API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 3rd, 2017
1,180
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 27.45 KB | None | 0 0
raw download clone embed print report
  1. Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.7.0.19
  2.  
  3. Platform: x64 Windows 10 (Enterprise), 10.0.16299.98 (ReleaseId: 1709), Service Pack: 0
  4. Time: 03.12.2017 - 21:32, Uptime: 01:52
  5. Language: OS: Russian (0x419). Display: English (0x409). Non-Unicode: Russian (0x419)
  6. Elevated: Yes
  7. Ran by: Alex (group: Administrator) on DESKTOP-2, FirstRun: yes
  8.  
  9. Chrome: 62.0.3202.94
  10. Edge: 11.0.16299.98
  11. Internet Explorer: 11.0.16299.98
  12. Default: "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)
  13.  
  14. Boot mode: Normal
  15.  
  16. Running processes:
  17. Number | Path
  18. 1 C:\Program Files\VMware\VMware Tools\VMware VGAuth\VGAuthService.exe
  19. 1 C:\Program Files\VMware\VMware Tools\vmacthlp.exe
  20. 2 C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
  21. 1 C:\Program Files\Windows Defender\MSASCuiL.exe
  22. 1 C:\Program Files\Windows Defender\MpCmdRun.exe
  23. 1 C:\Program Files\Windows Defender\MsMpEng.exe
  24. 1 C:\Program Files\Windows Defender\NisSrv.exe
  25. 1 C:\ProgramData\KMSAutoS\bin\KMSSS.exe
  26. 1 C:\Users\Alex\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\HiJackThis (1).exe
  27. 1 C:\Users\Alex\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\MemCompression
  28. 1 C:\Windows\System32\ApplicationFrameHost.exe
  29. 5 C:\Windows\System32\RuntimeBroker.exe
  30. 1 C:\Windows\System32\SearchIndexer.exe
  31. 1 C:\Windows\System32\SecurityHealthService.exe
  32. 1 C:\Windows\System32\VSSVC.exe
  33. 1 C:\Windows\System32\WUDFHost.exe
  34. 1 C:\Windows\System32\audiodg.exe
  35. 1 C:\Windows\System32\browser_broker.exe
  36. 2 C:\Windows\System32\csrss.exe
  37. 1 C:\Windows\System32\ctfmon.exe
  38. 1 C:\Windows\System32\dllhost.exe
  39. 1 C:\Windows\System32\dwm.exe
  40. 2 C:\Windows\System32\fontdrvhost.exe
  41. 1 C:\Windows\System32\lsass.exe
  42. 1 C:\Windows\System32\msdtc.exe
  43. 1 C:\Windows\System32\services.exe
  44. 1 C:\Windows\System32\sihost.exe
  45. 1 C:\Windows\System32\smartscreen.exe
  46. 1 C:\Windows\System32\smss.exe
  47. 1 C:\Windows\System32\spoolsv.exe
  48. 20 C:\Windows\System32\svchost.exe
  49. 2 C:\Windows\System32\taskhostw.exe
  50. 1 C:\Windows\System32\wbem\WmiPrvSE.exe
  51. 1 C:\Windows\System32\wininit.exe
  52. 1 C:\Windows\System32\winlogon.exe
  53. 1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
  54. 5 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
  55. 1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
  56. 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
  57. 1 C:\Windows\explorer.exe
  58.  
