Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - DR M

Pages: [1] 2 3 ... 11
1
LandzDown Lounge / Sound problem
« on: September 08, 2019, 09:21:29 AM »
Suddenly I am hearing a strange bad sound every time the computer plays audio (loud). It is like a screw that is inside the laptop and moves due to the sound waves.

What I did:

I recorded with a sound editor program (audacity) the sound from the computer to check if the sound is internal issue. The result was perfect, no problem at all. So the problem is due to something in the "environment" of the laptop. Of course I didn't use the computer to hear to the sample of sound, but another device.

I tried to open it (I did it before, when I replaced the hard drive), to see if everything is in their place, but there are two screws I can't deal with... :(

Any other ideas? I will be very  :(  if I can't use the computer for audio works, so any comment will be very appreciated...

2
Computer Problems, Questions and Solutions! / Black screen after Restart, before Log in Windows
« on: September 01, 2019, 08:51:39 AM »
I'm having an issue with a Dell Inspiron laptop, that I upgraded from Windows 7 to Windows 10, using the Media creation tool.

Everything went OK, all the updates are done, but the problem is the following:

When I select Restart, the computer starts, there is the Dell screen, then the Windows logo, and then a black screen (no white moving arrow). It's not the black when the computer is turned off, but it's black. What "solves" the problem: Click the power button once, the computer gets in to sleep mode, and then once more, to wake it up. After this, the log in screen appears. The log in screen appears also when I close the lid (the computer gets into sleep mode), and then open it again. In other words, the computer needs to sleep and then wake up!

No problem at all if I shut down and then press the Start button. The problem is only when I select Restart.

I already checked the display driver (Intel) checked for updates, uninstalled and reinstalled but nothing changed.

A topic I found suggests bios updating, but I'm not sure if I can do this.

So... I'm asking here for help, hoping that a simple and unexpected solution will occur, as always!

Thank you!  :)

3
Meet & Greet! / Happy Birthday, Corrine!
« on: August 04, 2019, 08:00:05 PM »
Corrine,

Officially is 5th of August here, so I can officially wish you HAPPY BIRTHDAY!!!

Actually, MANY MANY MANY HAPPY BIRTHDAYS, with MANY MANY MANY ROSES!!!




4
Security Software Programs / MCShield Problems
« on: July 12, 2019, 08:20:35 AM »
I'm using this free program for several years, in fact ... since 2011 when I first came here at LzD, and I was advised by Corrine to use it. It is a program recommended to protect a computer from infected usb sticks, a resident drive detector and scanner, meant not just to block the autorun.inf, but also to clean the malicious files from the drive.

BUT: Since the last Windows update (July 9, 2019—KB4507453), the program creates errors during it's run:
  • As soon as I log in Windows: attachment 1
  • When I insert a usb stick in the computer: attachment 2

In spite of the error pop up, it seems that the program does make the scan, since it says that no malware detected on the inserted drives.

Searching about this issue, I went to MCShield's forum. The language is Bosnian, so I used the Google translator, and saw that this problem started a few days ago, concerning both, Windows 7 and Windows 10 computers (page 12). So, I don't know if the Windows update is really the source of the problem or just a coincidence.

In the forum, a user says that when he pasted a downloaded vbscript.dll in the program's folder, the problem was solved. Another user says that sfc /scannow helped him to overcome the problem.

I tried the sfc /scannow, after I ran DISM.exe /Online /Cleanup-image /Restorehealth (I have Windows 10, so it is recommended using DISM first, restore the Windows image, and then run sfc to fix corrupted files from the restored image), but the problem is not solved.

I also ran FRST to have a look to the errors created and got this:

Application errors:
==================
Error: (07/12/2019 11:07:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mcshieldds.exe, version: 3.0.5.43, time stamp: 0x51103f08
Faulting module name: vbscript.dll, version: 5.812.10240.16384, time stamp: 0xd56d6774
Exception code: 0xc0000005
Fault offset: 0x00027857
Faulting process ID: 0x26b8
Faulting application start time: 0x01d53888e58e3b44
Faulting application path: C:\Program Files (x86)\MCShield\mcshieldds.exe
Faulting module path: C:\Windows\System32\vbscript.dll
Report ID: b2b23768-ac40-4aee-8d7f-bd4fd676f207
Faulting package full name:
Faulting package-relative application ID:

I don't know if anyone of you ran into this problem too and found a solution. I like this program and I would like to continue using it. Unless there is an alternative, doing the same job.

