Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Old X220i is hurting


  • Please log in to reply

#1
arare

arare

    New Member

  • Member
  • Pip
  • 7 posts

Hello, from Japan!

My ex boyfriend is San Jose geek. He says you are the better geek to help me.

I don't know whom/where to ask here.

 

My pc is very slow and many times just freeze.

I checked hard disk, and saw "SISHash Todo" and "SISTodo" updated Jan./19.

I wonder what they are doing in my PC.

 

What do I need to do?

 

I appreciate your help.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by yuka (administrator) on YUKA-THINK (04-03-2019 21:27:08)
Running from C:\Users\yuka\Desktop
Loaded Profiles: yuka (Available Profiles: yuka & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: 日本語 (日本)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(CyberLink -> ) [File not signed] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\TpShocks.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify AB -> Spotify Ltd) C:\Users\yuka\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMECMNT.EXE
(Ricoh co.,Ltd.) [File not signed] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(CyberLink -> CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
(Lenovo Group Limited) [File not signed] C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Lenovo Group Limited) [File not signed] C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> ) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMECMNT.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-01-14] (Lenovo(Japan)Ltd. -> Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-27] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-15] (Conexant Systems, Inc. -> Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-04] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2011-02-28] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
HKLM\...\Run: [IME14 JPN Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110776 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.) [File not signed]
HKLM-x32\...\Run: [PWMTRV] => C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [1544040 2011-03-24] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Leader Technologies Inc -> Lenovo, Inc.)
HKLM-x32\...\Run: [IME14 JPN Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [681256 2009-07-03] (CyberLink -> CyberLink Corporation.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2018-05-15] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Launch Backup Service Once] => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrstrigger.exe [70456 2010-12-11] (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\Run: [Google Update] => C:\Users\yuka\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-21] (Google Inc -> Google Inc.)
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\Run: [Spotify Web Helper] => C:\Users\yuka\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\MountPoints2: {99ca3746-d391-11e0-a245-806e6f6e6963} - Q:\LenovoQDrive.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-10-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{97B55EE0-D733-4B76-894B-25FA1A525C26}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{C18491C9-69E2-47B6-AC5C-673A508FCA89}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E8EB0686-F549-4554-89C1-0DFBC82A6E5E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/webhp?hl=ja&tab=ww
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_jaJP448
SearchScopes: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_jaJP448
SearchScopes: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-07-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID サインイン ヘルパー -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-07-04] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

FireFox:
========
FF ProfilePath: C:\Users\yuka\AppData\Roaming\Mozilla\Firefox\Profiles\eykjb16r.default [2019-03-04]
FF Homepage: Mozilla\Firefox\Profiles\eykjb16r.default -> hxxps://www.google.co.jp/
FF Extension: (アバスト セーフプライス | 比較、お得な情報、クーポン) - C:\Users\yuka\AppData\Roaming\Mozilla\Firefox\Profiles\eykjb16r.default\Extensions\[email protected] [2018-12-21]
FF Extension: (Avast Online Security) - C:\Users\yuka\AppData\Roaming\Mozilla\Firefox\Profiles\eykjb16r.default\Extensions\[email protected] [2018-06-20]
FF Extension: (New Tab Homepage) - C:\Users\yuka\AppData\Roaming\Mozilla\Firefox\Profiles\eykjb16r.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2011-11-04] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-07-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-07-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-19] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1310004040-4233039217-3965176310-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\yuka\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-1310004040-4233039217-3965176310-1000: @talk.google.com/O1DPlugin -> C:\Users\yuka\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-1310004040-4233039217-3965176310-1000: @tools.google.com/Google Update;version=3 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-1310004040-4233039217-3965176310-1000: @tools.google.com/Google Update;version=9 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc -> Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\yuka\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-17]
FF Plugin ProgramFiles/Appdata: C:\Users\yuka\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-17]

Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files (x86)\fbphotozoom\fbphotozoom16.crx [2012-04-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-24] (Lenovo(Japan)Ltd. -> Lenovo.)
R2 ImeDictUpdateService; C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [83312 2010-10-21] (Microsoft Corporation -> Microsoft Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] (CyberLink -> ) [File not signed]
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [443240 2011-03-02] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-12-11] (Lenovo Group Limited) [File not signed]
R3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-12-11] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 5U877; C:\Windows\System32\DRIVERS\5U877.sys [166016 2011-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-06-30] (CyberLink -> Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [372720 2009-06-30] (CyberLink -> CyberLink Corporation.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [12264384 2011-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2011-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel® Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-08-31] (PAIPTAC  Driver -> )
R2 risdxc; C:\Windows\System32\DRIVERS\risdxc64.sys [101376 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2014-03-24] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 21:27 - 2019-03-04 21:33 - 000025994 _____ C:\Users\yuka\Desktop\FRST.txt
2019-03-04 21:25 - 2019-03-04 21:27 - 000000000 ____D C:\FRST
2019-03-04 21:23 - 2019-03-04 21:23 - 002434560 _____ (Farbar) C:\Users\yuka\Desktop\FRST64.exe
2019-03-04 17:54 - 2019-03-04 17:54 - 000007883 _____ C:\Users\yuka\Desktop\nanaco _ ギフトID登録完了2.htm
2019-03-04 17:54 - 2019-03-04 17:54 - 000000000 ____D C:\Users\yuka\Desktop\nanaco _ ギフトID登録完了2_files
2019-03-04 17:49 - 2019-03-04 17:49 - 000007703 _____ C:\Users\yuka\Desktop\nanaco _ ギフトID登録完了.htm
2019-03-04 17:49 - 2019-03-04 17:49 - 000000000 ____D C:\Users\yuka\Desktop\nanaco _ ギフトID登録完了_files
2019-02-26 20:08 - 2019-02-26 20:08 - 000482283 _____ C:\Users\yuka\Desktop\SBI損保 自動車保険2019.3.31~.pdf
2019-02-25 22:18 - 2019-02-25 22:19 - 000859992 _____ C:\Windows\Minidump\022519-45770-01.dmp
2019-02-24 22:07 - 2019-01-26 10:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-24 22:07 - 2019-01-26 09:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-24 22:06 - 2019-01-28 00:23 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-02-24 22:06 - 2019-01-27 23:32 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-02-24 22:06 - 2019-01-26 09:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-24 22:06 - 2019-01-26 09:37 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-02-24 22:06 - 2019-01-26 09:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-02-24 22:06 - 2019-01-26 09:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-02-24 22:06 - 2019-01-26 09:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-02-24 22:06 - 2019-01-26 09:35 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-02-24 22:06 - 2019-01-26 09:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-24 22:06 - 2019-01-26 09:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-02-24 22:06 - 2019-01-26 09:25 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-02-24 22:06 - 2019-01-26 09:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-02-24 22:06 - 2019-01-26 09:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-02-24 22:06 - 2019-01-26 09:24 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-02-24 22:06 - 2019-01-26 09:17 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-02-24 22:06 - 2019-01-26 09:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-02-24 22:06 - 2019-01-26 09:07 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-02-24 22:06 - 2019-01-26 09:07 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-02-24 22:06 - 2019-01-26 09:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-02-24 22:06 - 2019-01-26 09:06 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-02-24 22:06 - 2019-01-26 09:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-02-24 22:06 - 2019-01-26 09:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-24 22:06 - 2019-01-26 09:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-02-24 22:06 - 2019-01-26 09:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-02-24 22:06 - 2019-01-26 09:01 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-02-24 22:06 - 2019-01-26 09:00 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-02-24 22:06 - 2019-01-26 08:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-02-24 22:06 - 2019-01-26 08:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-02-24 22:06 - 2019-01-26 08:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-02-24 22:06 - 2019-01-26 08:56 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-02-24 22:06 - 2019-01-26 08:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-02-24 22:06 - 2019-01-26 08:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-02-24 22:06 - 2019-01-26 08:48 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-02-24 22:06 - 2019-01-26 08:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-02-24 22:06 - 2019-01-26 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-02-24 22:06 - 2019-01-26 08:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-02-24 22:06 - 2019-01-26 08:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-02-24 22:06 - 2019-01-26 08:40 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-02-24 22:06 - 2019-01-26 08:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-02-24 22:06 - 2019-01-26 08:37 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-02-24 22:06 - 2019-01-26 08:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-24 22:06 - 2019-01-26 08:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-24 22:06 - 2019-01-26 08:32 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-02-24 22:06 - 2019-01-26 08:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-02-24 22:06 - 2019-01-26 08:30 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-02-24 22:06 - 2019-01-26 08:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-02-24 22:06 - 2019-01-26 08:29 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-02-24 22:06 - 2019-01-26 08:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-02-24 22:06 - 2019-01-26 08:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-02-24 22:06 - 2019-01-26 08:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-24 22:06 - 2019-01-26 08:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-02-24 22:06 - 2019-01-26 08:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-02-24 22:06 - 2019-01-15 16:06 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-02-24 22:06 - 2019-01-15 16:06 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-02-24 22:06 - 2019-01-15 16:03 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-02-24 22:06 - 2019-01-15 16:03 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-02-24 22:06 - 2019-01-15 16:03 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-02-24 22:06 - 2019-01-15 16:03 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-02-24 22:06 - 2019-01-15 16:03 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-02-24 22:06 - 2019-01-15 16:03 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-02-24 22:06 - 2019-01-15 16:03 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-02-24 22:06 - 2019-01-15 16:03 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-02-24 22:06 - 2019-01-15 16:02 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-02-24 22:06 - 2019-01-15 16:02 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-02-24 22:06 - 2019-01-15 15:52 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-02-24 22:06 - 2019-01-15 15:52 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-02-24 22:06 - 2019-01-15 15:52 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-02-24 22:06 - 2019-01-15 15:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-02-24 22:06 - 2019-01-15 15:51 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-02-24 22:06 - 2019-01-15 15:32 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-02-24 22:06 - 2019-01-15 15:32 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-02-24 22:06 - 2019-01-12 12:08 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-24 22:06 - 2019-01-12 12:08 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-02-24 22:06 - 2019-01-12 11:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-24 22:06 - 2019-01-12 11:55 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-02-24 22:06 - 2019-01-12 11:36 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-24 22:06 - 2019-01-12 11:36 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-24 22:06 - 2019-01-12 11:36 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-24 22:06 - 2019-01-09 12:10 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-02-24 22:06 - 2019-01-09 12:09 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-24 22:06 - 2019-01-09 12:09 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-02-24 22:06 - 2019-01-09 12:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-02-24 22:06 - 2019-01-09 12:08 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-02-24 22:06 - 2019-01-09 12:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-02-24 22:06 - 2019-01-09 12:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-02-24 22:06 - 2019-01-09 12:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-02-24 22:06 - 2019-01-09 12:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-02-24 22:06 - 2019-01-09 12:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-02-24 22:06 - 2019-01-09 12:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-02-24 22:06 - 2019-01-09 12:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-02-24 22:06 - 2019-01-09 12:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-02-24 22:06 - 2019-01-09 11:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-02-24 22:06 - 2019-01-09 11:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-02-24 22:06 - 2019-01-09 11:57 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-02-24 22:06 - 2019-01-09 11:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-02-24 22:06 - 2019-01-09 11:55 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-02-24 22:06 - 2019-01-09 11:55 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-02-24 22:06 - 2019-01-09 11:45 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-02-24 22:06 - 2019-01-09 11:45 - 000033408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-24 22:06 - 2019-01-09 11:38 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-02-24 22:06 - 2019-01-09 11:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-02-24 22:06 - 2019-01-09 11:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-02-24 22:06 - 2019-01-09 11:35 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-02-24 22:06 - 2019-01-09 11:35 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-24 22:06 - 2019-01-09 11:35 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-24 22:06 - 2019-01-09 11:34 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-02-24 22:06 - 2019-01-08 02:19 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-24 22:06 - 2019-01-02 01:08 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-02-24 22:06 - 2019-01-02 01:05 - 003247104 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-24 22:06 - 2019-01-02 01:05 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-02-24 22:06 - 2019-01-02 01:04 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-02-24 22:06 - 2019-01-02 00:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-24 22:06 - 2019-01-02 00:57 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-02-24 22:06 - 2019-01-02 00:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-02-24 22:06 - 2019-01-02 00:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-02-24 22:06 - 2018-12-29 04:59 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-02-24 22:06 - 2018-12-29 04:59 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-02-24 22:06 - 2018-12-29 04:59 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-02-24 22:06 - 2018-12-29 04:48 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-02-24 22:06 - 2018-12-29 04:48 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-02-24 22:06 - 2018-12-05 01:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2019-02-24 22:06 - 2018-12-05 01:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-02-24 22:06 - 2018-12-05 00:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-24 22:06 - 2018-12-03 01:06 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000918408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000066000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000063936 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000021968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000017872 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000017856 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000017360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000016336 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000015824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000015808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000014312 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000014272 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000013768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000013264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000012736 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000012264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000012232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-02-24 22:06 - 2018-10-12 22:05 - 000011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-02-24 22:05 - 2019-01-26 09:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-02-24 22:05 - 2019-01-26 09:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-02-24 22:05 - 2019-01-26 09:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-02-24 22:05 - 2019-01-26 09:24 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-02-24 22:05 - 2019-01-26 09:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-02-24 22:05 - 2019-01-26 09:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-02-24 22:05 - 2019-01-26 09:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-02-24 22:05 - 2019-01-26 09:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-02-24 22:05 - 2019-01-26 08:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-02-24 22:05 - 2019-01-26 08:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-02-24 22:05 - 2019-01-26 08:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-02-24 22:05 - 2019-01-26 08:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-02-24 22:05 - 2019-01-26 08:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-02-24 22:05 - 2019-01-26 08:43 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-02-24 22:05 - 2019-01-15 16:03 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-02-24 22:05 - 2019-01-15 16:03 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-02-24 22:05 - 2019-01-15 16:03 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-02-24 22:05 - 2019-01-15 16:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-02-24 22:05 - 2019-01-15 16:03 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-02-24 22:05 - 2019-01-15 16:03 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-02-24 22:05 - 2019-01-15 16:02 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-02-24 22:05 - 2019-01-15 16:02 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-02-24 22:05 - 2019-01-15 16:02 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-02-24 22:05 - 2019-01-15 15:52 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-02-24 22:05 - 2019-01-15 15:52 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-02-24 22:05 - 2019-01-15 15:52 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-02-24 22:05 - 2019-01-15 15:52 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-02-24 22:05 - 2019-01-15 15:52 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-02-24 22:05 - 2019-01-15 15:52 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-02-24 22:05 - 2019-01-15 15:52 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-02-24 22:05 - 2019-01-15 15:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-02-24 22:05 - 2019-01-15 15:52 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-02-24 22:05 - 2019-01-15 15:52 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-02-24 22:05 - 2019-01-15 15:51 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-02-24 22:05 - 2019-01-15 15:38 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-02-24 22:05 - 2019-01-15 15:33 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-02-24 22:05 - 2019-01-15 15:32 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-02-24 22:05 - 2019-01-15 15:31 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-02-24 22:05 - 2019-01-15 15:29 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-02-24 22:05 - 2019-01-09 12:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-02-24 22:05 - 2019-01-09 12:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-02-24 22:05 - 2019-01-09 12:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-02-24 22:05 - 2019-01-09 12:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-02-24 22:05 - 2019-01-09 12:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 12:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:45 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-02-24 22:05 - 2019-01-09 11:41 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-02-24 22:05 - 2019-01-09 11:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-02-24 22:05 - 2019-01-09 11:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-02-24 22:05 - 2019-01-09 11:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-02-24 22:05 - 2019-01-09 11:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-02-24 22:05 - 2019-01-09 11:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-02-24 22:05 - 2019-01-09 11:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-02-24 22:05 - 2019-01-09 11:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-02-24 22:05 - 2019-01-09 11:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-02-24 22:05 - 2019-01-09 11:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-02-24 22:05 - 2019-01-09 11:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-02-24 22:05 - 2019-01-09 11:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-02-24 22:05 - 2019-01-09 11:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-02-24 22:05 - 2019-01-09 11:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-02-24 22:05 - 2019-01-02 01:05 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-02-24 22:05 - 2019-01-02 01:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-02-24 22:05 - 2019-01-02 00:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-02-24 22:05 - 2019-01-02 00:58 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-02-24 22:05 - 2018-12-29 04:59 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-02-24 22:05 - 2018-12-29 04:59 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-02-24 22:05 - 2018-12-29 04:48 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-02-24 22:05 - 2018-12-29 04:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-02-24 22:05 - 2018-12-05 00:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2019-02-15 21:31 - 2019-02-15 21:29 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 21:06 - 2009-07-14 13:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-04 21:06 - 2009-07-14 13:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-04 20:56 - 2016-11-26 23:22 - 000000000 ____D C:\Users\yuka\AppData\LocalLow\Mozilla
2019-03-04 20:50 - 2011-09-24 22:44 - 000000000 ____D C:\Users\yuka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2019-03-04 20:49 - 2019-02-01 20:56 - 000000000 _____ C:\Windows\system32\last.dump
2019-03-04 20:49 - 2011-09-06 20:49 - 000000466 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2019-03-04 20:49 - 2009-07-14 14:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-04 18:58 - 2011-09-06 20:49 - 000003448 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2019-03-04 18:57 - 2011-09-06 20:49 - 000003494 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2019-03-04 18:01 - 2011-09-08 22:10 - 000000000 ____D C:\Users\yuka\Documents\Outlook ファイル
2019-03-04 17:12 - 2011-09-06 20:49 - 000000528 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2019-03-01 22:20 - 2011-09-06 20:49 - 000004234 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2019-02-25 23:01 - 2014-02-26 20:58 - 001293022 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-02-25 23:01 - 2011-09-01 07:13 - 000411428 _____ C:\Windows\system32\perfh011.dat
2019-02-25 23:01 - 2011-09-01 07:13 - 000122442 _____ C:\Windows\system32\perfc011.dat
2019-02-25 23:01 - 2009-07-14 14:13 - 001293022 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-25 23:01 - 2009-07-14 12:20 - 000000000 ____D C:\Windows\inf
2019-02-25 22:18 - 2015-07-04 22:32 - 279196036 _____ C:\Windows\MEMORY.DMP
2019-02-25 22:18 - 2015-07-04 22:32 - 000000000 ____D C:\Windows\Minidump
2019-02-25 17:38 - 2009-07-14 13:45 - 000349616 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-24 22:21 - 2013-08-16 21:16 - 000000000 ____D C:\Windows\system32\MRT
2019-02-24 22:08 - 2011-09-10 20:13 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-24 21:03 - 2014-06-21 14:46 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-24 20:55 - 2015-05-19 09:48 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-24 20:50 - 2016-01-08 15:45 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-19 19:40 - 2017-03-22 18:51 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-15 23:09 - 2018-03-26 13:43 - 000004260 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-15 23:09 - 2015-01-24 19:23 - 000004108 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-15 23:09 - 2012-12-06 23:06 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-15 23:09 - 2012-12-06 23:06 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-15 23:08 - 2012-07-29 14:10 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-15 23:08 - 2011-09-10 20:45 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-15 21:45 - 2012-05-03 12:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-02 21:22 - 2017-12-12 22:59 - 000003134 _____ C:\Windows\System32\Tasks\{0E77B210-87D2-43DF-B8A0-C78FA49B24ED}
2019-02-02 21:22 - 2016-02-13 22:12 - 000003074 _____ C:\Windows\System32\Tasks\{95BCE7F4-9320-4080-8209-2365C4E54DA0}
2019-02-02 21:22 - 2016-02-13 22:11 - 000003030 _____ C:\Windows\System32\Tasks\{FB4322B8-FE4A-4DC9-94E3-65A98977D193}
2019-02-02 21:22 - 2015-12-05 12:57 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-02-02 21:22 - 2015-09-01 16:49 - 000003028 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1310004040-4233039217-3965176310-1000Core
2019-02-02 21:22 - 2012-09-07 19:18 - 000003300 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1310004040-4233039217-3965176310-1000UA
2019-02-02 21:22 - 2011-09-06 20:49 - 000002836 _____ C:\Windows\System32\Tasks\DiskUpdate
2019-02-02 21:22 - 2011-08-31 14:55 - 000003376 _____ C:\Windows\System32\Tasks\MCP
2019-02-02 21:22 - 2011-08-31 14:41 - 000002958 _____ C:\Windows\System32\Tasks\PMTask

