Slow, some times typing text in forum very slow.
Google normal EXCEPT, search, select Image, view image, I get REDIRECT NOTICE. (see attached image)
Page has two hyperlinks, one for image, one previous page. I can select link to image and see it.
Youtube is tied to Google+. Now the POST button is greyed out. I checked obvious things
Related? Not sure but SD Card reader stopped working. I have done many scans with different free scanners....
Here are two logs FarBar & HiJackThis. Thanks, sorry if I did not do this correctly, let me know I'll edit and correct it.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-08-2015
Ran by George (administrator) on GEORGE-PC (23-08-2015 09:10:18)
Running from C:\Users\George\Desktop\New folder (2)
Loaded Profiles: George (Available Profiles: George)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\George\Desktop\New folder (2)\FRST64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-26] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-15] (Intel® Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771240 2011-04-21] (Synaptics Incorporated)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2012-03-05] (Lenovo)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2012-03-05] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9745312 2012-03-05] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5374880 2012-03-05] (Lenovo(beijing) Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe [9549808 2015-06-24] ()
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [336384 2009-12-28] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2010-12-04] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [224352 2010-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-03-05] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-23] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2050137-3501644656-3156433736-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-03-05] (Google Inc.)
HKU\S-1-5-21-2050137-3501644656-3156433736-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2050137-3501644656-3156433736-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1404248 2015-07-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2050137-3501644656-3156433736-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2050137-3501644656-3156433736-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2050137-3501644656-3156433736-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-08-23] (SUPERAntiSpyware)
HKU\S-1-5-21-2050137-3501644656-3156433736-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1402640 2015-08-23] (Lavasoft)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1404248 2015-07-29] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-03-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk [2015-08-10]
ShortcutTarget: RT-Updater.lnk -> C:\Ross-Tech\VCDS\VCDS.EXE (Ross-Tech, LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-23] (AVAST Software)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2012-03-05] ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2050137-3501644656-3156433736-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-2050137-3501644656-3156433736-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2050137-3501644656-3156433736-1000 -> DefaultScope {04655A78-3547-4B5A-BB17-1EEDE5148338} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2050137-3501644656-3156433736-1000 -> {04655A78-3547-4B5A-BB17-1EEDE5148338} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2050137-3501644656-3156433736-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D082315-A60FA26CFB78147A880F&form=CONBDF&conlogo=CT3332038&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2050137-3501644656-3156433736-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_enUS636
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-23] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-16] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-23] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-16] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-16] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-16] (Google Inc.)
Toolbar: HKU\S-1-5-21-2050137-3501644656-3156433736-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-16] (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-17] (Microsoft Corporation)
Winsock: Catalog9 01 C:\windows\SysWOW64\LavasoftTcpService.dll [345360 2015-05-03] (Lavasoft Limited)
Winsock: Catalog9 02 C:\windows\SysWOW64\LavasoftTcpService.dll [345360 2015-05-03] (Lavasoft Limited)
Winsock: Catalog9 03 C:\windows\SysWOW64\LavasoftTcpService.dll [345360 2015-05-03] (Lavasoft Limited)
Winsock: Catalog9 04 C:\windows\SysWOW64\LavasoftTcpService.dll [345360 2015-05-03] (Lavasoft Limited)