Any ideas?

5
Meet & Greet! / Congratulations, Corrine!
« on: July 01, 2019, 08:02:23 PM »
She did it again!

Re-awarded as Windows Insider MVP.

https://securitygarden.blogspot.com/2019/07/windows-insider-mvp-wimvp.html


6
Computer Problems, Questions and Solutions! / Is this page hacked or something else?
« on: May 21, 2019, 05:00:53 PM »
This is a question from many teachers here. Do you think that this page is hacked?

https://cyearn.pi.ac.cy/webmail/login/

It is a webmail page, of a department of the Ministry of Education.

Is there anything we can advise?

7
Jokes / I get knocked down!
« on: May 11, 2019, 08:07:42 AM »
I get knocked down...  ;D
(attachment)

8
LandzDown Lounge / Beautiful songs
« on: May 11, 2019, 07:48:31 AM »
I'm collecting ... beautiful, perhaps inspiring, songs. If you have something,

e.g.

What a wonderful world
When you believe

I would like to avoid love songs, but don't take it as a rule. :)

9
Computer Problems, Questions and Solutions! / Edge and Google Blogger conflict?
« on: April 29, 2019, 08:18:39 AM »
I'm having a problem with Edge. I saw that you talked positive about it in another topic, so I came to ruin the impressions.  :)

I'm trying to create a blog, in Blogger. When I use Pale Moon, I can edit my blog posts and the visible gadgets, and I also can write a comment, using my Google account as a profile. As you can see in attachments (1, 2, 4), all the tools for editing are there, and my Google profile is available to leave a comment.

When I use Edge, these editing tools are not visible. I see the blog as anyone, not sign in, could see it and not as an author. Even my Google profile is not visible in comments, so I can't leave a comment (attachment 3). Although, I can see my posts and everything else in blogger.com.

uBlock Origin is disabled.

Another remarkable thing about Edge, is that in blogger dashboard is appeared as Chrome. That's why I used the word conflict.

Any ideas?

10
Computer Problems, Questions and Solutions! / Office Online
« on: April 24, 2019, 07:15:30 AM »
Hello, LzD!

More than two months without a question... it is too much! So... yes, I still have questions.  :)

I would like to ask about Office Online. Can someone use it as before? When I search about it, I only find pages about Office 365.

11
LandzDown Lounge / It's Spring!
« on: March 21, 2019, 11:52:42 AM »
The diary indicates 21th March. It's the first day of Spring.

I remembered a fairy tale I was taught at school, that made me see things different then: Trolley Number 75, by Gianni Rodari. Time is passing so quickly and there are so many beautiful things (and people) around us we don't see, because we are always too busy. But unfortunately life can't go back. We can't rewind it. Can we stop for a minute and just see ... the Spring?

To the LzD family:


Trolley Number 75
by Gianni Rodari

    One morning trolley number 75, departing from Monteverde Vecchio for Piazza Fiume, instead of going down towards Trastavere through Gianicolo, turned onto L'Aurelia Antica and after a few minutes was going through the fields outside Rome like a bunny on vacation.

    At that time all the passengers were occupied reading the newspaper. Even those who hadn't bought a newspaper read, gazing over their neighbor's shoulder. One gentleman, as he turned the page, raised his eyes for a moment, looked outside and stood up to holler:

    — Ticket boy, what's going on? Treachery, treachery!

    And the other passengers raised their eyes from their newspapers, and the protests became a tempestuous chorus.

    — But from here we'll go to Cittavecchia!

    — What is the driver doing?

    — He's gone mad! Tie him up!

    — What kind of service is this!

    — It's ten till nine and I have to be in court by nine o' clock — howled a lawyer — and if I lose the case, I'll sue.

    The ticket boy and the driver attempted to drive back the assault by declaring that they knew nothing of it and that the trolley wouldn't obey their commands anymore, but seemed to proceed quite by its own accord. In fact, the trolley at that very moment went directly off the road and stopped on the threshold of a little fresh and fragrant forest.

    — Oh, wildflowers! — exclaimed a woman. — I shall be late to the office and get quite a scolding, but all the same, seeing as how they're here I should just content myself with the wildflowers. It must have been ten years since I picked them last.

