Information about programs of ZennoLab

All used users: d7f7e4b2-4349-4d9d-955b-870ad3ed16c2@zenno.club, e51b8965-d77f-4386-be05-82fd4cb06471@zenno.club

AppData path: C:\Users\Админ\AppData\Roaming\ZennoLab

Installed programs of ZennoLab:

ZennoPoster Demo V7 7.3.0.0 RU
User: e51b8965-d77f-4386-be05-82fd4cb06471@zenno.club
Install directory: C:\Program Files\ZennoLab\RU\ZennoPoster Demo V7\7.3.0.0
AppData directory: C:\Users\Админ\AppData\Roaming\ZennoLab\ZennoPoster\7
Hashes verification: Warning
Hashes changed:
Samples\3. Bing parser.zp

Information about the operating system

Name: Майкрософт Windows 10 Pro

Version: Microsoft Windows NT 6.2.9200.0

Bit depth: 64 bit

System directory: C:\WINDOWS\system32

Local Disks:

C:Filesystem: NTFS; free 20,83 Gb (22369026048 byte) of 110,91 Gb (119091773440 byte); Tags: System, ZennoPoster
D:Filesystem: NTFS; free 221,9 Gb (238263033856 byte) of 353,94 Gb (380041687040 byte); Tags: Other

Time: 28.12.2020 20:47:46 (UTC+02:00) Вильнюс, Киев, Рига, София, Таллин, Хельсинки (Финляндия (зима))

UTC Local: 28.12.2020 18:47:46

UTC NTP: 28.12.2020 18:47:48

Calendar: GregorianCalendar (Localized)

Information about the memory

Physical:

Total: 3996 Mb
Available: 916 Mb

Commit:

Limit: 7708 Mb
Total: 4175 Mb

Process:

Process Count: 173
Thread Count: 1926
Handles Count: 62825

Information connection to auth servers

Server: userarea-us.zennolab.com

Address: 104.27.59.113
RoundTrip time: 45
Time to live: 57
Don't fragment: False
Buffer size: 32

Server: userarea.zennolab.com

Address: 37.252.15.11
RoundTrip time: 95
Time to live: 115
Don't fragment: False
Buffer size: 32

Server: userarea-hk.zennolab.com

Connection failed. Status is TimedOut

Information about hardware

CPUs:

Intel(R) Pentium(R) CPU N3700 @ 1.60GHz; Cores: 4

RAM:

BankLabel: A1_BANK0; RAM: 4 Gb; Speed: 1600

Total size: 4 Gb

Video Cards:

Intel(R) HD Graphics; RAM: 1024 Mb

Hard Drives:

TOSHIBA MQ01ABF050; Size: 465,76 Gb

Information about installed programs and services

Versions of. Net Framework:

.Net Framework 2.0 (v2.0.50727.4927)
.Net Framework 3.0 (v3.0.30729.4926)
.Net Framework 3.5 (v3.5.30729.4926)
.Net Framework 4 Client (v4.8.03752)
.Net Framework 4 Full (v4.8.03752)

Antivirus:

\\DESKTOP-53SEPAI\ROOT\SecurityCenter2:AntiVirusProduct.instanceGuid="{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}"
Windows Defender

Additional software:

Visual C++ redistributable 2008: Installed
Visual C++ redistributable 2010 (x86): Installed
Visual C++ redistributable 2010 (x64): Not installed
Visual C++ redistributable 2013 (x86): Installed
Visual C++ redistributable 2013 (x64): Installed
Visual C++ redistributable 2015 (x86): Not installed
Visual C++ redistributable 2015 (x64): Not installed
Visual C++ redistributable 2017 (x86): Not installed
Visual C++ redistributable 2017 (x64): Not installed
Visual C++ redistributable 2015-2019 (x86): Installed
Visual C++ redistributable 2015-2019 (x64): Installed

Other software:

