Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Uncertain if infected or not (browser popup)


  • This topic is locked This topic is locked
13 replies to this topic

#1 shirato

shirato

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:12 AM

Posted 01 August 2018 - 12:09 PM

Hello,

 

A week ago or so, I was using my computer as normal (mostly using Skype and browsing Youtube/Twitter) when I encountered a popup (as I already had Chrome open, it opened itself in a new tab in Chrome instead of a new window). I believe the address was 'adjustable.global.ssl.fastly.net'. I closed the tab before anything appeared to load, and ran a Kaspersky and Malwarebytes scan, neither of which came up with anything.

 

I was unsure where it had come from, as I couldn't recall visiting any suspicious sites; the only site I had visited outside my usual range of sites (that I recall) was a news site. However, I know that sometimes ad distribution networks are compromised and can either trigger popups or be used to distribute malware, so I was wary of that possibility. As Kaspersky and Malwarebytes hadn't found anything, I thought that maybe it was a case of the former rather than the latter.

 

About six hours later, however, the popup reoccurred, this time without Chrome being open at all. I checked my web history, and it was the same basic address (not sure if there were any minor differences in the numbers at the end, etc). I managed to close it before it loaded again, and re-ran scans, which still didn't come up with anything. The only possibility I could think of that didn't involve an infection having made its way to my computer were the ads displayed across the top of Skype (as I was still using Skype at the time).

 
I found a way to block Skype ads from appearing and added the address to whatever block lists I could find in Chrome settings, and since then the popup hasn't reoccurred- however, my computer has occasionally been rather slow to start up. Since I'm very paranoid about the possibility that I might still have been infected with something and it's causing me some anxiety (I'm reluctant to backup my computer unless I'm sure I wouldn't be including malware in the backup, and want to take the precaution of not using any banking sites or inputting card info until I'm more certain that there's nothing wrong), I was wondering if there's any way to check whether there really is anything lurking in my computer or not.
 

Basically, I'm just wondering if there are any steps I could take (tools I could run/logs I could get people to look over) to help me feel more reassured, or if there's any way to be more certain about whether or not I actually have an infection or not. I did try to download the Farbar Recovery Scan tool, but I think Chrome might have blocked it from downloading?

 
Thanks for reading through this wall of text, in any case, and I appreciate any help in advance.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:12 PM

Posted 01 August 2018 - 02:56 PM

Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html\

 

Louis



#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:12 AM

Posted 01 August 2018 - 03:38 PM

Greetings shirato and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Once you are able to complete the steps in the link provided by hamluis we will get started.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#4 shirato

shirato
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:12 AM

Posted 01 August 2018 - 06:35 PM

Hello Gary,

 

Thank you for your quick response- I appreciate it. 

 

I'll be sure to let you know when I have completed the steps in the link provided by hamluis (I believe the only outstanding one is running the Farbar Recovery Scan tool).

 

Two questions:

1) The firewall on my computer appears to be managed by my antivirus (Kaspersky); is this a problem?

2) I'm assuming that I should try to get Chrome to download the Farbar Recovery Scan tool even after it blocks it?

 

Thanks again.



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:12 AM

Posted 01 August 2018 - 07:21 PM

Are you saying the download is being blocked by Kaspersky? If so, is there report information you can provide?

You should be able to download FRST using any browser.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#6 shirato

shirato
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:12 AM

Posted 02 August 2018 - 03:03 AM

I think it might have been the standard warning from Chrome re. download of potentially dangerous files, but I went ahead and downloaded it anyway this time.
 
In any case, here are the contents of the log files:
 
==== FRST.txt ====
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.08.2018
Ran by J (administrator) on J-PC (02-08-2018 16:55:53)
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: 日本語 (日本)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Buffalo Inc.) C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Scarlet.Crush Productions) C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
() C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Buffalo Inc.) C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
(Buffalo Inc.) C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMECMNT.EXE
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [296664 2017-05-12] (Lenovo Group Limited)
HKLM\...\Run: [IME14 JPN Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [109424 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [Intel® WiDi Receiver Updater] => C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe [89600 2015-10-27] ()
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [IME14 JPN Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [80240 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1203856 2017-09-25] (Intel Corporation)
HKU\S-1-5-21-2900228453-1773325757-903500436-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2900228453-1773325757-903500436-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2900228453-1773325757-903500436-1001\...\MountPoints2: {ebec940a-ca14-4ead-b6ed-c79809baf3b6} - Q:\LenovoQDrive.cmd
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177088 2015-11-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [155280 2015-11-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\エレコム ゲームパッドアシスタント.lnk [2016-07-24]
ShortcutTarget: エレコム ゲームパッドアシスタント.lnk -> C:\Program Files (x86)\ELECOM\ElcGpUtl\ElcGpUtl.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\クライアントマネージャV.lnk [2017-03-30]
ShortcutTarget: クライアントマネージャV.lnk -> C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe (Buffalo Inc.)
Startup: C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\らくらくアップデートツール.lnk [2017-03-30]
ShortcutTarget: らくらくアップデートツール.lnk -> C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe (Buffalo Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 14.193.100.8 14.193.100.40
Tcpip\..\Interfaces\{A23A89BD-9F28-4D65-B9A1-EC59DB5B88C4}: [DhcpNameServer] 14.193.100.8 14.193.100.40
Tcpip\..\Interfaces\{A41E1011-CCE0-4E7A-8C06-E9B2C09A6292}: [DhcpNameServer] 14.193.100.8 14.193.100.40
 
Internet Explorer:
==================
HKU\S-1-5-21-2900228453-1773325757-903500436-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/chrome/webstore/features.html
HKU\S-1-5-21-2900228453-1773325757-903500436-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCTE
HKU\S-1-5-21-2900228453-1773325757-903500436-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.co.jp/
hxxp://start.jp.lenovo.com/
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2900228453-1773325757-903500436-1001 -> DefaultScope {8AFAD812-133A-4AEF-B145-8F3E1B80E581} URL = 
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-04-28] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-04-26] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2018-04-26] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-04-26] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-04-28] (AO Kaspersky Lab)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2018-04-26] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-04-28] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-04-28] (AO Kaspersky Lab)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: ts3hytvf.default
FF ProfilePath: C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\ts3hytvf.default [2018-02-06]
FF Session Restore: Mozilla\Firefox\Profiles\ts3hytvf.default -> is enabled.
FF Extension: (New XKit) - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\ts3hytvf.default\Extensions\@new-xkit.xpi [2016-08-04] [Legacy]
FF Extension: (Firebug) - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\ts3hytvf.default\Extensions\firebug@software.joehewitt.com.xpi [2017-03-12] [Legacy]
FF Extension: (Ghostery) - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\ts3hytvf.default\Extensions\firefox@ghostery.com.xpi [2018-02-06]
FF Extension: (Save My Tabs) - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\ts3hytvf.default\Extensions\savemytabs@dmitriy.khudorozhkov.xpi [2016-05-04] [Legacy]
FF Extension: (Session Manager) - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\ts3hytvf.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-02-02] [Legacy]
FF Extension: (NoScript) - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\ts3hytvf.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-02-06]
FF Extension: (Adblock Plus) - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\ts3hytvf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-02-06]
FF Extension: (Redirect Remover) - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\ts3hytvf.default\Extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}.xpi [2016-05-04] [Legacy]
FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (カスペルスキー プラグイン) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-04-17]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-16] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-05-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\J\AppData\Local\Google\Chrome\User Data\Default [2018-08-02]
CHR Extension: (ドキュメント) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google ドライブ) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-04]
CHR Extension: (YouTube) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-04]
CHR Extension: (Advanced Font Settings) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2017-11-25]
CHR Extension: (スプレッドシート) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (カスペルスキー プラグイン) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-07-04]
CHR Extension: (Google オフライン ドキュメント) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-04]
CHR Extension: (AdBlock) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-26]
CHR Extension: (Chrome ウェブストア決済) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-04]
CHR Extension: (Chrome Media Router) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-06]
CHR Profile: C:\Users\J\AppData\Local\Google\Chrome\User Data\System Profile [2016-10-12]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 BWH32S; C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe [139568 2015-07-06] (Buffalo Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-12-23] (Lenovo)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
R2 Ds3Service; C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe [388352 2016-05-08] (Scarlet.Crush Productions)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [532968 2018-05-19] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\windows\system32\igfxCUIService.exe [354936 2016-01-13] (Intel Corporation)
R2 ImeDictUpdateService; C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [83312 2010-01-21] (Microsoft Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel® Corporation)
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [169176 2017-05-12] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [114632 2015-07-13] (Lenovo Group Limited)
S3 LenovoProdRegManager; C:\Program Files (x86)\Lenovo Registration\EngageService.exe [293416 2015-01-09] (Aviata, Inc.)
R2 LPlatSvc; C:\windows\system32\LPlatSvc.exe [774560 2018-03-28] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23920 2017-12-12] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [251480 2018-01-11] (Synaptics Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 btmaux; C:\windows\System32\DRIVERS\btmaux.sys [156616 2018-05-16] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\System32\DRIVERS\btmhsf.sys [1566152 2018-05-16] (Motorola Solutions, Inc.)
S3 Bufeap; C:\windows\System32\DRIVERS\bufeap64.sys [18944 2015-03-12] (BUFFALO INC.)
R0 cm_km; C:\windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 e1dexpress; C:\windows\System32\DRIVERS\e1d62x64.sys [502256 2015-08-13] (Intel Corporation)
R0 iaStorF; C:\windows\System32\DRIVERS\iaStorF.sys [31144 2015-08-27] (Intel Corporation)
R3 ibtusb; C:\windows\System32\DRIVERS\ibtusb.sys [124872 2018-05-16] (Intel Corporation)
R0 kl1; C:\windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\windows\System32\DRIVERS\klbackupflt.sys [92864 2018-04-17] (AO Kaspersky Lab)
R2 kldisk; C:\windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\windows\System32\DRIVERS\klflt.sys [195784 2018-05-21] (AO Kaspersky Lab)
R1 klhk; C:\windows\System32\DRIVERS\klhk.sys [1192128 2018-05-21] (AO Kaspersky Lab)
R1 KLIF; C:\windows\System32\DRIVERS\klif.sys [1040072 2018-05-21] (AO Kaspersky Lab)
R1 KLIM6; C:\windows\System32\DRIVERS\klim6.sys [57024 2018-02-21] (AO Kaspersky Lab)
R3 klkbdflt; C:\windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\windows\System32\DRIVERS\klwtp.sys [139976 2018-04-17] (AO Kaspersky Lab)
R1 kneps; C:\windows\System32\DRIVERS\kneps.sys [199640 2017-07-20] (AO Kaspersky Lab)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-02] (Malwarebytes)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [200784 2017-07-25] (Intel Corporation)
R3 NETwNs64; C:\windows\System32\DRIVERS\Netwsw04.sys [3468784 2018-03-21] (Intel Corporation)
R0 PMDRVS; C:\windows\System32\DRIVERS\pmdrvs.sys [43216 2018-03-28] (Lenovo.)
S3 pmxdrv; C:\windows\system32\drivers\pmxdrv.sys [31152 2017-11-22] ()
R3 RTSPER; C:\windows\System32\DRIVERS\RtsPer.sys [752856 2015-05-29] (Realsil Semiconductor Corporation)
R3 ScpVBus; C:\windows\System32\DRIVERS\ScpVBus.sys [39168 2016-05-08] (Scarlet.Crush Productions)
R3 SmbDrvI; C:\windows\System32\DRIVERS\Smb_driver_Intel.sys [42584 2018-01-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\windows\System32\Drivers\SPUVCbv_x64.sys [701784 2015-09-09] (Sunplus)
R3 SzCCID; C:\windows\System32\DRIVERS\SzCCID.sys [48408 2014-08-26] (Generic)
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-02 16:55 - 2018-08-02 16:56 - 000026008 _____ C:\Users\J\Desktop\FRST.txt
2018-08-02 16:55 - 2018-08-02 16:55 - 000000000 ____D C:\FRST
2018-08-02 16:52 - 2018-08-02 16:52 - 002412544 _____ (Farbar) C:\Users\J\Desktop\FRST64.exe
2018-07-31 18:57 - 2018-07-31 23:22 - 000092792 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2018-07-18 00:00 - 2018-08-02 16:43 - 000253664 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2018-07-18 00:00 - 2018-07-18 00:00 - 000001878 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-07-18 00:00 - 2018-07-18 00:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-18 00:00 - 2018-07-18 00:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-18 00:00 - 2018-07-18 00:00 - 000000000 ____D C:\Program Files\Malwarebytes
2018-07-18 00:00 - 2018-06-19 14:09 - 000152688 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2018-07-11 18:28 - 2018-06-21 09:58 - 000398376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-07-11 18:28 - 2018-06-21 09:00 - 000348824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-07-11 18:28 - 2018-06-17 02:07 - 025743872 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-07-11 18:28 - 2018-06-17 01:36 - 020286464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-07-11 18:28 - 2018-06-17 01:33 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-07-11 18:28 - 2018-06-17 01:31 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-07-11 18:28 - 2018-06-17 01:27 - 005779968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-07-11 18:28 - 2018-06-17 01:12 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-07-11 18:28 - 2018-06-17 01:06 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-07-11 18:28 - 2018-06-17 01:02 - 002295296 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-07-11 18:28 - 2018-06-17 00:46 - 015283200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-07-11 18:28 - 2018-06-17 00:34 - 004496384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-07-11 18:28 - 2018-06-17 00:32 - 013680128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-07-11 18:28 - 2018-06-17 00:27 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-07-11 18:28 - 2018-06-17 00:27 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2018-07-11 18:28 - 2018-06-17 00:16 - 001545216 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-07-11 18:28 - 2018-06-17 00:08 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-07-11 18:28 - 2018-06-17 00:05 - 001313792 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-07-11 18:28 - 2018-06-14 01:23 - 000140992 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2018-07-11 18:28 - 2018-06-14 01:20 - 014185984 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-07-11 18:28 - 2018-06-14 01:19 - 001867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2018-07-11 18:28 - 2018-06-14 01:18 - 000680960 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2018-07-11 18:28 - 2018-06-14 00:55 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2018-07-11 18:28 - 2018-06-14 00:54 - 001499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2018-07-11 18:28 - 2018-06-14 00:40 - 003226112 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-07-11 18:28 - 2018-06-09 01:27 - 005577408 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-07-11 18:28 - 2018-06-09 01:27 - 000708288 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-07-11 18:28 - 2018-06-09 01:27 - 000262336 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-07-11 18:28 - 2018-06-09 01:27 - 000154816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-07-11 18:28 - 2018-06-09 01:27 - 000095424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-07-11 18:28 - 2018-06-09 01:23 - 000631640 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-07-11 18:28 - 2018-06-09 01:22 - 001665344 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-07-11 18:28 - 2018-06-09 01:21 - 000369664 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll
2018-07-11 18:28 - 2018-06-09 01:19 - 000357888 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2018-07-11 18:28 - 2018-06-09 01:19 - 000182272 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2018-07-11 18:28 - 2018-06-09 01:02 - 004050624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2018-07-11 18:28 - 2018-06-09 01:02 - 003962048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2018-07-11 18:28 - 2018-06-09 00:57 - 001314072 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2018-07-11 18:28 - 2018-06-09 00:55 - 000330240 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll
2018-07-11 18:28 - 2018-06-09 00:54 - 000269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2018-07-11 18:28 - 2018-06-09 00:44 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\dnscacheugc.exe
2018-07-11 18:28 - 2018-06-09 00:28 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscacheugc.exe
2018-07-11 18:28 - 2018-06-08 22:05 - 002860032 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2018-07-11 18:28 - 2018-06-08 22:05 - 001602048 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2018-07-11 18:28 - 2018-06-08 22:05 - 000783872 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2018-07-11 18:28 - 2018-06-08 22:05 - 000612352 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2018-07-11 18:28 - 2018-06-08 22:05 - 000470016 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2018-07-11 18:28 - 2018-06-08 22:05 - 000443392 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2018-07-11 18:28 - 2018-06-08 22:05 - 000301056 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2018-07-11 18:28 - 2018-06-08 22:05 - 000246272 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2018-07-11 18:28 - 2018-06-08 00:49 - 000077312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-07-11 18:28 - 2018-06-01 01:28 - 001893568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-07-11 18:28 - 2018-06-01 01:28 - 000377024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2018-07-11 18:28 - 2018-06-01 01:28 - 000287936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 18:28 - 2018-05-03 00:32 - 000325632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2018-07-11 18:28 - 2018-04-26 22:05 - 000998912 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000918296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000065880 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000063832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000021848 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000020824 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000019288 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000018776 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000016216 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000015704 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000015704 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000015192 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000013656 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000013152 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000012632 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 18:28 - 2018-04-26 22:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 18:28 - 2018-04-26 01:02 - 000124416 _____ (Microsoft Corporation) C:\windows\system32\wkssvc.dll
2018-07-11 18:28 - 2018-04-26 00:18 - 000115200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2018-07-11 18:27 - 2018-06-17 01:46 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-07-11 18:27 - 2018-06-17 01:46 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-07-11 18:27 - 2018-06-17 01:32 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-07-11 18:27 - 2018-06-17 01:31 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-07-11 18:27 - 2018-06-17 01:31 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-07-11 18:27 - 2018-06-17 01:30 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-07-11 18:27 - 2018-06-17 01:24 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-07-11 18:27 - 2018-06-17 01:23 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-07-11 18:27 - 2018-06-17 01:20 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-07-11 18:27 - 2018-06-17 01:19 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2018-07-11 18:27 - 2018-06-17 01:19 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-07-11 18:27 - 2018-06-17 01:19 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-07-11 18:27 - 2018-06-17 01:19 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-07-11 18:27 - 2018-06-17 01:19 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-07-11 18:27 - 2018-06-17 01:08 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-07-11 18:27 - 2018-06-17 01:06 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2018-07-11 18:27 - 2018-06-17 01:05 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2018-07-11 18:27 - 2018-06-17 01:05 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2018-07-11 18:27 - 2018-06-17 01:04 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-07-11 18:27 - 2018-06-17 01:02 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-07-11 18:27 - 2018-06-17 01:02 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 18:27 - 2018-06-17 01:01 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-07-11 18:27 - 2018-06-17 00:59 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2018-07-11 18:27 - 2018-06-17 00:59 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2018-07-11 18:27 - 2018-06-17 00:58 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-07-11 18:27 - 2018-06-17 00:57 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2018-07-11 18:27 - 2018-06-17 00:57 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-07-11 18:27 - 2018-06-17 00:56 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-07-11 18:27 - 2018-06-17 00:56 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2018-07-11 18:27 - 2018-06-17 00:55 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-07-11 18:27 - 2018-06-17 00:55 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-07-11 18:27 - 2018-06-17 00:53 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-07-11 18:27 - 2018-06-17 00:47 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2018-07-11 18:27 - 2018-06-17 00:44 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-07-11 18:27 - 2018-06-17 00:42 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-07-11 18:27 - 2018-06-17 00:42 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-07-11 18:27 - 2018-06-17 00:42 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2018-07-11 18:27 - 2018-06-17 00:42 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 18:27 - 2018-06-17 00:41 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2018-07-11 18:27 - 2018-06-17 00:40 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-07-11 18:27 - 2018-06-17 00:39 - 002135552 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-07-11 18:27 - 2018-06-17 00:39 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2018-07-11 18:27 - 2018-06-17 00:38 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-07-11 18:27 - 2018-06-17 00:37 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-07-11 18:27 - 2018-06-17 00:36 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2018-07-11 18:27 - 2018-06-17 00:30 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2018-07-11 18:27 - 2018-06-17 00:29 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-07-11 18:27 - 2018-06-17 00:28 - 002060288 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-07-11 18:27 - 2018-06-17 00:04 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-07-11 18:27 - 2018-06-17 00:04 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-07-11 18:27 - 2018-06-09 01:21 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2018-07-11 18:27 - 2018-06-09 01:21 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2018-07-11 18:27 - 2018-06-09 01:21 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-07-11 18:27 - 2018-06-09 01:21 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-07-11 18:27 - 2018-06-09 01:21 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 002066432 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2018-07-11 18:27 - 2018-06-09 01:20 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2018-07-11 18:27 - 2018-06-09 01:19 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-07-11 18:27 - 2018-06-09 01:19 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-07-11 18:27 - 2018-06-09 01:19 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-07-11 18:27 - 2018-06-09 01:19 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 01:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 001417728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2018-07-11 18:27 - 2018-06-09 00:55 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:44 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-07-11 18:27 - 2018-06-09 00:44 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-07-11 18:27 - 2018-06-09 00:44 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-07-11 18:27 - 2018-06-09 00:43 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-07-11 18:27 - 2018-06-09 00:39 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2018-07-11 18:27 - 2018-06-09 00:38 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-07-11 18:27 - 2018-06-09 00:38 - 000129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-07-11 18:27 - 2018-06-09 00:34 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-07-11 18:27 - 2018-06-09 00:34 - 000159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-07-11 18:27 - 2018-06-09 00:34 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-07-11 18:27 - 2018-06-09 00:33 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-07-11 18:27 - 2018-06-09 00:33 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-07-11 18:27 - 2018-06-09 00:29 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2018-07-11 18:27 - 2018-06-09 00:27 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2018-07-11 18:27 - 2018-06-09 00:21 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2018-07-11 18:27 - 2018-06-09 00:21 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2018-07-11 18:27 - 2018-06-09 00:21 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2018-07-11 18:27 - 2018-06-09 00:21 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2018-07-11 18:27 - 2018-06-09 00:19 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2018-07-11 18:27 - 2018-06-09 00:19 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:19 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:19 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 18:27 - 2018-06-09 00:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 18:27 - 2018-06-08 01:20 - 000022528 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll
2018-07-11 18:27 - 2018-06-08 01:19 - 000828928 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2018-07-11 18:27 - 2018-06-08 01:19 - 000749568 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2018-07-11 18:27 - 2018-06-08 01:19 - 000108544 _____ (Microsoft Corporation) C:\windows\system32\icfupgd.dll
2018-07-11 18:27 - 2018-06-08 00:57 - 000463360 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2018-07-11 18:27 - 2018-06-08 00:34 - 000018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfapigp.dll
2018-07-11 18:27 - 2018-05-03 00:32 - 000344064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2018-07-11 18:27 - 2018-05-03 00:32 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2018-07-11 18:27 - 2018-05-03 00:32 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2018-07-11 18:27 - 2018-05-03 00:32 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2018-07-11 18:27 - 2018-05-03 00:32 - 000025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2018-07-11 18:27 - 2018-05-03 00:32 - 000007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-02 16:55 - 2016-05-04 19:55 - 000000000 ____D C:\Users\J\AppData\Roaming\Skype
2018-08-02 16:51 - 2009-07-14 13:45 - 000032208 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-02 16:51 - 2009-07-14 13:45 - 000032208 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-02 16:49 - 2016-04-07 21:12 - 000411088 _____ C:\windows\system32\perfh011.dat
2018-08-02 16:49 - 2016-04-07 21:12 - 000122102 _____ C:\windows\system32\perfc011.dat
2018-08-02 16:49 - 2009-07-14 14:13 - 001311838 _____ C:\windows\system32\PerfStringBackup.INI
2018-08-02 16:49 - 2009-07-14 12:20 - 000000000 ____D C:\windows\inf
2018-08-02 16:45 - 2016-05-30 20:31 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-08-02 16:43 - 2017-04-10 18:49 - 000000222 _____ C:\windows\Tasks\Lenovo Active Protection System.job
2018-08-02 16:43 - 2017-04-04 03:02 - 000065536 _____ C:\windows\system32\Ikeext.etl
2018-08-02 16:43 - 2016-05-04 18:49 - 000000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-02 16:43 - 2016-05-04 18:49 - 000000000 __SHD C:\Users\J\IntelGraphicsProfiles
2018-08-02 16:43 - 2009-07-14 14:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-08-02 16:43 - 2009-07-14 12:20 - 000000000 ____D C:\windows\tracing
2018-08-02 10:07 - 2016-09-02 08:17 - 000001706 _____ C:\Users\J\Desktop\misc2.txt
2018-08-01 21:27 - 2017-12-25 02:33 - 000010711 _____ C:\Users\J\Desktop\conv topics.txt
2018-08-01 19:51 - 2016-07-23 10:44 - 000041310 _____ C:\Users\J\Desktop\misc.txt
2018-08-01 17:20 - 2017-07-05 17:43 - 000003032 _____ C:\windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2018-07-28 07:00 - 2017-07-07 19:50 - 000005641 _____ C:\Users\J\Desktop\crafting misc.txt
2018-07-25 10:08 - 2018-06-06 08:27 - 000007801 _____ C:\Users\J\Desktop\jobhuntingnotes.txt
2018-07-24 17:35 - 2018-05-19 03:59 - 000001551 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2018-07-22 00:48 - 2009-07-14 12:20 - 000000000 ____D C:\windows\rescache
2018-07-17 07:02 - 2010-11-21 12:27 - 000563832 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2018-07-16 15:58 - 2018-03-18 17:42 - 000004242 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-16 15:58 - 2016-05-08 00:19 - 000842240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-07-16 15:58 - 2016-05-08 00:19 - 000175104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-16 15:58 - 2016-05-08 00:18 - 000000000 ____D C:\Users\J\AppData\Local\Adobe
2018-07-16 15:57 - 2016-05-08 00:19 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-07-16 15:57 - 2016-05-08 00:19 - 000000000 ____D C:\windows\system32\Macromed
2018-07-16 00:24 - 2016-10-05 00:57 - 000004254 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-07-13 00:28 - 2009-07-14 13:45 - 004978568 _____ C:\windows\system32\FNTCACHE.DAT
2018-07-12 08:43 - 2018-02-15 08:36 - 000000000 ____D C:\windows\system32\appraiser
2018-07-12 03:05 - 2015-10-23 00:36 - 001291622 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2018-07-12 03:02 - 2016-05-26 03:00 - 000000000 ____D C:\windows\system32\MRT
2018-07-12 03:00 - 2016-05-26 03:00 - 134675576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-07-08 08:29 - 2018-05-04 08:23 - 000003049 _____ C:\Users\J\Desktop\todo.txt
2018-07-06 22:36 - 2016-04-07 04:31 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-06 22:35 - 2016-05-04 19:24 - 000000000 ____D C:\Program Files\Microsoft Office 15
 
