I am having trouble with an adnxs redirect hijacker. The problem occurred while reading mail in AOL 9.7. After opening the first email, (timing varies) I start getting a popup with continuously adding small advertisements within the popup. I can close the popup but it comes back. Basically I cannot use my email because this overwrites everything. The problem does not occur outside of AOL.
However, just prior to writing this email, I reopened AOL twice to get a screen shot of the adnxs, but it did not recur. Instead, I got a Security Alert The security certificate for this site has been revoked. This site should not be trusted message.
I am including a screen shot of the security alert but do not have one of the adnxs problem.
I have AVG 2015 as my antivirus.
I do not have a boot CD or Windows install disc.
GMER was run with C: NOT CHECKED. (I was unclear about that)
In addition, my laptop is extremely slow at startup. Also, there are many times during the day that it seems to be very busy doing other things even though no virus scan is scheduled. The usual programs such as AVG, Bit Defender, Superantispyware, and MalwareBytes have not found anything in the past besides Tracking Cookies.
ANY SUGGESTIONS?Thank You
My computer
Toshiba laptop 32 bit system (64 capable)
Windows 7 Service Pack 1
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17496
Run by Maris at 9:40:55 on 2014-12-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1790.739 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\atiesrxx.exe
C:\windows\system32\atieclxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\taskeng.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\windows\system32\EscSvc.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Fitbit\fitbit.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Common Files\aol\1335242208\ee\aolsoftware.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Users\Maris\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe
C:\Program Files\Fitbit\fitbit-tray.exe
C:\Program Files\AOL Desktop 9.7\waol.exe
C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\windows\system32\DllHost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\AOL Desktop 9.7\shellmon.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\Macromed\Flash\FlashUtil32_15_0_0_246_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/
uSearch Bar = Preserve
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SanDiskSecureAccess_Manager.exe] c:\users\maris\appdata\roaming\sandisk\SanDiskSecureAccess_Manager.exe
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [ABBYY Screenshot Reader Bonus] "c:\program files\abbyy finereader 9.0 sprint\Bonus.ScreenshotReader.exe" -autorun
uRun: [Fitbit Service Monitor] c:\program files\fitbit\fitbit-tray.exe
uRun: [AOL Fast Start] "c:\program files\aol desktop 9.7\AOL.EXE" -b
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP
mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60
mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [HostManager] c:\program files\common files\aol\1335242208\ee\AOLSoftware.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [BingDesktop] c:\program files\microsoft\bingdesktop\BingDesktop.exe /fromkey
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [FUFAXRCV] "c:\program files\epson software\fax utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"
mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup
mRun: [NortonOnlineBackupReminder] "c:\program files\toshiba\toshiba online backup\activation\TobuActivation.exe" UNATTENDED
mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\imageb~1.lnk - c:\program files\canon\imagebrowser ex\MFManager.exe
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{9A2C832A-3E88-42DB-8D70-FFA7F014AFC6} : DHCPNameServer = 100.100.0.102
TCP: Interfaces\{AE00E06E-1CD1-441C-84ED-DA8C7F6F4972} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{AE00E06E-1CD1-441C-84ED-DA8C7F6F4972}\0484F6D65653132363 : DHCPNameServer = 192.168.0.1 205.171.2.65 0.0.0.0
TCP: Interfaces\{AE00E06E-1CD1-441C-84ED-DA8C7F6F4972}\250564F5055726C69636 : DHCPNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{AE00E06E-1CD1-441C-84ED-DA8C7F6F4972}\3486562727970234275656B60275946494 : DHCPNameServer = 208.67.222.222 208.67.220.220 208.67.222.220
TCP: Interfaces\{AE00E06E-1CD1-441C-84ED-DA8C7F6F4972}\3516E646961613 : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\39.0.2171.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-18 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-10-5 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-10-29 213784]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-28 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-10-10 200984]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-7-20 42784]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-3-28 176128]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2015\avgidsagent.exe [2014-11-9 3488784]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2015\avgwdsvc.exe [2014-11-9 298080]
R2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\microsoft\bingdesktop\BingDesktopUpdater.exe [2014-6-3 173792]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2012-5-10 539744]
R2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\escsvc.exe [2013-7-11 122000]
R2 Fitbit;Fitbit Data Uploader;c:\program files\fitbit\fitbit.exe [2014-3-12 773152]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-3-28 167936]
R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2010-3-28 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-8-3 111960]
RUnknown SASKUTIL;SASKUTIL; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-12-9 102912]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-2-2 14848]
S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [2014-3-12 21992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-2-2 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-20 1343400]
.
=============== Created Last 30 ================
.
2014-12-19 04:52:32 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-11 14:54:50 114904 ----a-w- c:\windows\system32\drivers\49AE2606.sys
2014-12-10 14:53:18 -------- d-----w- c:\windows\system32\appraiser
2014-12-10 06:13:18 3209728 ----a-w- c:\windows\system32\mf.dll
2014-12-10 04:10:16 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-12-10 04:10:11 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-10 04:10:06 1160872 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 04:10:05 728576 ----a-w- c:\windows\system32\appraiser.dll
2014-12-10 04:10:05 159744 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 04:10:04 873984 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 04:10:02 610304 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 04:05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-10 04:05:05 155136 ----a-w- c:\windows\system32\charmap.exe
2014-12-10 04:05:01 1177088 ----a-w- c:\windows\system32\WsmSvc.dll
2014-12-10 04:04:56 248832 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2014-12-10 04:04:56 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2014-12-10 04:04:56 198656 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2014-12-10 04:04:56 145920 ----a-w- c:\windows\system32\WsmAuto.dll
.
==================== Find3M ====================
.
2014-12-10 16:16:35 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 16:16:35 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-04 04:38:59 337920 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 04:38:40 315392 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 04:38:36 202752 ----a-w- c:\windows\system32\aepdu.dll
2014-11-22 02:20:44 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 02:20:30 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:07:43 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 01:55:14 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 01:54:30 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 01:48:26 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 01:40:04 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 01:22:49 2052096 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- c:\windows\system32\wininet.dll
2014-11-18 21:56:48 1202848 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 02:44:32 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-10-30 04:34:52 213784 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-10-25 01:32:37 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-18 01:33:18 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-14 01:56:19 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50:50 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50:41 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-14 01:50:39 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47:30 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 22:13:58 200984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-10-10 00:45:54 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 01:44:42 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:44:31 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:44:26 475136 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:44:26 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- c:\windows\system32\AudioSes.dll
.
============= FINISH: 9:44:09.09 ===============
However, just prior to writing this email, I reopened AOL twice to get a screen shot of the adnxs, but it did not recur. Instead, I got a Security Alert The security certificate for this site has been revoked. This site should not be trusted message.
I am including a screen shot of the security alert but do not have one of the adnxs problem.
I have AVG 2015 as my antivirus.
I do not have a boot CD or Windows install disc.
GMER was run with C: NOT CHECKED. (I was unclear about that)
In addition, my laptop is extremely slow at startup. Also, there are many times during the day that it seems to be very busy doing other things even though no virus scan is scheduled. The usual programs such as AVG, Bit Defender, Superantispyware, and MalwareBytes have not found anything in the past besides Tracking Cookies.
ANY SUGGESTIONS?Thank You
My computer
Toshiba laptop 32 bit system (64 capable)
Windows 7 Service Pack 1
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17496
Run by Maris at 9:40:55 on 2014-12-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1790.739 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\atiesrxx.exe
C:\windows\system32\atieclxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\taskeng.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\windows\system32\EscSvc.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Fitbit\fitbit.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Common Files\aol\1335242208\ee\aolsoftware.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Users\Maris\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe
C:\Program Files\Fitbit\fitbit-tray.exe
C:\Program Files\AOL Desktop 9.7\waol.exe
C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\windows\system32\DllHost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\AOL Desktop 9.7\shellmon.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\Macromed\Flash\FlashUtil32_15_0_0_246_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/
uSearch Bar = Preserve
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SanDiskSecureAccess_Manager.exe] c:\users\maris\appdata\roaming\sandisk\SanDiskSecureAccess_Manager.exe
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [ABBYY Screenshot Reader Bonus] "c:\program files\abbyy finereader 9.0 sprint\Bonus.ScreenshotReader.exe" -autorun
uRun: [Fitbit Service Monitor] c:\program files\fitbit\fitbit-tray.exe
uRun: [AOL Fast Start] "c:\program files\aol desktop 9.7\AOL.EXE" -b
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP
mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60
mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [HostManager] c:\program files\common files\aol\1335242208\ee\AOLSoftware.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [BingDesktop] c:\program files\microsoft\bingdesktop\BingDesktop.exe /fromkey