  59. R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes: DefaultScope = {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} - Яндекс - https://yandex.ru/search/?text={searchTerms}&clid=2233627
  60. R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8} - Яндекс - https://suggest.yandex.ru/suggest-ff.cgi?srv=ie11&part={searchTerms}&clid=2233627 (SuggestionsURL_JSON)
  61. R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8} - Яндекс - https://yandex.ru/search/?text={searchTerms}&clid=2233627 (URL)
  62. O4 - HKLM\..\FileRenameOperations: C:\WINDOWS\AppCompat\Programs\Amcache.hve.tmp -> C:\WINDOWS\AppCompat\Programs\Amcache.hve
  63. O4 - HKLM\..\Run: [VMware User Process] C:\Program Files\VMware\VMware Tools\vmtoolsd.exe -n vmusr
  64. O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] (1601/01/01) C:\Program Files\Windows Defender\MSASCuiL.exe
  65. O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
  66. O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
  67. O17 - DHCP DNS - 1: 192.168.132.2
  68. O21 - ShellIconOverlayIdentifiers: ErrorOverlayHandler Class - {BBACC218-34EA-4666-9D7A-C78F2274A524} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\amd64\FileSyncShell64.dll
  69. O21 - ShellIconOverlayIdentifiers: ReadOnlyOverlayHandler Class - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\amd64\FileSyncShell64.dll
  70. O21 - ShellIconOverlayIdentifiers: SharedOverlayHandler Class - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\amd64\FileSyncShell64.dll
  71. O21 - ShellIconOverlayIdentifiers: SharedSyncingOverlayHandler Class - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\amd64\FileSyncShell64.dll
  72. O21 - ShellIconOverlayIdentifiers: SyncingOverlayHandler Class - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\amd64\FileSyncShell64.dll
  73. O21 - ShellIconOverlayIdentifiers: UpToDateOverlayHandler Class - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\amd64\FileSyncShell64.dll
  74. O21-32 - ShellIconOverlayIdentifiers: ErrorOverlayHandler Class - {BBACC218-34EA-4666-9D7A-C78F2274A524} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\FileSyncShell.dll
  75. O21-32 - ShellIconOverlayIdentifiers: ReadOnlyOverlayHandler Class - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\FileSyncShell.dll
  76. O21-32 - ShellIconOverlayIdentifiers: SharedOverlayHandler Class - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\FileSyncShell.dll
  77. O21-32 - ShellIconOverlayIdentifiers: SharedSyncingOverlayHandler Class - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\FileSyncShell.dll
  78. O21-32 - ShellIconOverlayIdentifiers: SyncingOverlayHandler Class - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\FileSyncShell.dll
  79. O21-32 - ShellIconOverlayIdentifiers: UpToDateOverlayHandler Class - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\FileSyncShell.dll
  80. O22 - Task (disabled): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
  81. O22 - Task (disabled): GoogleUpdateTaskMachineCore1d23443bda3b83e - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
  82. O22 - Task (disabled): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
  83. O22 - Task (disabled): KMSAutoNet - C:\ProgramData\KMSAutoS\KMSAuto Net.exe /win=act
  84. O22 - Task (disabled): \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\System32\mscoree.dll
  85. O22 - Task (disabled): \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\System32\mscoree.dll
  86. O22 - Task (disabled): \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) - {CF2CF428-325B-48D3-8CA8-7633E36E5A32} - C:\WINDOWS\system32\msdrm.dll
  87. O22 - Task (disabled): \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) - {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} - C:\WINDOWS\system32\msdrm.dll
  88. O22 - Task (disabled): \Microsoft\Windows\AppID\EDP Policy Manager - {DECA92E0-AF85-439E-9204-86679978DA08},EdpPolicyManager - C:\WINDOWS\System32\AppLockerCsp.dll
  89. O22 - Task (disabled): \Microsoft\Windows\AppID\SmartScreenSpecific - {9F2B0085-9218-42A1-88B0-9F0E65851666},U - (no file)
  90. O22 - Task (disabled): \Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - C:\WINDOWS\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask (Microsoft)
  91. O22 - Task (disabled): \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
  92. O22 - Task (disabled): \Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file)
