Hi again. A friend gave me his computer to look at, and I think it has more than I know how to deal with wrong with it. He reports that it is very slow and is having problems getting on the internet. Any help would be appreciated, the logs are attached.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17344
Run by carol at 16:23:25 on 2014-11-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2663.671 [GMT -6:00]
.
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\windows\system32\TODDSrv.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\IncrediMail\Bin\ImNotfy.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\system32\wuauclt.exe
C:\windows\system32\taskeng.exe
C:\Windows\system32\WUDFHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\vssvc.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.toshiba.com/g/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://start.toshiba.com/g/
uDefault_Search_URL = hxxp://www.google.com/ie
uProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Users\carol\AppData\LocalLow\IncrediMail_MediaBar_2\prxtbInc0.dll
mURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Users\carol\AppData\LocalLow\IncrediMail_MediaBar_2\prxtbInc0.dll
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
BHO: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Users\carol\AppData\LocalLow\IncrediMail_MediaBar_2\prxtbInc0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: IncrediMail MediaBar 2 Toolbar: {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Users\carol\AppData\LocalLow\IncrediMail_MediaBar_2\prxtbInc0.dll
TB: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Users\carol\AppData\LocalLow\IncrediMail_MediaBar_2\prxtbInc0.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
uRun: [Facebook Update] "C:\Users\carol\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [BackgroundContainerV2] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\carol\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{7A641C64-768D-4D8C-80B9-8ACDF3D065AE} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{AD336FC6-EAEE-4968-9B6A-93B28B911A7C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{AD336FC6-EAEE-4968-9B6A-93B28B911A7C}\131313433303537393 : DHCPNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-7-18 75904]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-7-18 38016]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R1 avkmgr;avkmgr;C:\windows\System32\drivers\avkmgr.sys [2013-11-15 28600]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-7-18 203776]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-11-15 431920]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-15 431920]
R2 avgntflt;avgntflt;C:\windows\System32\drivers\avgntflt.sys [2013-11-15 119272]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 125584]
R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe [2011-7-18 123320]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [2011-7-18 126392]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-1-7 2984832]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-11-11 137512]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-7-18 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-9-27 76912]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-7-18 38096]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-7-18 51576]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\windows\System32\drivers\btfilter.sys [2010-10-18 42096]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-10-15 111616]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-7-18 243712]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-1-7 1255736]
S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2013-11-15 994552]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-11-15 22:19:58 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8F09C489-AE8C-41B8-948D-054115D924BF}\gapaengine.dll
2014-11-15 22:16:53 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A678F6F-E18C-4E34-A426-A7BCD891BC47}\mpengine.dll
2014-11-06 15:50:53 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-06 15:50:53 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D1A74973-7810-4CE9-BB6B-F5D835390C41}\mpengine.dll
2014-11-05 11:07:08 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCD548A3-D177-4B1F-9981-902D1B0D17ED}\gapaengine.dll
.
==================== Find3M ====================
.
2014-10-30 11:25:26 275080 ------w- C:\windows\System32\MpSigStub.exe
2014-10-15 00:41:18 43064 ----a-w- C:\windows\System32\drivers\avnetflt.sys
2014-10-15 00:41:15 119272 ----a-w- C:\windows\System32\drivers\avgntflt.sys
2014-09-29 00:58:48 3198976 ----a-w- C:\windows\System32\win32k.sys
2014-09-25 22:32:04 2017280 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-09-25 22:31:02 2108416 ----a-w- C:\windows\System32\inetcpl.cpl
2014-09-19 01:56:02 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-09-19 01:55:49 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-09-19 01:40:43 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-09-19 01:40:03 547328 ----a-w- C:\windows\System32\vbscript.dll
2014-09-19 01:39:58 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-09-19 01:38:27 83968 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-09-19 01:36:57 5829632 ----a-w- C:\windows\System32\jscript9.dll
2014-09-19 01:26:00 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-09-19 01:25:49 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-09-19 01:25:12 4201472 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-09-19 01:25:09 758272 ----a-w- C:\windows\System32\jscript9diag.dll
2014-09-19 01:18:02 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-09-19 01:14:57 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-09-19 01:06:47 72704 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-09-19 01:02:07 454656 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-09-19 01:01:47 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-09-19 01:01:03 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-09-19 00:59:40 61952 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-09-19 00:50:16 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-09-19 00:49:31 597504 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-09-19 00:40:12 1249280 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-09-19 00:36:23 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-09-19 00:33:18 2309632 ----a-w- C:\windows\System32\wininet.dll
2014-09-19 00:18:55 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-09-18 23:59:11 1810944 ----a-w- C:\windows\SysWow64\wininet.dll
2014-09-13 01:58:18 77312 ----a-w- C:\windows\System32\packager.dll
2014-09-13 01:40:05 67072 ----a-w- C:\windows\SysWow64\packager.dll
2014-09-04 05:23:20 424448 ----a-w- C:\windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\windows\SysWow64\rastls.dll
2014-08-23 02:07:00 404480 ----a-w- C:\windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\windows\SysWow64\gdi32.dll
.
