Hi.
I have a laptop which must be infected with viruses etc.
When I open chrome or IE new pages open up to ad sites. The antivirus which is already installed is notifying me of background changes and system changes from unknown (for me) program names I can't remember now.
I installed AVG and tried a cleanup, and it seems when AVG tries to remove a certain file/program the file/program just duplicates into a new one, making it not possible to get rid of the problem.
Basically I'm infected, and help is appreciated.
I don't have access to a boot CD atm.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17728
Run by TC at 15:49:25 on 2015-05-12
Microsoft Windows 7 Professional 6.1.7601.1.1252.47.1044.18.3817.1334 [GMT 2:00]
.
AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {8242D66F-41BD-4049-C2E6-E578E73B62A0}
SP: Trend Micro OfficeScan Anti-spyware *Enabled/Updated* {3923378B-6787-4FC7-F856-DE0A9CBC281D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Trend Micro Personal Firewall *Enabled* {650F1FDD-CD54-C70F-BA20-58ECC0C35D07}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
c:\windows\system32\svchost.exe -k dcomlaunch
C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
C:\Windows\system32\ibmpmsvc.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
c:\windows\system32\svchost.exe -k networkservice
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k wbiosvcgroup
c:\windows\system32\svchost.exe -k localservicenonetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\svchost.exe -k regsvc
c:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\igfxEM.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\Windows\system32\valWBFPolicyService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Windows\SysWOW64\rundll32.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe
C:\Windows\system32\taskeng.exe
C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
c:\windows\system32\svchost.exe -k localservicepeernet
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
c:\windows\system32\svchost.exe -k secsvcs
C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe
C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe
C:\Program Files (x86)\Elex-tech\YAC\iSafe.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Elex-tech\YAC\ipcdl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418203365&from=wpm12103&uid=HGSTXHTS725050A7E630_TF655BWJ08V0NR08V0NRX
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.delta-homes.com/?type=hp&ts=1418203365&from=wpm12103&uid=HGSTXHTS725050A7E630_TF655BWJ08V0NR08V0NRX
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418203365&from=wpm12103&uid=HGSTXHTS725050A7E630_TF655BWJ08V0NR08V0NRX
mDefault_Search_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\IE32\TmBpIe32.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
mRun: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
mRun: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\IGPXTS~1.LNK - C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: LastPass - C:\Users\TC\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fyll felt - C:\Users\TC\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 8.8.8.8
TCP: Interfaces\{210A1925-CBED-4FD9-8A13-CEDAD151CC2A} : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{210A1925-CBED-4FD9-8A13-CEDAD151CC2A} : DHCPNameServer = 217.173.252.229 217.173.252.228
TCP: Interfaces\{2DEF87D4-8B8E-49C9-9AB0-628ADD9AEC9D} : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921} : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921} : DHCPNameServer = 8.8.8.8
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\130323432303D274A65637475627 : DHCPNameServer = 82.196.201.43 82.196.193.143
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\130323432303D275C414E4 : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\130323432303D275C414E4 : DHCPNameServer = 217.173.247.196 217.173.247.206
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\261636B65707 : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\261636B65707 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\4556C656E6F62793735373B6C6F6 : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\4556C656E6F62793735373B6C6F6 : DHCPNameServer = 193.213.112.4 130.67.15.198
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\845737564702D6564602465602271627560296 : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\845737564702D6564602465602271627560296 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\E43524F594E445542514B4459465 : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\E43524F594E445542514B4459465 : DHCPNameServer = 192.168.101.1 192.168.101.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\IE32\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mSearch Page = hxxp://www.google.com
x64-mDefault_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418203365&from=wpm12103&uid=HGSTXHTS725050A7E630_TF655BWJ08V0NR08V0NRX
x64-mDefault_Search_URL = hxxp://www.google.com
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\TmBpIe64.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Run: [Enhanced Performance Keyboard] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe
x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TpShocks] TpShocks.exe
x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2014-7-13 29512]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-7-13 20464]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2014-1-29 29496]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2013-9-24 97768]
R1 iSafeKrnl;YAC Mini-Filter Driver;C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2015-2-5 249000]
R1 iSafeKrnlKit;YAC Kit Driver;C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2015-2-5 99496]
R1 iSafeKrnlMon;YAC Monitor Driver;C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2015-2-5 42152]