==================== Files in the root of some directories =======

2014-11-16 20:02 - 2014-11-16 20:02 - 006000640 _____ () C:\Program Files (x86)\GUT6327.tmp
2011-10-07 10:57 - 2011-10-09 19:48 - 000024491 _____ () C:\Users\yuka\AppData\Roaming\テキスト ファイル (Windows、カンマ区切り).ADR
2011-09-11 20:37 - 2011-09-11 20:37 - 000000017 _____ () C:\Users\yuka\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-12 23:26

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by yuka (04-03-2019 21:34:48)
Running from C:\Users\yuka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-06 11:48:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1310004040-4233039217-3965176310-500 - Administrator - Disabled)
Guest (S-1-5-21-1310004040-4233039217-3965176310-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1310004040-4233039217-3965176310-1003 - Limited - Enabled)
yuka (S-1-5-21-1310004040-4233039217-3965176310-1000 - Administrator - Enabled) => C:\Users\yuka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Japanese (HKLM-x32\...\{AC76BA86-7AD7-1041-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Apple Application Support(32 ビット) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support(64 ビット) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.5503 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3102 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3030 - CyberLink Corp.)
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.4511 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3017a - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSONプリンタドライバ・ユーティリティ (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
iTunes (HKLM\...\{B142337A-47E0-4D1A-8FBF-44CDF5B4B923}) (Version: 12.7.5.9 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.06 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - 会社名)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
LINE (HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\LINE) (Version: 5.3.0.1506 - LINE Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\Office14.EssentialsR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office ナビ 2010 (HKLM\...\{95140000-011C-0411-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 65.0 (x86 ja) (HKLM-x32\...\Mozilla Firefox 65.0 (x86 ja)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.10 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Rescue and Recovery (HKLM-x32\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.31.0010.00 - Lenovo Group Limited)
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0013-0000-0000-0000000FF1CE}_Office14.EssentialsR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype バージョン 8.25 (HKLM-x32\...\Skype_is1) (Version: 8.25 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.23 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.62.00.00 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - )
ThinkPad UltraNav ユーティリティ (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0029.5 - REALTEK Semiconductor Corp.)
ThinkPad 省電力マネージャー (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
ThinkVantage ハードディスク・アクティブプロテクション・システム (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.74 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows ドライバ パッケージ - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows ドライバ パッケージ - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows ドライバ パッケージ - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows ドライバ パッケージ - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows ドライバ パッケージ - Intel System  (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows ドライバ パッケージ - Intel USB  (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows ドライバ パッケージ - Lenovo 1.62.00.00 (01/19/2011 1.62.00.00) (HKLM\...\D01A7EE241898C810674C69EB908D655D149BE77) (Version: 01/19/2011 1.62.00.00 - Lenovo)
Windows ドライバ パッケージ - Synaptics (SynTP) Mouse  (05/05/2011 15.3.6.0) (HKLM\...\C63C03BF3BE2B6F6204BB54541690449FFF79F4F) (Version: 05/05/2011 15.3.6.0 - Synaptics)
オン スクリーン表示 (HKLM\...\OnScreenDisplay) (Version: 6.23.01 - )
キングソフト辞書 (HKLM-x32\...\PowerWord Lite) (Version: 2011.05.11.1.1 - キングソフト株式会社)
はがきデザインキット (HKLM-x32\...\{CFE0EB86-670D-C51A-91CD-E2E7D38CEFFD}) (Version: 6.0.1 - Japan Post Co., Ltd.) Hidden
はがきデザインキット (HKLM-x32\...\designKit.702840F10216893FC3494B731E825B33666733D6.1) (Version: v6.0.1 - Japan Post Co., Ltd.)
リモート接続用の Windows Live Mesh ActiveX コントロール (日本語) (HKLM-x32\...\{BAF0CA91-4642-46C8-9BCD-C93B61508701}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-15] (AVAST Software s.r.o. -> AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01978B1C-693C-4B75-968B-2A3B8FDDA534} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {0DAA78A7-A0F5-44EA-88CA-5FA5CABC1188} - System32\Tasks\SafeZone scheduled Autoupdate 1458798749 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (AVAST Software s.r.o. -> Avast Software)
Task: {129BA242-20F3-4037-95FA-04798EAD665F} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
Task: {196E503C-0A33-4CC2-B950-D8DB4E79F56A} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
Task: {2C58D8AD-B95D-4D5F-8B24-8AAE5C077F39} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2EBD3AEB-FB34-4F9E-8584-3092D4081321} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)
Task: {3049D566-1C93-4F39-92FE-E10E5C923FD1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {4E816226-CB38-4CB2-AFBF-1572754DE5ED} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe () [File not signed]
Task: {563C8A0B-CAE3-47CF-ACFE-58DDBAF4CF86} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {57F9D719-414A-4DC3-B094-EED7D81157B5} - System32\Tasks\TVT\UpdateRnR => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsetsched.exe () [File not signed]
Task: {5CF7FE55-27EA-4151-B042-394C8342620F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {61B0016D-8FE9-42B4-8BD0-AB72F1417A8F} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {691C744A-4201-4CF5-9BC4-0CBCCF4BD51D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6B1CC383-6E77-4B6C-800F-976BB8606632} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
Task: {6EA4DD9C-ACD0-4D7D-BF29-085BDA795811} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {74F185CB-5514-4E29-B959-CB67209CDECE} - System32\Tasks\{0E77B210-87D2-43DF-B8A0-C78FA49B24ED} => C:\Windows\system32\pcalua.exe -a C:\Users\yuka\AppData\Roaming\BitTorrent\BitTorrent.exe -c /UNINSTALL
Task: {77A81E29-502F-4F8A-8B38-BB936A06FFD6} - System32\Tasks\{95BCE7F4-9320-4080-8209-2365C4E54DA0} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/ja/abandoninstall?page=tsMain
Task: {85D392CA-D85E-43EC-8429-2DF66C825617} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {861A8B7B-B5E4-49FD-B19F-76586EC70AA2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1310004040-4233039217-3965176310-1000Core => C:\Users\yuka\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {9B4BD16C-AC46-4698-A687-88DBBE7CF438} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1310004040-4233039217-3965176310-1000UA => C:\Users\yuka\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {B0973079-C7E4-457A-920E-B30C70A89917} - System32\Tasks\{FB4322B8-FE4A-4DC9-94E3-65A98977D193} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/ja/eula
Task: {BC9E2306-E768-4C27-BDBF-20F13D732295} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {FA66D15A-360F-403F-8817-7A3D3FFF50F9} - System32\Tasks\TVT\ChangePWD => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2011-01-21 16:13 - 2010-10-19 18:06 - 000148992 ____N (Lenovo Group Limited) [File not signed] C:\Program Files\LENOVO\HOTKEY\lcdbl.dll
2011-09-24 22:44 - 2009-07-02 23:02 - 000244904 ____R (CyberLink -> ) [File not signed] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-08-31 14:33 - 2008-10-30 15:24 - 000055808 ____N (Ricoh co.,Ltd.) [File not signed] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
2011-09-10 20:11 - 2011-09-10 20:11 - 001654784 ____N (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2011-09-10 20:11 - 2011-09-10 20:11 - 000038912 ____N (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80JPN.DLL
2011-08-31 14:41 - 2011-03-24 03:48 - 000030208 ____N () [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\JP\PWMRT64V.DLL
2010-12-11 20:03 - 2010-12-11 20:03 - 001212416 ____N (Lenovo Group Limited) [File not signed] C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
2010-12-11 19:39 - 2010-12-11 19:39 - 001028096 ____N (Lenovo Group Limited) [File not signed] C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
2011-08-31 14:42 - 2010-04-06 09:05 - 002085888 ____N () [File not signed] C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-08-31 14:42 - 2010-04-06 09:04 - 002201088 ____N () [File not signed] C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2010-12-11 19:44 - 2010-12-11 19:44 - 000241664 ____N () [File not signed] C:\Program Files (x86)\Lenovo\Rescue and Recovery\CDRecord.dll
2011-09-10 20:11 - 2011-09-10 20:11 - 001093120 ____N (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2011-09-10 20:11 - 2011-09-10 20:11 - 000049152 ____N (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80JPN.DLL
2010-12-11 19:34 - 2010-12-11 19:34 - 000069632 ____N (Lenovo Group Limited) [File not signed] C:\Program Files (x86)\Common Files\Lenovo\tvt_think_res.dll
2011-09-10 20:11 - 2011-09-10 20:11 - 001101824 ____N (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 11:34 - 2019-01-08 18:05 - 000000831 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Lenovo;C:\Program Files (x86)\Windows Live\Shared;C:\SWTOOLS\ReadyApps;C:\Program Files (x86)\Intel\Services\IPT\
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\yuka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9F1E0CE4-D7A0-46C0-980E-AC9D4D4825F1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7BE11A9-7AE6-4BE5-93DC-CF14DC734015}] => (Allow) LPort=2869
FirewallRules: [{B357C2BB-B0B2-4BCB-A9E8-2F98F277400E}] => (Allow) LPort=1900
FirewallRules: [{E0BAF8F0-B500-4DB8-B9CE-344FD333DAD4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E605906D-D5B6-4078-B86D-2440CE4517DF}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D22B0B61-4B46-4901-AC95-E7FF4E5473E2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [TCP Query User{D393D3D9-E7B8-470C-BDCF-4340C2E86458}C:\users\p\downloads\bittorrent-7.5.exe] => (Block) C:\users\p\downloads\bittorrent-7.5.exe No File
FirewallRules: [UDP Query User{78F2383F-DE03-496E-82EA-B9293D1694F0}C:\users\p\downloads\bittorrent-7.5.exe] => (Block) C:\users\p\downloads\bittorrent-7.5.exe No File
FirewallRules: [TCP Query User{76D2E775-28DF-4A02-A878-D63566FC88EE}C:\program files (x86)\1clickdownload\1clickdownload.exe] => (Block) C:\program files (x86)\1clickdownload\1clickdownload.exe No File
FirewallRules: [UDP Query User{42F64079-16B8-404D-A3E0-727922402D9B}C:\program files (x86)\1clickdownload\1clickdownload.exe] => (Block) C:\program files (x86)\1clickdownload\1clickdownload.exe No File
FirewallRules: [TCP Query User{EE607D89-9F7D-4049-9EBC-2137E60C7975}C:\users\yuka\downloads\bittorrent-7.5.exe] => (Block) C:\users\yuka\downloads\bittorrent-7.5.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{8483AB86-25D0-4F56-9589-BBED064E08CA}C:\users\yuka\downloads\bittorrent-7.5.exe] => (Block) C:\users\yuka\downloads\bittorrent-7.5.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{E0D8FA4E-6385-41B3-BA1F-F483EEDBE647}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Block) C:\program files (x86)\1clickdownload\1clickdownloader.exe No File
FirewallRules: [UDP Query User{10075949-C46E-47C0-AF98-C8EA8E170293}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Block) C:\program files (x86)\1clickdownload\1clickdownloader.exe No File
FirewallRules: [TCP Query User{BAEB367E-0D05-4D94-9AB6-3BE87C56AC45}C:\users\yuka\downloads\bittorrent-7.5.exe] => (Block) C:\users\yuka\downloads\bittorrent-7.5.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{85F26169-3660-418F-B3BF-AEFEB012E73F}C:\users\yuka\downloads\bittorrent-7.5.exe] => (Block) C:\users\yuka\downloads\bittorrent-7.5.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{047DFE81-3611-4FE8-A09A-95A3CF74B646}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe No File
FirewallRules: [{7A0C2474-09F6-43F2-9D48-341B3C499893}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe No File
FirewallRules: [TCP Query User{428A2D67-EE9C-4FC2-96F6-FC2730238690}C:\users\yuka\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\yuka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{F534F9B8-2529-4C71-B536-5011A5C8865B}C:\users\yuka\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\yuka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B156BA17-2216-4A42-BB39-30F8BD7EAC07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C5CD71D-B123-412C-A2F3-0BE6EA87C9B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{BB1249D1-B0F0-4CE7-ADC0-3E731FB5A428}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{58909962-E087-443C-B7AD-E62553C1AB43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5A602B3C-3D57-4EA4-871E-231511688B84}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2C600F38-63E6-4BAF-A35C-4F5A6E1FB50B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3BA03066-2EB1-41A2-9158-5E4A563DA3A2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F36860F0-C804-4FE5-A74B-BC71E22381C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{407A5391-E13E-4C9B-92FF-1AEB83F20FC1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{878B7080-2774-450E-B9CB-73A75E1C4AD9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E33BD0B4-FB80-4C25-B4AA-E3762927915B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{627155B8-4280-41A3-9AD2-E1D00738B97E}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{D3C97AB8-2E09-4DDE-BCA9-E01FC62CC9C4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1A34CDD1-C697-4E39-9F29-3799000E94B2}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{950D3246-979C-4321-BDA3-C24BEF324F81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5469C1C9-8BD1-4695-8536-A04F3E9C98C7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BBE1E7FF-AB01-439A-82F7-38624760CC18}C:\program files (x86)\lenovo\system update\uncserver.exe] => (Allow) C:\program files (x86)\lenovo\system update\uncserver.exe (Lenovo Information Products (Shenzhen) Co.,Ltd ->  )
FirewallRules: [UDP Query User{1C764843-4B47-486D-B296-5FF264FEEEE1}C:\program files (x86)\lenovo\system update\uncserver.exe] => (Allow) C:\program files (x86)\lenovo\system update\uncserver.exe (Lenovo Information Products (Shenzhen) Co.,Ltd ->  )
FirewallRules: [TCP Query User{A2F1A1E5-22FB-47DD-B491-09692B5F81A9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{DB5DEA56-3BA3-462E-A8BD-49AFE7CDC80A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{CB16352A-F40A-45AE-935F-4B7D485D9D26}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{5608DF5C-0006-4356-AC45-48DB2500B3C5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

26-01-2019 03:02:30 Windows Update
24-02-2019 21:00:49 TunnelBear
24-02-2019 21:06:23 Removed Microsoft Silverlight
24-02-2019 21:12:11 Removed Microsoft Silverlight
24-02-2019 21:55:48 Windows Update
25-02-2019 09:50:30 Windows Update
25-02-2019 22:53:20 Windows Update

==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2019 08:50:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。

Error: (03/04/2019 07:34:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585

Error: (03/04/2019 07:34:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585

Error: (03/04/2019 07:34:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/04/2019 06:34:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。

Error: (03/04/2019 05:13:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。

Error: (03/01/2019 10:44:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585

Error: (03/01/2019 10:44:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585


System errors:
=============
Error: (03/04/2019 08:57:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update サービスは開始時にハングしました。

Error: (03/04/2019 08:52:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Presentation Foundation Font Cache 3.0.0.0 サービスを、次のエラーが原因で開始できませんでした:
そのサービスは指定時間内に開始要求または制御要求に応答しませんでした。

Error: (03/04/2019 08:52:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Windows Presentation Foundation Font Cache 3.0.0.0 サービスの接続を待機中にタイムアウト (30000 ミリ秒) になりました。

Error: (03/04/2019 08:49:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: 次のブート開始ドライバーまたはシステム開始ドライバーを読み込めませんでした:
cdrom

Error: (03/04/2019 08:35:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: avast! Antivirus サービスからのトランザクション応答を待機中にタイムアウト (30000 ミリ秒) になりました。

Error: (03/04/2019 08:34:57 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: IP アドレス 0.0.0.0 とシステムのネットワーク ハードウェア アドレス 00-00-00-00-00-00 が
重複しているのを、検出しました。このシステムのネットワーク操作は
無効になる可能性があります。

Error: (03/04/2019 08:34:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: avast! Antivirus サービスからのトランザクション応答を待機中にタイムアウト (30000 ミリ秒) になりました。

Error: (03/04/2019 06:40:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update サービスは開始時にハングしました。


Windows Defender:
===================================
Date: 2015-04-30 14:05:31.754
Description:
Windows Defender スキャンは完了する前に停止しました。
スキャン ID:{263E7079-BBF1-4348-883B-DB22AA9DEC30}
スキャンの種類:スパイウェア対策ソフトウェア
スキャン パラメーター:クイック スキャン
ユーザー:NT AUTHORITY\NETWORK SERVICE

Date: 2012-09-10 14:36:52.253
Description:
Windows Defender スキャンは完了する前に停止しました。
スキャン ID:{3274EEE8-1C29-44BE-AB43-113F565D6ECA}
スキャンの種類:スパイウェア対策ソフトウェア
スキャン パラメーター:クイック スキャン
ユーザー:yuka-THINK\yuka

Date: 2015-06-26 18:54:13.460
Description:
Windows Defender で署名を更新しようとしてエラーが発生しました。
新しい署名のバージョン:
以前の署名のバージョン:1.199.2954.0
更新元:署名更新フォルダー
署名の種類:スパイウェア対策ソフトウェア
更新の種類:完全
ユーザー:NT AUTHORITY\SYSTEM
現在のエンジンのバージョン:
以前のエンジンのバージョン:1.1.11701.0
エラー コード:0x80070002
エラーの説明:指定されたファイルが見つかりません。

Date: 2015-06-26 18:54:13.397
Description:
Windows Defender でエンジンを更新しようとしてエラーが発生しました。
新しいエンジンのバージョン:
以前のエンジンのバージョン:1.1.11701.0
更新元:署名更新フォルダー
ユーザー:NT AUTHORITY\SYSTEM
エラー コード:0x80070002
エラーの説明:指定されたファイルが見つかりません。

Date: 2015-06-25 21:41:39.794
Description:
Windows Defender で署名を更新しようとしてエラーが発生しました。
新しい署名のバージョン:
以前の署名のバージョン:1.199.2954.0
更新元:署名更新フォルダー
署名の種類:スパイウェア対策ソフトウェア
更新の種類:完全
ユーザー:NT AUTHORITY\SYSTEM
現在のエンジンのバージョン:
以前のエンジンのバージョン:1.1.11701.0
エラー コード:0x80070002
エラーの説明:指定されたファイルが見つかりません。

Date: 2015-06-25 21:41:39.794
Description:
Windows Defender でエンジンを更新しようとしてエラーが発生しました。
新しいエンジンのバージョン:
以前のエンジンのバージョン:1.1.11701.0
更新元:署名更新フォルダー
ユーザー:NT AUTHORITY\SYSTEM
エラー コード:0x80070002
エラーの説明:指定されたファイルが見つかりません。

CodeIntegrity:
===================================

Date: 2015-01-14 22:21:16.691
Description:
ファイル ハッシュをシステム上で検出できなかったため、Windows ではファイル \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys のイメージの整合性を検証できません。最近のハードウェアまたはソフトウェアの更新によって、正しく署名されていないファイルや壊れているファイル、または不明なソースからの悪意のあるソフトウェアであるファイルがインストールされた可能性があります。

Date: 2015-01-14 22:21:16.551
Description:
ファイル ハッシュをシステム上で検出できなかったため、Windows ではファイル \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys のイメージの整合性を検証できません。最近のハードウェアまたはソフトウェアの更新によって、正しく署名されていないファイルや壊れているファイル、または不明なソースからの悪意のあるソフトウェアであるファイルがインストールされた可能性があります。

Date: 2015-01-14 22:21:10.670
Description:
ファイル ハッシュをシステム上で検出できなかったため、Windows ではファイル \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys のイメージの整合性を検証できません。最近のハードウェアまたはソフトウェアの更新によって、正しく署名されていないファイルや壊れているファイル、または不明なソースからの悪意のあるソフトウェアであるファイルがインストールされた可能性があります。

Date: 2015-01-14 22:21:10.470
Description:
ファイル ハッシュをシステム上で検出できなかったため、Windows ではファイル \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys のイメージの整合性を検証できません。最近のハードウェアまたはソフトウェアの更新によって、正しく署名されていないファイルや壊れているファイル、または不明なソースからの悪意のあるソフトウェアであるファイルがインストールされた可能性があります。

==================== Memory info ===========================

Processor: Intel® Core™ i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 93%
Total physical RAM: 1935.23 MB
Available physical RAM: 116.47 MB
Total Virtual: 4030.61 MB
Available Virtual: 323.93 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:285.2 GB) (Free:161.8 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:2.88 GB) NTFS

\\?\Volume{99ca3744-d391-11e0-a245-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 048E328B)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=285.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,906 posts
  • MVP

Uninstall Bonjour.  It's not happy.