360 Total Security
Adobe Acrobat Reader DC - Russian
Adobe Flash Player 32 NPAPI
Adobe Refresh Manager
BlueStacks App Player
Epson Customer Research Participation
EPSON L805 Series Printer Uninstall
Epson Printer Connection Checker
Epson Software Updater
EpsonNet Print
Finger Sensing Pad Driver
Google Chrome
Google Update Helper
Grand Theft Auto San Andreas + MultiPlayer [0.3e]
Intel(R) Processor Graphics
Intel® RealSense™ SDK 2014 Runtime (x64): Core
Java 8 Update 221
Java 8 Update 45 (64-bit)
Java Auto Updater
KMPlayer (remove only)
McAfee True Key
Microsoft Edge
Microsoft Edge Update
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)
Microsoft Office 2010 shareware
Microsoft Office 2010, версия null
Microsoft Office Access MUI (Russian) 2010
Microsoft Office Excel MUI (Russian) 2010
Microsoft Office Groove MUI (Russian) 2010
Microsoft Office InfoPath MUI (Russian) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (Russian) 2010
Microsoft Office Outlook MUI (Russian) 2010
Microsoft Office PowerPoint MUI (Russian) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Russian) 2010
Microsoft Office Proof (Ukrainian) 2010
Microsoft Office Proofing (Russian) 2010
Microsoft Office Publisher MUI (Russian) 2010
Microsoft Office Shared 64-bit MUI (Russian) 2010
Microsoft Office Shared MUI (Russian) 2010
Microsoft Office Word MUI (Russian) 2010
Microsoft Office профессиональный плюс 2010
Microsoft Update Health Tools
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127
Minecraft
MKV Player 2.1.23
Mozilla Firefox 52.0.1 ESR (x64 ru)
Mozilla Firefox 84.0.1 (x64 ru)
Mozilla Maintenance Service
NEXTRP Launcher 0.9.19
Notepad++ (64-bit x64)
OpenOffice 4.1.2
Realtek High Definition Audio Driver
Teach Infinity Pro 2.0.11.20170719
TeachInfinityDriver 17.07.14
Update for Windows 10 for x64-based Systems (KB4023057)
UpdateAssistant
Viber
Vkontakte DJ
WinDjView 2.1
WinRAR 5.50 (64-разрядная)
YouTubeByClick
Чистилка