R1 iSafeKrnlR3;YAC Ring3 Driver;C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2015-2-5 93352]
R1 iSafeNetFilter;YAC NDIS Driver;C:\Windows\System32\drivers\iSafeNetFilter.sys [2015-5-12 52392]
R1 TmLwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2012-6-21 197432]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-10-3 1137016]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2013-10-10 1689976]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-10-3 1157496]
R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2013-10-12 9281840]
R2 FastbootService;FastbootService;C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2014-7-13 140016]
R2 ibtsiva;Intel Bluetooth Service;C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-7-13 113096]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2014-7-13 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-7-13 131544]
R2 iSafeService;YAC Service;C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2015-2-5 120128]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-7-13 169432]
R2 L4301_Solar;Logitech Solar Keyboard Service;C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [2013-1-30 405744]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2014-7-13 59952]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2014-11-4 110128]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2014-7-13 74288]
R2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller;C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-7-13 198704]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2014-7-13 136288]
R2 lnvDiscoveryWinSvc;lnvDiscoveryWinSvc;C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [2014-7-13 21552]
R2 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [2014-2-14 230920]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2014-2-14 69640]
R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2013-8-29 69480]
R2 TmFilter;Trend Micro Filter;C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmxpflt.sys [2013-4-16 351032]
R2 TmPreFilter;Trend Micro PreFilter;C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmpreflt.sys [2013-4-16 44856]
R2 tmWfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2012-6-21 338232]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2014-11-4 124400]
R2 TPHKSVC;Visning på skjermen;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2014-11-4 126512]
R2 ValBioService;ValBioService;C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [2014-7-21 22872]
R2 valWBFPolicyService;Validity WBF Policy Service;C:\Windows\System32\valWBFPolicyService.exe [2014-1-17 49040]
R2 WtuSystemSupport;WtuSystemSupport;C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [2015-5-12 620056]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2014-1-8 3674864]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2014-7-13 495376]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-7-13 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-7-13 786416]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2013-11-12 25528]
R3 Power Manager DBC Service;Power Manager Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2014-7-13 1668904]
R3 QuickControlService;Lenovo QuickControl Service;C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2014-2-12 322608]
R3 RTSPER;Realtek PCIE Card Reader - PER;C:\Windows\System32\drivers\RtsPer.sys [2014-7-13 424664]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2014-7-13 31472]
R3 TmCCSF;OfficeScan Common Client Solution Framework;C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe [2014-4-7 701064]
R3 tmeevw;tmeevw;C:\Windows\System32\drivers\tmeevw.sys [2012-12-8 102712]
R3 tmnciesc;tmnciesc;C:\Windows\System32\drivers\tmnciesc.sys [2013-5-15 407864]
R3 TmPfw;OfficeScan NT Firewall;C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe [2015-2-2 596744]
R3 TmProxy;OfficeScan NT Proxy Service;C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe [2015-2-2 929328]
R3 tvtvcamd;Camera Plus (VGA Resolution Maximum);C:\Windows\System32\drivers\tvtvcamd.sys [2014-7-13 27432]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2013-6-21 206744]
R3 vm331avs;Digital Camera 1;C:\Windows\System32\drivers\vm331avs.sys [2014-7-13 1070080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 QuickControlMasterSvc;Lenovo QuickControl Master Service;C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2014-2-12 59440]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 vToolbarUpdater18.4.0;vToolbarUpdater18.4.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [?]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2013-7-23 140600]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2013-10-19 1408824]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2014-7-13 320576]
S3 Fastboot;Fastboot;C:\Windows\System32\drivers\Fastboot.sys [2014-7-13 54000]
S3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter;C:\Windows\System32\drivers\ibtusb.sys [2013-10-3 142280]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-5-5 114688]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2013-11-12 35256]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-7-13 450520]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-12 822232]
S3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-2-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;C:\Program Files (x86)\Common Files\Lenovo\easyplussdk\bin\EPHotspot64.exe [2014-7-13 532224]
S3 LSCWinService;LSCWinService;C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-1-8 284912]
S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2014-7-13 1664808]
S3 StorSvc;Oppbevaringstjeneste;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-10-2 1255736]
.
=============== Created Last 30 ================
.