Winsock: Catalog9 16 C:\windows\SysWOW64\LavasoftTcpService.dll [345360 2015-05-03] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-05-03] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-05-03] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-05-03] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-05-03] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-05-03] (Lavasoft Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{357E948A-96F5-4128-9712-1F1CA3017A91}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-23]
Chrome:
=======
CHR Profile: C:\Users\George\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-14]
CHR Extension: (Google Wallet) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-23]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-23] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953632 2010-12-14] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [754120 2015-07-29] (Garmin Ltd. or its subsidiaries)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe [716664 2015-06-24] ()
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-08-23] (Lavasoft Limited)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-15] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [16656 2015-08-23] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-23] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-23] (AVAST Software)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech LLC)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8200552 2010-09-27] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U3 BcmSqlStartupSvc; no ImagePath
U2 CLKMSVC10_3A60B698; no ImagePath
U2 CLKMSVC10_C3B3B687; no ImagePath
U2 DriverService; no ImagePath
U2 IAStorDataMgrSvc; no ImagePath
U2 iATAgentService; no ImagePath
U2 idealife Update Service; no ImagePath
U3 IGRS; no ImagePath
U2 IviRegMgr; no ImagePath
U2 nvUpdatusService; no ImagePath
U2 Oasis2Service; no ImagePath
U2 PCCarerService; no ImagePath
U2 ReadyComm.DirectRouter; no ImagePath
U2 RichVideo; no ImagePath
U2 RtLedService; no ImagePath
U2 SeaPort; no ImagePath
U2 SoftwareService; no ImagePath
U3 SQLWriter; no ImagePath
U2 Stereo Service; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-23 09:09 - 2015-08-23 09:09 - 00003196 _____ C:\windows\System32\Tasks\{67BF96CB-87BD-4CFA-8E66-94D1D4ACF9FF}
2015-08-23 08:17 - 2015-08-23 08:17 - 00000000 ____D C:\Users\George\AppData\Roaming\AVAST Software
2015-08-23 08:14 - 2015-08-23 08:14 - 00003924 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-08-23 08:14 - 2015-08-23 08:14 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-23 08:14 - 2015-08-23 08:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-23 08:14 - 2015-08-23 08:13 - 00447944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-08-23 08:14 - 2015-08-23 08:13 - 00274808 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2015-08-23 08:14 - 2015-08-23 08:13 - 00150672 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-08-23 08:14 - 2015-08-23 08:13 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-08-23 08:14 - 2015-08-23 08:13 - 00090968 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-08-23 08:14 - 2015-08-23 08:13 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2015-08-23 08:14 - 2015-08-23 08:13 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2015-08-23 08:13 - 2015-08-23 08:14 - 01048344 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-08-23 08:13 - 2015-08-23 08:13 - 01048856 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.1440335667234
2015-08-23 08:13 - 2015-08-23 08:13 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-08-23 08:13 - 2015-08-23 08:13 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
2015-08-23 08:11 - 2015-08-23 08:11 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-23 08:09 - 2015-08-23 08:10 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-23 00:58 - 2015-08-23 00:58 - 00000000 ____D C:\Users\George\AppData\Local\Lavasoft
2015-08-23 00:57 - 2015-08-23 01:00 - 00002321 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-08-23 00:57 - 2015-08-23 00:59 - 00000000 ____D C:\Users\George\AppData\Roaming\Lavasoft
2015-08-23 00:57 - 2015-08-23 00:57 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-08-23 00:56 - 2015-08-23 00:56 - 00000000 ____D C:\Program Files\Lavasoft
2015-08-23 00:55 - 2015-08-23 00:57 - 00000000 ____D C:\ProgramData\Lavasoft
2015-08-23 00:55 - 2015-08-23 00:55 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-08-23 00:48 - 2015-08-23 00:48 - 02009904 _____ C:\Users\George\Downloads\Adaware_Installer (1).exe
2015-08-23 00:46 - 2015-08-23 00:46 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\George\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-23 00:45 - 2015-08-23 00:45 - 05481336 _____ (Avast Software s.r.o.) C:\Users\George\Downloads\avast_free_antivirus_setup_online_cnet.exe
2015-08-23 00:14 - 2015-08-23 00:35 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-23 00:14 - 2015-08-23 00:14 - 00000000 ____D C:\Users\George\AppData\Roaming\SUPERAntiSpyware.com
2015-08-23 00:14 - 2015-08-23 00:14 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-08-23 00:14 - 2015-08-23 00:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-08-23 00:02 - 2015-08-23 00:33 - 00000112 _____ C:\windows\setupact.log
2015-08-23 00:02 - 2015-08-23 00:02 - 00000000 _____ C:\windows\setuperr.log
2015-08-23 00:00 - 2015-08-23 00:00 - 01605632 _____ C:\Users\George\Downloads\adwcleaner_5.003.exe
2015-08-22 23:59 - 2015-08-22 23:59 - 00000000 ____D C:\ProgramData\Google
2015-08-22 23:53 - 2015-08-22 23:53 - 04383777 _____ C:\Users\George\Downloads\tdsskiller.zip
2015-08-22 10:44 - 2015-08-22 10:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 10:44 - 2015-08-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-22 10:42 - 2015-07-22 19:06 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-22 10:42 - 2015-07-22 19:03 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-22 10:42 - 2015-07-22 19:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-08-22 10:42 - 2015-07-22 19:02 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-08-22 10:42 - 2015-07-22 19:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-08-22 10:42 - 2015-07-22 12:57 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-08-22 10:42 - 2015-07-22 12:57 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-08-22 10:42 - 2015-07-22 12:54 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-08-22 10:42 - 2015-07-22 11:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-08-22 10:41 - 2015-07-22 19:06 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-08-22 10:41 - 2015-07-22 19:06 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-08-22 10:41 - 2015-07-22 19:03 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-08-22 10:41 - 2015-07-22 19:03 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-08-22 10:41 - 2015-07-22 19:03 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-08-22 10:41 - 2015-07-22 19:03 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-08-22 10:41 - 2015-07-22 19:02 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-08-22 10:41 - 2015-07-22 19:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-08-22 10:41 - 2015-07-22 19:02 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-08-22 10:41 - 2015-07-22 19:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-08-22 10:41 - 2015-07-22 19:01 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-08-22 10:41 - 2015-07-22 19:01 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-08-22 10:41 - 2015-07-22 18:58 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-08-22 10:41 - 2015-07-22 18:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 18:51 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-08-22 10:41 - 2015-07-22 12:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-08-22 10:41 - 2015-07-22 12:52 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-08-22 10:41 - 2015-07-22 12:52 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-08-22 10:41 - 2015-07-22 12:52 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-08-22 10:41 - 2015-07-22 12:52 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-08-22 10:41 - 2015-07-22 12:52 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-08-22 10:41 - 2015-07-22 12:52 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-08-22 10:41 - 2015-07-22 12:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-08-22 10:41 - 2015-07-22 12:47 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-08-22 10:41 - 2015-07-22 12:46 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 12:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 11:45 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-08-22 10:41 - 2015-07-22 11:44 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-08-22 10:41 - 2015-07-22 11:44 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-08-22 10:41 - 2015-07-22 11:34 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-08-22 10:41 - 2015-07-22 11:34 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-08-22 10:41 - 2015-07-22 11:31 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 11:31 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 11:31 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-22 10:41 - 2015-07-22 11:31 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-22 10:41 - 2015-07-14 22:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-08-22 10:41 - 2015-07-14 21:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-08-22 10:41 - 2015-07-09 12:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-08-22 10:41 - 2015-07-09 12:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-08-22 10:41 - 2015-07-09 12:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-08-22 10:41 - 2015-07-09 12:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-08-22 10:38 - 2015-06-25 05:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-08-22 10:38 - 2015-06-25 05:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-08-22 10:38 - 2015-06-25 05:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-08-22 10:38 - 2015-06-25 04:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-08-22 10:28 - 2015-08-22 10:28 - 00000000 ____D C:\Program Files (x86)\Ricoh