Information about running processes

Process name CPU (%) Memory (mb) Threads Handles Module path
AdminService06,815157C:\WINDOWS\System32\drivers\AdminService.exe
ApplicationFrameHost024,1111331C:\WINDOWS\system32\ApplicationFrameHost.exe
audiodg026,245213C:\WINDOWS\system32\AUDIODG.EXE
chrome038,7112231C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome0187,3317521C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome05213247C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome16,41166,8619656C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome012,0713230C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome0168,0416442C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome014,218221C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome049,5515251C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome040,9912217C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome059,7616353C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome0116,1213291C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome015,7310271C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome038,1212231C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome013,7813234C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome078,1712255C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome10,94214,93332180C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome030,4115257C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome033,3113236C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome048,6814255C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome041,0712239C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome18,7587,78151076C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome037,4612229C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome15,62134,2515349C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome0101,415328C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome036,0615352C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
chrome06,168275C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
conhost02,022119C:\WINDOWS\system32\conhost.exe
conhost02,242119C:\WINDOWS\system32\conhost.exe
conhost01,075161C:\WINDOWS\system32\conhost.exe
conhost02,592119C:\WINDOWS\system32\conhost.exe
csrss05,150608
csrss04,720654
ctfmon013,8111405C:\WINDOWS\system32\ctfmon.exe
dasHost010,810471C:\WINDOWS\system32\dashost.exe
Diagnostic3,9180,0235776C:\Program Files\ZennoLab\RU\ZennoPoster Demo V7\7.3.0.0\Progs\Diagnostic.exe
dwm047,6613870C:\WINDOWS\system32\dwm.exe
EPCP013,046222C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
EPSDNMON07,222154C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE
esif_assist_6404,843111C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe
esif_uf06,354165C:\WINDOWS\SysWOW64\esif_uf.exe
explorer060,27671921C:\WINDOWS\Explorer.EXE
FileCoAuth010,253205C:\Users\Админ\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileCoAuth.exe
fontdrvhost09,52538C:\WINDOWS\system32\fontdrvhost.exe
fontdrvhost02,46538C:\WINDOWS\system32\fontdrvhost.exe
FspCtrl07,422154C:\Program Files\FSP\FspCtrl.exe
GoogleCrashHandler00,063182C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
GoogleCrashHandler6400,083161C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
HttpExecutor015,9528790C:\Program Files\ZennoLab\RU\ZennoPoster Demo V7\7.3.0.0\Progs\HttpExecutor.exe
Idle00,0100
jucheck05,24390C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
jusched014,663265C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
lsass013,8181241C:\WINDOWS\system32\lsass.exe
McAfee.TrueKey.Service011,999696C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
McAfee.TrueKey.ServiceHelper05,482112C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
McTkSchedulerService016,6812489C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
Memory Compression1,5617,5500
P2Oxy02,143103C:\Program Files\ZennoLab\RU\ZennoPoster Demo V7\7.3.0.0\Progs\p2oxy.exe
ProjectMaker2,34278,75801799C:\Program Files\ZennoLab\RU\ZennoPoster Demo V7\7.3.0.0\Progs\ProjectMaker.exe
QHActiveDefense019,4864897C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
QHSafeTray016,0749829C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
QHWatchdog04,461103C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
RAVBg6400,325318C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Registry025,900
RuntimeBroker010,44340C:\Windows\System32\RuntimeBroker.exe
RuntimeBroker06,542211C:\Windows\System32\RuntimeBroker.exe
RuntimeBroker07,453130C:\Windows\System32\RuntimeBroker.exe
RuntimeBroker017,7212424C:\Windows\System32\RuntimeBroker.exe
RuntimeBroker017,143350C:\Windows\System32\RuntimeBroker.exe
RuntimeBroker04,535316C:\Windows\System32\RuntimeBroker.exe
SearchIndexer015,3420780C:\WINDOWS\system32\SearchIndexer.exe
SearchUI01,35341096C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
SecurityHealthService014,50437
SecurityHealthSystray05,846185C:\Windows\System32\SecurityHealthSystray.exe
