что стоит удалить?
,
,
,
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:07:46, on 19.02.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal
Running processes:
C:\Program Files\Pentablet\PentabletService.exe
C:\Program Files (x86)\ManicTime\ManicTime.exe
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
C:\Users\ufa20\AppData\Roaming\Telegram Desktop\Telegram.exe
C:\Users\ufa20\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\ufa20\Downloads\HijackThis.exe
R1 — HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 — HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yandex.ru/?win=444&clid=2323222
R1 — HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 — HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp17win10.msn.com/?pc=HCTE
R0 — HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 — HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 — HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 — HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 — HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 — REG:system.ini: UserInit=
O2 — BHO: IEToEdge BHO — {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} — C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.74\BHO\ie_to_edge_bho.dll
O2 — BHO: Lync Click to Call BHO — {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 — BHO: HP Network Check Helper — {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} — C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 — HKCU\..\Run: [HPSEU_Host_Launcher] C:\System.sav\util\HpseuHostLauncher.exe
O4 — HKCU\..\Run: [OneDrive] «C:\Users\ufa20\AppData\Local\Microsoft\OneDrive\OneDrive.exe» /background
O4 — HKCU\..\Run: [DAEMON Tools Lite Automount] «C:\Program Files\DAEMON Tools Lite\DTAgent.exe» -autorun
O4 — HKCU\..\Run: [ManicTimeC34F57B2DA6E6758] C:\Program Files (x86)\ManicTime\ManicTime.exe /minimized
O4 — HKCU\..\RunOnce: [Delete Cached Update Binary] C:\windows\system32\cmd.exe /q /c del /q «C:\Users\ufa20\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe»
O4 — HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\windows\system32\cmd.exe /q /c del /q «C:\Users\ufa20\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe»
O4 — HKCU\..\RunOnce: [Uninstall 21.002.0104.0005\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q «C:\Users\ufa20\AppData\Local\Microsoft\OneDrive\21.002.0104.0005\amd64»
O4 — HKCU\..\RunOnce: [Uninstall 21.002.0104.0005] C:\windows\system32\cmd.exe /q /c rmdir /s /q «C:\Users\ufa20\AppData\Local\Microsoft\OneDrive\21.002.0104.0005»
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O9 — Extra button: @C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 — {25510184-5A38-4A99-B273-DCA8EEF6CD08} — C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 — Extra ‘Tools’ menuitem: @C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 — {25510184-5A38-4A99-B273-DCA8EEF6CD08} — C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: Se&nd to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 — Extra button: Lync Click to Call — {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 — Extra ‘Tools’ menuitem: Lync Click to Call — {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 — Extra button: OneNote Lin&ked Notes — {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 — Extra ‘Tools’ menuitem: OneNote Lin&ked Notes — {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 — Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 — Protocol: mso-minsb-roaming.16 — {83C25742-A9F7-49FB-9138-434302C88D07} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 — Protocol: mso-minsb.16 — {42089D2D-912D-4018-9087-2B87803E93FB} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 — Protocol: osf-roaming.16 — {42089D2D-912D-4018-9087-2B87803E93FB} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 — Protocol: osf.16 — {5504BE45-A83B-4808-900A-3A5C36E7F77A} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 — Protocol: tbauth — {14654CA6-5711-491D-B89A-58E571679951} — C:\Windows\SysWOW64\tbauth.dll
O18 — Protocol: windows.tbauth — {14654CA6-5711-491D-B89A-58E571679951} — C:\Windows\SysWOW64\tbauth.dll
O18 — Filter hijack: text/xml — {807583E5-5146-11D5-A672-00B0D022E945} — C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 — Service: McAfee Application Installer Cleanup (0285881613483780) (0285881613483780mcinstcleanup) — Unknown owner — C:\ProgramData\McInstTemp0285881613483780\McInst.exe
O23 — Service: Adobe Genuine Monitor Service (AGMService) — Adobe Systems, Incorporated — C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 — Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) — Unknown owner — C:\windows\System32\alg.exe (file missing)
O23 — Service: aswbIDSAgent — AVAST Software — C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 — Service: Avast Antivirus (avast! Antivirus) — AVAST Software — C:\Program Files\Avast Software\Avast\AvastSvc.exe
O23 — Service: Avast Tools (avast! Tools) — AVAST Software — C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
O23 — Service: AvastWscReporter — AVAST Software — C:\Program Files\Avast Software\Avast\wsc_proxy.exe
O23 — Service: Intel(R) Content Protection HECI Service (cphs) — Intel Corporation — C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 — Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) — Unknown owner — C:\windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 — Service: CredentialEnrollmentManagerUserSvc_1133948 — Unknown owner — C:\windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 — Service: CredentialEnrollmentManagerUserSvc_5257de — Unknown owner — C:\windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 — Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) — Unknown owner — C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 — Service: Disc Soft Lite Bus Service — Disc Soft Ltd — C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 — Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) — Unknown owner — C:\windows\System32\lsass.exe (file missing)