 

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.



 


  • 0

#3
arare

arare

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

Hi! Thank you for heliping!

Here is as your reply....

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    92.24    0 K    24 K    0            
procexp64.exe    3.73    48,692 K    73,656 K    7120    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
svchost.exe    1.00    14,568 K    13,432 K    5212    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe    0.63    101,228 K    160,180 K    6172    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
SynTPEnh.exe    0.44    11,856 K    10,012 K    4756    Synaptics TouchPad Enhancements    Synaptics Incorporated    (Verified) Synaptics Incorporated
Interrupts    0.46    0 K    0 K    n/a    Hardware Interrupts and DPCs        
csrss.exe    0.26    13,556 K    15,956 K    680    クライアント サーバー ランタイム プロセス    Microsoft Corporation    (Verified) Microsoft Windows
AvastSvc.exe    0.21    140,864 K    131,204 K    1500    Avast Service    AVAST Software    (Verified) AVAST Software s.r.o.
System    0.20    212 K    1,264 K    4            
virtscrl.exe    0.18    2,492 K    4,380 K    3992    Lenovo Auto Scroll Utility    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
AvastUI.exe    0.12    23,644 K    37,480 K    4216    Avast Antivirus    AVAST Software    (Verified) AVAST Software s.r.o.
explorer.exe    0.10    48,324 K    68,976 K    3744    エクスプローラー    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.09    19,368 K    16,052 K    564    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe    0.06    149,040 K    217,224 K    6816    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe    0.04    77,204 K    84,592 K    5840    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    0.04    4,700 K    8,492 K    860    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
tvt_reg_monitor_svc.exe    0.04    2,768 K    6,152 K    5764    About ThinkVantage Technologies    Lenovo Group Limited    (サブジェクトに署名がありませんでした。

) Lenovo Group Limited
ALCKRESI.exe    0.04    8,524 K    14,852 K    444    ThinkVantage AutoLock Resident module    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
firefox.exe    0.03    48,364 K    76,084 K    5300    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
iPodService.exe    0.02    2,548 K    7,252 K    3496    iPod Service    Apple Inc.    (Verified) Apple Inc.
svchost.exe    0.02    6,496 K    13,440 K    1888    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
TpShocks.exe    0.01    3,552 K    6,988 K    4796    ThinkVantage Active Protection System    Lenovo.    (Verified) Lenovo(Japan)Ltd.
taskhost.exe    0.01    9,508 K    11,428 K    3656    Windows タスクのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
lsm.exe    0.01    2,888 K    3,852 K    736    ローカル セッション マネージャー サービス    Microsoft Corporation    (Verified) Microsoft Windows
fmapp.exe    0.01    3,052 K    3,760 K    4812    FMAPP Application        (Verified) Fortemedia Inc
aswidsagent.exe    0.01    32,552 K    43,764 K    3164    Avast Behavior Shield    AVAST Software    (Verified) AVAST Software s.r.o.
CLMLSvc.exe    0.01    4,112 K    9,464 K    4448    CyberLink MediaLibray Service    CyberLink    (Verified) CyberLink
TpKnrres.exe    0.01    2,612 K    7,492 K    1424    Microphone volume control module    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
AppleMobileDeviceService.exe    < 0.01    3,960 K    5,680 K    1400    MobileDeviceService    Apple Inc.    (Verified) Apple Inc.
SearchIndexer.exe    < 0.01    56,128 K    47,804 K    4312    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    10,460 K    13,340 K    1220    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    36,220 K    44,312 K    1076    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    14,988 K    11,588 K    1320    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
WLIDSVC.EXE    < 0.01    7,568 K    7,316 K    2388    Microsoft® Windows Live ID Service    Microsoft Corp.    (Verified) Microsoft Corporation
svchost.exe    < 0.01    60,184 K    58,588 K    1028    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    < 0.01    2,600 K    4,948 K    560    クライアント サーバー ランタイム プロセス    Microsoft Corporation    (Verified) Microsoft Windows
wmpnetwk.exe        12,504 K    16,208 K    2460    Windows Media Player ネットワーク共有サービス    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        3,544 K    6,776 K    3772    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WLIDSVCM.EXE        1,492 K    2,948 K    2540    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.    (Verified) Microsoft Corporation
winlogon.exe        3,392 K    6,248 K    964    Windows ログオン アプリケーション    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        2,144 K    3,764 K    656    Windows スタートアップ アプリケーション    Microsoft Corporation    (Verified) Microsoft Windows
unsecapp.exe        1,828 K    4,312 K    3836    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
unsecapp.exe        1,868 K    5,848 K    5864    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
unsecapp.exe        2,128 K    4,908 K    784    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
TpScrex.exe        2,224 K    4,140 K    4084    ThinkPad UltraZoom    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
TPONSCR.exe        1,536 K    4,456 K    1568    On screen display drawer    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
tpnumlkd.exe        2,060 K    3,684 K    3308    NumLock on screen display for ThinkPad    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
TPKNRSVC.exe        1,084 K    1,960 K    2168    Microphone volume control service    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
TPHKSVC.exe        2,276 K    3,820 K    2020    On screen display Fn+Fx handler    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
tphkload.exe        8,700 K    5,932 K    1976    ThinkPad Message Client Loader    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
taskeng.exe        3,848 K    6,988 K    3224    タスク スケジューラ エンジン    Microsoft Corporation    (Verified) Microsoft Windows
taskeng.exe        2,260 K    6,008 K    7648    タスク スケジューラ エンジン    Microsoft Corporation    (Verified) Microsoft Windows
SynTPLpr.exe        3,964 K    8,376 K    5068    TouchPad Driver Helper Application    Synaptics Incorporated    (Verified) Synaptics Incorporated
SynTPHelper.exe        3,016 K    5,876 K    1084    Synaptics Pointing Device Helper    Synaptics Incorporated    (Verified) Synaptics Incorporated
svchost.exe        5,084 K    7,680 K    464    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        13,516 K    10,712 K    1764    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,192 K    6,080 K    2344    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        4,400 K    6,132 K    1912    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,556 K    4,100 K    2904    Windows サービスのホスト プロセス    Microsoft Corporation    (Verified) Microsoft Windows
SROSVC.exe        2,612 K    6,316 K    3968    Lenovo Screen Reading Optimizer Service    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
SRORest.exe        4,560 K    992 K    1856    Lenovo Screen Reading Optimizer Resident Module    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
spoolsv.exe        6,788 K    5,984 K    1728    スプーラー サブシステム アプリケーション    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        596 K    1,372 K    424    Windows セッション マネージャー    Microsoft Corporation    (Verified) Microsoft Windows
services.exe        6,172 K    8,172 K    712    サービスとコントローラー アプリケーション    Microsoft Corporation    (Verified) Microsoft Windows
SCHTASK.EXE        4,788 K    8,604 K    5916    Power Manager Power Agenda    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
scheduler_proxy.exe        3,788 K    8,376 K    5160    scheduler_proxy Application    Lenovo Group Limited    (サブジェクトに署名がありませんでした。

) Lenovo Group Limited
SASrv.exe        1,232 K    3,360 K    2312    SmartAudio Service Application    Conexant Systems, Inc.    (Verified) Conexant Systems, Inc.
rundll32.exe        6,992 K    15,408 K    2188    Windows ホスト プロセス (Rundll32)    Microsoft Corporation    (Verified) Microsoft Windows
rundll32.exe        3,124 K    4,340 K    3912    Windows ホスト プロセス (Rundll32)    Microsoft Corporation    (Verified) Microsoft Windows
rundll32.exe        3,124 K    3,972 K    4072    Windows ホスト プロセス (Rundll32)    Microsoft Corporation    (Verified) Microsoft Windows
rundll32.exe        1,272 K    4,244 K    4064    Windows ホスト プロセス (Rundll32)    Microsoft Corporation    (Verified) Microsoft Windows
rrservice.exe        6,136 K    12,092 K    2760    Rescue and Recovery Backup Service    Lenovo Group Limited    (Verified) Lenovo Information Products (Shenzhen) Co.,Ltd
RichVideo.exe        1,292 K    3,276 K    2280    RichVideo Module        (Certificate expired)
RCIMGDIR.exe        3,312 K    6,680 K    4516    RCIMGDIR    Ricoh co.,Ltd.    (サブジェクトに署名がありませんでした。

) Ricoh co.,Ltd.
procexp.exe        3,068 K    7,692 K    6544    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
PresentationFontCache.exe        27,684 K    23,508 K    5208    PresentationFontCache.exe    Microsoft Corporation    (Verified) Microsoft Corporation
PDVD8Serv.exe        2,624 K    6,916 K    3444    PowerDVD RC Service    CyberLink Corp.    (Verified) CyberLink
mscorsvw.exe        3,364 K    6,412 K    5724    .NET Runtime Optimization Service    Microsoft Corporation    (Verified) Microsoft Dynamic Code Publisher
micmute.exe        5,780 K    3,976 K    2140    Microphone Mute Controll Service for ThinkPad    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
MCPLaunch.exe        1,164 K    412 K    3896    Message Center Plus Launcher        (Verified) Lenovo Information Products (Shenzhen) Co.,Ltd
lvvsst.exe        2,900 K    4,092 K    2200    Auto Scroll Start Service    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
lsass.exe        5,804 K    11,244 K    728    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows
jhi_service.exe        1,300 K    3,848 K    1388    Intel  IPT Host Interface Service    Intel Corporation    (Verified) Intel® Identity Protection Technology Software
IMEDICTUPDATE.EXE        1,612 K    3,744 K    1048    Microsoft Office IME 2010    Microsoft Corporation    (Verified) Microsoft Corporation
IMECMNT.EXE        7,228 K    13,048 K    4616    Microsoft Office IME 2010    Microsoft Corporation    (Verified) Microsoft Corporation
IMECMNT.EXE        6,912 K    12,976 K    6300    Microsoft Office IME 2010    Microsoft Corporation    (Verified) Microsoft Corporation
igfxpers.exe        4,920 K    8,568 K    776    persistence Module    Intel Corporation    (Verified) Intel Corporation
ibmpmsvc.exe        1,280 K    1,416 K    996    ThinkPad Power Management Service    Lenovo.    (Verified) Lenovo(Japan)Ltd.
hkcmd.exe        3,964 K    8,624 K    5048    hkcmd Module    Intel Corporation    (Verified) Intel Corporation
firefox.exe        81,484 K    90,228 K    828    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
DZSVC64.EXE        1,516 K    3,664 K    5248    Doze Mode Service Program    Lenovo.    (Verified) Lenovo(Japan)Ltd.
dwm.exe        2,152 K    5,972 K    3688    デスクトップ ウィンドウ マネージャー    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        2,852 K    7,916 K    5644    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
CxAudMsg64.exe        6,160 K    3,360 K    1436    Conexant Audio Message Service    Conexant Systems Inc.    (Verified) Conexant Systems, Inc.
CamMute.exe        1,520 K    3,228 K    2072    Camera Mute Control Service for ThinkPad    Lenovo Group Limited    (Verified) Lenovo(Japan)Ltd.
armsvc.exe        1,232 K    3,116 K    1188    Adobe Acrobat Update Service    Adobe Systems Incorporated    (Verified) Adobe Systems, Incorporated

 

 

イメージ名                     PID サービス                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       424 N/A                                         
csrss.exe                      560 N/A                                         
wininit.exe                    656 N/A                                         
csrss.exe                      680 N/A                                         
services.exe                   712 N/A                                         
lsass.exe                      728 EFS, KeyIso, SamSs                          
lsm.exe                        736 N/A                                         
svchost.exe                    860 DcomLaunch, PlugPlay, Power                 
winlogon.exe                   964 N/A                                         
ibmpmsvc.exe                   996 IBMPMSVC                                    
svchost.exe                    464 RpcEptMapper, RpcSs                         
svchost.exe                    564 AudioSrv, Dhcp, eventlog,                   
                                   HomeGroupProvider, lmhosts, wscsvc          
svchost.exe                   1028 AudioEndpointBuilder, HomeGroupListener,    
                                   Netman, PcaSvc, SysMain, TrkWks, UxSms,     
                                   Wlansvc                                     
svchost.exe                   1076 AeLookupSvc, Appinfo, BITS, Browser,        
                                   EapHost, gpsvc, IKEEXT, iphlpsvc,           
                                   LanmanServer, MMCSS, ProfSvc, Schedule,     
                                   SENS, ShellHWDetection, Themes, Winmgmt,    
                                   wuauserv                                    
svchost.exe                   1220 EventSystem, fdPHost, FontCache, netprofm,  
                                   nsi, WdiServiceHost                         
svchost.exe                   1320 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
AvastSvc.exe                  1500 avast! Antivirus                            
spoolsv.exe                   1728 Spooler                                     
svchost.exe                   1764 BFE, DPS, MpsSvc                            
tphkload.exe                  1976 TPHKLOAD                                    
TPHKSVC.exe                   2020 TPHKSVC                                     
armsvc.exe                    1188 AdobeARMservice                             
AppleMobileDeviceService.     1400 Apple Mobile Device Service                 
CxAudMsg64.exe                1436 CxAudMsg                                    
svchost.exe                   1912 DiagTrack                                   
IMEDICTUPDATE.EXE             1048 ImeDictUpdateService                        
jhi_service.exe               1388 jhi_service                                 
CamMute.exe                   2072 LENOVO.CAMMUTE                              
micmute.exe                   2140 LENOVO.MICMUTE                              
TPKNRSVC.exe                  2168 LENOVO.TPKNRSVC                             
lvvsst.exe                    2200 Lenovo.VIRTSCRLSVC                          
RichVideo.exe                 2280 RichVideo                                   
SASrv.exe                     2312 SAService                                   
svchost.exe                   2344 stisvc                                      
WLIDSVC.EXE                   2388 wlidsvc                                     
WLIDSVCM.EXE                  2540 N/A                                         
svchost.exe                   2904 PolicyAgent                                 
aswidsagent.exe               3164 aswbIDSAgent                                
taskhost.exe                  3656 N/A                                         
dwm.exe                       3688 N/A                                         
explorer.exe                  3744 N/A                                         
WmiPrvSE.exe                  3772 N/A                                         
unsecapp.exe                  3836 N/A                                         
rundll32.exe                  3912 N/A                                         
virtscrl.exe                  3992 N/A                                         
rundll32.exe                  4072 N/A                                         
TpScrex.exe                   4084 N/A                                         
TPONSCR.exe                   1568 N/A                                         
tpnumlkd.exe                  3308 N/A                                         
taskeng.exe                   3224 N/A                                         
SRORest.exe                   1856 N/A                                         
unsecapp.exe                   784 N/A                                         
SearchIndexer.exe             4312 WSearch                                     
IMECMNT.EXE                   4616 N/A                                         
SynTPEnh.exe                  4756 N/A                                         
TpShocks.exe                  4796 N/A                                         
fmapp.exe                     4812 N/A                                         
hkcmd.exe                     5048 N/A                                         
SynTPLpr.exe                  5068 N/A                                         
igfxpers.exe                   776 N/A                                         
TpKnrres.exe                  1424 N/A                                         
SynTPHelper.exe               1084 N/A                                         
ALCKRESI.exe                   444 N/A                                         
svchost.exe                   1888 FDResPub, SSDPSRV, upnphost                 
wmpnetwk.exe                  2460 WMPNetworkSvc                               
AvastUI.exe                   4216 N/A                                         
svchost.exe                   5212 p2pimsvc, p2psvc, PNRPsvc                   
dllhost.exe                   5644 N/A                                         
mscorsvw.exe                  5724 clr_optimization_v4.0.30319_32              
SROSVC.exe                    3968 SROSVC                                      
RCIMGDIR.exe                  4516 N/A                                         
rundll32.exe                  4064 N/A                                         
rundll32.exe                  2188 N/A                                         
CLMLSvc.exe                   4448 N/A                                         
PDVD8Serv.exe                 3444 N/A                                         
rrservice.exe                 2760 TVT Backup Service                          
scheduler_proxy.exe           5160 N/A                                         
MCPLaunch.exe                 3896 N/A                                         
iPodService.exe               3496 iPod Service                                
SCHTASK.EXE                   5916 N/A                                         
unsecapp.exe                  5864 N/A                                         
tvt_reg_monitor_svc.exe       5764 ThinkVantage Registry Monitor Service       
DZSVC64.EXE                   5248 DozeSvc                                     
PresentationFontCache.exe     5208 FontCache3.0.0.0                            
firefox.exe                   6816 N/A                                         
firefox.exe                   5840 N/A                                         
firefox.exe                   6172 N/A                                         
firefox.exe                    828 N/A                                         
firefox.exe                   5300 N/A                                         
procexp.exe                   6544 N/A                                         
procexp64.exe                 7120 N/A                                         
IMECMNT.EXE                   6300 N/A                                         
notepad.exe                   4048 N/A                                         
audiodg.exe                   7548 N/A                                         
cmd.exe                       8108 N/A                                         
conhost.exe                   8148 N/A                                         
tasklist.exe                  7988 N/A                                         
WmiPrvSE.exe                  7780 N/A                                         


 


  • 0

#4
arare

arare

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

Attached File  YUKA-THINK.txt   749.67KB   68 downloads


  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,906 posts
  • MVP

Speccy shows a possible interference problem with your WiFi.  You are using Channel 1 but there are two other signals of about equal strength on Channel 1.  Hopefully you have control of the modem providing the WiFi and can change it to a different channel.  To see what channels are in use

Download inssider

http://www.techspot....6-inssider.html
Double click to install it. Then run it by right click and Run As Admin.

It will show you a graph in the bottom right that has your signal in blue and competing signals in orange and yellow.  It may also recommend a different channel which might have less interference.

Moving to a different channel (by logging on to your router) can drastically improve performance.  If you have control of the router but do not know how to change the WiFi channel then give me the make and model number.

 

Uninstall:

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) (not working)

 

Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)

(Obsolete - Current version is 8.0.2010  Do not install unless you know you need it.  Most people do not.)

 

リモート接続用の Windows Live Mesh ActiveX コントロール (日本語) (HKLM-x32\...\{BAF0CA91-4642-46C8-9BCD-C93B61508701}) (Version: 15.4.5722.2 - Microsoft Corporation)

(Live Mesh was discontinued back in 2013 so unlikely you still need it.)

 

Your Intel Graphics software is very old.  Go to

 

https://downloadcenter.intel.com/

 

Click on Get Started to the right of where it says:   Automatically update your drivers

 

Follow the instructions.

 

Your CyberLink MediaShow is very old.  Looks like version 6 is available but you have to pay for it.  Might be a newer version on your PC maker's support website.

 

Avast is showing some problems.  I would download the offline installer:

 

https://www.avast.co...ST&locale=en-ww

 

Uninstall the current version, reboot then install the new version.  Do not let it install any optional software, stick with the free Basic version and decline any trial versions.  If you let it scan do not let it Cleanup.  It's OK to remove malware which it should do automatically but the things they try to do to speedup the PC don't work that well.

 

I see you have had at least one blue screen. 

Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Right click on BlueScreenView.exe file  and Run As Administrator to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

 

You have some deadwood (links to files that are no longer there)  in your logs but nothing nasty.  Let's clean that up with a FRST fixlist:

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   9.73KB   65 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 

 

 


  • 0

#6
arare

arare

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

I really appriciate your advise from over the sea.

 

For wifi, I stick with Channel 1, becaseu it is WPA2 and the others are WPA/WEP.

Is it still better to use/change to WPA Channel?

 

For uninstalling Bonjour, it should have been done. I already did before last reply to you,

Did you still see my pc had??

 

When I started unistalling Java8, my pc got woking so so slow -

but I'm following your advice!!!!! little by little... (crying)

Working on!


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,906 posts
  • MVP

I have never heard of a wireless router using different encryption on different channels.  Could you tell me the make and model of the router?

 

If you removed Bonjour between the first and second posts that's fine.  I just assumed nothing had changed.

 

Not sure what is happening with Java.  It should not make things slower but it can take a while to uninstall.


  • 0

#8
arare

arare

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

My router - BUFFALO, WHR-G301N

 

I'm back, doctor!

I am a lazy patient...

 

After uninstalling Avast and reinstalling one, my pc got drastically fast!

Thank you.

I was stuck at how to download BlueScreenView, and  finally here it is.

Hope this is it.

 

==================================================
Dump File         : 022519-45770-01.dmp
Crash Time        : 2019/02/25 22:08:17
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000003
Parameter 2       : fffffa80`078b3ab0
Parameter 3       : fffff800`00b9c428
Parameter 4       : fffffa80`0693b1c0
Caused By Driver  : igdkmd64.sys
Caused By Address : igdkmd64.sys+48e93
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : x64
Crash Address     : ntoskrnl.exe+93ba0
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\022519-45770-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 859,992
Dump File Time    : 2019/02/25 22:19:05
==================================================

==================================================
Dump File         : 070415-28236-01.dmp
Crash Time        : 2015/07/04 21:46:34
Bug Check String  : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code    : 0x00000050
Parameter 1       : fffff900`c00e5050
Parameter 2       : 00000000`00000000
Parameter 3       : fffff960`0024283c
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+748c0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.24387 (win7sp1_ldr_escrow.190305-1700)
Processor         : x64
Crash Address     : ntoskrnl.exe+748c0
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\070415-28236-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 262,144
Dump File Time    : 2015/07/04 22:32:32
==================================================

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by yuka (03-04-2019 21:48:28) Run:1
Running from C:\Users\yuka\Desktop
Loaded Profiles: yuka (Available Profiles: yuka & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi => not found
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
CMD: arp -a
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:






*****************

"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
"HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E} => removed successfully
C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => moved successfully
C:\Windows\Tasks\SystemToolsDailyTest.job => moved successfully
"BVTFilter" => removed successfully

========= arp -a =========


インターフェイス: 192.168.1.5 --- 0xd
  インターネット アドレス      物理アドレス      種類
  192.168.1.1           00-3a-9d-46-01-40     動的        
  192.168.1.7           38-f9-d3-2d-7a-07     動的        
  192.168.1.255         ff-ff-ff-ff-ff-ff     静的        
  224.0.0.22            01-00-5e-00-00-16     静的        
  224.0.0.252           01-00-5e-00-00-fc     静的        
  239.255.255.250       01-00-5e-7f-ff-fa     静的        
  255.255.255.255       ff-ff-ff-ff-ff-ff     静的        

========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========


========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 21:51:41 ====


  • 0

#9
arare

arare

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by yuka (administrator) on YUKA-THINK (03-04-2019 22:28:14)
Running from C:\Users\yuka\Desktop
Loaded Profiles: yuka (Available Profiles: yuka & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: 日本語 (日本)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMECMNT.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\TpShocks.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify AB -> Spotify Ltd) C:\Users\yuka\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Ricoh co.,Ltd.) [File not signed] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(CyberLink -> CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(CyberLink -> ) [File not signed] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
(Lenovo Group Limited) [File not signed] C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> ) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Lenovo Group Limited) [File not signed] C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMECMNT.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-01-14] (Lenovo(Japan)Ltd. -> Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-27] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-15] (Conexant Systems, Inc. -> Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-04] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2011-02-28] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
HKLM\...\Run: [IME14 JPN Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110776 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.) [File not signed]
HKLM-x32\...\Run: [PWMTRV] => C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [1544040 2011-03-24] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Leader Technologies Inc -> Lenovo, Inc.)
HKLM-x32\...\Run: [IME14 JPN Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [681256 2009-07-03] (CyberLink -> CyberLink Corporation.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2018-05-15] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Launch Backup Service Once] => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrstrigger.exe [70456 2010-12-11] (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\Run: [Google Update] => C:\Users\yuka\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe [752424 2019-04-03] (Google Inc -> Google LLC)
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\Run: [Spotify Web Helper] => C:\Users\yuka\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\MountPoints2: {99ca3746-d391-11e0-a245-806e6f6e6963} - Q:\LenovoQDrive.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-25] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-10-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{97B55EE0-D733-4B76-894B-25FA1A525C26}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{C18491C9-69E2-47B6-AC5C-673A508FCA89}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E8EB0686-F549-4554-89C1-0DFBC82A6E5E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/webhp?hl=ja&tab=ww
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_jaJP448
SearchScopes: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_jaJP448
SearchScopes: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID サインイン ヘルパー -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\yuka\AppData\Roaming\Mozilla\Firefox\Profiles\eykjb16r.default [2019-04-03]
FF Homepage: Mozilla\Firefox\Profiles\eykjb16r.default -> hxxps://www.google.co.jp/
FF Extension: (アバスト セーフプライス | 比較、お得な情報、クーポン) - C:\Users\yuka\AppData\Roaming\Mozilla\Firefox\Profiles\eykjb16r.default\Extensions\[email protected] [2018-12-21]
FF Extension: (Avast Online Security) - C:\Users\yuka\AppData\Roaming\Mozilla\Firefox\Profiles\eykjb16r.default\Extensions\[email protected] [2018-06-20]
FF Extension: (New Tab Homepage) - C:\Users\yuka\AppData\Roaming\Mozilla\Firefox\Profiles\eykjb16r.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2011-11-04] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-03] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-03] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-19] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1310004040-4233039217-3965176310-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\yuka\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-1310004040-4233039217-3965176310-1000: @talk.google.com/O1DPlugin -> C:\Users\yuka\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-1310004040-4233039217-3965176310-1000: @tools.google.com/Google Update;version=3 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-03] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1310004040-4233039217-3965176310-1000: @tools.google.com/Google Update;version=9 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-03] (Google Inc -> Google LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\yuka\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-17]
FF Plugin ProgramFiles/Appdata: C:\Users\yuka\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-17]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\yuka\AppData\Local\Google\Chrome\User Data\Default [2019-03-11]
CHR Extension: (スライド) - C:\Users\yuka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-11]
CHR Extension: (ドキュメント) - C:\Users\yuka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-11]
CHR Extension: (Google ドライブ) - C:\Users\yuka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-11]
CHR Extension: (YouTube) - C:\Users\yuka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-11]
CHR Extension: (Google オフライン ドキュメント) - C:\Users\yuka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-11]
CHR Extension: (Chrome ウェブストア決済) - C:\Users\yuka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-11]
CHR Extension: (Gmail) - C:\Users\yuka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\yuka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-11]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files (x86)\fbphotozoom\fbphotozoom16.crx [2012-04-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-24] (Lenovo(Japan)Ltd. -> Lenovo.)
S2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [25448 2019-03-19] (IDSA Production signing key -> Intel)
S3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [67944 2019-03-19] (IDSA Production signing key -> Intel)
R2 ImeDictUpdateService; C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [83312 2010-10-21] (Microsoft Corporation -> Microsoft Corporation)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] (CyberLink -> ) [File not signed]
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [443240 2011-03-02] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-12-11] (Lenovo Group Limited) [File not signed]
R3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-12-11] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 5U877; C:\Windows\System32\DRIVERS\5U877.sys [166016 2011-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-06-30] (CyberLink -> Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [372720 2009-06-30] (CyberLink -> CyberLink Corporation.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [12264384 2011-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2011-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel® Corporation)
S3 PCDSRVC{127174DC-C366ED8B-06020200}_0; c:\program files\pc-doctor\pcdsrvc_x64.pkms [25584 2011-06-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-08-31] (PAIPTAC  Driver -> )
R2 risdxc; C:\Windows\System32\DRIVERS\risdxc64.sys [101376 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2014-03-24] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-03 21:57 - 2019-04-03 21:57 - 000000951 _____ C:\Users\yuka\Desktop\BlueScreenView.cfg
2019-04-03 21:48 - 2019-04-03 21:51 - 000009526 _____ C:\Users\yuka\Desktop\Fixlog.txt
2019-04-03 21:45 - 2019-04-03 21:45 - 000000000 ____D C:\Users\yuka\Desktop\FRST-OlderVersion
2019-04-03 21:22 - 2019-04-03 21:22 - 000004020 _____ C:\Users\yuka\Desktop\BSOD.txt
2019-04-03 21:09 - 2019-04-03 21:09 - 000141864 _____ C:\Users\yuka\Desktop\bluescreenview_setup.exe
2019-04-03 18:32 - 2019-04-03 18:32 - 000000000 __HDL C:\C
2019-03-18 19:37 - 2019-03-18 19:37 - 000067310 _____ C:\Users\yuka\Desktop\bluescreenview.zip
2019-03-18 19:02 - 2019-03-18 18:54 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-03-18 18:09 - 2019-03-18 18:09 - 000003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-03-14 22:01 - 2019-03-14 22:01 - 000003616 _____ C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-03-14 22:01 - 2019-03-14 22:01 - 000003370 _____ C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-03-14 21:59 - 2019-03-14 21:59 - 000000000 ____D C:\Program Files\Intel
2019-03-14 21:52 - 2019-03-14 21:52 - 014219056 _____ (Intel) C:\Users\yuka\Desktop\Intel Driver and Support Assistant Installer.exe
2019-03-14 21:44 - 2019-03-14 21:44 - 000000000 ____D C:\Users\yuka\AppData\Roaming\AVAST Software
2019-03-14 21:40 - 2019-03-14 21:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-03-14 21:39 - 2019-03-25 19:03 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-14 21:38 - 2019-03-18 18:56 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-03-14 21:38 - 2019-03-18 18:56 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-03-14 21:38 - 2019-03-18 18:56 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-03-14 21:38 - 2019-03-18 18:56 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-03-14 21:38 - 2019-03-18 18:56 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-03-14 21:38 - 2019-03-18 18:56 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-03-14 21:38 - 2019-03-18 18:55 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-03-14 21:38 - 2019-03-18 18:52 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-03-14 21:38 - 2019-03-18 18:52 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-03-14 21:38 - 2019-03-18 18:52 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-03-14 21:38 - 2019-03-18 18:51 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-03-14 21:38 - 2019-03-18 18:51 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-03-14 21:38 - 2019-03-18 18:51 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-03-14 21:38 - 2019-03-18 18:51 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-03-14 21:36 - 2019-03-14 21:36 - 000000000 ____D C:\Program Files\AVAST Software
2019-03-14 21:32 - 2019-03-14 21:32 - 000000481 _____ C:\Lenovo_Recovery (Q) - ショートカット.lnk
2019-03-14 21:23 - 2019-03-14 21:27 - 350674696 _____ (AVAST Software) C:\Users\yuka\Desktop\avast_free_antivirus_setup_offline.exe
2019-03-14 19:14 - 2019-02-27 06:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-03-14 19:14 - 2019-02-26 16:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-03-14 19:14 - 2019-02-26 16:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-14 19:14 - 2019-02-26 16:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-03-14 19:14 - 2019-02-26 16:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-03-14 19:14 - 2019-02-26 16:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-03-14 19:14 - 2019-02-26 16:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-14 19:14 - 2019-02-26 16:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-03-14 19:14 - 2019-02-26 16:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-03-14 19:14 - 2019-02-26 16:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-14 19:14 - 2019-02-26 16:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-03-14 19:14 - 2019-02-26 16:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-03-14 19:14 - 2019-02-26 15:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-03-14 19:14 - 2019-02-26 15:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-03-14 19:14 - 2019-02-26 15:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-03-14 19:14 - 2019-02-26 15:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-03-14 19:14 - 2019-02-26 15:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-03-14 19:14 - 2019-02-26 15:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-03-14 19:14 - 2019-02-26 15:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-03-14 19:14 - 2019-02-26 15:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-14 19:14 - 2019-02-26 15:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-03-14 19:13 - 2019-03-06 12:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-03-14 19:13 - 2019-03-06 12:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-03-14 19:13 - 2019-03-06 12:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-14 19:13 - 2019-03-06 12:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-14 19:13 - 2019-03-06 12:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-14 19:13 - 2019-03-06 12:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-03-14 19:13 - 2019-03-06 12:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-03-14 19:13 - 2019-03-06 12:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-03-14 19:13 - 2019-03-06 12:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-03-14 19:13 - 2019-03-06 12:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 12:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 11:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-03-14 19:13 - 2019-03-06 11:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-03-14 19:13 - 2019-03-06 11:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-03-14 19:13 - 2019-03-06 11:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-03-14 19:13 - 2019-03-06 11:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-14 19:13 - 2019-03-06 11:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-03-14 19:13 - 2019-03-06 11:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-03-14 19:13 - 2019-03-06 11:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-03-14 19:13 - 2019-03-06 11:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-03-14 19:13 - 2019-03-06 11:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-03-14 19:13 - 2019-03-06 11:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-14 19:13 - 2019-03-06 11:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-14 19:13 - 2019-03-06 11:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-14 19:13 - 2019-03-06 11:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-14 19:13 - 2019-03-06 11:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-03-14 19:13 - 2019-03-06 11:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-14 19:13 - 2019-03-06 11:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-14 19:13 - 2019-03-06 11:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-03-14 19:13 - 2019-03-06 11:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-03-14 19:13 - 2019-03-06 11:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-03-14 19:13 - 2019-03-06 11:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-03-14 19:13 - 2019-03-06 11:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-14 19:13 - 2019-03-06 11:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-03-14 19:13 - 2019-03-06 11:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-03-14 19:13 - 2019-03-06 11:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-03-14 19:13 - 2019-03-06 11:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-03-14 19:13 - 2019-03-06 11:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-03-14 19:13 - 2019-03-06 11:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-03-14 19:13 - 2019-03-06 11:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 11:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 11:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-14 19:13 - 2019-03-06 11:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-14 19:13 - 2019-03-05 11:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-03-14 19:13 - 2019-03-05 11:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-14 19:13 - 2019-03-05 11:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-03-14 19:13 - 2019-02-27 07:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-03-14 19:13 - 2019-02-26 16:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-14 19:13 - 2019-02-26 16:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-03-14 19:13 - 2019-02-26 16:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-03-14 19:13 - 2019-02-26 16:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-14 19:13 - 2019-02-26 16:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-03-14 19:13 - 2019-02-26 16:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-14 19:13 - 2019-02-26 16:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-03-14 19:13 - 2019-02-26 16:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-03-14 19:13 - 2019-02-26 16:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-03-14 19:13 - 2019-02-26 16:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-14 19:13 - 2019-02-26 16:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-03-14 19:13 - 2019-02-26 16:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-14 19:13 - 2019-02-26 16:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-14 19:13 - 2019-02-26 16:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-03-14 19:13 - 2019-02-26 16:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-14 19:13 - 2019-02-26 16:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-03-14 19:13 - 2019-02-26 16:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-03-14 19:13 - 2019-02-26 16:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-03-14 19:13 - 2019-02-26 16:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-14 19:13 - 2019-02-26 16:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-03-14 19:13 - 2019-02-26 16:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-03-14 19:13 - 2019-02-26 15:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-03-14 19:13 - 2019-02-26 15:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-03-14 19:13 - 2019-02-26 15:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-03-14 19:13 - 2019-02-26 15:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-14 19:13 - 2019-02-26 15:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-03-14 19:13 - 2019-02-26 15:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-03-14 19:13 - 2019-02-26 15:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-03-14 19:13 - 2019-02-26 15:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-03-14 19:13 - 2019-02-26 15:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-03-14 19:13 - 2019-02-26 15:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-03-14 19:13 - 2019-02-26 15:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-03-14 19:13 - 2019-02-26 15:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-14 19:13 - 2019-02-26 15:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-03-14 19:13 - 2019-02-26 15:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-03-14 19:13 - 2019-02-26 15:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-03-14 19:13 - 2019-02-26 15:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-03-14 19:13 - 2019-02-26 15:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-14 19:13 - 2019-02-26 15:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-03-14 19:13 - 2019-02-26 15:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-03-14 19:13 - 2019-02-26 15:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-03-14 19:13 - 2019-02-26 15:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-14 19:13 - 2019-02-26 15:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-14 19:13 - 2019-02-26 15:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-14 19:13 - 2019-02-26 15:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-14 19:13 - 2019-02-26 15:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-03-14 19:13 - 2019-02-22 12:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-14 19:13 - 2019-02-22 12:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-03-14 19:13 - 2019-02-22 11:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-03-14 19:13 - 2019-02-22 11:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-14 19:13 - 2019-02-22 11:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-14 19:13 - 2019-02-16 15:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-14 19:13 - 2019-02-16 15:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-14 19:13 - 2019-02-16 15:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-14 19:13 - 2019-02-16 15:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-14 19:13 - 2019-02-16 15:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-14 19:13 - 2019-02-16 15:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-03-14 19:13 - 2019-02-16 15:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-03-14 19:13 - 2019-02-16 14:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-03-14 19:13 - 2019-02-16 14:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-03-14 19:13 - 2019-02-16 14:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-14 19:13 - 2019-02-16 14:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-03-14 19:13 - 2019-02-16 14:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-03-14 19:13 - 2019-02-16 01:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-14 19:13 - 2019-02-16 01:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-14 19:13 - 2019-02-16 01:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-03-14 19:13 - 2019-02-16 00:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-14 19:13 - 2019-02-16 00:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-14 19:13 - 2019-02-16 00:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-14 19:13 - 2019-02-16 00:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-03-14 19:13 - 2019-02-16 00:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-03-14 19:13 - 2019-02-16 00:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-14 19:13 - 2019-02-16 00:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-03-14 19:13 - 2019-02-16 00:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-03-14 19:13 - 2019-02-16 00:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-03-14 19:13 - 2019-02-11 01:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-14 19:13 - 2019-02-11 00:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-14 19:13 - 2019-02-11 00:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-14 19:13 - 2019-02-11 00:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-14 19:13 - 2019-02-11 00:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-14 19:13 - 2019-02-09 01:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-14 19:13 - 2019-02-09 01:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-14 19:13 - 2019-02-09 01:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-03-14 19:13 - 2019-02-09 01:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-03-14 19:13 - 2019-02-09 01:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-03-14 19:13 - 2019-02-09 00:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-14 19:13 - 2019-02-09 00:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-14 19:13 - 2019-02-09 00:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-03-14 19:13 - 2019-02-09 00:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-03-14 19:13 - 2019-02-09 00:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-03-14 19:13 - 2019-02-08 01:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-03-14 19:13 - 2019-02-08 01:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-03-14 19:13 - 2019-02-08 01:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-14 19:13 - 2019-02-08 00:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-03-14 19:13 - 2019-02-04 00:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-14 19:13 - 2019-01-05 01:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-14 19:13 - 2019-01-05 01:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-14 19:13 - 2019-01-04 23:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-14 19:13 - 2019-01-04 23:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-14 19:13 - 2019-01-04 23:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-14 19:13 - 2019-01-04 23:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-14 19:13 - 2019-01-04 23:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-03-14 19:13 - 2019-01-04 23:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-14 19:13 - 2019-01-04 23:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-14 19:13 - 2019-01-04 23:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-14 19:13 - 2019-01-04 01:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-14 19:13 - 2019-01-04 00:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-14 18:13 - 2019-02-16 14:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-03-14 18:13 - 2019-02-16 14:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-03-14 18:12 - 2019-02-11 01:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-03-14 18:12 - 2019-02-11 01:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-03-14 18:12 - 2019-02-11 01:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-03-14 18:12 - 2019-02-11 01:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-03-14 18:12 - 2019-02-11 01:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-03-14 18:12 - 2019-02-11 01:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-03-14 18:12 - 2019-02-11 01:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-03-14 18:12 - 2019-02-11 01:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-03-14 18:12 - 2019-02-11 01:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-03-14 18:12 - 2019-02-11 01:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-14 18:12 - 2019-02-11 01:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-03-14 18:12 - 2019-02-11 01:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-03-14 18:12 - 2019-02-11 01:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-03-14 18:12 - 2019-02-11 01:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-14 18:12 - 2019-02-11 01:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-03-14 18:12 - 2019-02-11 01:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-14 18:12 - 2019-02-11 01:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-14 18:12 - 2019-02-11 01:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-14 18:12 - 2019-02-11 01:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-03-14 18:12 - 2019-02-11 01:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-03-14 18:12 - 2019-02-11 01:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-03-14 18:12 - 2019-02-11 01:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-03-14 18:12 - 2019-02-11 01:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-03-14 18:12 - 2019-02-11 01:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-14 18:12 - 2019-02-11 01:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-14 18:12 - 2019-02-11 01:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-14 18:12 - 2019-02-11 01:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-03-14 18:12 - 2019-02-11 00:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-03-14 18:12 - 2019-02-11 00:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-14 18:12 - 2019-02-11 00:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-03-14 18:12 - 2019-02-11 00:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-03-14 18:12 - 2019-02-11 00:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-03-14 18:11 - 2019-02-11 01:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-03-14 18:11 - 2019-02-11 01:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-14 18:11 - 2019-02-11 01:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-03-13 23:54 - 2019-03-13 23:54 - 000000000 ___HD C:\$AV_ASW
2019-03-11 21:54 - 2019-03-11 21:58 - 000767664 _____ C:\Users\yuka\Desktop\YUKA-THINK.txt
2019-03-11 21:42 - 2019-03-25 19:34 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-11 21:42 - 2019-03-11 21:42 - 000000767 _____ C:\Users\Public\Desktop\Speccy.lnk
2019-03-11 21:42 - 2019-03-11 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2019-03-11 21:42 - 2019-03-11 21:42 - 000000000 ____D C:\Program Files\Speccy
2019-03-11 21:40 - 2019-04-03 18:26 - 000003122 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-11 21:40 - 2019-04-03 18:26 - 000002994 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-11 21:37 - 2019-03-11 21:37 - 006889184 _____ (Piriform Ltd) C:\Users\yuka\Desktop\spsetup132.exe
2019-03-11 21:33 - 2019-03-11 21:33 - 000008993 _____ C:\junk.txt
2019-03-11 21:25 - 2019-03-11 21:25 - 000011879 _____ C:\Users\yuka\Desktop\System Idle Process.txt
2019-03-11 21:15 - 2019-03-11 21:15 - 002703128 _____ (Sysinternals - www.sysinternals.com) C:\Users\yuka\Desktop\procexp.exe
2019-03-04 22:27 - 2019-03-04 22:27 - 000000000 ____D C:\Users\yuka\AppData\Local\{90ECC3AE-6B71-4DF8-BED5-852CD6368CBB}
2019-03-04 21:34 - 2019-03-04 21:43 - 000050869 _____ C:\Users\yuka\Desktop\Addition.txt
2019-03-04 21:27 - 2019-04-03 22:34 - 000027010 _____ C:\Users\yuka\Desktop\FRST.txt
2019-03-04 21:25 - 2019-04-03 22:28 - 000000000 ____D C:\FRST
2019-03-04 21:23 - 2019-04-03 21:45 - 002434048 _____ (Farbar) C:\Users\yuka\Desktop\FRST64.exe
2019-03-04 17:54 - 2019-03-04 17:54 - 000007883 _____ C:\Users\yuka\Desktop\nanaco _ ギフトID登録完了2.htm
2019-03-04 17:54 - 2019-03-04 17:54 - 000000000 ____D C:\Users\yuka\Desktop\nanaco _ ギフトID登録完了2_files
2019-03-04 17:49 - 2019-03-04 17:49 - 000007703 _____ C:\Users\yuka\Desktop\nanaco _ ギフトID登録完了.htm
2019-03-04 17:49 - 2019-03-04 17:49 - 000000000 ____D C:\Users\yuka\Desktop\nanaco _ ギフトID登録完了_files