service_update06,156151C:\Program Files (x86)\Yandex\YandexBrowser\20.12.0.966\service_update.exe
service_update06,92183C:\Program Files (x86)\Yandex\YandexBrowser\20.12.0.966\service_update.exe
services08,110672
SgrmBroker05,73090
ShellExperienceHost08,3712625C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
sihost8,5923,6913574C:\WINDOWS\system32\sihost.exe
smartscreen021,4415434C:\Windows\System32\smartscreen.exe
smss00,94053
spoolsv012,9215529C:\WINDOWS\System32\spoolsv.exe
sppsvc29,6912,650143
StartMenuExperienceHost012,028592C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
svchost03,46287C:\WINDOWS\system32\svchost.exe
svchost0,7835,956243C:\WINDOWS\system32\svchost.exe
svchost08,75152C:\WINDOWS\system32\svchost.exe
svchost07,8214280C:\WINDOWS\system32\svchost.exe
svchost06,958230C:\WINDOWS\system32\svchost.exe
svchost3,9117,811173C:\WINDOWS\system32\svchost.exe
svchost011,343229C:\WINDOWS\system32\svchost.exe
svchost05,23137C:\WINDOWS\System32\svchost.exe
svchost08,727176C:\WINDOWS\system32\svchost.exe
svchost05,553152C:\WINDOWS\system32\svchost.exe
svchost08,39229C:\WINDOWS\system32\svchost.exe
svchost015,1111361C:\WINDOWS\system32\svchost.exe
svchost013,367212C:\WINDOWS\System32\svchost.exe
svchost013,486178C:\WINDOWS\system32\svchost.exe
svchost014,0911424C:\WINDOWS\system32\svchost.exe
svchost09,376256C:\WINDOWS\system32\svchost.exe
svchost07,013206C:\WINDOWS\System32\svchost.exe
svchost019,6810309C:\WINDOWS\system32\svchost.exe
svchost019,568410C:\WINDOWS\system32\svchost.exe
svchost014,64252C:\WINDOWS\system32\svchost.exe
svchost07,275191C:\WINDOWS\System32\svchost.exe
svchost08,113205C:\WINDOWS\System32\svchost.exe
svchost05,974137C:\WINDOWS\System32\svchost.exe
svchost06,412144C:\WINDOWS\system32\svchost.exe
svchost05,588133C:\WINDOWS\System32\svchost.exe
svchost014,5312502C:\WINDOWS\system32\svchost.exe
svchost013,710415C:\WINDOWS\System32\svchost.exe
svchost013,2516413C:\WINDOWS\system32\svchost.exe
svchost09,930238
svchost07,153255C:\WINDOWS\system32\svchost.exe
svchost012,5611407C:\WINDOWS\System32\svchost.exe
svchost07,72176C:\WINDOWS\system32\svchost.exe
svchost011,482263C:\WINDOWS\system32\svchost.exe
svchost06,612127C:\WINDOWS\system32\svchost.exe
svchost1,5612,54131163C:\WINDOWS\system32\svchost.exe
svchost05,646135C:\WINDOWS\system32\svchost.exe
svchost011,2314393C:\WINDOWS\System32\svchost.exe
svchost04,924116C:\WINDOWS\System32\svchost.exe
svchost07,862205C:\WINDOWS\system32\svchost.exe
svchost06,736142C:\WINDOWS\system32\svchost.exe
svchost05,692135C:\WINDOWS\system32\svchost.exe
svchost05,615177C:\WINDOWS\System32\svchost.exe
svchost09,7913381C:\WINDOWS\System32\svchost.exe
svchost06,813199C:\WINDOWS\system32\svchost.exe
svchost011,325165C:\WINDOWS\system32\svchost.exe
svchost07,586275C:\WINDOWS\system32\svchost.exe
svchost08,127208C:\WINDOWS\system32\svchost.exe
svchost015,818423C:\WINDOWS\system32\svchost.exe
svchost013,536544C:\WINDOWS\system32\svchost.exe
svchost08,7411375C:\WINDOWS\system32\svchost.exe
svchost011,674244C:\WINDOWS\System32\svchost.exe
svchost7,0326,63191113C:\WINDOWS\system32\svchost.exe
svchost06,925183C:\WINDOWS\system32\svchost.exe
svchost09,845261C:\WINDOWS\System32\svchost.exe
svchost019,0616369C:\WINDOWS\System32\svchost.exe
svchost06,865179C:\WINDOWS\system32\svchost.exe
svchost04,973107C:\WINDOWS\System32\svchost.exe
svchost07,079262C:\WINDOWS\system32\svchost.exe
svchost08,219366C:\WINDOWS\System32\svchost.exe
svchost05,722121C:\WINDOWS\system32\svchost.exe
svchost018,9313512C:\WINDOWS\System32\svchost.exe
svchost017,1310337C:\WINDOWS\system32\svchost.exe
svchost08,578273C:\WINDOWS\system32\svchost.exe
svchost013,048375C:\WINDOWS\system32\svchost.exe
svchost07,554184C:\WINDOWS\System32\svchost.exe
svchost06,885186C:\WINDOWS\system32\svchost.exe
svchost010,917479C:\WINDOWS\System32\svchost.exe
svchost08,798265C:\WINDOWS\system32\svchost.exe
svchost07,043219C:\WINDOWS\system32\svchost.exe
svchost05,53196C:\WINDOWS\System32\svchost.exe
svchost07,356169C:\WINDOWS\system32\svchost.exe
svchost015,658429C:\WINDOWS\system32\svchost.exe
System5,470,1303261
TabTip014,87315C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
taskhostw014,649279C:\WINDOWS\system32\taskhostw.exe
VBCSCompiler027,1413294C:\Program Files\ZennoLab\RU\ZennoPoster Demo V7\7.3.0.0\Progs\roslyn\VBCSCompiler.exe
WhiteBoardDriver015,826273C:\Program Files (x86)\HHAP\TeachInfinityDriver\Driver\WhiteBoardDriver.exe
WindowsInternal.ComposableShell.Experiences.TextInput.InputApp041,6816507C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
wininit06,040160
winlogon08,583271C:\WINDOWS\system32\winlogon.exe
WinStore.App00,1716773C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
WMIC02,864203C:\WINDOWS\System32\Wbem\wmic.EXE
WmiPrvSE013,6714353C:\WINDOWS\system32\wbem\wmiprvse.exe
WUDFHost09,4414370C:\Windows\System32\WUDFHost.exe
YourPhone01,4726498C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe