View Single Post
  #8  
Old January 11th, 2019, 04:44 AM
sportsfan7702 sportsfan7702 is offline
Senior Member
 
Join Date: Sep 2008
Posts: 295
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01
Ran by MattS (10-01-2019 21:37:03)
Running from C:\Users\MattS\AppData\Local\Packages\Microsoft.Mi crosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Home Version 1803 17134.523 (X64) (2018-05-23 21:22:57)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-3107326716-814032089-3740455390-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3107326716-814032089-3740455390-503 - Limited - Disabled)
Guest (S-1-5-21-3107326716-814032089-3740455390-501 - Limited - Disabled)
MattS (S-1-5-21-3107326716-814032089-3740455390-1001 - Administrator - Enabled) => C:\Users\MattS
WDAGUtilityAccount (S-1-5-21-3107326716-814032089-3740455390-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
ASUS USB-AC53 Nano USB Wireless adapter Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.0.0.3 - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ESET Security (HKLM\...\{F1544F11-BFCC-43CC-9D0C-169A7E99369E}) (Version: 12.0.31.0 - ESET, spol. s r.o.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3107326716-814032089-3740455390-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0 (x64 en-US)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3 - Mozilla)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8416 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.29-3 - Wacom Technology Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-11-29] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-11-29] (ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-10-12] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-11-29] (ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODClea nupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstall er.exe [2018-04-11] ()
Task: {ADA0C99A-1859-4C3E-B769-A915B1D78CC9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {BE97BD77-C54D-40BE-87F9-C3B2554B8B45} - \{4CDCC486-63BA-B316-3A1E-631EA9E46CB6} -> No File <==== ATTENTION
Task: {C5278344-B193-45E8-B6F8-0F7CA1254FC5} - System32\Tasks\update-S-1-5-21-3107326716-814032089-3740455390-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {D3D91D22-E32E-4194-A646-51C910AAE9FA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {DF852DEB-AC8F-4025-9A30-0230A437E2E1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3107326716-814032089-3740455390-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-11 17:34 - 2018-04-11 17:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-11 17:34 - 2018-04-11 17:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 14:31 - 2018-11-08 20:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-09 22:32 - 2019-01-01 00:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\Cortana.Core.dll
2018-10-03 22:57 - 2018-10-03 22:57 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x6 4__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-12 17:05 - 2018-12-12 17:05 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x6 4__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-12 17:05 - 2018-12-12 17:05 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x6 4__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-12 17:05 - 2018-12-12 17:05 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x6 4__kzf8qxf38zg5c\LibWrapper.dll
2018-12-12 17:05 - 2018-12-12 17:05 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x6 4__kzf8qxf38zg5c\skypert.dll
2018-12-12 17:05 - 2018-12-12 17:05 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x6 4__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-12 17:05 - 2018-12-12 17:05 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x6 4__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-06 16:46 - 2018-11-06 16:46 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.100 1.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-06 16:46 - 2018-11-06 16:46 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.100 1.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-06 16:46 - 2018-11-06 16:46 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.100 1.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeC ontrol.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-02-25 23:06 - 2018-12-17 08:39 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
Reply With Quote