==================== Files in the root of some directories =======
 
2016-08-27 21:27 - 2016-08-28 05:26 - 000000132 _____ () C:\Users\J\AppData\Roaming\Adobe PNG Format CS6 Prefs
 
Some files in TEMP:
====================
2016-11-28 20:08 - 2018-07-24 01:10 - 057812744 _____ (Skype Technologies S.A.) C:\Users\J\AppData\Local\Temp\SkypeSetup.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-07-27 06:00
 
==================== End of FRST.txt ============================
 
==== Addition.txt ====
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.08.2018
Ran by J (02-08-2018 16:56:27)
Running from C:\Users\J\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-05-04 09:49:20)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2900228453-1773325757-903500436-500 - Administrator - Disabled)
Guest (S-1-5-21-2900228453-1773325757-903500436-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2900228453-1773325757-903500436-1002 - Limited - Enabled)
J (S-1-5-21-2900228453-1773325757-903500436-1001 - Administrator - Enabled) => C:\Users\J
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84242}) (Version: 1.7.42.0 - Alcor Micro Corp.) Hidden
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.42.0 - Alcor Micro Corp.)
Apple Application Support(32 ビット) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support(64 ビット) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BUFFALO エアステーション設定ツール (HKLM-x32\...\BUFFALO_AirSet2_is1) (Version: 2.0.15 - BUFFALO INC.)
BUFFALO クライアントマネージャV (HKLM-x32\...\UN900119) (Version:  - )
BUFFALO クライアントマネージャV をアンインストール (HKLM-x32\...\UN900119_is1) (Version: 1.5.4 - Buffalo Inc.)
BUFFALO パソコン環境表示ツール (HKLM-x32\...\BUFFALO_BPCEnv_is1) (Version: 1.1.0 - BUFFALO INC.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.01 - Canon Inc.)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.2.0.3818 - Lenovo)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
Discord (HKU\S-1-5-21-2900228453-1773325757-903500436-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{EF9495BF-843A-4F81-ACC5-40F51748D462}) (Version: 0.8.4.73 - Dolby Laboratories, Inc.)
Elecom Wireless Gamepad (HKLM\...\{15E6AA50-AE94-440B-BBB8-BBF9C0BE949A}) (Version: 1.0.0.8 - Elecom)
FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.7.16 - SunplusIT)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.4 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4352 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® WiDi (HKLM\...\{6C02A234-7A14-4737-9D89-B0C47A64F94E}) (Version: 6.0.52.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2}) (Version: 3.2.1184 - Intel Corporation) Hidden
iTunes (HKLM\...\{0703C00A-6C13-4479-8A87-927127DCD8CC}) (Version: 12.7.3.46 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.14 - Lenovo)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.20 - Lenovo)
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.22.0 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo PowerENGAGE (HKLM-x32\...\{15B15395-FF53-44E1-ADAD-FCC279E3CA10}) (Version: 2.51.0040 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0070 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Lenovo オン スクリーン表示 (HKLM\...\OnScreenDisplay) (Version: 8.86.25 - Lenovo)
LINE (HKU\S-1-5-21-2900228453-1773325757-903500436-1001\...\LINE) (Version: 5.8.0.1706 - LINE Corporation)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office IME 2010 (Japanese) (HKLM-x32\...\IME14SS.1041) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Personal Premium - ja-jp (HKLM\...\PersonalPipcRetail - ja-jp) (Version: 15.0.5041.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2900228453-1773325757-903500436-1001\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 60.0 (x86 ja) (HKLM-x32\...\Mozilla Firefox 60.0 (x86 ja)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA グラフィックス ドライバー 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.45 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0411-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8224 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 7.18.602.2015 - Realtek)
RPGツクール2000 (HKLM-x32\...\RPG2000_is1) (Version: 1.52 - Enterbrain)
RPGツクール2000 RTP (HKLM-x32\...\RPG2000_RTP_is1) (Version: 1.52 - Enterbrain)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.135 - Synaptics Incorporated)
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.14.1114.2014 - Lenovo)
ThinkPad WiGig dock audio (HKLM-x32\...\{3B2C70AB-9269-405E-9483-0D1AAD934C8F}) (Version: 1.06 - Lenovo)
Windows ドライバ パッケージ - Lenovo 1.67.10.20 (08/06/2015 1.67.10.20) (HKLM\...\6FC04F7E6E5B13D46033821EF4DBEC1883D331B9) (Version: 08/06/2015 1.67.10.20 - Lenovo)
Windows ドライバ パッケージ - Synaptics (SynTP) Mouse  (10/20/2015 19.0.17.27) (HKLM\...\D7A4A6B7855B2F4250CBF9F8B333FCC0518395C2) (Version: 10/20/2015 19.0.17.27 - Synaptics)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
インテル® ワイヤレス Bluetooth® (HKLM\...\{00000060-0200-4FD1-8F3D-148929CC1385}) (Version: 20.60.0 - Intel Corporation)
インテル® PROSet/Wireless ソフトウェア (HKLM-x32\...\{4996e560-35d4-4f06-93df-54b6e6ab11c5}) (Version: 20.50.1 - Intel Corporation)
インテル® チップセット デバイス ソフトウェア (HKLM-x32\...\{d4874f67-8c81-475b-91e0-8de9b2892499}) (Version: 10.1.1.12 - Intel® Corporation) Hidden
エレコム ゲームパッドアシスタント (HKLM-x32\...\{04FACA80-0B68-4510-B538-A63512471945}) (Version: 1.08.000 - エレコム株式会社)
バッファロー らくらくアップデートツール (HKLM\...\バッファロー らくらくアップデートツール) (Version: 1.12 - Buffalo Inc.)
省電力マネージャー (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2900228453-1773325757-903500436-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2900228453-1773325757-903500436-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2900228453-1773325757-903500436-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2900228453-1773325757-903500436-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2900228453-1773325757-903500436-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-01-13] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2015-11-05] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {004D918B-D63F-4923-80FC-758F1987A5D5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {084D66C4-DDEE-409F-8261-7E77D1104167} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-12-12] ()
Task: {12C16677-855C-41B4-B136-E021558F16B1} - System32\Tasks\Lenovo\Lenovo PowerENGAGE => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)
Task: {18F246AB-0023-4924-85CF-56DF9F94AE7F} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-03] (Realtek Semiconductor)
Task: {1BB24788-9B2C-4A97-998F-F8AFA9FBCC62} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-09-17] (Intel Corporation)
Task: {2498AF0D-BF34-42A6-B4EC-CB6A51D0FC61} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {2807DC63-7157-4458-BF2C-236D1FE81AA4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-16] (Adobe Systems Incorporated)
Task: {2E97BB17-C69B-4C6A-9059-A49876828F5C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [2018-07-16] (Adobe Systems Incorporated)
Task: {31B18E9F-5F61-49C6-AC11-A924CB037C44} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {37C96DB2-269F-4221-BDE0-7540AAE243C0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {38323504-41E0-42F6-AC13-252698920DE1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {3AF24132-C34C-41A3-A62A-1065B5F52067} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-04] (Google Inc.)
Task: {429BDEFB-A331-4FAE-BEBF-933581404BDF} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {49E14EF0-7788-4BA0-B91B-C8C0DC206B83} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
Task: {5DA5B971-C5F9-4A09-AEA6-BB397B1C1C44} - System32\Tasks\Lenovo Active Protection System => C:\windows\system32\TpShUI.exe [2017-03-21] (Lenovo.)
Task: {818E7962-6C95-45B9-94A6-E89A8098F6D8} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {81F6F123-F777-42A5-BF09-B6B7F3C261A7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {83AC5B8D-6EE1-4166-B658-201D339B3F43} - System32\Tasks\Lenovo\Lenovo PowerENGAGE Update => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)
Task: {875ADCD2-F625-4608-B31A-FEC3754F5DC4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"]
Task: {BAB51EDA-9CF2-447B-8430-EDAF4DF3869A} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (Lenovo Group Limited)
Task: {BDC32DCC-A296-42AD-B54D-C9861F1CE379} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {C7993454-6326-4129-BF11-4A98987434F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-04] (Google Inc.)
Task: {CBD28E99-4027-45A1-BBFD-F1845937C7E2} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {CD18074D-A2B5-4392-930A-BDABB79BDD37} - System32\Tasks\TVT\LaunchFR => C:\Program Files (x86)\Lenovo\Factory Recovery\FRReminder.exe [2015-11-11] (TODO: <Company name>)
Task: {D1ECB134-684A-4D2C-B8C9-E3AE43D06284} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {D393AC29-38CD-42DA-8CB4-C11D552A270A} - System32\Tasks\{C9C3E0B3-DF6F-4291-8B59-4D42BCC06A20} => C:\windows\system32\pcalua.exe -a C:\Users\J\AppData\Local\LINE\bin\LineLauncher.exe -d C:\Users\J\AppData\Local\LINE\bin
Task: {DA7D7CDF-0473-4ED0-8782-125C2EEBCC77} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-12-12] ()
Task: {DF380CA6-A964-42A8-B440-A27B170A506D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-03] (Realtek Semiconductor)
Task: {E9B85070-1B0B-48FC-B7A7-020B2C188026} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-09-17] (Intel Corporation)
Task: {F145D011-623D-4508-B61F-96708A50E812} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-09-21] (Intel® Corporation)
Task: {F57883DD-5376-4C39-BB86-B861293D121D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {FB2D05D8-BA41-43CE-820A-19D9F30C02D5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\Lenovo Active Protection System.job => C:\windows\system32\TpShUI.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-bundled-ppapi-flash
ShortcutWithArgument: C:\Users\Public\Desktop\Office365サービス.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.lenovo.com/jp/shop/officess-com/?ipromoid=prl_msofficecom&
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-04-07 04:30 - 2015-11-05 22:48 - 000011896 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2016-04-07 04:30 - 2015-11-05 20:51 - 000126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-05-04 19:24 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-01-31 15:26 - 2016-12-23 18:27 - 000046912 _____ () C:\Program Files (x86)\Lenovo\Connect2\Connect2.Foundation.dll