2015-08-19 17:36 - 2015-08-10 20:20 - 25191936 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-19 17:36 - 2015-08-10 20:14 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-08-19 17:36 - 2015-08-10 19:33 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-08-19 17:36 - 2015-08-10 19:20 - 19871232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-08-13 07:04 - 2015-07-30 08:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 07:04 - 2015-07-30 08:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 16:36 - 2015-07-28 15:09 - 00017344 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-11 16:36 - 2015-07-28 15:05 - 01116672 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-11 16:36 - 2015-07-28 15:05 - 00774656 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-11 16:36 - 2015-07-28 15:05 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-11 16:36 - 2015-07-28 15:05 - 00437760 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-11 16:36 - 2015-07-28 15:05 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-08-11 16:36 - 2015-07-28 15:05 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-11 16:36 - 2015-07-28 14:55 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-11 16:36 - 2015-07-16 14:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-08-11 16:36 - 2015-07-16 14:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-08-11 16:36 - 2015-07-16 14:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-08-11 16:36 - 2015-07-16 14:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-11 16:36 - 2015-07-16 14:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-11 16:36 - 2015-07-16 14:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-08-11 16:36 - 2015-07-11 08:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-08-11 16:35 - 2015-07-20 19:39 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-08-11 16:35 - 2015-07-20 19:12 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-08-11 16:35 - 2015-07-16 15:54 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-08-11 16:35 - 2015-07-16 15:37 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-08-11 16:35 - 2015-07-16 15:36 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-11 16:35 - 2015-07-16 15:36 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-08-11 16:35 - 2015-07-16 15:35 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-11 16:35 - 2015-07-16 15:27 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-08-11 16:35 - 2015-07-16 15:26 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-08-11 16:35 - 2015-07-16 15:21 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-08-11 16:35 - 2015-07-16 15:21 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-08-11 16:35 - 2015-07-16 15:12 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-08-11 16:35 - 2015-07-16 15:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 16:35 - 2015-07-16 14:51 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-08-11 16:35 - 2015-07-16 14:51 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-08-11 16:35 - 2015-07-16 14:51 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-08-11 16:35 - 2015-07-16 14:50 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-08-11 16:35 - 2015-07-16 14:50 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-08-11 16:35 - 2015-07-16 14:49 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-08-11 16:35 - 2015-07-16 14:45 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-08-11 16:35 - 2015-07-16 14:43 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-08-11 16:35 - 2015-07-16 14:43 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-08-11 16:35 - 2015-07-16 14:41 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-08-11 16:35 - 2015-07-16 14:39 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-08-11 16:35 - 2015-07-16 14:39 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-08-11 16:35 - 2015-07-16 14:38 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-08-11 16:35 - 2015-07-16 14:36 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-11 16:35 - 2015-07-16 14:35 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-08-11 16:35 - 2015-07-16 14:32 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-11 16:35 - 2015-07-16 14:29 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-08-11 16:35 - 2015-07-16 14:24 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-11 16:35 - 2015-07-16 14:20 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-08-11 16:35 - 2015-07-16 14:19 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-08-11 16:35 - 2015-07-16 14:17 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-08-11 16:35 - 2015-07-16 14:12 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-08-11 16:35 - 2015-07-16 14:10 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-08-11 16:35 - 2015-07-16 14:06 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-08-11 16:35 - 2015-07-16 14:06 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-08-11 16:35 - 2015-07-16 14:05 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-08-11 16:35 - 2015-07-16 14:01 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-11 16:35 - 2015-07-16 13:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-11 16:35 - 2015-07-16 13:42 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-08-11 16:35 - 2015-07-16 13:38 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-08-11 16:35 - 2015-07-16 13:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-08-11 16:35 - 2015-07-15 13:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-11 16:35 - 2015-07-15 13:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-11 16:35 - 2015-07-15 13:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-08-11 16:35 - 2015-07-14 22:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-11 16:34 - 2015-07-16 15:36 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-11 16:34 - 2015-07-16 15:35 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-08-11 16:34 - 2015-07-16 15:26 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-11 16:34 - 2015-07-16 15:23 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-11 16:34 - 2015-07-16 15:21 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-11 16:34 - 2015-07-16 15:21 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-08-11 16:34 - 2015-07-16 15:08 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-08-11 16:34 - 2015-07-16 14:55 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-08-11 16:34 - 2015-07-16 14:54 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-08-11 16:34 - 2015-07-16 14:34 - 14451200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-11 16:34 - 2015-07-16 14:33 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-08-11 16:34 - 2015-07-16 14:12 - 02427904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-11 16:33 - 2015-07-30 13:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-08-11 16:33 - 2015-07-30 13:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-11 16:33 - 2015-07-30 13:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-11 16:33 - 2015-07-30 13:06 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-08-11 16:33 - 2015-07-30 13:06 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-11 16:33 - 2015-07-30 13:06 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-08-11 16:33 - 2015-07-30 13:06 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-08-11 16:33 - 2015-07-30 12:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-08-11 16:33 - 2015-07-30 12:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-08-11 16:33 - 2015-07-30 12:57 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-08-11 16:33 - 2015-07-30 12:57 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-08-11 16:33 - 2015-07-30 12:57 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-08-11 16:33 - 2015-07-30 12:55 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-08-11 16:33 - 2015-07-30 11:56 - 03208192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-11 16:33 - 2015-07-30 11:52 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-11 16:33 - 2015-07-30 11:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-08-11 16:33 - 2015-07-20 13:12 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-11 16:33 - 2015-07-20 13:12 - 02606080 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-11 16:33 - 2015-07-20 13:12 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-11 16:33 - 2015-07-20 13:12 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-11 16:33 - 2015-07-20 13:12 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-11 16:33 - 2015-07-20 13:12 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-11 16:33 - 2015-07-20 13:12 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-08-11 16:33 - 2015-07-20 13:12 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-08-11 16:33 - 2015-07-20 13:12 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-11 16:33 - 2015-07-20 13:12 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-08-11 16:33 - 2015-07-20 