    She got off the trolley and with her mouth wide open breathed the air of that strange morning, then went to make a bouquet of wildflowers.

    Seeing that the trolley would have nothing to do with leaving, one after another the passengers got off to stretch their legs or smoke a cigarette and after a little while their bad temper disappeared like fog when the sun comes out. One passenger picked a daisy and placed in her buttonhole and another passenger discovered an unripe strawberry and yelled:

    — I found it! Now I'll put my business card there and when it's ripe I'll come back to pick it. And woe if I don't find it!

    And he took a business card from his billfold, stuck a toothpick through it, and planted the toothpick right next to the strawberry. The name: Doctor Giulio Bollati, was written on the business card.

    Two busy office workers from the Department of Education rolled their newspapers into a ball and began to play a game of soccer. And every time they gave the ball a kick they would howl: let it go!

    Overall, they were no longer the same busybodies who one moment before had wanted to lynch the trolley workers. And some passengers split a little loaf of bread and an omelet and sat on the grass for a picnic.

    But — Watch out! — yelled the lawyer suddenly.

    The trolley, with a jolt, started to leave all on its own at a gentle trot. The passengers made it just in time to climb on and the last one to climb up was the lady with the wildflowers, who protested: — Oh, but there's no point. I had just started to have fun.

    — What time is it now? — someone demanded.

    — Who knows how late!

    And everyone looked to their wrists. Surprise: the watches still said ten till nine. They saw that during their entire trip into the forest the hands of their wristwatches hadn't moved. It was a gift of time, a little extra, like when one buys a carton of powder detergent and inside the box there's a toy.

    — But that can't be! — marveled the woman with the wildflowers as the trolley got back on its course and hurtled down Dandolo road.

    And everyone was amazed. And because some still had their newspapers they started reading again and at the top of the newspapers the date was written very clearly: March 21st. Everything is possible on the first day of spring.



12
General Software News, Updates & Discussions / Windows activation fails after changing hard disk
« on: February 17, 2019, 07:32:34 AM »
This is something I just heard from a friend, and I wonder if it is true:

Is the Windows activation code lost after changing a laptop's hard disk? Does the owner have to buy a new Windows OS in such a case?

What happened:
1. Windows 7, hard disk failed/died.
2. The disk was changed by a technician.
3. Update to Windows 10 was done by the technician, but the Windows is not activated now, because of the hardware change.

When I changed my hard disk, I did not have such a problem.

13
Computer Problems, Questions and Solutions! / Strange Power Point (pptxs) problem...
« on: February 08, 2019, 11:40:44 AM »
A friend of mine, called me to ask my help about a strange problem she has with the Power Point. It's really a very strange problem, and I will try to explain it as more as I can.

1. The problem is occured only when she uses a specific school's computer. Windows 10, Office 365, teacher's account.
2. The problem: She prepares a Power Point presentation at home, or on another school computer, which works fine when she uses the slides show mode. When she tries to show the same presentation using that specific computer (slide show), the pictures (or anything else) do not appear as they should be. Instead, there is only a part of a picture, diagonically cut. And there is more. This diagonical conceivable "line" is used as a symmetry axe, and the same part of the visible picture is reflected on this axe.
3. She uninstalled Office and installed it again, but the problem remains.

I'm not sure if I described well the problem, but it seems really a problem.

Anyone had such a problem before? Any ideas?

14
General Software News, Updates & Discussions / Sniping Tool is moving...
« on: January 30, 2019, 01:41:18 PM »
Today I tried to use the Snipping Tool, but I got the message that it is moving. Actually, it's been replaced by Snip and Sketch tool. There are some additional tools as the ruler, the protractor and the image crop (but no arrows yet...  :)  ) There is also the option Open with, so you can open your screenshot with the drawing program you want.

15
Analysis and Malware Removal / Just a check up
« on: January 26, 2019, 01:36:54 PM »
Hello.  :)

My nephew is trying to play his new FIFA 19 game, but he can't, due to a DirectX error. Before posting about his actual problem in another section of the Forum, I would like to provide the FRST's logs here, just to be sure that the computer is clean. It's a good opportunity to have a check on him.


FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26.01.2019
Ran by MIYIAGI (administrator) on DESKTOP-GG3ORKN (26-01-2019 17:08:20)
Running from C:\Users\MIYIAGI\Desktop
Loaded Profiles: MIYIAGI &  (Available Profiles: MIYIAGI)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: English (United Kingdom)
Default browser: "C:\Program Files (x86)\Pale Moon\palemoon.exe" -osint -url "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-12-15] (ESET)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01262019170539442\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01262019170539754\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2248044027-1193708394-682536330-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-2248044027-1193708394-682536330-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1223560 2017-05-08] (Ruiware)
HKU\S-1-5-21-2248044027-1193708394-682536330-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964080 2018-01-13] (SUPERAntiSpyware)
HKU\S-1-5-21-2248044027-1193708394-682536330-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2019-01-26] (Electronic Arts)
HKU\S-1-5-21-2248044027-1193708394-682536330-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01262019170540051\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-2248044027-1193708394-682536330-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01262019170540051\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1223560 2017-05-08] (Ruiware)
HKU\S-1-5-21-2248044027-1193708394-682536330-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01262019170540051\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964080 2018-01-13] (SUPERAntiSpyware)
HKU\S-1-5-21-2248044027-1193708394-682536330-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01262019170540051\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2019-01-26] (Electronic Arts)
HKU\S-1-5-21-2248044027-1193708394-682536330-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01262019170540051\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [1456128 2018-12-29] (Adobe Systems Incorporated)
Startup: C:\Users\MIYIAGI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-04-25]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.140.213.226 213.140.208.226
Tcpip\..\Interfaces\{24effb65-330c-45c3-be1c-9570c29c3551}: [DhcpNameServer] 192.168.10.254
Tcpip\..\Interfaces\{bb99b8d1-6c09-47e5-9f88-44d3455ad943}: [DhcpNameServer] 213.140.213.226 213.140.208.226