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-03 22:14 - 2009-07-14 13:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-03 22:14 - 2009-07-14 13:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-03 22:08 - 2016-11-26 23:22 - 000000000 ____D C:\Users\yuka\AppData\LocalLow\Mozilla
2019-04-03 22:02 - 2011-09-24 22:44 - 000000000 ____D C:\Users\yuka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2019-04-03 22:01 - 2016-01-07 22:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-03 22:01 - 2012-05-03 12:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-03 22:01 - 2009-07-14 14:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-03 21:18 - 2015-01-29 10:11 - 000061024 _____ (NirSoft) C:\Users\yuka\Desktop\BlueScreenView.exe
2019-04-03 21:18 - 2015-01-29 10:11 - 000018488 _____ C:\Users\yuka\Desktop\BlueScreenView.chm
2019-04-03 21:18 - 2015-01-29 10:11 - 000017494 _____ C:\Users\yuka\Desktop\readme.txt
2019-04-03 20:38 - 2011-09-08 22:10 - 000000000 ____D C:\Users\yuka\Documents\Outlook ファイル
2019-04-03 18:27 - 2011-08-31 14:42 - 000000000 ____D C:\swshare
2019-04-03 18:26 - 2015-09-01 16:49 - 000003026 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1310004040-4233039217-3965176310-1000Core
2019-04-03 18:26 - 2012-09-07 19:18 - 000003298 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1310004040-4233039217-3965176310-1000UA
2019-04-03 18:23 - 2011-09-06 20:49 - 000003448 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2019-04-03 18:22 - 2011-09-06 20:49 - 000003494 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2019-04-03 18:06 - 2011-09-01 07:13 - 000411428 _____ C:\Windows\system32\perfh011.dat
2019-04-03 18:06 - 2011-09-01 07:13 - 000122442 _____ C:\Windows\system32\perfc011.dat
2019-04-03 18:06 - 2009-07-14 14:13 - 001313238 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-03 18:06 - 2009-07-14 12:20 - 000000000 ____D C:\Windows\inf
2019-03-25 19:21 - 2014-06-21 14:46 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-25 19:21 - 2011-09-24 23:34 - 000000000 ____D C:\Users\yuka\AppData\Local\CrashDumps
2019-03-25 19:20 - 2011-08-31 14:39 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-03-25 19:20 - 2011-08-31 14:34 - 000000000 ____D C:\Program Files (x86)\Intel
2019-03-18 18:24 - 2009-07-14 13:45 - 000349616 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-18 18:17 - 2014-12-11 23:31 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-18 18:17 - 2014-05-08 18:18 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-03-18 18:09 - 2011-09-06 20:54 - 000000000 ____D C:\ProgramData\Intel
2019-03-18 17:51 - 2009-07-14 12:20 - 000000000 ____D C:\Windows\system32\NDF
2019-03-14 21:30 - 2013-08-28 20:12 - 000000000 ____D C:\ProgramData\AVAST Software
2019-03-14 21:01 - 2009-07-14 12:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-14 21:01 - 2009-07-14 12:20 - 000000000 ____D C:\Windows\system32\Dism
2019-03-14 18:58 - 2013-08-16 21:16 - 000000000 ____D C:\Windows\system32\MRT
2019-03-14 18:22 - 2011-09-10 20:13 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-14 18:07 - 2011-08-31 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Live
2019-03-14 18:02 - 2014-10-21 20:40 - 000000000 ____D C:\Program Files (x86)\Java
2019-03-14 07:34 - 2019-02-01 20:56 - 000000000 _____ C:\Windows\system32\last.dump
2019-03-12 18:35 - 2015-01-24 19:23 - 000004108 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-12 18:26 - 2018-03-26 13:43 - 000004260 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-12 18:08 - 2012-12-06 23:06 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-12 18:08 - 2012-12-06 23:06 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-12 18:08 - 2012-07-29 14:10 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-12 18:08 - 2011-09-10 20:45 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-11 21:42 - 2011-08-31 14:44 - 000000000 ____D C:\Program Files (x86)\Google
2019-03-11 20:56 - 2011-08-31 14:44 - 000000000 ____D C:\ProgramData\PCDr
2019-03-11 20:55 - 2011-09-06 20:49 - 000004236 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2019-03-11 13:33 - 2011-09-11 20:37 - 000007609 _____ C:\Users\yuka\AppData\Local\resmon.resmoncfg

==================== Files in the root of some directories =======

2014-11-16 20:02 - 2014-11-16 20:02 - 006000640 _____ () C:\Program Files (x86)\GUT6327.tmp
2011-10-07 10:57 - 2011-10-09 19:48 - 000024491 _____ () C:\Users\yuka\AppData\Roaming\テキスト ファイル (Windows、カンマ区切り).ADR
2011-09-11 20:37 - 2019-03-11 13:33 - 000007609 _____ () C:\Users\yuka\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-12 23:26