13:12 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-08-11 16:33 - 2015-07-20 12:56 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-08-11 16:33 - 2015-07-20 12:56 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-08-11 16:33 - 2015-07-20 12:56 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-08-11 16:33 - 2015-07-20 12:56 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-08-11 16:33 - 2015-07-20 12:56 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-08-11 16:33 - 2015-07-14 22:19 - 02004992 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-11 16:33 - 2015-07-14 22:19 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-11 16:33 - 2015-07-14 22:14 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-08-11 16:33 - 2015-07-14 22:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-08-11 16:33 - 2015-07-14 21:55 - 01390592 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-08-11 16:33 - 2015-07-14 21:55 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-08-11 16:33 - 2015-07-14 21:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-08-11 16:33 - 2015-07-14 21:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-08-11 16:33 - 2015-07-10 12:51 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-08-11 16:33 - 2015-07-10 12:34 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-08-11 16:33 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-11 16:33 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-11 16:33 - 2015-07-09 12:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-08-11 16:33 - 2015-07-01 15:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-11 16:33 - 2015-07-01 15:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-11 16:33 - 2015-07-01 15:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-08-11 16:33 - 2015-07-01 15:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-08-10 21:39 - 2015-08-10 21:39 - 00000722 _____ C:\Users\George\Desktop\serial num.txt
2015-08-09 20:48 - 2015-08-09 20:48 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-09 09:54 - 2015-08-09 09:54 - 00001083 _____ C:\Users\George\Documents - Shortcut.lnk
2015-08-08 21:18 - 2015-08-23 00:49 - 00028672 ___SH C:\Users\George\Thumbs.db
2015-08-04 16:22 - 2015-08-04 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-08-02 11:35 - 2015-08-02 11:57 - 00000000 ____D C:\Users\George\Desktop\New folder (4)
2015-07-30 18:21 - 2015-07-30 18:23 - 14239754 _____ C:\Users\George\Downloads\adsb_all.zip
2015-07-30 16:30 - 2015-07-30 16:30 - 00000561 _____ C:\Users\George\Desktop\temp2.txt
2015-07-29 18:40 - 2015-08-16 12:24 - 00000000 ____D C:\Users\George\Desktop\sdrsharp
2015-07-29 18:07 - 2015-07-29 18:50 - 01778032 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01011.dll
2015-07-29 18:07 - 2015-07-29 18:50 - 00000000 ____D C:\usb_driver
2015-07-29 18:00 - 2015-07-29 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-07-29 18:00 - 2015-07-29 18:00 - 00000000 ____D C:\Program Files\7-Zip
2015-07-29 17:24 - 2015-07-29 18:20 - 00000000 ____D C:\Program Files (x86)\HDSDR
2015-07-29 17:21 - 2015-07-29 17:21 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_WinUsb_01011.Wdf
2015-07-29 17:20 - 2015-07-29 17:20 - 05132802 _____ C:\Users\George\Downloads\zadig_v2.0.1.160.7z
2015-07-29 17:11 - 2015-07-29 17:21 - 01002728 _____ (Microsoft Corporation) C:\windows\system32\WinUSBCoInstaller2.dll
2015-07-29 17:11 - 2015-07-29 17:21 - 00000000 ____D C:\Users\George\usb_driver
2015-07-29 17:10 - 2015-07-29 17:11 - 05191512 _____ (akeo.ie) C:\Users\George\Downloads\zadig_2.1.2.exe
2015-07-29 17:09 - 2015-07-29 17:09 - 00000000 ____D C:\Users\George\Documents\sdr-install
2015-07-29 17:08 - 2015-07-29 17:08 - 00155240 _____ C:\Users\George\Downloads\sdr-install.zip
2015-07-29 17:08 - 2015-07-29 17:08 - 00000000 ____D C:\Users\George\Downloads\sdr-install
2015-07-29 17:00 - 2015-07-29 17:00 - 01755711 _____ (DG0JBJ ) C:\Users\George\Downloads\HDSDR_install.exe
2015-07-29 17:00 - 2015-07-29 17:00 - 00000000 ____D C:\Users\George\Documents\HDSDR
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-23 09:10 - 2015-06-06 12:26 - 00000000 ____D C:\FRST
2015-08-23 09:09 - 2015-06-10 18:01 - 00000000 ____D C:\Users\George\Desktop\New folder (2)
2015-08-23 09:05 - 2015-06-06 12:14 - 00000000 ____D C:\AdwCleaner
2015-08-23 09:03 - 2012-03-05 10:25 - 00321905 _____ C:\FaceProv.log
2015-08-23 08:50 - 2012-03-05 10:32 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-23 08:48 - 2015-06-12 17:22 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-23 08:14 - 2015-06-09 19:04 - 01167450 _____ C:\windows\WindowsUpdate.log
2015-08-23 08:14 - 2009-07-13 23:45 - 00021280 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-23 08:14 - 2009-07-13 23:45 - 00021280 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-23 06:50 - 2012-03-05 10:32 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-23 00:59 - 2015-06-07 09:16 - 00000371 _____ C:\prefs.js