  93. O22 - Task (disabled): \Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},AIKCertEnroll - C:\WINDOWS\system32\ngctasks.dll
  94. O22 - Task (disabled): \Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},CryptoPolicy - C:\WINDOWS\system32\ngctasks.dll
  95. O22 - Task (disabled): \Microsoft\Windows\CertificateServicesClient\KeyPreGenTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},NGCKeyPregen - C:\WINDOWS\system32\ngctasks.dll
  96. O22 - Task (disabled): \Microsoft\Windows\CertificateServicesClient\SystemTask - {58FB76B9-AC85-4E55-AC04-427593B1D060},SYSTEM - C:\WINDOWS\system32\dimsjob.dll
  97. O22 - Task (disabled): \Microsoft\Windows\CertificateServicesClient\UserTask - {58FB76B9-AC85-4E55-AC04-427593B1D060},USER - C:\WINDOWS\system32\dimsjob.dll
  98. O22 - Task (disabled): \Microsoft\Windows\CertificateServicesClient\UserTask-Roam - {58FB76B9-AC85-4E55-AC04-427593B1D060},KEYROAMING - C:\WINDOWS\system32\dimsjob.dll
  99. O22 - Task (disabled): \Microsoft\Windows\Chkdsk\ProactiveScan - {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} - C:\Windows\System32\pstask.dll
  100. O22 - Task (disabled): \Microsoft\Windows\Chkdsk\SyspartRepair - C:\WINDOWS\system32\bcdboot.exe %windir% /sysrepair (Microsoft)
  101. O22 - Task (disabled): \Microsoft\Windows\CloudExperienceHost\CreateObjectTask - {E4544ABA-62BF-4C54-AAB2-EC246342626C} - (no file)
  102. O22 - Task (disabled): \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip - {C27F6B1D-FE0B-45E4-9257-38799FA69BC8},SYSTEM - C:\WINDOWS\System32\usbceip.dll
  103. O22 - Task (disabled): \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F} - C:\Windows\System32\discan.dll
  104. O22 - Task (disabled): \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery - {DCFD3EA8-D960-4719-8206-490AE315F94F},-CrashRecovery - C:\Windows\System32\discan.dll
  105. O22 - Task (disabled): \Microsoft\Windows\Device Setup\Metadata Refresh - {23C1F3CF-C110-4512-ACA9-7B6174ECE888} - C:\WINDOWS\System32\DeviceSetupManagerAPI.dll
  106. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\HandleCommand - {AE31B729-D5FD-401E-AF42-784074835AFE},-HandleCommand - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  107. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand - {AE31B729-D5FD-401E-AF42-784074835AFE},-WnsCommand - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  108. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck - {AE31B729-D5FD-401E-AF42-784074835AFE},-IntegrityCheck - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  109. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession - {AE31B729-D5FD-401E-AF42-784074835AFE},-UserSessionCommand - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  110. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -AccountChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  111. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ConnectedToNetwork - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  112. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  113. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic -FreeNetworkOnly - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  114. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  115. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  116. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  117. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  118. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ScreenOnOff - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  119. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange -Full - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  120. O22 - Task (disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterUserDevice -NewAccount - C:\WINDOWS\system32\DeviceDirectoryClient.dll
  121. O22 - Task (disabled): \Microsoft\Windows\Diagnosis\Scheduled - {C1F85EF8-BCC2-4606-BB39-70C523715EB3} - C:\WINDOWS\System32\sdiagschd.dll
  122. O22 - Task (disabled): \Microsoft\Windows\DiskCleanup\SilentCleanup - C:\WINDOWS\system32\cleanmgr.exe /autoclean /d %systemdrive% (Microsoft)
  123. O22 - Task (disabled): \Microsoft\Windows\DiskFootprint\StorageSense - {AB2A519B-03B0-43CE-940A-A73DF850B49A} - C:\WINDOWS\system32\StorageUsage.dll
  124. O22 - Task (disabled): \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
  125. O22 - Task (disabled): \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
  126. O22 - Task (disabled): \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