============= FINISH: 16:24:04.06 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17344
Run by carol at 16:23:25 on 2014-11-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2663.671 [GMT -6:00]
.
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\windows\system32\TODDSrv.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\IncrediMail\Bin\ImNotfy.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\system32\wuauclt.exe
C:\windows\system32\taskeng.exe
C:\Windows\system32\WUDFHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\vssvc.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.toshiba.com/g/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://start.toshiba.com/g/
uDefault_Search_URL = hxxp://www.google.com/ie
uProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Users\carol\AppData\LocalLow\IncrediMail_MediaBar_2\prxtbInc0.dll
mURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Users\carol\AppData\LocalLow\IncrediMail_MediaBar_2\prxtbInc0.dll
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
BHO: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Users\carol\AppData\LocalLow\IncrediMail_MediaBar_2\prxtbInc0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: IncrediMail MediaBar 2 Toolbar: {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Users\carol\AppData\LocalLow\IncrediMail_MediaBar_2\prxtbInc0.dll
TB: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Users\carol\AppData\LocalLow\IncrediMail_MediaBar_2\prxtbInc0.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
uRun: [Facebook Update] "C:\Users\carol\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [BackgroundContainerV2] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\carol\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{7A641C64-768D-4D8C-80B9-8ACDF3D065AE} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{AD336FC6-EAEE-4968-9B6A-93B28B911A7C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{AD336FC6-EAEE-4968-9B6A-93B28B911A7C}\131313433303537393 : DHCPNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-7-18 75904]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-7-18 38016]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R1 avkmgr;avkmgr;C:\windows\System32\drivers\avkmgr.sys [2013-11-15 28600]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-7-18 203776]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-11-15 431920]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-15 431920]
R2 avgntflt;avgntflt;C:\windows\System32\drivers\avgntflt.sys [2013-11-15 119272]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 125584]
R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe [2011-7-18 123320]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [2011-7-18 126392]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-1-7 2984832]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-11-11 137512]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-7-18 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-9-27 76912]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-7-18 38096]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-7-18 51576]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\windows\System32\drivers\btfilter.sys [2010-10-18 42096]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-10-15 111616]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-7-18 243712]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-1-7 1255736]
S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2013-11-15 994552]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-11-15 22:19:58 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8F09C489-AE8C-41B8-948D-054115D924BF}\gapaengine.dll
2014-11-15 22:16:53 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A678F6F-E18C-4E34-A426-A7BCD891BC47}\mpengine.dll
2014-11-06 15:50:53 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-06 15:50:53 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D1A74973-7810-4CE9-BB6B-F5D835390C41}\mpengine.dll
2014-11-05 11:07:08 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCD548A3-D177-4B1F-9981-902D1B0D17ED}\gapaengine.dll
.
==================== Find3M ====================
.
2014-10-30 11:25:26 275080 ------w- C:\windows\System32\MpSigStub.exe
2014-10-15 00:41:18 43064 ----a-w- C:\windows\System32\drivers\avnetflt.sys
2014-10-15 00:41:15 119272 ----a-w- C:\windows\System32\drivers\avgntflt.sys
2014-09-29 00:58:48 3198976 ----a-w- C:\windows\System32\win32k.sys
2014-09-25 22:32:04 2017280 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-09-25 22:31:02 2108416 ----a-w- C:\windows\System32\inetcpl.cpl
2014-09-19 01:56:02 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-09-19 01:55:49 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-09-19 01:40:43 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-09-19 01:40:03 547328 ----a-w- C:\windows\System32\vbscript.dll
2014-09-19 01:39:58 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-09-19 01:38:27 83968 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-09-19 01:36:57 5829632 ----a-w- C:\windows\System32\jscript9.dll
2014-09-19 01:26:00 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-09-19 01:25:49 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-09-19 01:25:12 4201472 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-09-19 01:25:09 758272 ----a-w- C:\windows\System32\jscript9diag.dll
2014-09-19 01:18:02 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-09-19 01:14:57 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-09-19 01:06:47 72704 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-09-19 01:02:07 454656 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-09-19 01:01:47 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-09-19 01:01:03 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-09-19 00:59:40 61952 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-09-19 00:50:16 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-09-19 00:49:31 597504 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-09-19 00:40:12 1249280 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-09-19 00:36:23 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-09-19 00:33:18 2309632 ----a-w- C:\windows\System32\wininet.dll
2014-09-19 00:18:55 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-09-18 23:59:11 1810944 ----a-w- C:\windows\SysWow64\wininet.dll
2014-09-13 01:58:18 77312 ----a-w- C:\windows\System32\packager.dll
2014-09-13 01:40:05 67072 ----a-w- C:\windows\SysWow64\packager.dll
2014-09-04 05:23:20 424448 ----a-w- C:\windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\windows\SysWow64\rastls.dll
2014-08-23 02:07:00 404480 ----a-w- C:\windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\windows\SysWow64\gdi32.dll
.
============= FINISH: 16:24:04.06 ===============