2017-07-13 22:32 - 2017-07-13 22:32 - 000163328 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2APIDLL.dll
2017-07-13 22:32 - 2017-07-13 22:32 - 000206848 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DBController.dll
2016-04-07 04:31 - 2016-04-14 06:08 - 000084992 ____N () C:\Program Files (x86)\ThinkPad\Utilities\JP\PWMRT64V.DLL
2018-07-18 00:00 - 2018-06-18 13:32 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2015-10-27 14:01 - 2015-10-27 14:01 - 000089600 _____ () C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe
2015-10-27 14:01 - 2015-10-27 14:01 - 000059392 _____ () C:\Program Files\Intel Corporation\Intel WiDi\en-US\WRU.resources.dll
2015-10-27 14:01 - 2015-10-27 14:01 - 000016896 _____ () C:\Program Files\Intel Corporation\Intel WiDi\WUA.Common.dll
2017-03-21 09:56 - 2017-03-21 09:56 - 000236136 _____ () C:\Program Files\ThinkPad\TpShocks\MUI\0411\TpShocks.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-06-27 05:43 - 2018-06-23 04:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-27 05:43 - 2018-06-23 04:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2017-03-30 18:12 - 2011-07-14 22:00 - 000055160 _____ () C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32SPS.DLL
2016-04-07 04:30 - 2015-10-12 12:05 - 000013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-07 04:30 - 2015-11-05 22:48 - 000012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2017-08-17 16:51 - 2017-08-17 16:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2016-05-27 13:10 - 2016-05-27 13:10 - 000131264 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll
2017-06-21 19:34 - 2017-06-21 19:34 - 000325824 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
2017-09-25 13:28 - 2017-09-25 13:28 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2900228453-1773325757-903500436-1001\...\msn.com -> g.msn.com
IE restricted site: HKU\S-1-5-21-2900228453-1773325757-903500436-1001\...\skype.com -> hxxps://apps.skype.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 11:34 - 2009-06-11 06:00 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2900228453-1773325757-903500436-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\J\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 14.193.100.8 - 14.193.100.40
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupreg: Discord => C:\Users\J\AppData\Local\Discord\app-0.0.291\Discord.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{483D986B-40F5-4ACC-BDEA-D6E69A3DA793}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{50E4DD16-42A7-4751-BA21-D4C44DA250C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2E2D9F5E-D0D0-42B5-9AB1-159C201FF2BC}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{B267A7F7-69B8-4A94-9BA0-9586C0177864}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{5B353505-D1B4-4C9A-94ED-4D89B05EF7E5}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{6C224D0F-4011-4F5E-8A3D-6C4FAF6B92F0}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{57730AE0-30B6-4455-B743-12DBD2866DC4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{E06982AF-BD9C-4675-B901-E58A17A8B18E}] => (Allow) C:\Users\J\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{F7F80E87-F613-43FE-9D6A-E8E4B19F1653}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{32803B4A-6115-4840-B849-8860B794F3EE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB73530B-2AFB-471C-AC3A-69CF3E9AC970}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{CA3D44B1-6B61-415C-ABF0-DC2FA06872EC}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{845B3D7B-A684-4F32-B6D5-EACA33266C6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{73C1CEAE-DEB4-447B-AB50-1274A9E965BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1CB0BFEC-D0F1-4140-8D2D-9680CB8DFE72}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D536A653-1111-443D-B5B2-00F6ED287F54}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{32B184C6-4A99-48DF-B3F6-A63E43F17529}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C124A06B-9BD1-41DA-968B-24DA789D5514}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F0270114-3AF6-4607-BD52-0B2846B579CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9101E523-CF21-4AD6-8D50-EB4A23C10AA9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F49D469C-8479-4658-9FA6-A46D4258667F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{931F2E17-97F2-45A9-B31A-C5C2CA92FCC1}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{EA9BDDB5-2E8A-4E61-AD8B-3BC588CA2BA5}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{C71A0BC2-0F3F-463B-A746-CA0525E4000E}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{73E5361E-F172-41CB-B488-C698B0324478}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{8D60B9AE-368D-4937-A0E4-373841AFCA5D}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv.exe
FirewallRules: [{D982BFEE-E390-4BF5-8FF5-6E7A0F0EF881}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv.exe
FirewallRules: [{0D961C2C-68C6-4F5A-BDAA-B4D0A508E0EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{F2F0473D-2767-4DF8-9A5E-3162F04E3339}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{1DFE466D-32F9-429C-AA92-E471381DBB1E}] => (Allow) C:\Users\J\AppData\Local\LINE\bin\4.7.0.1027\LINE.exe
FirewallRules: [{659E92C0-A0DF-4785-8DDF-D8B8D01D629D}] => (Allow) C:\Users\J\AppData\Local\LINE\bin\4.7.0.1027\LINE.exe
FirewallRules: [{BBA08D24-8E86-47FE-BB6C-8B02BC758516}] => (Allow) C:\Users\J\AppData\Local\LINE\bin\4.7.0.1027\LineUpdater.exe
FirewallRules: [{F3EBE82E-55D4-45E4-921D-DDA06ED34BB0}] => (Allow) C:\Users\J\AppData\Local\LINE\bin\4.7.0.1027\LineUpdater.exe
FirewallRules: [{80053951-2371-4196-8FC3-EC3101336F66}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{BAF82B6D-E738-4549-8CD7-C33BBCA65799}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{ED3978DA-C898-4923-A921-E3E06380078F}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{D389FF2C-D3DB-4065-9BC5-DF74801A79F4}] => (Allow) C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe
FirewallRules: [{3DAA9773-7B2C-43DD-8780-1D13322ED489}] => (Allow) C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe
FirewallRules: [{FF7F64E5-60AE-4256-BB83-356BC652099E}] => (Allow) C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe
FirewallRules: [{0F868581-F2EC-41D4-95C2-C2B46BFF6887}] => (Allow) C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe
FirewallRules: [{D6A211E2-7BEF-4499-9391-36E7F9F5C63B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DFD7DBA4-B66F-41A3-8456-EF5F80615D96}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{536E1CC7-91BB-410F-9CBC-11AFAFCC0CED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hatoful Boyfriend\hatoful.exe
FirewallRules: [{C4DC82A4-A651-4A4D-9BA0-94366340C536}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hatoful Boyfriend\hatoful.exe
FirewallRules: [{6273C4EA-35DF-4073-BE72-3BBFF7D494C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hatoful Boyfriend Holiday Star\HB2.exe
FirewallRules: [{83A68490-A08C-4CB5-BE51-AF29A077FD71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hatoful Boyfriend Holiday Star\HB2.exe
FirewallRules: [{A72EB830-8BBF-4B3C-9882-1504404E67EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monkey2\Monkey2.exe
FirewallRules: [{467FE240-1ED7-45FF-BFED-0253387E9870}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monkey2\Monkey2.exe
FirewallRules: [{FBCC0312-00DE-4DA5-8478-29A034E61557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Secret of Monkey Island Special Edition\MISE.exe
FirewallRules: [{0DD8A11C-C0B3-4490-A2B3-1FD2936AB179}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Secret of Monkey Island Special Edition\MISE.exe
FirewallRules: [{6F965B6B-4BA9-4976-B28B-6BA7A88ABCAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Monkey Island - Chapter 5\MonkeyIsland105.exe
FirewallRules: [{1980642A-20AC-40E7-98B5-722D22BE800D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Monkey Island - Chapter 5\MonkeyIsland105.exe
FirewallRules: [{1E0980A2-4847-490D-8F98-8D33171F7247}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Monkey Island - Chapter 4\MonkeyIsland104.exe
FirewallRules: [{28E2DD8E-3502-4745-B5C3-C148B89DD25E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Monkey Island - Chapter 4\MonkeyIsland104.exe
FirewallRules: [{6A1F8412-8201-4B4F-B735-E515D4407A62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Monkey Island - Chapter 3\MonkeyIsland103.exe
FirewallRules: [{200C6173-A018-4F50-816B-D24D0FDFB0D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Monkey Island - Chapter 3\MonkeyIsland103.exe
FirewallRules: [{44922298-1E02-42A1-AC75-1CDF0297A1D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Monkey Island - Chapter 2\MonkeyIsland102.exe
FirewallRules: [{03B39B2F-DD0A-41AE-ABBE-A81DF273A562}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Monkey Island - Chapter 2\MonkeyIsland102.exe
FirewallRules: [{049EE27E-C2B9-4C91-A63D-B993024313AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Monkey Island - Chapter 1\MonkeyIsland101.exe
FirewallRules: [{B8E45B25-C9CF-4B04-BAE1-09B7E8703B69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Monkey Island - Chapter 1\MonkeyIsland101.exe
FirewallRules: [{9B9871D4-9601-4C90-8821-7CB90CB3227C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Read Only Memories\ROM.exe
FirewallRules: [{F51F68D1-297C-4C04-945E-B4552FF02EE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Read Only Memories\ROM.exe
FirewallRules: [{BB34584E-F256-424B-9245-A9AF8A89E2C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{223B8B90-8736-465F-878D-217C1BC33366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{47573B7A-1977-4BEA-B94B-8FBC7B064522}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{EF84FAAC-3BA5-4645-97DE-4DC283C54C15}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{48E5609C-4BDB-44F2-BA99-1118CB6BDA17}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{ED38CA45-F22F-4279-8057-9F9AC14C81AF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2E585736-6741-4874-863A-50A38FA43CFB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{F42F34B3-FD7B-4D03-9AC9-17262CF01AB6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
17-07-2018 01:40:07 Windows Update
23-07-2018 18:32:32 Windows Update
29-07-2018 19:01:08 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/02/2018 04:43:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: スキップします: Eap method DLL path name の確認に失敗しました。エラー: 種類 ID=43、作成者 ID=9、ベンダー ID=0、ベンダーの種類=0
 
Error: (08/02/2018 04:43:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: スキップします: Eap method DLL path name の確認に失敗しました。エラー: 種類 ID=25、作成者 ID=9、ベンダー ID=0、ベンダーの種類=0
 
Error: (08/02/2018 04:43:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: スキップします: Eap method DLL path name の確認に失敗しました。エラー: 種類 ID=17、作成者 ID=9、ベンダー ID=0、ベンダーの種類=0
 
Error: (08/02/2018 01:07:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1046
 
Error: (08/02/2018 01:07:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1046
 
Error: (08/02/2018 01:07:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/01/2018 10:25:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028
 
Error: (08/01/2018 10:25:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028
 
 
System errors:
=============
Error: (08/02/2018 04:43:56 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: 次の致命的な警告を受け取りました: 40。
 
Error: (08/02/2018 04:43:56 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: 次の致命的な警告を受け取りました: 70。
 
Error: (08/02/2018 04:43:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: 次のブート開始ドライバーまたはシステム開始ドライバーを読み込めませんでした: 
cdrom
 
Error: (08/02/2018 10:28:55 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: サーバー {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} は、必要なタイムアウト期間内に DCOM に登録しませんでした。
 
Error: (08/01/2018 05:04:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: 次の致命的な警告を受け取りました: 40。
 
Error: (08/01/2018 05:04:57 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: 次の致命的な警告を受け取りました: 70。
 
Error: (08/01/2018 05:04:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: 次のブート開始ドライバーまたはシステム開始ドライバーを読み込めませんでした: 
cdrom
 
Error: (07/31/2018 11:22:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: MBAMWebProtection サービスを、次のエラーが原因で開始できませんでした: 
アクセスが拒否されました。
 
 
Windows Defender:
===================================
Date: 2018-07-04 16:50:53.666
Description: 
Windows Defender で署名を更新しようとしてエラーが発生しました。
新しい署名のバージョン:1.271.442.0
以前の署名のバージョン:1.269.1075.0
更新元:ユーザー
署名の種類:スパイウェア対策ソフトウェア
更新の種類:差分
ユーザー:NT AUTHORITY\SYSTEM
現在のエンジンのバージョン:1.1.15000.2
以前のエンジンのバージョン:1.1.14901.4
エラー コード:0x80070666
エラーの説明:別のバージョンの製品が既にインストールされています。このバージョンのインストールを続行できません。既にインストールされているバージョンの製品を構成、または削除するには、コントロール パネルの [プログラムの追加と削除] アイコンを使用します。 
 
Date: 2018-07-04 16:50:53.666
Description: 
Windows Defender でエンジンを更新しようとしてエラーが発生しました。
新しいエンジンのバージョン:1.1.15000.2
以前のエンジンのバージョン:1.1.14901.4
更新元:ユーザー
ユーザー:NT AUTHORITY\SYSTEM
エラー コード:0x80070666
エラーの説明:別のバージョンの製品が既にインストールされています。このバージョンのインストールを続行できません。既にインストールされているバージョンの製品を構成、または削除するには、コントロール パネルの [プログラムの追加と削除] アイコンを使用します。 
 
Date: 2016-09-15 14:30:47.726
Description: 
Windows Defender で署名を読み込もうとしてエラーが発生したので、既知の正しい署名セットに戻します。
読み込もうとした署名:現在
エラー コード:0x80070002
エラーの説明:指定されたファイルが見つかりません。 
署名のバージョン:0.0.0.0
エンジンのバージョン:0.0.0.0
 
Date: 2016-08-28 22:07:28.075
Description: 
Windows Defender で署名を読み込もうとしてエラーが発生したので、既知の正しい署名セットに戻します。
読み込もうとした署名:現在
エラー コード:0x80070002
エラーの説明:指定されたファイルが見つかりません。 
署名のバージョン:0.0.0.0
エンジンのバージョン:0.0.0.0
 
CodeIntegrity:
===================================
 
Date: 2018-08-02 16:44:11.387
Description: 
ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume3\Windows\System32\msimg32.dll のイメージの整合性を検証できません。
 
Date: 2018-08-02 16:44:11.154
Description: 
ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume3\Windows\System32\msimg32.dll のイメージの整合性を検証できません。
 
Date: 2018-08-01 17:05:10.913
Description: 
ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume3\Windows\System32\msimg32.dll のイメージの整合性を検証できません。
 
Date: 2018-08-01 17:05:10.638
Description: 
ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume3\Windows\System32\msimg32.dll のイメージの整合性を検証できません。
 
Date: 2018-07-31 18:48:09.355
Description: 
ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume3\Windows\System32\msimg32.dll のイメージの整合性を検証できません。
 
Date: 2018-07-31 18:48:09.085
Description: 
ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume3\Windows\System32\msimg32.dll のイメージの整合性を検証できません。
 
Date: 2018-07-31 18:48:03.561
Description: 
ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume3\Windows\System32\msimg32.dll のイメージの整合性を検証できません。
 
Date: 2018-07-31 18:47:51.694
Description: 
ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume3\Windows\System32\msimg32.dll のイメージの整合性を検証できません。
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6600U CPU @ 2.60GHz
Percentage of memory in use: 50%
Total physical RAM: 8047.38 MB
Available physical RAM: 3980.45 MB
Total Virtual: 16092.93 MB
Available Virtual: 11859.54 MB
 
==================== Drives ================================
 
Drive c: (Windows7_OS) (Fixed) (Total:463.29 GB) (Free:177.37 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.43 GB) (Free:2.45 GB) NTFS
 
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D7913367)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 
Thanks again.