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [FUFAXRCV] "c:\program files\epson software\fax utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"
mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup
mRun: [NortonOnlineBackupReminder] "c:\program files\toshiba\toshiba online backup\activation\TobuActivation.exe" UNATTENDED
mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\imageb~1.lnk - c:\program files\canon\imagebrowser ex\MFManager.exe
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{9A2C832A-3E88-42DB-8D70-FFA7F014AFC6} : DHCPNameServer = 100.100.0.102
TCP: Interfaces\{AE00E06E-1CD1-441C-84ED-DA8C7F6F4972} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{AE00E06E-1CD1-441C-84ED-DA8C7F6F4972}\0484F6D65653132363 : DHCPNameServer = 192.168.0.1 205.171.2.65 0.0.0.0
TCP: Interfaces\{AE00E06E-1CD1-441C-84ED-DA8C7F6F4972}\250564F5055726C69636 : DHCPNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{AE00E06E-1CD1-441C-84ED-DA8C7F6F4972}\3486562727970234275656B60275946494 : DHCPNameServer = 208.67.222.222 208.67.220.220 208.67.222.220
TCP: Interfaces\{AE00E06E-1CD1-441C-84ED-DA8C7F6F4972}\3516E646961613 : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\39.0.2171.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-18 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-10-5 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-10-29 213784]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-28 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-10-10 200984]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-7-20 42784]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-3-28 176128]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2015\avgidsagent.exe [2014-11-9 3488784]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2015\avgwdsvc.exe [2014-11-9 298080]
R2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\microsoft\bingdesktop\BingDesktopUpdater.exe [2014-6-3 173792]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2012-5-10 539744]
R2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\escsvc.exe [2013-7-11 122000]
R2 Fitbit;Fitbit Data Uploader;c:\program files\fitbit\fitbit.exe [2014-3-12 773152]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-3-28 167936]
R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2010-3-28 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-8-3 111960]
RUnknown SASKUTIL;SASKUTIL; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-12-9 102912]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-2-2 14848]
S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [2014-3-12 21992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-2-2 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-20 1343400]
.
=============== Created Last 30 ================
.
2014-12-19 04:52:32 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-11 14:54:50 114904 ----a-w- c:\windows\system32\drivers\49AE2606.sys
2014-12-10 14:53:18 -------- d-----w- c:\windows\system32\appraiser
2014-12-10 06:13:18 3209728 ----a-w- c:\windows\system32\mf.dll
2014-12-10 04:10:16 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-12-10 04:10:11 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-10 04:10:06 1160872 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 04:10:05 728576 ----a-w- c:\windows\system32\appraiser.dll
2014-12-10 04:10:05 159744 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 04:10:04 873984 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 04:10:02 610304 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 04:05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-10 04:05:05 155136 ----a-w- c:\windows\system32\charmap.exe
2014-12-10 04:05:01 1177088 ----a-w- c:\windows\system32\WsmSvc.dll
2014-12-10 04:04:56 248832 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2014-12-10 04:04:56 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2014-12-10 04:04:56 198656 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2014-12-10 04:04:56 145920 ----a-w- c:\windows\system32\WsmAuto.dll
.
==================== Find3M ====================
.
2014-12-10 16:16:35 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 16:16:35 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-04 04:38:59 337920 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 04:38:40 315392 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 04:38:36 202752 ----a-w- c:\windows\system32\aepdu.dll
2014-11-22 02:20:44 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 02:20:30 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:07:43 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 01:55:14 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 01:54:30 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 01:48:26 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 01:40:04 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 01:22:49 2052096 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- c:\windows\system32\wininet.dll
2014-11-18 21:56:48 1202848 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 02:44:32 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-10-30 04:34:52 213784 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-10-25 01:32:37 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-18 01:33:18 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-14 01:56:19 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50:50 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50:41 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-14 01:50:39 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47:30 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 22:13:58 200984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-10-10 00:45:54 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 01:44:42 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:44:31 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:44:26 475136 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:44:26 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- c:\windows\system32\AudioSes.dll
.
============= FINISH: 9:44:09.09 ===============