  127. O22 - Task (disabled): \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
  128. O22 - Task (disabled): \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate - {FE285C8C-5360-41C1-A700-045501C740DE} - (no file)
  129. O22 - Task (disabled): \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate - {9CDA66BE-3271-4723-8D35-DD834C58AD92} - (no file)
  130. O22 - Task (disabled): \Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh - {711001CD-CC1D-4470-9B7E-1EF73849C79E},ExploitGuardPolicy - C:\WINDOWS\System32\MitigationConfiguration.dll
  131. O22 - Task (disabled): \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync - {2AE64751-B728-4D6B-97A0-B2DA2E7D2A3B} - C:\Windows\System32\srmclient.dll
  132. O22 - Task (disabled): \Microsoft\Windows\FileHistory\File History (maintenance mode) - {89917B7C-A1A6-11DF-8BF6-18A90531A85A} - C:\WINDOWS\System32\fhtask.dll
  133. O22 - Task (disabled): \Microsoft\Windows\LanguageComponentsInstaller\Installation - {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE},Install $(Arg0) - C:\Windows\System32\LanguageComponentsInstaller.dll
  134. O22 - Task (disabled): \Microsoft\Windows\LanguageComponentsInstaller\Uninstallation - {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE},Uninstall - C:\Windows\System32\LanguageComponentsInstaller.dll
  135. O22 - Task (disabled): \Microsoft\Windows\License Manager\TempSignedLicenseExchange - {77646A68-AD14-4D53-897D-7BE4DDE5F929} - C:\Windows\System32\TempSignedLicenseExchangeTask.dll
  136. O22 - Task (disabled): \Microsoft\Windows\Maintenance\WinSAT - {A9A33436-678B-4C9C-A211-7CC38785E79D} - C:\WINDOWS\system32\WinSATAPI.dll
  137. O22 - Task (disabled): \Microsoft\Windows\Management\Provisioning\Cellular - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask (Microsoft)
  138. O22 - Task (disabled): \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask (Microsoft)
  139. O22 - Task (disabled): \Microsoft\Windows\Management\Provisioning\PostResetBoot - C:\WINDOWS\system32\ProvTool.exe /turn 3 /source ProvResetBoot (Microsoft)
  140. O22 - Task (disabled): \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Arg4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
  141. O22 - Task (disabled): \Microsoft\Windows\Maps\MapsUpdateTask - {B9033E87-33CF-4D77-BC9B-895AFBBA72E4} - C:\WINDOWS\System32\mapsupdatetask.dll
  142. O22 - Task (disabled): \Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents - {8168E74A-B39F-46D8-ADCD-7BED477B80A3},Event - C:\WINDOWS\System32\MemoryDiagnostic.dll
  143. O22 - Task (disabled): \Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic - {8168E74A-B39F-46D8-ADCD-7BED477B80A3},Time - C:\WINDOWS\System32\MemoryDiagnostic.dll
  144. O22 - Task (disabled): \Microsoft\Windows\Multimedia\SystemSoundsService - {2DEA658F-54C1-4227-AF9B-260AB5FC3543} - C:\WINDOWS\System32\PlaySndSrv.dll
  145. O22 - Task (disabled): \Microsoft\Windows\Offline Files\Background Synchronization - {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} - C:\WINDOWS\System32\cscui.dll
  146. O22 - Task (disabled): \Microsoft\Windows\Offline Files\Logon Synchronization - {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8},Logon - C:\WINDOWS\System32\cscui.dll
  147. O22 - Task (disabled): \Microsoft\Windows\PI\Secure-Boot-Update - {5014B7C8-934E-4262-9816-887FA745A6C4},SBServicing - C:\WINDOWS\system32\TpmTasks.dll
  148. O22 - Task (disabled): \Microsoft\Windows\PI\Sqm-Tasks - {5014B7C8-934E-4262-9816-887FA745A6C4},PiSqmTasks - C:\WINDOWS\system32\TpmTasks.dll
  149. O22 - Task (disabled): \Microsoft\Windows\Plug and Play\Device Install Group Policy - {60400283-B242-4FA8-8C25-CAF695B88209} - C:\Windows\System32\pnppolicy.dll
  150. O22 - Task (disabled): \Microsoft\Windows\Plug and Play\Device Install Reboot Required - {48794782-6A1F-47B9-BD52-1D5F95D49C1B} - C:\Windows\System32\pnpui.dll
  151. O22 - Task (disabled): \Microsoft\Windows\Plug and Play\Plug and Play Cleanup - {DEF03232-9688-11E2-BE7F-B4B52FD966FF} - (no file)
  152. O22 - Task (disabled): \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - {927EA2AF-1C54-43D5-825E-0074CE028EEE} - C:\WINDOWS\System32\energytask.dll
  153. O22 - Task (disabled): \Microsoft\Windows\Printing\EduPrintProv - C:\WINDOWS\system32\eduprintprov.exe (Microsoft)
  154. O22 - Task (disabled): \Microsoft\Windows\PushToInstall\LoginCheck - C:\WINDOWS\system32\sc.exe start pushtoinstall login (Microsoft)