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by yuka (03-04-2019 22:36:19)
Running from C:\Users\yuka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-06 11:48:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1310004040-4233039217-3965176310-500 - Administrator - Disabled)
Guest (S-1-5-21-1310004040-4233039217-3965176310-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1310004040-4233039217-3965176310-1003 - Limited - Enabled)
yuka (S-1-5-21-1310004040-4233039217-3965176310-1000 - Administrator - Enabled) => C:\Users\yuka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Japanese (HKLM-x32\...\{AC76BA86-7AD7-1041-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Apple Application Support(32 ビット) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support(64 ビット) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.5503 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3102 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3030 - CyberLink Corp.)
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.4511 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3017a - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSONプリンタドライバ・ユーティリティ (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel Driver && Support Assistant (HKLM-x32\...\{31B742C7-F4F0-4B1D-A81A-7F1CF3513D7F}) (Version: 19.3.12.3 - Intel) Hidden
Intel® Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{0658ef25-2251-4c99-a9ec-dd54bf3da303}) (Version: 19.3.12.3 - Intel)
iTunes (HKLM\...\{B142337A-47E0-4D1A-8FBF-44CDF5B4B923}) (Version: 12.7.5.9 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.06 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - 会社名)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
LINE (HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\LINE) (Version: 5.3.0.1506 - LINE Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\Office14.EssentialsR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office ナビ 2010 (HKLM\...\{95140000-011C-0411-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x86 ja) (HKLM-x32\...\Mozilla Firefox 66.0.2 (x86 ja)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.10 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Rescue and Recovery (HKLM-x32\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.31.0010.00 - Lenovo Group Limited)
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0013-0000-0000-0000000FF1CE}_Office14.EssentialsR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype バージョン 8.25 (HKLM-x32\...\Skype_is1) (Version: 8.25 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.23 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.62.00.00 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - )
ThinkPad UltraNav ユーティリティ (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0029.5 - REALTEK Semiconductor Corp.)
ThinkPad 省電力マネージャー (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
ThinkVantage ハードディスク・アクティブプロテクション・システム (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.74 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows ドライバ パッケージ - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows ドライバ パッケージ - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows ドライバ パッケージ - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows ドライバ パッケージ - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows ドライバ パッケージ - Intel System  (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows ドライバ パッケージ - Intel USB  (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows ドライバ パッケージ - Lenovo 1.62.00.00 (01/19/2011 1.62.00.00) (HKLM\...\D01A7EE241898C810674C69EB908D655D149BE77) (Version: 01/19/2011 1.62.00.00 - Lenovo)
Windows ドライバ パッケージ - Synaptics (SynTP) Mouse  (05/05/2011 15.3.6.0) (HKLM\...\C63C03BF3BE2B6F6204BB54541690449FFF79F4F) (Version: 05/05/2011 15.3.6.0 - Synaptics)
オン スクリーン表示 (HKLM\...\OnScreenDisplay) (Version: 6.23.01 - )
キングソフト辞書 (HKLM-x32\...\PowerWord Lite) (Version: 2011.05.11.1.1 - キングソフト株式会社)
はがきデザインキット (HKLM-x32\...\{CFE0EB86-670D-C51A-91CD-E2E7D38CEFFD}) (Version: 6.0.1 - Japan Post Co., Ltd.) Hidden
はがきデザインキット (HKLM-x32\...\designKit.702840F10216893FC3494B731E825B33666733D6.1) (Version: v6.0.1 - Japan Post Co., Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1310004040-4233039217-3965176310-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\yuka\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-18] (AVAST Software s.r.o. -> AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01978B1C-693C-4B75-968B-2A3B8FDDA534} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {129BA242-20F3-4037-95FA-04798EAD665F} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
Task: {196E503C-0A33-4CC2-B950-D8DB4E79F56A} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
Task: {2C58D8AD-B95D-4D5F-8B24-8AAE5C077F39} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2EBD3AEB-FB34-4F9E-8584-3092D4081321} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)
Task: {3049D566-1C93-4F39-92FE-E10E5C923FD1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {4E816226-CB38-4CB2-AFBF-1572754DE5ED} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe () [File not signed]
Task: {563C8A0B-CAE3-47CF-ACFE-58DDBAF4CF86} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {57F9D719-414A-4DC3-B094-EED7D81157B5} - System32\Tasks\TVT\UpdateRnR => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsetsched.exe () [File not signed]
Task: {61B0016D-8FE9-42B4-8BD0-AB72F1417A8F} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {62719A8F-04B2-48D2-853D-8D24B62AEDFB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {691C744A-4201-4CF5-9BC4-0CBCCF4BD51D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6B1CC383-6E77-4B6C-800F-976BB8606632} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
Task: {6EA4DD9C-ACD0-4D7D-BF29-085BDA795811} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {74F185CB-5514-4E29-B959-CB67209CDECE} - System32\Tasks\{0E77B210-87D2-43DF-B8A0-C78FA49B24ED} => C:\Windows\system32\pcalua.exe -a C:\Users\yuka\AppData\Roaming\BitTorrent\BitTorrent.exe -c /UNINSTALL
Task: {77A81E29-502F-4F8A-8B38-BB936A06FFD6} - System32\Tasks\{95BCE7F4-9320-4080-8209-2365C4E54DA0} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/ja/abandoninstall?page=tsMain
Task: {853CE784-9BDE-48A0-B6C3-7E94A91A7D0A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {85D392CA-D85E-43EC-8429-2DF66C825617} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {861A8B7B-B5E4-49FD-B19F-76586EC70AA2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1310004040-4233039217-3965176310-1000Core => C:\Users\yuka\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {9228CD6D-DDA9-4515-8020-D1F0205FD31E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {99D4993D-B3CE-4CC7-B97A-FE3AFF97EC02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {9B4BD16C-AC46-4698-A687-88DBBE7CF438} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1310004040-4233039217-3965176310-1000UA => C:\Users\yuka\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {B0973079-C7E4-457A-920E-B30C70A89917} - System32\Tasks\{FB4322B8-FE4A-4DC9-94E3-65A98977D193} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/ja/eula
Task: {BC9E2306-E768-4C27-BDBF-20F13D732295} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {C975BD15-B161-4DF6-9ADE-1A2FA7F43A86} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel® Software Asset Manager -> Intel Corporation)
Task: {DD0B68F3-666D-4FEC-B0E8-B314C106A62A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel® Software Asset Manager -> Intel Corporation)
Task: {FA66D15A-360F-403F-8817-7A3D3FFF50F9} - System32\Tasks\TVT\ChangePWD => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2011-01-21 16:13 - 2010-10-19 18:06 - 000148992 ____N (Lenovo Group Limited) [File not signed] C:\Program Files\LENOVO\HOTKEY\lcdbl.dll
2011-08-31 14:33 - 2008-10-30 15:24 - 000055808 ____N (Ricoh co.,Ltd.) [File not signed] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
2011-09-10 20:11 - 2011-09-10 20:11 - 001654784 ____N (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2011-09-10 20:11 - 2011-09-10 20:11 - 000038912 ____N (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80JPN.DLL
2011-08-31 14:41 - 2011-03-24 03:48 - 000030208 ____N () [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\JP\PWMRT64V.DLL
2011-09-24 22:44 - 2009-07-02 23:02 - 000244904 ____R (CyberLink -> ) [File not signed] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-12-11 20:03 - 2010-12-11 20:03 - 001212416 ____N (Lenovo Group Limited) [File not signed] C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
2010-12-11 19:39 - 2010-12-11 19:39 - 001028096 ____N (Lenovo Group Limited) [File not signed] C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
2011-08-31 14:42 - 2010-04-06 09:05 - 002085888 ____N () [File not signed] C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-08-31 14:42 - 2010-04-06 09:04 - 002201088 ____N () [File not signed] C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2010-12-11 19:44 - 2010-12-11 19:44 - 000241664 ____N () [File not signed] C:\Program Files (x86)\Lenovo\Rescue and Recovery\CDRecord.dll
2011-09-10 20:11 - 2011-09-10 20:11 - 001093120 ____N (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2011-09-10 20:11 - 2011-09-10 20:11 - 000049152 ____N (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80JPN.DLL
2010-12-11 19:34 - 2010-12-11 19:34 - 000069632 ____N (Lenovo Group Limited) [File not signed] C:\Program Files (x86)\Common Files\Lenovo\tvt_think_res.dll
2011-09-10 20:11 - 2011-09-10 20:11 - 001101824 ____N (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 11:34 - 2019-01-08 18:05 - 000000831 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Lenovo;C:\Program Files (x86)\Windows Live\Shared;C:\SWTOOLS\ReadyApps;C:\Program Files (x86)\Intel\Services\IPT\
HKU\S-1-5-21-1310004040-4233039217-3965176310-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9F1E0CE4-D7A0-46C0-980E-AC9D4D4825F1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7BE11A9-7AE6-4BE5-93DC-CF14DC734015}] => (Allow) LPort=2869
FirewallRules: [{B357C2BB-B0B2-4BCB-A9E8-2F98F277400E}] => (Allow) LPort=1900
FirewallRules: [{E0BAF8F0-B500-4DB8-B9CE-344FD333DAD4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E605906D-D5B6-4078-B86D-2440CE4517DF}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D22B0B61-4B46-4901-AC95-E7FF4E5473E2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [TCP Query User{D393D3D9-E7B8-470C-BDCF-4340C2E86458}C:\users\p\downloads\bittorrent-7.5.exe] => (Block) C:\users\p\downloads\bittorrent-7.5.exe No File
FirewallRules: [UDP Query User{78F2383F-DE03-496E-82EA-B9293D1694F0}C:\users\p\downloads\bittorrent-7.5.exe] => (Block) C:\users\p\downloads\bittorrent-7.5.exe No File
FirewallRules: [TCP Query User{76D2E775-28DF-4A02-A878-D63566FC88EE}C:\program files (x86)\1clickdownload\1clickdownload.exe] => (Block) C:\program files (x86)\1clickdownload\1clickdownload.exe No File
FirewallRules: [UDP Query User{42F64079-16B8-404D-A3E0-727922402D9B}C:\program files (x86)\1clickdownload\1clickdownload.exe] => (Block) C:\program files (x86)\1clickdownload\1clickdownload.exe No File
FirewallRules: [TCP Query User{EE607D89-9F7D-4049-9EBC-2137E60C7975}C:\users\yuka\downloads\bittorrent-7.5.exe] => (Block) C:\users\yuka\downloads\bittorrent-7.5.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{8483AB86-25D0-4F56-9589-BBED064E08CA}C:\users\yuka\downloads\bittorrent-7.5.exe] => (Block) C:\users\yuka\downloads\bittorrent-7.5.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{E0D8FA4E-6385-41B3-BA1F-F483EEDBE647}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Block) C:\program files (x86)\1clickdownload\1clickdownloader.exe No File
FirewallRules: [UDP Query User{10075949-C46E-47C0-AF98-C8EA8E170293}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Block) C:\program files (x86)\1clickdownload\1clickdownloader.exe No File
FirewallRules: [TCP Query User{BAEB367E-0D05-4D94-9AB6-3BE87C56AC45}C:\users\yuka\downloads\bittorrent-7.5.exe] => (Block) C:\users\yuka\downloads\bittorrent-7.5.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{85F26169-3660-418F-B3BF-AEFEB012E73F}C:\users\yuka\downloads\bittorrent-7.5.exe] => (Block) C:\users\yuka\downloads\bittorrent-7.5.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{047DFE81-3611-4FE8-A09A-95A3CF74B646}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe No File
FirewallRules: [{7A0C2474-09F6-43F2-9D48-341B3C499893}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe No File
FirewallRules: [TCP Query User{428A2D67-EE9C-4FC2-96F6-FC2730238690}C:\users\yuka\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\yuka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{F534F9B8-2529-4C71-B536-5011A5C8865B}C:\users\yuka\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\yuka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B156BA17-2216-4A42-BB39-30F8BD7EAC07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C5CD71D-B123-412C-A2F3-0BE6EA87C9B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{BB1249D1-B0F0-4CE7-ADC0-3E731FB5A428}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{58909962-E087-443C-B7AD-E62553C1AB43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5A602B3C-3D57-4EA4-871E-231511688B84}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2C600F38-63E6-4BAF-A35C-4F5A6E1FB50B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D3C97AB8-2E09-4DDE-BCA9-E01FC62CC9C4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1A34CDD1-C697-4E39-9F29-3799000E94B2}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{950D3246-979C-4321-BDA3-C24BEF324F81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5469C1C9-8BD1-4695-8536-A04F3E9C98C7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BBE1E7FF-AB01-439A-82F7-38624760CC18}C:\program files (x86)\lenovo\system update\uncserver.exe] => (Allow) C:\program files (x86)\lenovo\system update\uncserver.exe (Lenovo Information Products (Shenzhen) Co.,Ltd ->  )
FirewallRules: [UDP Query User{1C764843-4B47-486D-B296-5FF264FEEEE1}C:\program files (x86)\lenovo\system update\uncserver.exe] => (Allow) C:\program files (x86)\lenovo\system update\uncserver.exe (Lenovo Information Products (Shenzhen) Co.,Ltd ->  )
FirewallRules: [TCP Query User{A2F1A1E5-22FB-47DD-B491-09692B5F81A9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{DB5DEA56-3BA3-462E-A8BD-49AFE7CDC80A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8614F7B0-5C50-4EC0-AF7C-910CD6BDADC3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

25-02-2019 22:53:20 Windows Update
06-03-2019 21:29:08 Removed Bonjour
06-03-2019 21:32:37 Removed Bonjour
13-03-2019 18:41:25 Removed Java 8 Update 111
14-03-2019 07:48:32 Windows Update
14-03-2019 17:38:33 Removed Java 8 Update 131
14-03-2019 17:45:18 Removed Java 8 Update 144
14-03-2019 17:48:35 Removed Java 8 Update 151
14-03-2019 17:51:28 Removed Java 8 Update 161
14-03-2019 17:55:01 Removed Java 8 Update 172
14-03-2019 18:06:07 リモート接続用の Windows Live Mesh ActiveX コントロール (日本語) を削除しました
14-03-2019 18:19:53 Windows Update
18-03-2019 17:36:20 Windows Update
18-03-2019 18:37:00 Windows Update
25-03-2019 19:14:01 Intel® Driver & Support Assistant

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2019 10:32:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: <http://ctldl.windows...uthrootstl.cab>にある自動更新 cab ファイルからサード パーティのルート一覧を抽出できませんでした。エラー: 証明書は要求された使用法では無効です。


Error: (04/03/2019 10:32:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: <http://ctldl.windows...uthrootstl.cab>にある自動更新 cab ファイルからサード パーティのルート一覧を抽出できませんでした。エラー: 証明書は要求された使用法では無効です。


Error: (04/03/2019 10:32:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: <http://ctldl.windows...uthrootstl.cab>にある自動更新 cab ファイルからサード パーティのルート一覧を抽出できませんでした。エラー: 証明書は要求された使用法では無効です。


Error: (04/03/2019 10:32:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: <http://ctldl.windows...uthrootstl.cab>にある自動更新 cab ファイルからサード パーティのルート一覧を抽出できませんでした。エラー: 証明書は要求された使用法では無効です。


Error: (04/03/2019 10:32:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: <http://ctldl.windows...uthrootstl.cab>にある自動更新 cab ファイルからサード パーティのルート一覧を抽出できませんでした。エラー: 証明書は要求された使用法では無効です。


Error: (04/03/2019 10:32:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: <http://ctldl.windows...uthrootstl.cab>にある自動更新 cab ファイルからサード パーティのルート一覧を抽出できませんでした。エラー: 証明書は要求された使用法では無効です。


Error: (04/03/2019 10:32:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: <http://ctldl.windows...uthrootstl.cab>にある自動更新 cab ファイルからサード パーティのルート一覧を抽出できませんでした。エラー: 証明書は要求された使用法では無効です。


Error: (04/03/2019 10:32:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: <http://ctldl.windows...uthrootstl.cab>にある自動更新 cab ファイルからサード パーティのルート一覧を抽出できませんでした。エラー: 証明書は要求された使用法では無効です。



System errors:
=============
Error: (04/03/2019 10:03:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: 次のブート開始ドライバーまたはシステム開始ドライバーを読み込めませんでした:
cdrom

Error: (04/03/2019 10:02:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel® Driver & Support Assistant サービスを、次のエラーが原因で開始できませんでした:
そのサービスは指定時間内に開始要求または制御要求に応答しませんでした。

Error: (04/03/2019 10:02:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Intel® Driver & Support Assistant サービスの接続を待機中にタイムアウト (30000 ミリ秒) になりました。

Error: (04/03/2019 09:57:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: サーバー {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} は、必要なタイムアウト期間内に DCOM に登録しませんでした。


==================== Memory info ===========================

Processor: Intel® Core™ i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 94%
Total physical RAM: 1935.23 MB
Available physical RAM: 103.38 MB
Total Virtual: 3970.91 MB
Available Virtual: 336.1 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:285.2 GB) (Free:186.2 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:2.88 GB) NTFS

\\?\Volume{99ca3744-d391-11e0-a245-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.48 GB) NTFS
\\?\Volume{f2fef831-55ee-11e9-b67c-f0def180a0df}\ (Windows7_OS) (RAMDisk) (Total:285.2 GB) (Free:196.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 048E328B)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=285.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

 

Please!

Thank you. ありがとう(arigatou)


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,906 posts
  • MVP

Appears your blue screen was caused by intel processor graphics.  You have a very old version 8.15.  You might be able to upgrade to 15.40:

 

https://downloadcent...-?product=80939

 

The router appears to be a normal router so it should be possible to go in to it and change the channel and have it use any encryption type you want.  I can't find a manual for your version (because it's the Japanese version) but a similar router's manual is here:

cdn.cloudfiles.mosso.com/c85091/WHR-G300N_Manual_web.pdf

 

Remember you have to log in to the router then go into the wifi setup where you set the channel you want the router to use and what encryption type it uses.


  • 0

#11
arare

arare

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

First of all, thank you for your prompt response, always.

 

I tried downloading 15.40 intel, but it seems like my PC system doesn't support.

I try what my PC can download...

 

Other than that, my PC is clean now? No virus, malware??


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,906 posts
  • MVP

Possibly an older version will work. 

 

I don't see any malware but you can run an online ESET scan to be sure if you want.  Takes a few hours.

 

I expect my canned instructions are out of date but you should be able to just follow their instructions.

 

Use IE and go to https://www.eset.com...online-scanner/

  and click on SCAN NOW under ESET online Scanner.  Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).  

IF you don't use IE it will still work but you must download a program and run it.

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.
 

 

The main problem I see is your router trying to use the same channel as other nearby routers.  If you can log on to your router and change the channel to something else I expect you will see a big difference in performance.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP