:\WINDOWS\WUModels
2023-05-14 12:48:28 ----D---- C:\WINDOWS\SYSWOW64\ru
2023-05-14 12:48:28 ----D---- C:\WINDOWS\SYSWOW64\en
2023-05-14 12:48:28 ----D---- C:\WINDOWS\SYSWOW64\drivers\ru-RU
2023-05-14 12:48:28 ----D---- C:\WINDOWS\SYSWOW64\drivers\en-US
2023-05-14 12:48:24 ----D---- C:\WINDOWS\system32\ru
2023-05-14 12:48:24 ----D---- C:\WINDOWS\system32\en
2023-05-11 16:13:40 ----D---- C:\WINDOWS\system32\Logs
2023-05-11 16:13:39 ----D---- C:\Program Files\Microsoft Update Health Tools
2023-04-25 22:28:50 ----D---- C:\Users\aleks\AppData\Roaming\paradox-launcher-v2

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R0 AppleSSD;@AppleSSD.inf,%DevDesc1%;Apple Solid State Drive Device; C:\WINDOWS\System32\drivers\AppleSSD.sys [2021-06-05 112440]
R0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2023-03-26 75096]
R0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2021-06-05 319800]
R0 ebdrv0;@netevbd0a.inf,%vbd_srv_desc%;QLogic Legacy Ethernet Adapter VBD; C:\WINDOWS\System32\drivers\evbd0a.sys [2021-06-05 3423032]
R0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2021-06-05 884552]
R0 iaStorE;iaStorE; C:\WINDOWS\System32\drivers\iaStorE.sys [2023-03-27 1075672]
R0 IntelPMT;@intelpmt.inf,%IntelPMT.SVCDESC%;Intel(R) Platform Monitoring Technology Service; C:\WINDOWS\System32\drivers\IntelPMT.sys [2023-03-26 75272]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2023-03-26 83280]
R0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2021-06-05 176952]
R0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2021-06-05 80696]
R0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2021-06-05 100176]
R0 mpi3drvi;mpi3drvi; C:\WINDOWS\System32\drivers\mpi3drvi.sys [2021-06-05 87352]
R0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2023-03-26 202088]
R0 nvmedisk;@nvmedisk.inf,%nvmedisk.SvcDesc%;Microsoft NVMe disk driver; C:\WINDOWS\System32\drivers\nvmedisk.sys [2023-03-26 83296]
R0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2023-07-12 181592]
R0 PRM;@prm.inf,%PRM.SvcDesc%;Microsoft PRM Driver; C:\WINDOWS\System32\DriverStore\FileRepository\prm.inf_amd64_7fc9bb8ba2b73803\PRM.sys [2021-06-05 61752]
R0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2023-04-12 71000]
R0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2023-03-26 210280]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2023-03-26 81920]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2023-03-26 161120]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2023-04-12 419200]
R3 NVHDA;@oem10.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2023-03-17 121880]
R3 rt640x64;@oem14.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2023-03-27 1210248]
R3 RvNetMP60;@oem6.inf,%RVpnNetMP.Service.DispName%;Famatech Radmin VPN Miniport; C:\WINDOWS\System32\drivers\RvNetMP60.sys [2022-10-18 58288]
S0 MsSecCore;@%SystemRoot%\System32\Drivers\msseccore.sys,-1001; C:\WINDOWS\system32\drivers\msseccore.sys [2023-07-12 66888]
S1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2021-06-05 106808]
S2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2023-03-26 177536]
S2 BlueStacksDrv_nxt;BlueStacks Hypervisor_nxt; \??\C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [2023-04-18 310688]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2023-07-12 536576]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2023-03-26 53248]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2021-06-05 700416]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2021-06-05 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2021-06-05 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2023-03-26 45056]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2023-07-12 169344]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2023-07-12 202072]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2023-07-12 185672]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2023-03-26 507904]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2023-05-11 139264]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2023-03-26 135168]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2023-05-11 81920]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2023-05-11 1925120]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2023-05-11 118784]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2023-03-26 95568]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2021-06-05 1853752]