  155. O22 - Task (disabled): \Microsoft\Windows\Ras\MobilityManager - {C463A0FC-794F-4FDF-9201-01938CEACAFA} - C:\WINDOWS\system32\rasmbmgr.dll
  156. O22 - Task (disabled): \Microsoft\Windows\RecoveryEnvironment\VerifyWinRE - {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047},VerifyWinRE - C:\WINDOWS\System32\ReAgentTask.dll
  157. O22 - Task (disabled): \Microsoft\Windows\Registry\RegIdleBackup - {CA767AA8-9157-4604-B64B-40747123D5F2} - C:\WINDOWS\System32\regidle.dll
  158. O22 - Task (disabled): \Microsoft\Windows\Servicing\StartComponentCleanup - {752073A1-23F2-4396-85F0-8FDB879ED0ED} - C:\WINDOWS\servicing\TrustedInstaller.exe
  159. O22 - Task (disabled): \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - C:\WINDOWS\system32\SettingSyncCore.dll
  160. O22 - Task (disabled): \Microsoft\Windows\SettingSync\BackupTask - {60A4C78C-E2B8-4E6E-876F-DA203B02C05E} - C:\WINDOWS\system32\SettingSyncCore.dll
  161. O22 - Task (disabled): \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - C:\WINDOWS\system32\SettingSyncCore.dll
  162. O22 - Task (disabled): \Microsoft\Windows\Setup\SetupCleanupTask - {7C83C056-1D0D-4C8E-A6B0-89E79C213559} - C:\WINDOWS\system32\oobe\SetupCleanupTask.dll
  163. O22 - Task (disabled): \Microsoft\Windows\SharedPC\Account Cleanup - C:\WINDOWS\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance (Microsoft)
  164. O22 - Task (disabled): \Microsoft\Windows\Shell\CreateObjectTask - {990A9F8F-301F-45F7-8D0E-68C5952DBA43} - C:\WINDOWS\system32\shell32.dll
  165. O22 - Task (disabled): \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - C:\WINDOWS\System32\WpcRefreshTask.dll
  166. O22 - Task (disabled): \Microsoft\Windows\Shell\FamilySafetyRefreshTask - {C844C79D-AED8-4DCE-AB25-4D359BED84F8},$(Arg0) - C:\WINDOWS\System32\WpcRefreshTask.dll
  167. O22 - Task (disabled): \Microsoft\Windows\Shell\IndexerAutomaticMaintenance - {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} - C:\WINDOWS\System32\srchadmin.dll
  168. O22 - Task (disabled): \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},logon - C:\WINDOWS\System32\sppcext.dll
  169. O22 - Task (disabled): \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},network - C:\WINDOWS\System32\sppcext.dll
  170. O22 - Task (disabled): \Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization - {5C9AB547-345D-4175-9AF6-65133463A100} - C:\WINDOWS\system32\TieringEngineService.exe
  171. O22 - Task (disabled): \Microsoft\Windows\Subscription\EnableLicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe -e (Microsoft)
  172. O22 - Task (disabled): \Microsoft\Windows\Subscription\LicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe (Microsoft)
  173. O22 - Task (disabled): \Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate - {17C82257-654E-4C47-8E23-DCA24EAA76A0} - C:\WINDOWS\system32\sysmain.dll
  174. O22 - Task (disabled): \Microsoft\Windows\Sysmain\HybridDriveCacheRebalance - {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} - C:\WINDOWS\system32\sysmain.dll
  175. O22 - Task (disabled): \Microsoft\Windows\Sysmain\ResPriStaticDbSync - {297EE78C-BA95-4E94-81D3-D6E7F089C7B5} - C:\WINDOWS\system32\sysmain.dll
  176. O22 - Task (disabled): \Microsoft\Windows\TPM\Tpm-HASCertRetr - {5014B7C8-934E-4262-9816-887FA745A6C4},HASCertRetr - C:\WINDOWS\system32\TpmTasks.dll
  177. O22 - Task (disabled): \Microsoft\Windows\TPM\Tpm-Maintenance - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmTasks - C:\WINDOWS\system32\TpmTasks.dll
  178. O22 - Task (disabled): \Microsoft\Windows\Task Manager\Interactive - {855FEC53-D2E4-4999-9E87-3414E9CF0FF4},$(Arg0) - C:\WINDOWS\system32\wdc.dll
  179. O22 - Task (disabled): \Microsoft\Windows\TextServicesFramework\MsCtfMonitor - {01575CFE-9A55-4003-A5E1-F38D1EBDCBE1} - C:\WINDOWS\system32\MsCtfMonitor.dll
  180. O22 - Task (disabled): \Microsoft\Windows\Time Synchronization\ForceSynchronizeTime - {A31AD6C2-FF4C-43D4-8E90-7101023096F9},TimeSyncTask - C:\WINDOWS\system32\TimeSyncTask.dll
  181. O22 - Task (disabled): \Microsoft\Windows\UNP\RunUpdateNotificationMgr - C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe (Microsoft)
  182. O22 - Task (disabled): \Microsoft\Windows\USB\Usb-Notifications - {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} - C:\Windows\System32\UsbTask.dll
  183. O22 - Task (disabled): \Microsoft\Windows\User Profile Service\HiveUploadTask - {BA677074-762C-444B-94C8-8C83F93F6605} - C:\WINDOWS\system32\profsvc.dll