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-18] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-15] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 9rryux65.default
FF ProfilePath: C:\Users\MIYIAGI\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\9rryux65.default [2019-01-26]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\9rryux65.default -> www.google.com
FF NewTab: Moonchild Productions\Pale Moon\Profiles\9rryux65.default -> www.google.com
FF Extension: (Adblock Latitude) - C:\Users\MIYIAGI\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\9rryux65.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2018-04-12] [Legacy] [not signed]
FF Extension: (Lazarus: Form Recovery) - C:\Users\MIYIAGI\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\9rryux65.default\Extensions\lazarus@interclue.com.xpi [2017-12-16] [Legacy]
FF Extension: (Youtube MP3 Podcaster) - C:\Users\MIYIAGI\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\9rryux65.default\Extensions\youtubemp3podcaster@jeremy.d.gregorio.com [2018-01-21] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-29] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-29] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-15] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9677904 2018-12-28] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-15] (ESET)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1394360 2015-08-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787336 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787336 2018-12-06] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-01-26] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-01-26] (Electronic Arts)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [124928 2017-03-09] (ASUS Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-12] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-12] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-28] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-28] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-28] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-10-28] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-10-28] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-28] (ESET)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-12] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2019-01-04] (Malwarebytes)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31112 2017-05-03] (ASUS)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-04] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-13] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-13] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-26] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-26] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [17003280 2017-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-26 17:08 - 2019-01-26 17:09 - 000015178 _____ C:\Users\MIYIAGI\Desktop\FRST.txt
2019-01-26 16:38 - 2019-01-26 16:38 - 002428416 _____ (Farbar) C:\Users\MIYIAGI\Desktop\FRST64.exe
2019-01-26 16:26 - 2019-01-26 16:53 - 000663820 _____ C:\WINDOWS\Minidump\012619-40640-01.dmp
2019-01-26 16:26 - 2019-01-26 16:26 - 535635198 _____ C:\WINDOWS\MEMORY.DMP
2019-01-25 20:39 - 2019-01-25 20:39 - 000000000 ___HD C:\OneDriveTemp
2019-01-23 21:37 - 2019-01-23 21:38 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\GameAnalytics
2019-01-18 20:02 - 2019-01-18 20:02 - 000002563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-01-18 20:02 - 2019-01-18 20:02 - 000002556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype για επιχειρήσεις.lnk
2019-01-18 20:02 - 2019-01-18 20:02 - 000002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-01-18 20:02 - 2019-01-18 20:02 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-01-18 20:02 - 2019-01-18 20:02 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-01-18 20:02 - 2019-01-18 20:02 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-01-18 20:02 - 2019-01-18 20:02 - 000002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-01-18 20:02 - 2019-01-18 20:02 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-01-18 20:02 - 2019-01-18 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Εργαλεία του Microsoft Office
2019-01-12 21:36 - 2019-01-26 17:04 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-12 21:36 - 2019-01-26 16:30 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-01-12 21:36 - 2019-01-13 10:00 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-01-12 21:36 - 2019-01-13 10:00 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-08 21:45 - 2019-01-01 09:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-08 21:45 - 2019-01-01 09:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-08 21:45 - 2019-01-01 08:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-08 21:45 - 2019-01-01 08:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-08 21:45 - 2019-01-01 08:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-08 21:45 - 2019-01-01 08:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-08 21:45 - 2019-01-01 08:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-08 21:45 - 2019-01-01 08:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-08 21:45 - 2019-01-01 08:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-08 21:45 - 2019-01-01 08:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-08 21:44 - 2019-01-01 15:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-08 21:44 - 2019-01-01 15:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-08 21:44 - 2019-01-01 15:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-08 21:44 - 2019-01-01 15:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-08 21:44 - 2019-01-01 15:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-08 21:44 - 2019-01-01 15:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-08 21:44 - 2019-01-01 15:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-08 21:44 - 2019-01-01 15:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-08 21:44 - 2019-01-01 15:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-08 21:44 - 2019-01-01 15:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-08 21:44 - 2019-01-01 09:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-08 21:44 - 2019-01-01 09:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-08 21:44 - 2019-01-01 09:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-08 21:44 - 2019-01-01 09:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-08 21:44 - 2019-01-01 09:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-08 21:44 - 2019-01-01 09:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-08 21:44 - 2019-01-01 09:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-08 21:44 - 2019-01-01 09:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-08 21:44 - 2019-01-01 09:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-08 21:44 - 2019-01-01 09:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-08 21:44 - 2019-01-01 09:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-08 21:44 - 2019-01-01 09:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-08 21:44 - 2019-01-01 09:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-08 21:44 - 2019-01-01 09:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-08 21:44 - 2019-01-01 09:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-08 21:44 - 2019-01-01 09:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-08 21:44 - 2019-01-01 09:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-08 21:44 - 2019-01-01 09:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-08 21:44 - 2019-01-01 08:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-08 21:44 - 2019-01-01 08:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-08 21:44 - 2019-01-01 08:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-08 21:44 - 2019-01-01 08:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-08 21:44 - 2019-01-01 08:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-08 21:44 - 2019-01-01 08:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-08 21:44 - 2019-01-01 08:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-08 21:44 - 2019-01-01 08:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-08 21:44 - 2019-01-01 08:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-08 21:44 - 2019-01-01 08:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-08 21:44 - 2019-01-01 08:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-08 21:44 - 2019-01-01 08:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-08 21:44 - 2019-01-01 08:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-08 21:44 - 2019-01-01 08:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-08 21:44 - 2019-01-01 08:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-08 21:44 - 2019-01-01 08:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-08 21:44 - 2019-01-01 08:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-08 21:44 - 2019-01-01 08:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-08 21:44 - 2019-01-01 08:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-08 21:44 - 2019-01-01 08:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-08 21:44 - 2019-01-01 08:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-08 21:44 - 2019-01-01 08:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-08 21:44 - 2019-01-01 08:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-08 21:44 - 2019-01-01 08:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-08 21:44 - 2019-01-01 08:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-08 21:44 - 2019-01-01 08:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-08 21:44 - 2019-01-01 08:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-08 21:44 - 2019-01-01 08:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-08 21:44 - 2019-01-01 08:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-08 21:44 - 2019-01-01 08:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-08 21:44 - 2019-01-01 08:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-08 21:44 - 2019-01-01 08:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-08 21:44 - 2019-01-01 08:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-08 21:44 - 2019-01-01 08:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-08 21:44 - 2019-01-01 08:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-08 21:44 - 2019-01-01 08:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-08 21:44 - 2019-01-01 08:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-08 21:44 - 2019-01-01 08:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-08 21:44 - 2019-01-01 08:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-08 21:44 - 2019-01-01 08:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-08 21:44 - 2019-01-01 08:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-08 21:44 - 2019-01-01 08:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-08 21:44 - 2019-01-01 08:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-08 21:44 - 2019-01-01 08:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-08 21:44 - 2019-01-01 08:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-08 21:44 - 2019-01-01 08:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-08 21:44 - 2019-01-01 08:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-08 21:44 - 2019-01-01 07:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-08 21:44 - 2018-12-19 06:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-04 19:45 - 2019-01-04 19:45 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-01-03 21:22 - 2019-01-03 21:22 - 000000000 ____D C:\Users\MIYIAGI\ansel
2019-01-03 18:03 - 2019-01-03 18:03 - 000000000 ____D C:\steam
2019-01-03 18:00 - 2019-01-03 18:00 - 000000000 ____D C:\Users\MIYIAGI\Documents\AFS-a320f3-FSX-Steam-1
2019-01-02 20:25 - 2019-01-02 20:25 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-01-02 20:25 - 2017-09-14 01:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-01-02 20:25 - 2017-09-14 01:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-01-02 20:25 - 2017-09-14 01:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-01-02 20:25 - 2017-09-14 01:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-01-02 19:09 - 2017-12-04 21:19 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-12-31 19:38 - 2019-01-26 17:04 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-12-31 19:38 - 2018-12-31 19:38 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2018-12-31 19:35 - 2017-12-04 20:32 - 005964688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-12-31 19:35 - 2017-12-04 20:32 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-12-31 19:35 - 2017-12-04 20:32 - 001767408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-12-31 19:35 - 2017-12-04 20:32 - 000609312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-12-31 19:35 - 2017-12-04 20:32 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-12-31 19:35 - 2017-12-04 20:32 - 000123888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-12-31 19:35 - 2017-12-04 20:32 - 000082736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-12-31 19:35 - 2017-11-27 14:52 - 007874971 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-12-31 19:34 - 2017-12-12 20:34 - 000541456 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-12-31 19:34 - 2017-12-12 20:34 - 000447248 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-12-30 17:05 - 2018-09-05 00:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-12-30 16:27 - 2019-01-26 16:35 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\CrashDumps
2018-12-30 14:47 - 2018-12-30 16:11 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\NVIDIA Corporation
2018-12-30 14:47 - 2018-12-30 14:47 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-30 14:47 - 2018-12-30 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-12-30 14:47 - 2018-12-06 12:11 - 002865032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-12-30 14:47 - 2018-12-06 12:11 - 002264968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-12-30 14:47 - 2018-12-06 12:11 - 001323400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-12-30 14:47 - 2018-12-06 11:20 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-12-30 14:47 - 2018-10-04 14:33 - 000203760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-12-30 14:47 - 2018-10-04 14:33 - 000179696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-12-30 14:46 - 2018-10-01 20:47 - 000070024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-12-30 14:46 - 2018-10-01 17:47 - 000074576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-12-30 14:05 - 2018-12-31 19:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-30 12:59 - 2018-12-31 18:20 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\D3DSCache
2018-12-30 12:57 - 2018-12-30 12:57 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\mbam
2018-12-30 12:53 - 2019-01-04 19:44 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-30 12:53 - 2018-12-30 12:53 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\mbamtray
2018-12-30 12:53 - 2018-12-30 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-30 12:52 - 2018-12-30 12:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-30 12:49 - 2018-12-30 12:48 - 000000031 _____ C:\ProgramData\mb-licenseinfo.txt
2018-12-30 12:08 - 2019-01-26 17:08 - 000000000 ____D C:\FRST
2018-12-30 11:46 - 2019-01-11 16:52 - 000000000 ____D C:\Users\MIYIAGI\Desktop\power points
2018-12-30 11:46 - 2018-12-30 11:46 - 000000000 ____D C:\Users\MIYIAGI\Desktop\fifa
2018-12-30 11:45 - 2018-12-30 11:46 - 000000000 ____D C:\Users\MIYIAGI\Desktop\gsx
2018-12-29 16:19 - 2018-12-29 16:19 - 000000000 ____D C:\Users\MIYIAGI\Documents\FIFA 19
2018-12-28 22:48 - 2018-12-28 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 19

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-26 17:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-26 17:07 - 2017-12-16 11:10 - 000000000 ___RD C:\Users\MIYIAGI\OneDrive
2019-01-26 17:06 - 2017-12-16 13:41 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-26 17:06 - 2017-12-16 11:26 - 000000000 ____D C:\ProgramData\MCShield
2019-01-26 17:05 - 2017-12-16 13:43 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2019-01-26 17:04 - 2018-06-14 10:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-26 17:04 - 2018-06-14 09:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-26 17:04 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-26 17:04 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-26 17:04 - 2017-12-16 12:00 - 000000000 __SHD C:\Users\MIYIAGI\IntelGraphicsProfiles
2019-01-26 16:53 - 2017-12-27 18:40 - 000000000 ____D C:\Users\MIYIAGI\AppData\Roaming\Origin
2019-01-26 16:52 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-26 16:40 - 2017-12-27 18:42 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-01-26 16:40 - 2017-12-27 18:34 - 000000000 ____D C:\ProgramData\Origin
2019-01-26 16:39 - 2017-12-27 18:40 - 000000000 ____D C:\Program Files (x86)\Origin
2019-01-26 16:26 - 2018-06-23 13:58 - 000000000 ____D C:\WINDOWS\Minidump
2019-01-25 20:52 - 2018-03-14 10:15 - 000000000 ____D C:\Users\MIYIAGI\Documents\Flight Simulator X Files
2019-01-25 20:43 - 2017-12-16 14:53 - 000000000 ____D C:\Program Files (x86)\Steam
2019-01-25 20:39 - 2018-03-04 13:41 - 000000000 ____D C:\Users\MIYIAGI\Documents\Euro Truck Simulator 2
2019-01-25 20:38 - 2018-06-14 10:08 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2248044027-1193708394-682536330-1001
2019-01-25 20:38 - 2018-06-14 09:45 - 000002369 _____ C:\Users\MIYIAGI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-23 21:39 - 2017-12-17 10:53 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\Fernbus
2019-01-23 21:37 - 2017-12-17 10:53 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\UnrealEngine
2019-01-23 21:36 - 2017-12-17 10:50 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-20 17:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-19 12:32 - 2017-12-16 15:03 - 000000000 ____D C:\Users\MIYIAGI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-18 20:00 - 2017-12-16 12:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-01-18 19:31 - 2018-11-17 19:48 - 000000000 ____D C:\Program Files\rempl
2019-01-13 10:00 - 2018-06-14 09:45 - 000000000 ____D C:\Users\MIYIAGI
2019-01-12 21:34 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-11 16:41 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-11 16:40 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-10 19:26 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-09 21:08 - 2017-12-16 12:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 21:04 - 2017-12-16 12:04 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-05 10:31 - 2017-12-16 11:27 - 000000000 ____D C:\Users\MIYIAGI\AppData\Roaming\vlc
2019-01-02 21:41 - 2018-07-12 21:11 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 21:41 - 2018-07-12 21:11 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-02 20:25 - 2017-12-16 11:22 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-01-02 19:09 - 2017-12-16 11:23 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-01-02 19:05 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-31 19:38 - 2017-12-16 12:00 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-12-31 19:35 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Help
2018-12-31 19:23 - 2017-12-16 11:23 - 000000000 ____D C:\Program Files (x86)\Intel
2018-12-31 18:03 - 2018-06-14 12:20 - 000519726 _____ C:\WINDOWS\system32\perfh008.dat
2018-12-31 18:03 - 2018-06-14 12:20 - 000085604 _____ C:\WINDOWS\system32\perfc008.dat
2018-12-31 18:03 - 2018-06-14 09:59 - 001372554 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-30 17:03 - 2017-12-16 14:01 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\ElevatedDiagnostics
2018-12-30 16:27 - 2017-12-16 11:07 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\Packages
2018-12-30 14:49 - 2017-12-16 13:43 - 000000000 ____D C:\Users\MIYIAGI\AppData\Local\NVIDIA
2018-12-30 12:48 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-12-29 16:53 - 2018-06-14 10:08 - 000004592 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-29 16:53 - 2018-06-14 10:08 - 000004422 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-12-29 16:53 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-29 16:53 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-28 22:48 - 2017-12-27 20:14 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2018-12-28 21:09 - 2017-12-27 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2018-12-27 18:28 - 2018-10-01 21:03 - 000000000 ____D C:\Users\MIYIAGI\AppData\Roaming\Virtuali

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-14 09:38

==================== End of FRST.txt ============================


Pages: [1] 2 3 ... 11