Edited by Oh My!, 02 August 2018 - 03:25 PM.


#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:12 AM

Posted 02 August 2018 - 03:27 PM

You are quite welcome.

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
  • The information will be copied invisibly and will be "pasted" into FRST automatically when you click Fix as instructed below
Start::
HKU\S-1-5-21-2900228453-1773325757-903500436-1001\...\Run: [AdobeBridge] => [X]
SearchScopes: HKU\S-1-5-21-2900228453-1773325757-903500436-1001 -> DefaultScope {8AFAD812-133A-4AEF-B145-8F3E1B80E581} URL = 
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
End::
  • Click Fix
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Malwarebytes AdwCleaner

-------------------
  • Please download AdwCleaner and save it on your desktop.
  • Close all open programs and browsers
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed if there are threats found you will see Found 3 threats or something similar above the progress bar
  • Click each tab under Results and uncheck any items you want to keep
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Click OK twice to finish the removal process by automatically rebooting your computer
  • Once completed an AdwCleaner document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • AdwCleaner log
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#8 shirato

shirato
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:12 AM

Posted 03 August 2018 - 04:06 AM

Thanks for the quick reply.

 

Here are the contents of the logs you requested:

 

==== Fixlog.txt ====

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by J (03-08-2018 17:50:42) Run:1
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-2900228453-1773325757-903500436-1001\...\Run: [AdobeBridge] => [X]
SearchScopes: HKU\S-1-5-21-2900228453-1773325757-903500436-1001 -> DefaultScope {8AFAD812-133A-4AEF-B145-8F3E1B80E581} URL = 
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
 
*****************
 
"HKU\S-1-5-21-2900228453-1773325757-903500436-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
"HKU\S-1-5-21-2900228453-1773325757-903500436-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKLM\System\CurrentControlSet\Services\mfeavfk01" => removed successfully
mfeavfk01 => service removed successfully
 
==== End of Fixlog 17:50:42 ====
 
====AdwCleaner[C00].txt====
 
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build:    07-17-2018
# Database: 2018-07-25.1
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-03-2018
# Duration: 00:00:00
# OS:       Windows 7 Professional
# Cleaned:  1
# Failed:   0
 
 
***** [ Services ] *****
 
No malicious services cleaned.
 
***** [ Folders ] *****
 
No malicious folders cleaned.
 
***** [ Files ] *****
 
No malicious files cleaned.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks cleaned.
 
***** [ Registry ] *****
 
No malicious registry entries cleaned.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries cleaned.
 
***** [ Chromium URLs ] *****
 
Deleted       Tangorin
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries cleaned.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs cleaned.
 
 
*************************
 
[+] Delete Tracing Keys
[+] Reset Winsock
 
*************************
 
AdwCleaner[S00].txt - [1256 octets] - [03/08/2018 17:59:30]
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 
Computer has been booting faster recently (even before running adwcleaner or FRST), although I'm not sure why/aware of anything that could have changed to allow this to be the case.
 
Thanks again.


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:12 AM

Posted 03 August 2018 - 08:49 AM

Your computer is clean and I couldn't tell you why your computer is booting faster. Sometimes we just take what we can get. :)

I would like you to monitor your computer for a day to see how things go. While we wait, please do this.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Review the list of entries and if there are any you want to keep stop and copy/paste the ESET.txt report in your reply for my review
  • If you do not wish to keep any of the entries check Uninstall application on close and Delete quarantined files
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
===================================================

Security Analysis by Rocket Grannie

--------------------
  • Please download Security Analysis by Rocket Grannie and save it to your Desktop
  • Right click on the icon and select Run as admnistrator
  • Click OK on the disclaimer and ignore any security warnings that may appear
  • In your reply, please copy and paste the contents of the Notepad document that will appear on your desktop
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Security Analysis log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#10 shirato

shirato
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:12 AM

Posted 04 August 2018 - 07:30 AM

Apologies for the late reply. I also couldn't say why my computer is booting faster now, but agreed that sometimes it's best to just take what we can get!

 

I downloaded and ran ESET Online Scanner and Security Analysis as you requested: ESET apparently found no threats, and as such I clicked Uninstall application on close before finishing, which seems to mean that no log was produced? If it was meant to produce a log even after finding no threats, please let me know and I can go through the steps you provided again.

 

Otherwise, please find the contents of the Security Analysis log below:

 

====SALog.text====

 

Result of Security Analysis by Rocket Grannie (x86) Updated: 02nd, August 2018
Running from:C:\Users\J\Desktop (18:42:40 - 08/04/2018)
***---------------------------------------------------------***
Microsoft Windows 7 Professional X64 Service Pack 1
UAC is Enabled
Internet Explorer 11
Default Browser: Google Chrome
***------------Antivirus - Antispyware - Firewall-----------***
Kaspersky Internet Security (Enabled - up to Date)
Kaspersky Internet Security (Enabled - up to Date)
Windows Defender (Enabled - up to Date)
Kaspersky Internet Security Firewall (Enabled)
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player NPAPI (30.0.0.134)
Adobe Reader XI (11.0.23) ==> is no longer supported
Google Chrome (67.0.3396.99)
Malwarebytes (3.5.1.2522)
Mozilla Firefox (60.0) ==> is out of Date
 
***----------------Analysis Complete-------------------------***
 
From what I've seen over the past day, my computer appears to be running fine.
 
Thanks again.


#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:12 AM

Posted 04 August 2018 - 02:50 PM

Greetings.

The way you handled ESET is prefect and there is no log.

===================================================

Update Adobe Reader

--------------------

Your Adobe Reader is out of date and a security concern. Here is some excellent information and a video which explains the importance of minimizing the risk of infection through compromised PDF files.
  • Please visit Adobe Reader
  • Uncheck any optional offers you do not want
  • Click Install now
  • Save the file to your desktop
  • Double click the installation icon
  • Select Run
  • When completed click Finish
  • Press the Windows key + R at the same time
  • Type appwiz.cpl, press Enter, and allow the Programs list to populate
  • Uninstall every Adobe Reader program except the one just downloaded and installed
===================================================

Firefox Update

--------------------

I recommend you consider updating Firefox to the newest version. If you desire to do so please click this link to begin the process.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Updates?
  • Any remaining issues?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#12 shirato

shirato
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:12 AM

Posted 04 August 2018 - 08:58 PM

Hello, thanks for the reply.

 

I followed the steps you provided to update Adobe Reader and Firefox; both should be up to date now.

 

As far as I can tell, things seem to be running okay/there have been no further issues that I've noticed.

 

Thanks again.



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:12 AM

Posted 04 August 2018 - 09:47 PM

Very good. It looks like we are all done.

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean!

--------------

Your computer is now clean.

Right click on the FRST icon and rename it to Uninstall. Right click on it again, select Run as administrator and FRST will delete itself.
To check for any leftover installed tools hit the Windows Key + R at the same time, type appwiz.cpl, and hit Enter.
You may uninstall any listed program we used that still remains. You may also delete any other tools or reports created during our efforts.

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean.

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. ohmy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:12 AM

Posted 05 August 2018 - 08:15 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users