  184. O22 - Task (disabled): \Microsoft\Windows\WDI\ResolutionHost - {900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1} - C:\WINDOWS\System32\wdi.dll
  185. O22 - Task (disabled): \Microsoft\Windows\WOF\WIM-Hash-Management - {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1},WimHashManagement - C:\WINDOWS\system32\WofTasks.dll
  186. O22 - Task (disabled): \Microsoft\Windows\WOF\WIM-Hash-Validation - {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1},WimHashValidation - C:\WINDOWS\system32\WofTasks.dll
  187. O22 - Task (disabled): \Microsoft\Windows\WaaSMedic\PerformRemediation - C:\WINDOWS\System32\WaaSMedic.exe None (Microsoft)
  188. O22 - Task (disabled): \Microsoft\Windows\WindowsColorSystem\Calibration Loader - {B210D694-C8DF-490D-9576-9E20CDBC20BD} - C:\Windows\System32\mscms.dll
  189. O22 - Task (disabled): \Microsoft\Windows\WindowsUpdate\Automatic App Update - {A6BA00FE-40E8-477C-B713-C64A14F18ADB} - C:\Windows\System32\wuautoappupdate.dll
  190. O22 - Task (disabled): \Microsoft\Windows\Wininet\CacheTask - {0358B920-0AC7-461F-98F4-58E32CD89148} - C:\WINDOWS\system32\wininet.dll
  191. O22 - Task (disabled): \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization - {97D47D56-3777-49FB-8E8F-90D7E30E1A1E},Logon - C:\Windows\System32\WorkFoldersShell.dll
  192. O22 - Task (disabled): \Microsoft\Windows\Work Folders\Work Folders Maintenance Work - {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} - C:\Windows\System32\WorkFoldersShell.dll
  193. O22 - Task (disabled): \Microsoft\Windows\Workplace Join\Recovery-Check - C:\WINDOWS\System32\dsregcmd.exe /checkrecovery (Microsoft)
  194. O22 - Task (disabled): \Microsoft\Windows\WwanSvc\NotificationTask - C:\WINDOWS\System32\WiFiTask.exe wwan (Microsoft)
  195. O22 - Task: CreateExplorerShellUnelevatedTask - C:\Windows\explorer.exe
  196. O22 - Task: OneDrive Standalone Update Task-S-1-5-21-400914-882055339-2671312820-1002 - C:\Users\Alex\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
  197. O22 - Task: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\System32\mscoree.dll
  198. O22 - Task: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\System32\mscoree.dll
  199. O22 - Task: \Microsoft\Windows\PushToInstall\Registration - C:\WINDOWS\system32\sc.exe start pushtoinstall registration (Microsoft)
  200. O22 - Task: \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},timer - C:\WINDOWS\System32\sppcext.dll
  201. O22 - Task: \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - C:\WINDOWS\system32\MusNotification.exe Display (Microsoft)
  202. O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 (Microsoft)
  203. O23 - Service R2: KMSEmulator - C:\ProgramData\KMSAutoS\bin\KMSSS.exe
  204. O23 - Service R2: VMware Alias Manager and Ticket Service - (VGAuthService) - C:\Program Files\VMware\VMware Tools\VMware VGAuth\VGAuthService.exe
  205. O23 - Service R2: VMware Physical Disk Helper Service - C:\Program Files\VMware\VMware Tools\vmacthlp.exe
  206. O23 - Service R2: VMware Tools - (VMTools) - C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
  207. O23 - Service R2: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe
  208. O23 - Service R2: Windows Defender Security Center Service - (SecurityHealthService) - C:\WINDOWS\system32\SecurityHealthService.exe
  209. O23 - Service R3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
  210. O23 - Service S2: Служба Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  211. O23 - Service S3: TP AutoConnect Service - (TPAutoConnSvc) - C:\Program Files\VMware\VMware Tools\TPAutoConnSvc.exe
  212. O23 - Service S3: TP VC Gateway Service - (TPVCGateway) - C:\Program Files\VMware\VMware Tools\TPVCGateway.exe
  213. O23 - Service S3: Windows Defender Advanced Threat Protection Service - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
  214. O23 - Service S3: Служба Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  215.  
  216.  
  217.  
  218. Debug information:
  219.  
  220. Warning! Integrity of HiJackThis program is corrupted.
  221. Perhaps, file is patched or infected by file virus.
  222. It is recommended to download the program again from official source: https://github.com/dragokas/hijackthis
  223. If error repeats, check your PC on viruses by boot disk LiveCD, e.g.: https://support.kaspersky.com/viruses/rescuedisk
  224.  
  225. --
  226. End of file - Time spent: 31 sec. - 56150 bytes, CRC32: FFFFFFFF. Sign: ႝ탕
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!