O23 — Service: @oem2.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) — Unknown owner — C:\windows\System32\Intel\DPTF\esif_uf.exe (file missing)
O23 — Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) — Unknown owner — C:\windows\system32\fxssvc.exe (file missing)
O23 — Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) — Google LLC — C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\elevation_service.exe
O23 — Service: Служба Google Update (gupdate) (gupdate) — Google LLC — C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 — Service: Служба Google Update (gupdatem) (gupdatem) — Google LLC — C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 — Service: HP Comm Recovery (HP Comm Recover) — HP Inc. — C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 — Service: @oem30.inf,%ServiceAppHelperDesc%;HP App Helper HSA Service (HPAppHelperCap) — HP Inc. — C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\AppHelperCap.exe
O23 — Service: @oem30.inf,%ServiceNetworkDesc%;HP Network HSA Service (HPNetworkCap) — HP Inc. — C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\NetworkCap.exe
O23 — Service: @oem30.inf,%ServiceSysInfoDesc%;HP System Info HSA Service (HPSysInfoCap) — HP Inc. — C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\SysInfoCap.exe
O23 — Service: @oem44.inf,%hpanalyticscomp%;HP Analytics service (HpTouchpointAnalyticsService) — HP Inc. — C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a7be790d73ea14eb\x64\TouchpointAnalyticsClientService.exe
O23 — Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) — Unknown owner — C:\windows\system32\igfxCUIService.exe (file missing)
O23 — Service: Intel(R) Capability Licensing Service TCP IP Interface — Intel(R) Corporation — C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 — Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) — Intel Corporation — C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:\windows\system32\lsass.exe (file missing)
O23 — Service: McAfee Firewall Core Service (mfefire) — Unknown owner — C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (file missing)
O23 — Service: McAfee Service Controller (mfemms) — Unknown owner — C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (file missing)
O23 — Service: McAfee Validation Trust Protection Service (mfevtp) — Unknown owner — (no file)
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:\windows\System32\msdtc.exe (file missing)
O23 — Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) — Unknown owner — C:\windows\system32\lsass.exe (file missing)
O23 — Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) — Unknown owner — C:\windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 — Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) — Unknown owner — C:\windows\system32\locator.exe (file missing)
O23 — Service: Realtek Audio Service (RtkAudioService) — Realtek Semiconductor — C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 — Service: @oem39.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) — Realtek Semiconductor Corp. — C:\windows\RtkBtManServ.exe
O23 — Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) — Unknown owner — C:\windows\system32\lsass.exe (file missing)
O23 — Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) — Unknown owner — C:\windows\system32\SecurityHealthService.exe (file missing)
O23 — Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) — Unknown owner — C:\windows\System32\SensorDataService.exe (file missing)
O23 — Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) — Unknown owner — C:\windows\system32\SgrmBroker.exe (file missing)
O23 — Service: @firewallapi.dll,-50323 (SNMPTRAP) — Unknown owner — C:\windows\System32\snmptrap.exe (file missing)
O23 — Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) — Unknown owner — C:\windows\system32\spectrum.exe (file missing)
O23 — Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) — Unknown owner — C:\windows\System32\spoolsv.exe (file missing)
O23 — Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) — Unknown owner — C:\windows\system32\sppsvc.exe (file missing)
O23 — Service: @oem36.inf,%SynTPEnhService.SVCDESC%;SynTPEnhService (SynTPEnhService) — Unknown owner — C:\windows\System32\SynTPEnhService.exe (file missing)
O23 — Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) — Unknown owner — C:\windows\system32\TieringEngineService.exe (file missing)
O23 — Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) — Unknown owner — C:\windows\system32\lsass.exe (file missing)
O23 — Service: @%SystemRoot%\system32\vds.exe,-100 (vds) — Unknown owner — C:\windows\System32\vds.exe (file missing)
O23 — Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) — Unknown owner — C:\windows\system32\wbengine.exe (file missing)
O23 — Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 — Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
—
End of file — 14077 bytes
Выглядит нормально, но HijackThis для Windows 10 и 64 битных систем не очень подходит. Если проблема с браузером (навязчивая реклама), то сбросьте его настройки и проверьте компьютер программами из этого списка https://www.spyware-ru.com/remove-malware-best-tools-2017/