2015-05-12 13:37:35 52392 ----a-w- C:\Windows\System32\drivers\iSafeNetFilter.sys
2015-05-12 13:37:14 -------- d-----w- C:\Users\TC\AppData\Roaming\Elex-tech
2015-05-12 13:28:45 -------- d-----w- C:\AdwCleaner
2015-05-12 13:21:21 -------- d-----w- C:\Program Files (x86)\ESET
2015-05-12 12:59:10 -------- d-----w- C:\Users\TC\AppData\Local\AVG Web TuneUp
2015-05-12 12:57:07 12032440 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8AF1FB99-F17E-4B25-B810-3686DBD4E4DD}\mpengine.dll
2015-05-12 12:56:41 -------- d-----w- C:\ProgramData\AVG Web TuneUp
2015-05-12 12:56:28 -------- d-----w- C:\Program Files (x86)\AVG Web TuneUp
2015-05-10 12:17:01 -------- d-----w- C:\Users\TC\AppData\Roaming\AVG
2015-05-10 12:14:18 -------- d-----w- C:\Users\TC\AppData\Local\Avg
2015-05-10 12:13:27 -------- d-----w- C:\ProgramData\AVG
2015-05-10 12:06:43 -------- d-----w- C:\Users\TC\AppData\Roaming\AVG2015
2015-05-10 12:05:29 -------- d-----w- C:\Users\TC\AppData\Roaming\TuneUp Software
2015-05-10 12:04:15 -------- d--h--w- C:\$AVG
2015-05-10 12:04:15 -------- d-----w- C:\ProgramData\AVG2015
2015-05-10 12:02:53 -------- d-----w- C:\Program Files (x86)\AVG
2015-05-10 11:57:44 -------- d--h--w- C:\ProgramData\Common Files
2015-05-10 11:57:44 -------- d-----w- C:\Users\TC\AppData\Local\MFAData
2015-05-10 11:57:44 -------- d-----w- C:\Users\TC\AppData\Local\Avg2015
2015-05-10 11:57:44 -------- d-----w- C:\ProgramData\MFAData
2015-05-08 18:03:50 -------- d-----w- C:\Users\TC\AppData\Roaming\Nitro
2015-05-06 03:14:31 -------- d-s---w- C:\Windows\SysWow64\GWX
2015-05-06 03:14:30 -------- d-s---w- C:\Windows\System32\GWX
2015-05-05 12:19:02 950272 ----a-w- C:\Windows\System32\perftrack.dll
2015-05-05 12:19:02 91136 ----a-w- C:\Windows\System32\wdi.dll
2015-05-05 12:19:02 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
2015-05-05 12:19:02 29696 ----a-w- C:\Windows\System32\powertracker.dll
2015-05-05 12:08:34 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2015-05-05 12:08:34 46080 ----a-w- C:\Windows\System32\atmlib.dll
2015-05-05 12:08:34 41984 ----a-w- C:\Windows\System32\lpk.dll
2015-05-05 12:08:34 372224 ----a-w- C:\Windows\System32\atmfd.dll
2015-05-05 12:08:34 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2015-05-05 12:08:34 299008 ----a-w- C:\Windows\SysWow64\atmfd.dll
2015-05-05 12:08:34 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2015-05-05 12:08:34 14336 ----a-w- C:\Windows\System32\dciman32.dll
2015-05-05 12:08:34 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2015-05-05 12:08:34 100864 ----a-w- C:\Windows\System32\fontsub.dll
2015-05-05 12:04:40 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-05-05 12:03:58 404480 ----a-w- C:\Windows\System32\gdi32.dll
2015-05-05 12:03:58 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2015-05-05 12:03:53 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2015-05-05 12:03:53 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2015-05-05 12:03:52 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2015-05-05 12:03:52 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2015-05-05 12:03:48 754688 ----a-w- C:\Windows\System32\drivers\http.sys
2015-05-05 12:03:41 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2015-05-05 12:03:41 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2015-05-05 12:01:00 3722752 ----a-w- C:\Windows\System32\mstscax.dll
2015-05-05 12:00:59 3221504 ----a-w- C:\Windows\SysWow64\mstscax.dll
2015-05-05 12:00:55 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2015-05-05 12:00:11 828928 ----a-w- C:\Windows\SysWow64\msctf.dll
2015-05-05 12:00:11 1067520 ----a-w- C:\Windows\System32\msctf.dll
2015-05-05 11:52:13 3204096 ----a-w- C:\Windows\System32\win32k.sys
2015-05-05 11:52:05 406528 ----a-w- C:\Windows\System32\scesrv.dll
2015-05-05 11:52:04 308224 ----a-w- C:\Windows\SysWow64\scesrv.dll
2015-05-05 11:51:56 79360 ----a-w- C:\Windows\System32\clfsw32.dll
2015-05-05 11:51:56 58880 ----a-w- C:\Windows\SysWow64\clfsw32.dll
2015-05-05 11:51:56 367552 ----a-w- C:\Windows\System32\clfs.sys
2015-05-05 11:46:21 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2015-05-05 11:46:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
.
==================== Find3M ====================
.
2015-05-10 09:55:13 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-05-10 09:55:13 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-05 11:51:32 655920 ----a-w- C:\Windows\TSCCensus64.exe
2015-03-25 03:24:41 98304 ----a-w- C:\Windows\System32\wudriver.dll
2015-03-25 03:24:41 3298816 ----a-w- C:\Windows\System32\wucltux.dll
2015-03-25 03:24:41 191488 ----a-w- C:\Windows\System32\wuwebv.dll
2015-03-25 03:24:08 60416 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-03-25 03:23:58 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-03-25 03:23:55 36864 ----a-w- C:\Windows\System32\wuapp.exe
2015-03-25 03:00:57 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-03-25 03:00:15 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-03-23 03:25:15 726528 ----a-w- C:\Windows\System32\generaltel.dll
2015-03-23 03:25:01 769536 ----a-w- C:\Windows\System32\invagent.dll
2015-03-23 03:24:56 419840 ----a-w- C:\Windows\System32\devinv.dll
2015-03-23 03:24:54 957952 ----a-w- C:\Windows\System32\appraiser.dll
2015-03-23 03:24:53 30720 ----a-w- C:\Windows\System32\acmigration.dll
2015-03-23 03:24:53 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-03-23 03:24:53 192000 ----a-w- C:\Windows\System32\aepic.dll
2015-03-23 03:17:39 1111552 ----a-w- C:\Windows\System32\aeinv.dll
2015-03-17 05:22:37 5557696 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-03-17 05:22:35 95672 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-03-17 05:22:35 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-03-17 05:19:37 1727904 ----a-w- C:\Windows\System32\ntdll.dll
2015-03-17 05:17:00 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-03-17 05:17:00 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-03-17 05:17:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-03-17 05:15:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-03-17 05:15:44 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-03-17 05:15:40 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-03-17 05:13:29 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-03-17 05:13:17 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-03-17 05:01:09 3976632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-03-17 05:01:09 3920824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-03-17 04:59:26 1309696 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-03-17 04:57:25 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-03-17 04:57:21 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-03-17 04:57:20 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-03-17 04:57:17 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-03-17 04:57:17 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-03-17 04:57:13 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2015-03-17 04:57:12 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-03-17 04:57:11 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-03-17 04:57:07 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-03-17 04:56:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-03-17 04:56:56 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2015-03-17 04:56:41 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-03-17 04:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-03-17 04:56:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-03-17 04:56:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-03-17 04:56:00 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-03-17 04:53:35 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-03-17 04:53:13 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-03-17 03:45:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-03-17 03:45:23 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-03-17 03:43:04 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-17 03:43:04 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-03-17 03:43:04 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-03-17 03:43:03 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-03-13 04:25:14 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-03-13 04:25:01 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-03-13 04:09:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-03-13 04:08:33 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-03-13 04:08:27 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-03-13 04:08:17 417280 ----a-w- C:\Windows\System32\html.iec
2015-03-13 04:06:54 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-03-13 03:54:11 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-03-13 03:54:00 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-03-13 03:53:22 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-03-13 03:50:45 6025216 ----a-w- C:\Windows\System32\jscript9.dll
2015-03-13 03:44:48 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-03-13 03:42:18 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-03-13 03:32:48 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-03-13 03:28:48 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-03-13 03:28:37 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-03-13 03:27:51 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-03-13 03:27:35 340992 ----a-w- C:\Windows\SysWow64\html.iec
2015-03-13 03:26:19 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-03-13 03:16:26 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-03-13 03:15:40 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-03-13 03:05:50 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-03-13 03:05:24 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-03-13 03:01:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-03-13 02:49:21 4305408 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-03-13 02:45:57 2358784 ----a-w- C:\Windows\System32\wininet.dll
2015-03-13 02:43:41 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-03-13 02:42:47 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-03-13 02:20:28 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-02-24 02:17:24 295552 ------w- C:\Windows\System32\MpSigStub.exe
2015-02-17 13:29:58 1247912 ----a-w- C:\Windows\SysWow64\FM20.DLL
2015-01-06 12:30:45 14147584 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-11-13 12:26:57 50053120 ----a-w- C:\Program Files (x86)\GUTA8A2.tmp
.
============= FINISH: 15:50:19,41 ===============
I have a laptop which must be infected with viruses etc.
When I open chrome or IE new pages open up to ad sites. The antivirus which is already installed is notifying me of background changes and system changes from unknown (for me) program names I can't remember now.
I installed AVG and tried a cleanup, and it seems when AVG tries to remove a certain file/program the file/program just duplicates into a new one, making it not possible to get rid of the problem.
Basically I'm infected, and help is appreciated.
I don't have access to a boot CD atm.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17728
Run by TC at 15:49:25 on 2015-05-12
Microsoft Windows 7 Professional 6.1.7601.1.1252.47.1044.18.3817.1334 [GMT 2:00]
.
AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {8242D66F-41BD-4049-C2E6-E578E73B62A0}
SP: Trend Micro OfficeScan Anti-spyware *Enabled/Updated* {3923378B-6787-4FC7-F856-DE0A9CBC281D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Trend Micro Personal Firewall *Enabled* {650F1FDD-CD54-C70F-BA20-58ECC0C35D07}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
c:\windows\system32\svchost.exe -k dcomlaunch
C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
C:\Windows\system32\ibmpmsvc.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
c:\windows\system32\svchost.exe -k networkservice
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k wbiosvcgroup
c:\windows\system32\svchost.exe -k localservicenonetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\svchost.exe -k regsvc
c:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\igfxEM.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\Windows\system32\valWBFPolicyService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Windows\SysWOW64\rundll32.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe
C:\Windows\system32\taskeng.exe
C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
c:\windows\system32\svchost.exe -k localservicepeernet
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
c:\windows\system32\svchost.exe -k secsvcs
C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe
C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe
C:\Program Files (x86)\Elex-tech\YAC\iSafe.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Elex-tech\YAC\ipcdl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418203365&from=wpm12103&uid=HGSTXHTS725050A7E630_TF655BWJ08V0NR08V0NRX
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.delta-homes.com/?type=hp&ts=1418203365&from=wpm12103&uid=HGSTXHTS725050A7E630_TF655BWJ08V0NR08V0NRX
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418203365&from=wpm12103&uid=HGSTXHTS725050A7E630_TF655BWJ08V0NR08V0NRX
mDefault_Search_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\IE32\TmBpIe32.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
mRun: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
mRun: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\IGPXTS~1.LNK - C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: LastPass - C:\Users\TC\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fyll felt - C:\Users\TC\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 8.8.8.8
TCP: Interfaces\{210A1925-CBED-4FD9-8A13-CEDAD151CC2A} : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{210A1925-CBED-4FD9-8A13-CEDAD151CC2A} : DHCPNameServer = 217.173.252.229 217.173.252.228
TCP: Interfaces\{2DEF87D4-8B8E-49C9-9AB0-628ADD9AEC9D} : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921} : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921} : DHCPNameServer = 8.8.8.8
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\130323432303D274A65637475627 : DHCPNameServer = 82.196.201.43 82.196.193.143
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\130323432303D275C414E4 : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\130323432303D275C414E4 : DHCPNameServer = 217.173.247.196 217.173.247.206
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\261636B65707 : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\261636B65707 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\4556C656E6F62793735373B6C6F6 : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\4556C656E6F62793735373B6C6F6 : DHCPNameServer = 193.213.112.4 130.67.15.198
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\845737564702D6564602465602271627560296 : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\845737564702D6564602465602271627560296 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\E43524F594E445542514B4459465 : NameServer = 31.168.224.106,5.135.12.52
TCP: Interfaces\{BEDFD3DC-BB78-4B18-AF2B-5B2628F16921}\E43524F594E445542514B4459465 : DHCPNameServer = 192.168.101.1 192.168.101.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\IE32\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mSearch Page = hxxp://www.google.com
x64-mDefault_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418203365&from=wpm12103&uid=HGSTXHTS725050A7E630_TF655BWJ08V0NR08V0NRX
x64-mDefault_Search_URL = hxxp://www.google.com
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\TmBpIe64.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Run: [Enhanced Performance Keyboard] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe
x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TpShocks] TpShocks.exe
x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2014-7-13 29512]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-7-13 20464]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2014-1-29 29496]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2013-9-24 97768]
R1 iSafeKrnl;YAC Mini-Filter Driver;C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2015-2-5 249000]
R1 iSafeKrnlKit;YAC Kit Driver;C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2015-2-5 99496]
R1 iSafeKrnlMon;YAC Monitor Driver;C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2015-2-5 42152]
R1 iSafeKrnlR3;YAC Ring3 Driver;C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2015-2-5 93352]
R1 iSafeNetFilter;YAC NDIS Driver;C:\Windows\System32\drivers\iSafeNetFilter.sys [2015-5-12 52392]
R1 TmLwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2012-6-21 197432]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-10-3 1137016]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2013-10-10 1689976]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-10-3 1157496]
R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2013-10-12 9281840]
R2 FastbootService;FastbootService;C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2014-7-13 140016]
R2 ibtsiva;Intel Bluetooth Service;C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-7-13 113096]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2014-7-13 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-7-13 131544]
R2 iSafeService;YAC Service;C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2015-2-5 120128]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-7-13 169432]
R2 L4301_Solar;Logitech Solar Keyboard Service;C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [2013-1-30 405744]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2014-7-13 59952]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2014-11-4 110128]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2014-7-13 74288]
R2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller;C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-7-13 198704]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2014-7-13 136288]
R2 lnvDiscoveryWinSvc;lnvDiscoveryWinSvc;C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [2014-7-13 21552]
R2 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [2014-2-14 230920]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2014-2-14 69640]
R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2013-8-29 69480]
R2 TmFilter;Trend Micro Filter;C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmxpflt.sys [2013-4-16 351032]
R2 TmPreFilter;Trend Micro PreFilter;C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmpreflt.sys [2013-4-16 44856]
R2 tmWfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2012-6-21 338232]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2014-11-4 124400]
R2 TPHKSVC;Visning på skjermen;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2014-11-4 126512]
R2 ValBioService;ValBioService;C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [2014-7-21 22872]
R2 valWBFPolicyService;Validity WBF Policy Service;C:\Windows\System32\valWBFPolicyService.exe [2014-1-17 49040]
R2 WtuSystemSupport;WtuSystemSupport;C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [2015-5-12 620056]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2014-1-8 3674864]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2014-7-13 495376]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-7-13 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-7-13 786416]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2013-11-12 25528]
R3 Power Manager DBC Service;Power Manager Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2014-7-13 1668904]
R3 QuickControlService;Lenovo QuickControl Service;C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2014-2-12 322608]
R3 RTSPER;Realtek PCIE Card Reader - PER;C:\Windows\System32\drivers\RtsPer.sys [2014-7-13 424664]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2014-7-13 31472]
R3 TmCCSF;OfficeScan Common Client Solution Framework;C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe [2014-4-7 701064]
R3 tmeevw;tmeevw;C:\Windows\System32\drivers\tmeevw.sys [2012-12-8 102712]
R3 tmnciesc;tmnciesc;C:\Windows\System32\drivers\tmnciesc.sys [2013-5-15 407864]
R3 TmPfw;OfficeScan NT Firewall;C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe [2015-2-2 596744]
R3 TmProxy;OfficeScan NT Proxy Service;C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe [2015-2-2 929328]
R3 tvtvcamd;Camera Plus (VGA Resolution Maximum);C:\Windows\System32\drivers\tvtvcamd.sys [2014-7-13 27432]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2013-6-21 206744]
R3 vm331avs;Digital Camera 1;C:\Windows\System32\drivers\vm331avs.sys [2014-7-13 1070080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 QuickControlMasterSvc;Lenovo QuickControl Master Service;C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2014-2-12 59440]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 vToolbarUpdater18.4.0;vToolbarUpdater18.4.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [?]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2013-7-23 140600]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2013-10-19 1408824]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2014-7-13 320576]
S3 Fastboot;Fastboot;C:\Windows\System32\drivers\Fastboot.sys [2014-7-13 54000]
S3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter;C:\Windows\System32\drivers\ibtusb.sys [2013-10-3 142280]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-5-5 114688]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2013-11-12 35256]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-7-13 450520]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-12 822232]
S3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-2-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;C:\Program Files (x86)\Common Files\Lenovo\easyplussdk\bin\EPHotspot64.exe [2014-7-13 532224]
S3 LSCWinService;LSCWinService;C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-1-8 284912]
S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2014-7-13 1664808]
S3 StorSvc;Oppbevaringstjeneste;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-10-2 1255736]
.
=============== Created Last 30 ================
.
