Start::
SystemRestore: On
CreateRestorePoint:
(tox) [Файл не подписан] C:\ProgramData\Windows Tasks Service\winserv.exe
HKLM\...\Run: [Realtek HD Audio] => C:\ProgramData\Oracle\Java\taskhost.exe [34058752 2022-07-01] (Realtek Semiconductor) [Файл не подписан] <==== ВНИМАНИЕ
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ограничение <==== ВНИМАНИЕ
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ограничение <==== ВНИМАНИЕ
HKU\S-1-5-21-3469990134-2598022409-1110028511-1000\...\MountPoints2: {448ed276-6d83-11ec-814d-c8b29bb2d10c} - "E:\HiSuiteDownLoader.exe"
GroupPolicy: Ограничение ? <==== ВНИМАНИЕ
Policies: C:\ProgramData\NTUSER.pol: Ограничение <==== ВНИМАНИЕ
Task: {575F33F0-5734-41E5-BCDE-DB0D9DFEC52E} - System32\Tasks\Microsoft\Windows\Wininet\winsers => C:\ProgramData\Windows Tasks Service\winserv.exe [10675712 2021-05-28] (tox) [Файл не подписан] <==== ВНИМАНИЕ
Task: {F606F0C1-2AF4-4DBD-B4C1-A55A588C321E} - System32\Tasks\Microsoft\Windows\Wininet\winser => C:\ProgramData\Windows Tasks Service\winserv.exe [10675712 2021-05-28] (tox) [Файл не подписан] <==== ВНИМАНИЕ
2022-07-01 18:36 - 2022-07-01 18:37 - 000000000 __SHD C:\ProgramData\WindowsTask
2022-07-01 18:36 - 2022-07-01 18:36 - 000000000 __SHD C:\ProgramData\Setup
2022-07-01 18:36 - 2022-07-01 18:36 - 000000000 __SHD C:\ProgramData\RunDLL
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\ProgramData\WavePad
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\ProgramData\RobotDemo
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\ProgramData\PuzzleMedia
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\ProgramData\Evernote
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\Program Files\Ravantivirus
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\Program Files\Rainmeter
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\Program Files\Process Lasso
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\Program Files\Loaris Trojan Remover
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\Program Files\DrWeb
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\Program Files\Common Files\Doctor Web
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\Program Files\Common Files\AV
2022-06-30 12:53 - 2022-06-30 12:53 - 000000000 __SHD C:\Program Files\Bitdefender Agent
2022-06-13 00:06 - 2022-06-09 13:07 - 001692672 _____ () C:\ProgramData\rdp.exe
Hosts:
FirewallRules: [{008F4426-972C-42FF-A8B2-7796F7BF973A}] => (Allow) C:\ProgramData\Windows Tasks Service\winserv.exe (tox) [Файл не подписан]
EmptyTemp:
Reboot:
End::