S3 ExecutionContext;@%SystemRoot%\System32\Drivers\ExecutionContext.sys,-101; C:\WINDOWS\System32\Drivers\ExecutionContext.sys [2021-06-05 61440]
S3 hanvonugeemfilter;@oem22.inf,%hanvonugeemfilter.SvcDesc%;HID-Compliant Mouse; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [2023-02-03 9728]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2023-03-26 131072]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\WINDOWS\system32\drivers\HidSpiCx.sys [2023-03-26 118784]
S3 HoYoProtect;HoYoProtect; \??\C:\WINDOWS\system32\HoYoKProtect.sys [2023-03-30 3712576]
S3 Hsp;@hsp.inf,%Hsp.SVCDESC%;Microsoft Pluton Service; C:\WINDOWS\System32\drivers\Hsp.sys [2023-03-26 111968]
S3 hvservice;@hvservice.inf,%hvservice.SvcDesc%;Microsoft Hypervisor Service Driver; C:\WINDOWS\System32\drivers\hvservice.sys [2021-12-08 131392]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2021-06-05 57344]
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [2021-06-05 74040]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2021-06-05 36352]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2021-06-05 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2021-06-05 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2021-06-05 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2021-06-05 96256]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2021-06-05 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2021-06-05 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2021-06-05 177664]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2023-03-26 69632]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2023-03-26 61440]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2021-06-05 94520]
S3 kbldfltr;kbldfltr; C:\WINDOWS\system32\drivers\kbldfltr.sys [2021-06-06 58184]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2021-06-05 561480]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2021-06-05 90440]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2023-04-12 425984]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2023-03-26 94208]
S3 MpKsl15642d01;MpKsl15642d01; \??\C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [2023-06-30 213288]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2023-07-12 406872]
S3 MsSecWfp;@%SystemRoot%\System32\Drivers\mssecwfp.sys,-1001; C:\WINDOWS\system32\drivers\mssecwfp.sys [2023-07-12 66928]
S3 NDKPerf;NDKPerf Driver; C:\WINDOWS\system32\drivers\NDKPerf.sys [2023-03-26 79192]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2023-03-26 103776]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2023-03-26 352256]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2023-06-14 337224]
S3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvle.inf_amd64_c4410ab03e8e99d7\nvlddmkm.sys [2021-02-08 33056416]
S3 P9Rdr;@%SystemRoot%\System32\drivers\p9rdr.sys,-100; C:\WINDOWS\System32\drivers\p9rdr.sys [2023-03-26 136528]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2023-03-26 169304]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2023-03-26 49152]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2023-03-26 57344]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2023-06-14 2295104]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2023-03-26 245760]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2023-03-26 143360]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2021-06-05 65856]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2021-06-05 69960]

====== Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено) ======

R2 cbdhsvc_57113;Пользовательская служба буфера обмена_57113; C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p;"ServiceDll" = 
S2 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k ClipboardSvcGroup -p;"ServiceDll" = %SystemRoot%\System32\cbdhsvc.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 CDPUserSvc_57113;Служба пользователя платформы подключенных устройств_57113; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = 
S2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2023-05-29 9200592]
S2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\DispBroker.Desktop.dll
S2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-05-21 214936]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\WINDOWS\System32\DriverStore\FileRepository\nvle.inf_amd64_c4410ab03e8e99d7\Display.NvContainer\NVDisplay.Container.exe [2021-02-08 893088]
S2 OneSyncSvc_57113;Синхронизация узла_57113; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = 
S2 RvControlSvc;Radmin VPN Control Service; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [2023-04-17 1090112]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; %SystemRoot%\system32\svchost.exe -k AarSvcGroup -p;"ServiceDll" = %SystemRoot%\System32\AarSvc.dll
S3 AarSvc_57113;Agent Activation Runtime_57113; C:\WINDOWS\system32\svchost.exe -k AarSvcGroup -p;"ServiceDll" = 
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k AssignedAccessManagerSvc;"ServiceDll" = %SystemRoot%\System32\assignedaccessmanagersvc.dll
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; %SystemRoot%\system32\svchost.exe -k autoTimeSvc;"ServiceDll" = %SystemRoot%\System32\autotimesvc.dll
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; %SystemRoot%\system32\svchost.exe -k BcastDVRUserService;"ServiceDll" = %SystemRoot%\System32\BcastDVRUserService.dll
S3 BcastDVRUserService_57113;Пользовательская служба DVR для игр и трансляции_57113; C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService;"ServiceDll" = 
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; %SystemRoot%\system32\svchost.exe -k BthAppGroup -p;"ServiceDll" = %SystemRoot%\System32\Microsoft.Bluetooth.UserService.dll
S3 BluetoothUserService_57113;Служба поддержки пользователей Bluetooth_57113; C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p;"ServiceDll" = 
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\BTAGService.dll
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\BthAvctpSvc.dll
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; %SystemRoot%\system32\svchost.exe -k osprivacy -p;"ServiceDll" = %SystemRoot%\system32\CapabilityAccessManager.dll
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\CaptureService.dll
S3 CaptureService_57113;CaptureService_57113; C:\WINDOWS\system32\svchost.exe -k LocalService -p;"ServiceDll" = 
S3 cloudidsvc;@%SystemRoot%\system32\cloudidsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k CloudIdServiceGroup -p;"ServiceDll" = %SystemRoot%\system32\cloudidsvc.dll
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\ConsentUxClient.dll
S3 ConsentUxUserSvc_57113;Служба пользователя ConsentUX_57113; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" = 
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2023-03-26 455936]
S3 CredentialEnrollmentManagerUserSvc_57113;CredentialEnrollmentManagerUserSvc_57113; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2023-03-26 455936]
S3 dcsvc;@%systemroot%\system32\dcsvc,-100; %systemroot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\dcsvc.dll
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; %SystemRoot%\system32\svchost.exe -k DevicesFlow -p;"ServiceDll" = %SystemRoot%\System32\deviceaccess.dll
S3 DeviceAssociationBrokerSvc_57113;DeviceAssociationBroker_57113; C:\WINDOWS\system32\svchost.exe -k DevicesFlow -p;"ServiceDll" = 
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\Windows.Devices.Picker.dll
S3 DevicePickerUserSvc_57113;DevicePicker_57113; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" = 
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_57113;DevicesFlow_57113; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" = 
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k diagnostics;"ServiceDll" = %systemroot%\system32\DiagSvc.dll
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
S3 EasyAntiCheat_EOS;Easy Anti-Cheat (Epic Online Services); C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [2023-05-02 935344]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-05-21 214936]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2021-06-01 45992]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 FrameServerMonitor;@%systemroot%\system32\FrameServerMonitor.dll,-100; %SystemRoot%\System32\svchost.exe -k CameraMonitor;"ServiceDll" = %SystemRoot%\system32\FrameServerMonitor.dll
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k GraphicsPerfSvcGroup;"ServiceDll" = %SystemRoot%\System32\GraphicsPerfSvc.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\InstallService.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\LanguageOverlayServer.dll
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; %SystemRoot%\system32\svchost.exe -k McpManagementServiceGroup;"ServiceDll" = %SystemRoot%\System32\McpManagementService.dll
S3 MessagingService_57113;MessagingService_57113; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = 
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.86\elevation_service.exe [2023-07-17 1744272]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\MixedRealityRuntime.dll
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 NPSMSvc;@%SystemRoot%\system32\npsm.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\npsm.dll
S3 NPSMSvc_57113;NPSMSvc_57113; C:\WINDOWS\system32\svchost.exe -k LocalService -p;"ServiceDll" = 
S3 P9RdrService;@%systemroot%\system32\p9rdrservice.dll,-102; %systemroot%\system32\svchost.exe -k P9RdrService -p;"ServiceDll" = %SystemRoot%\system32\p9rdrservice.dll
S3 P9RdrService_57113;P9RdrService_57113; C:\WINDOWS\system32\svchost.exe -k P9RdrService -p;"ServiceDll" = 
S3 PenService;@%SystemRoot%\system32\PenService.dll,-100; %SystemRoot%\system32\svchost.exe -k PenService;"ServiceDll" = %SystemRoot%\System32\PenService.dll
S3 PenService_57113;PenService_57113; C:\WINDOWS\system32\svchost.exe -k PenService;"ServiceDll" = 
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-06-05 237568]
S3 PimIndexMaintenanceSvc_57113;Служба контактных данных_57113; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = 
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; %SystemRoot%\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = %SystemRoot%\System32\PrintWorkflowService.dll
S3 PrintWorkflowUserSvc_57113;PrintWorkflow_57113; C:\WINDOWS\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = 
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\PushToInstall.dll
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 Rockstar Service;Rockstar Game Library Service; A:\Programs\RockstarService.exe [2023-06-18 1180144]
S3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2023-03-26 141920]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2023-07-12 402248]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2023-07-12 791912]
S4 DialogBlockingService;@%SystemRoot%\system32\DialogBlockingService.dll,-100; %SystemRoot%\system32\svchost.exe -k DialogBlockingService;"ServiceDll" = %SystemRoot%\System32\DialogBlockingService.dll
S4 MsKeyboardFilter;@%SystemRoot%\system32\KeyboardFilterSvc.dll,-101; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\KeyboardFilterSvc.dll

-----------------EOF-----------------
(не смог тестовый документ прикрепить)

 

[KetoM]

Пробовал запускать выше упомянутые программы, пишет что то в роде "Отказано в доступе, обратитесь к сис администратору", "Пусть заблокирован, недостаточно прав"

[andrew75]

@KetoM, советую создать тему в разделе "Помощь в удалении вирусов" Клуба Лаборатории Касперского (потребуется отдельная регистрация), выполнив Порядок оформления запроса о помощи.

[KetoM]

18 минут назад, andrew75 сказал:

@KetoM, советую создать тему в разделе "Помощь в удалении вирусов" Клуба Лаборатории Касперского (потребуется отдельная регистрация), выполнив Порядок оформления запроса о помощи.

Вирусня похоже заблокировала мне касперского, я когда пытаюсь перейти на любой их ссайт мне пишет ошибку 404, не могу перейти по вашей ссылке

[andrew75]

@KetoM, попробуйте скачать и запустить KVRT

Если скачать сможете, но запустить не получится, переименуйте файл.

[KetoM]

6 часов назад, andrew75 сказал:

@KetoM, попробуйте скачать и запустить KVRT

Если скачать сможете, но запустить не получится, переименуйте файл.

Помогло! Вирус конечно сопротивлялся, не смог скачать по вашей ссылке вирус её блочил (самое смешное что я пользуюсь Яндексом а ошибку выдавал гугл -_-) прошлось качать с другого ссайта, под своим именем не запустилась, пришлось поменять (Думаю эта информация кому то окажется полезной)

Вообщем где то 4-5 троянов и около 20 разных майнеров, в общей сложности 53 заражённых файла сканирование конечно заняло 4 часа, и после перезагрузки ещё почти столько же

[Алехандро]

Теперь все вышеперечисленные ссылки не работают, майнер закрывает их все. Ссылки в просто поиске через гугл и яндекс тоже ничего не дал, майнер всё закрывает. это же сюр какой-то

[andrew75]

@Алехандро, выполните строго по пунктам:

1. скачайте отсюда утилиту AV block remover с рандомным именем. 

2. Распакуйте архив (только не на рабочий стол и не в папку "Загрузки").

3. После распаковки временно отключить антивирус (если он у вас есть), в том числе Защитник Windows. Если боитесь отключать антивирус, чтобы не скачало ещё больше вирусов, то дополнительно временно отключитесь от интернета.

4. Запустите утилиту.

5. Если утилита не запускается или закрывается во время работы, то запустить из безопасного режима с поддержкой сети. В ходе работы утилиты рядом с этим файлом будет создана папка ..\AV_block_remover. 

6. Файл AV_block_remove_дата-время.log из этой папки выложите на любой файлообменник и дайте ссылку в следующем сообщении.