2015-05-12 13:37:35 52392 ----a-w- C:\Windows\System32\drivers\iSafeNetFilter.sys
2015-05-12 13:37:14 -------- d-----w- C:\Users\TC\AppData\Roaming\Elex-tech
2015-05-12 13:28:45 -------- d-----w- C:\AdwCleaner
2015-05-12 13:21:21 -------- d-----w- C:\Program Files (x86)\ESET
2015-05-12 12:59:10 -------- d-----w- C:\Users\TC\AppData\Local\AVG Web TuneUp
2015-05-12 12:57:07 12032440 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8AF1FB99-F17E-4B25-B810-3686DBD4E4DD}\mpengine.dll
2015-05-12 12:56:41 -------- d-----w- C:\ProgramData\AVG Web TuneUp
2015-05-12 12:56:28 -------- d-----w- C:\Program Files (x86)\AVG Web TuneUp
2015-05-10 12:17:01 -------- d-----w- C:\Users\TC\AppData\Roaming\AVG
2015-05-10 12:14:18 -------- d-----w- C:\Users\TC\AppData\Local\Avg
2015-05-10 12:13:27 -------- d-----w- C:\ProgramData\AVG
2015-05-10 12:06:43 -------- d-----w- C:\Users\TC\AppData\Roaming\AVG2015
2015-05-10 12:05:29 -------- d-----w- C:\Users\TC\AppData\Roaming\TuneUp Software
2015-05-10 12:04:15 -------- d--h--w- C:\$AVG
2015-05-10 12:04:15 -------- d-----w- C:\ProgramData\AVG2015
2015-05-10 12:02:53 -------- d-----w- C:\Program Files (x86)\AVG
2015-05-10 11:57:44 -------- d--h--w- C:\ProgramData\Common Files
2015-05-10 11:57:44 -------- d-----w- C:\Users\TC\AppData\Local\MFAData
2015-05-10 11:57:44 -------- d-----w- C:\Users\TC\AppData\Local\Avg2015
2015-05-10 11:57:44 -------- d-----w- C:\ProgramData\MFAData
2015-05-08 18:03:50 -------- d-----w- C:\Users\TC\AppData\Roaming\Nitro
2015-05-06 03:14:31 -------- d-s---w- C:\Windows\SysWow64\GWX
2015-05-06 03:14:30 -------- d-s---w- C:\Windows\System32\GWX
2015-05-05 12:19:02 950272 ----a-w- C:\Windows\System32\perftrack.dll
2015-05-05 12:19:02 91136 ----a-w- C:\Windows\System32\wdi.dll
2015-05-05 12:19:02 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
2015-05-05 12:19:02 29696 ----a-w- C:\Windows\System32\powertracker.dll
2015-05-05 12:08:34 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2015-05-05 12:08:34 46080 ----a-w- C:\Windows\System32\atmlib.dll
2015-05-05 12:08:34 41984 ----a-w- C:\Windows\System32\lpk.dll
2015-05-05 12:08:34 372224 ----a-w- C:\Windows\System32\atmfd.dll
2015-05-05 12:08:34 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2015-05-05 12:08:34 299008 ----a-w- C:\Windows\SysWow64\atmfd.dll
2015-05-05 12:08:34 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2015-05-05 12:08:34 14336 ----a-w- C:\Windows\System32\dciman32.dll
2015-05-05 12:08:34 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2015-05-05 12:08:34 100864 ----a-w- C:\Windows\System32\fontsub.dll
2015-05-05 12:04:40 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-05-05 12:03:58 404480 ----a-w- C:\Windows\System32\gdi32.dll
2015-05-05 12:03:58 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2015-05-05 12:03:53 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2015-05-05 12:03:53 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2015-05-05 12:03:52 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2015-05-05 12:03:52 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2015-05-05 12:03:48 754688 ----a-w- C:\Windows\System32\drivers\http.sys
2015-05-05 12:03:41 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2015-05-05 12:03:41 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2015-05-05 12:01:00 3722752 ----a-w- C:\Windows\System32\mstscax.dll
2015-05-05 12:00:59 3221504 ----a-w- C:\Windows\SysWow64\mstscax.dll
2015-05-05 12:00:55 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2015-05-05 12:00:11 828928 ----a-w- C:\Windows\SysWow64\msctf.dll
2015-05-05 12:00:11 1067520 ----a-w- C:\Windows\System32\msctf.dll
2015-05-05 11:52:13 3204096 ----a-w- C:\Windows\System32\win32k.sys
2015-05-05 11:52:05 406528 ----a-w- C:\Windows\System32\scesrv.dll
2015-05-05 11:52:04 308224 ----a-w- C:\Windows\SysWow64\scesrv.dll
2015-05-05 11:51:56 79360 ----a-w- C:\Windows\System32\clfsw32.dll
2015-05-05 11:51:56 58880 ----a-w- C:\Windows\SysWow64\clfsw32.dll
2015-05-05 11:51:56 367552 ----a-w- C:\Windows\System32\clfs.sys
2015-05-05 11:46:21 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2015-05-05 11:46:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
.
==================== Find3M ====================
.
2015-05-10 09:55:13 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-05-10 09:55:13 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-05 11:51:32 655920 ----a-w- C:\Windows\TSCCensus64.exe
2015-03-25 03:24:41 98304 ----a-w- C:\Windows\System32\wudriver.dll
2015-03-25 03:24:41 3298816 ----a-w- C:\Windows\System32\wucltux.dll
2015-03-25 03:24:41 191488 ----a-w- C:\Windows\System32\wuwebv.dll
2015-03-25 03:24:08 60416 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-03-25 03:23:58 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-03-25 03:23:55 36864 ----a-w- C:\Windows\System32\wuapp.exe
2015-03-25 03:00:57 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-03-25 03:00:15 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-03-23 03:25:15 726528 ----a-w- C:\Windows\System32\generaltel.dll
2015-03-23 03:25:01 769536 ----a-w- C:\Windows\System32\invagent.dll
2015-03-23 03:24:56 419840 ----a-w- C:\Windows\System32\devinv.dll
2015-03-23 03:24:54 957952 ----a-w- C:\Windows\System32\appraiser.dll
2015-03-23 03:24:53 30720 ----a-w- C:\Windows\System32\acmigration.dll
2015-03-23 03:24:53 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-03-23 03:24:53 192000 ----a-w- C:\Windows\System32\aepic.dll
2015-03-23 03:17:39 1111552 ----a-w- C:\Windows\System32\aeinv.dll
2015-03-17 05:22:37 5557696 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-03-17 05:22:35 95672 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-03-17 05:22:35 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-03-17 05:19:37 1727904 ----a-w- C:\Windows\System32\ntdll.dll
2015-03-17 05:17:00 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-03-17 05:17:00 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-03-17 05:17:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-03-17 05:15:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-03-17 05:15:44 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-03-17 05:15:40 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-03-17 05:13:29 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-03-17 05:13:17 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-03-17 05:01:09 3976632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-03-17 05:01:09 3920824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-03-17 04:59:26 1309696 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-03-17 04:57:25 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-03-17 04:57:21 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-03-17 04:57:20 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-03-17 04:57:17 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-03-17 04:57:17 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-03-17 04:57:13 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2015-03-17 04:57:12 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-03-17 04:57:11 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-03-17 04:57:07 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-03-17 04:56:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-03-17 04:56:56 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2015-03-17 04:56:41 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-03-17 04:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-03-17 04:56:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-03-17 04:56:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-03-17 04:56:00 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-03-17 04:53:35 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-03-17 04:53:13 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-03-17 03:45:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-03-17 03:45:23 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-03-17 03:43:04 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-17 03:43:04 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-03-17 03:43:04 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-03-17 03:43:03 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-03-13 04:25:14 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-03-13 04:25:01 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-03-13 04:09:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-03-13 04:08:33 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-03-13 04:08:27 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-03-13 04:08:17 417280 ----a-w- C:\Windows\System32\html.iec
2015-03-13 04:06:54 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-03-13 03:54:11 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-03-13 03:54:00 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-03-13 03:53:22 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-03-13 03:50:45 6025216 ----a-w- C:\Windows\System32\jscript9.dll
2015-03-13 03:44:48 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-03-13 03:42:18 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-03-13 03:32:48 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-03-13 03:28:48 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-03-13 03:28:37 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-03-13 03:27:51 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-03-13 03:27:35 340992 ----a-w- C:\Windows\SysWow64\html.iec
2015-03-13 03:26:19 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-03-13 03:16:26 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-03-13 03:15:40 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-03-13 03:05:50 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-03-13 03:05:24 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-03-13 03:01:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-03-13 02:49:21 4305408 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-03-13 02:45:57 2358784 ----a-w- C:\Windows\System32\wininet.dll
2015-03-13 02:43:41 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-03-13 02:42:47 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-03-13 02:20:28 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-02-24 02:17:24 295552 ------w- C:\Windows\System32\MpSigStub.exe
2015-02-17 13:29:58 1247912 ----a-w- C:\Windows\SysWow64\FM20.DLL
2015-01-06 12:30:45 14147584 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-11-13 12:26:57 50053120 ----a-w- C:\Program Files (x86)\GUTA8A2.tmp
.
============= FINISH: 15:50:19,41 ===============