AVZ Antiviral Toolkit log; AVZ version is 4.46
Scanning started at 20.08.2017 19:59:45
Database loaded: signatures - 297569, NN profile(s) - 2, malware removal microprograms - 56, signature database released 20.08.2017 16:00
Heuristic microprograms loaded: 410
PVS microprograms loaded: 10
Digital signatures of system files loaded: 897358
Heuristic analyzer mode: Medium heuristics mode
Malware removal mode: disabled
Windows version is: 10.0.15063,  "Windows 10 Pro", install date 13.04.2017 17:13:24 
System Restore: enabled
1. Searching for Rootkits and other software intercepting API functions
1.1 Searching for user-mode API hooks
 Analysis: kernel32.dll, export table found in section .rdata
Function kernel32.dll:ReadConsoleInputExA (1117) intercepted, method - ProcAddressHijack.GetProcAddress ->742AB332->73FFF590
Function kernel32.dll:ReadConsoleInputExW (1118) intercepted, method - ProcAddressHijack.GetProcAddress ->742AB365->73FFF5C0
 Analysis: ntdll.dll, export table found in section .text
 Analysis: user32.dll, export table found in section .text
Function user32.dll:Wow64Transition (1503) intercepted, method - CodeHijack (not defined)
 Analysis: advapi32.dll, export table found in section .text
Function advapi32.dll:CveEventWrite (1233) intercepted, method - ProcAddressHijack.GetProcAddress ->743E271C->7402AF90
Function advapi32.dll:I_ScRegisterPreshutdownRestart (1386) intercepted, method - ProcAddressHijack.GetProcAddress ->743E3643->7708B870
 Analysis: ws2_32.dll, export table found in section .text
 Analysis: wininet.dll, export table found in section .text
 Analysis: rasapi32.dll, export table found in section .text
 Analysis: urlmon.dll, export table found in section .text
 Analysis: netapi32.dll, export table found in section .text
Function netapi32.dll:NetFreeAadJoinInformation (130) intercepted, method - ProcAddressHijack.GetProcAddress ->73A3C1CA->FF7B630
Function netapi32.dll:NetGetAadJoinInformation (131) intercepted, method - ProcAddressHijack.GetProcAddress ->73A3C1F9->FF7B9A0
1.4 Searching for masking processes and drivers
 Checking not performed: extended monitoring driver (AVZPM) is not installed
2. Scanning RAM
 Number of processes found: 60
 Number of modules loaded: 346
Scanning RAM - complete
3. Scanning disks
4. Checking  Winsock Layered Service Provider (SPI/LSP)
 LSP settings checked. No errors detected
5. Searching for keyboard/mouse/windows events hooks (Keyloggers, Trojan DLLs)
6. Searching for opened TCP/UDP ports used by malicious software
 Checking - disabled by user
7. Heuristic system check
Checking - complete
8. Searching for vulnerabilities
>> Security: administrative shares (C$, D$ ...) are enabled
>> Security: anonymous user access is enabled
Checking - complete
9. Troubleshooting wizard
 >>  HDD autorun is allowed
 >>  Network drives autorun is allowed
 >>  Removable media autorun is allowed
Checking - complete
Files scanned: 406, extracted from archives: 0, malicious software found 0, suspicions - 0
Scanning finished at 20.08.2017 20:00:14
Time of scanning: 00:00:30
If you have a suspicion on presence of viruses or questions on the suspected objects,
you can address http://forum.kaspersky.com/index.php?showforum=19
For automatic scanning of files from the AVZ quarantine you can use the service http://virusdetector.ru/