2015-08-23 00:59 - 2015-05-03 22:57 - 00000000 ____D C:\searchplugins
2015-08-23 00:57 - 2015-05-03 22:57 - 00425744 _____ (Lavasoft Limited) C:\windows\system32\LavasoftTcpService64.dll
2015-08-23 00:57 - 2015-05-03 22:57 - 00345360 _____ (Lavasoft Limited) C:\windows\SysWOW64\LavasoftTcpService.dll
2015-08-23 00:57 - 2015-05-03 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-08-23 00:40 - 2009-07-14 00:13 - 00781298 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-23 00:34 - 2012-03-05 10:25 - 00000000 ____D C:\ProgramData\VeriFace
2015-08-23 00:34 - 2012-03-05 10:19 - 00494182 _____ C:\windows\system32\fastboot.set
2015-08-23 00:33 - 2009-07-14 00:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-23 00:14 - 2015-06-10 18:25 - 00001420 _____ C:\Users\George\Desktop\Rkill.txt
2015-08-22 23:45 - 2015-04-26 12:59 - 00000000 ____D C:\Users\George\AppData\Roaming\Skype
2015-08-22 10:50 - 2015-04-17 18:41 - 00000000 ___RD C:\Users\George\Desktop\shortcuts
2015-08-22 10:44 - 2015-04-26 12:59 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 10:28 - 2012-03-05 09:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-22 09:48 - 2015-06-14 13:58 - 00000000 ____D C:\Users\George\AppData\Local\CrashDumps
2015-08-21 17:40 - 2015-04-17 18:02 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-18 23:39 - 2009-07-13 21:34 - 00450771 ____R C:\windows\system32\Drivers\etc\hosts.20150822-083803.backup
2015-08-13 08:01 - 2009-07-13 22:20 - 00000000 ____D C:\windows\rescache
2015-08-13 07:23 - 2015-04-22 21:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 07:23 - 2015-04-22 21:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 07:23 - 2009-07-13 23:45 - 00437984 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-13 07:21 - 2015-04-17 21:35 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-13 07:21 - 2015-04-17 21:35 - 00000000 ____D C:\windows\system32\appraiser
2015-08-13 07:04 - 2015-04-22 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 06:58 - 2015-04-17 20:07 - 00000000 ____D C:\windows\system32\MRT
2015-08-13 06:55 - 2015-04-17 20:07 - 132483416 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-11 17:48 - 2015-06-12 17:22 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 17:48 - 2015-04-20 06:15 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 17:48 - 2015-04-20 06:15 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-09 20:48 - 2015-04-17 22:53 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-09 14:11 - 2015-04-17 18:55 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-08-09 14:11 - 2015-04-17 18:55 - 00000000 ____D C:\Program Files\paint.net
2015-08-09 09:54 - 2015-04-17 17:23 - 00000000 ____D C:\Users\George
2015-08-06 21:34 - 2015-04-17 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VCDS
2015-08-04 16:23 - 2015-07-02 16:14 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-04 16:22 - 2015-07-02 16:14 - 00003554 _____ C:\windows\System32\Tasks\GarminUpdaterTask
2015-08-04 16:22 - 2015-07-02 16:14 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-07-29 18:36 - 2015-07-10 08:39 - 00000000 ___HD C:\$Windows.~BT
2015-07-29 18:18 - 2015-06-09 17:38 - 00000000 ____D C:\Program Files\HWiNFO64
2015-07-29 18:15 - 2011-02-22 06:19 - 00000000 ____D C:\windows\Panther
2015-07-29 17:11 - 2009-07-13 22:20 - 00000000 ___HD C:\windows\system32\GroupPolicy
2015-07-26 11:54 - 2015-05-03 22:39 - 00000000 ____D C:\Users\George\AppData\Local\Windows Live
2015-07-25 17:07 - 2015-04-17 21:35 - 00000000 ___SD C:\windows\system32\GWX
2015-07-25 11:23 - 2009-07-13 21:34 - 00450771 ____R C:\windows\system32\Drivers\etc\hosts.20150818-233948.backup
==================== Files in the root of some directories =======
2015-06-06 12:37 - 2015-06-07 08:38 - 0000115 _____ () C:\Users\George\AppData\Roaming\LogFile.txt
2015-05-30 13:37 - 2015-05-30 13:46 - 0007601 _____ () C:\Users\George\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\George\AppData\Local\Temp\70a7fa85-269a-43f1-9439-9b47574a5de1.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-13 07:53
==================== End of log ============================
For grins
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:09:41 AM, on 8/23/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Program Files\AVAST Software\Avast\avastUi.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\George\Desktop\New folder (2)\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~1\MuteSync.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: RT-Updater.lnk = C:\Ross-Tech\VCDS\VCDS.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14841 bytes
Edited by gmcjetpilot, 23 August 2015 - 09:05 AM.