ping jest ale strony nie otwieraja sie

Wszystko co dotyczy bezpieczeństwa systemów oraz walki z malware, w szczególności analiza logów
tholin85

Użytkownik
Posty: 3
Rejestracja: 08 lip 2016, 22:24

ping jest ale strony nie otwieraja sie

Post08 lip 2016, 22:30

Witam wszystkich to pierwszy posta na tym forum mam nadzieje ze rozwiążemy problem

Już użyłem programu
Winsock Repair

I nic

z czego mam wrzucić logi? do sprawdzenia.
Systemy na maszynie wirtualnej internet śmiga:)

Kod: Zaznacz cały

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        MSAFD Tcpip [TCP/IPv6]
Provider ID:                        {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1001
Version:                            2
Address Family:                     23
Max Address Length:                 28
Min Address Length:                 28
Socket Type:                        1
Protocol:                           6
Service Flags:                      0x20066
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        MSAFD Tcpip [UDP/IPv6]
Provider ID:                        {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1002
Version:                            2
Address Family:                     23
Max Address Length:                 28
Min Address Length:                 28
Socket Type:                        2
Protocol:                           17
Service Flags:                      0x20609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        MSAFD Tcpip [RAW/IPv6]
Provider ID:                        {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1003
Version:                            2
Address Family:                     23
Max Address Length:                 28
Min Address Length:                 28
Socket Type:                        3
Protocol:                           0
Service Flags:                      0x20609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        MSAFD Tcpip [TCP/IP]
Provider ID:                        {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1004
Version:                            2
Address Family:                     2
Max Address Length:                 16
Min Address Length:                 16
Socket Type:                        1
Protocol:                           6
Service Flags:                      0x20066
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        MSAFD Tcpip [UDP/IP]
Provider ID:                        {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1005
Version:                            2
Address Family:                     2
Max Address Length:                 16
Min Address Length:                 16
Socket Type:                        2
Protocol:                           17
Service Flags:                      0x20609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        MSAFD Tcpip [RAW/IP]
Provider ID:                        {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1006
Version:                            2
Address Family:                     2
Max Address Length:                 16
Min Address Length:                 16
Socket Type:                        3
Protocol:                           0
Service Flags:                      0x20609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        RSVP TCPv6 Service Provider
Provider ID:                        {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1007
Version:                            2
Address Family:                     23
Max Address Length:                 28
Min Address Length:                 28
Socket Type:                        1
Protocol:                           6
Service Flags:                      0x22066
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        RSVP TCP Service Provider
Provider ID:                        {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1008
Version:                            2
Address Family:                     2
Max Address Length:                 16
Min Address Length:                 16
Socket Type:                        1
Protocol:                           6
Service Flags:                      0x22066
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        RSVP UDPv6 Service Provider
Provider ID:                        {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1009
Version:                            2
Address Family:                     23
Max Address Length:                 28
Min Address Length:                 28
Socket Type:                        2
Protocol:                           17
Service Flags:                      0x22609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        RSVP UDP Service Provider
Provider ID:                        {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1010
Version:                            2
Address Family:                     2
Max Address Length:                 16
Min Address Length:                 16
Socket Type:                        2
Protocol:                           17
Service Flags:                      0x22609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider
Description:                        MSAFD RfComm [Bluetooth]
Provider ID:                        {9FC48064-7298-43E4-B7BD-181F2089792A}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1011
Version:                            2
Address Family:                     32
Max Address Length:                 30
Min Address Length:                 30
Socket Type:                        1
Protocol:                           3
Service Flags:                      0x20026
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        MSAFD Tcpip [TCP/IPv6]
Provider ID:                        {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1001
Version:                            2
Address Family:                     23
Max Address Length:                 28
Min Address Length:                 28
Socket Type:                        1
Protocol:                           6
Service Flags:                      0x20066
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        MSAFD Tcpip [UDP/IPv6]
Provider ID:                        {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1002
Version:                            2
Address Family:                     23
Max Address Length:                 28
Min Address Length:                 28
Socket Type:                        2
Protocol:                           17
Service Flags:                      0x20609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        MSAFD Tcpip [RAW/IPv6]
Provider ID:                        {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1003
Version:                            2
Address Family:                     23
Max Address Length:                 28
Min Address Length:                 28
Socket Type:                        3
Protocol:                           0
Service Flags:                      0x20609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        MSAFD Tcpip [TCP/IP]
Provider ID:                        {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1004
Version:                            2
Address Family:                     2
Max Address Length:                 16
Min Address Length:                 16
Socket Type:                        1
Protocol:                           6
Service Flags:                      0x20066
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        MSAFD Tcpip [UDP/IP]
Provider ID:                        {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1005
Version:                            2
Address Family:                     2
Max Address Length:                 16
Min Address Length:                 16
Socket Type:                        2
Protocol:                           17
Service Flags:                      0x20609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        MSAFD Tcpip [RAW/IP]
Provider ID:                        {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1006
Version:                            2
Address Family:                     2
Max Address Length:                 16
Min Address Length:                 16
Socket Type:                        3
Protocol:                           0
Service Flags:                      0x20609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        RSVP TCPv6 Service Provider
Provider ID:                        {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1007
Version:                            2
Address Family:                     23
Max Address Length:                 28
Min Address Length:                 28
Socket Type:                        1
Protocol:                           6
Service Flags:                      0x22066
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        RSVP TCP Service Provider
Provider ID:                        {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1008
Version:                            2
Address Family:                     2
Max Address Length:                 16
Min Address Length:                 16
Socket Type:                        1
Protocol:                           6
Service Flags:                      0x22066
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        RSVP UDPv6 Service Provider
Provider ID:                        {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1009
Version:                            2
Address Family:                     23
Max Address Length:                 28
Min Address Length:                 28
Socket Type:                        2
Protocol:                           17
Service Flags:                      0x22609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        RSVP UDP Service Provider
Provider ID:                        {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1010
Version:                            2
Address Family:                     2
Max Address Length:                 16
Min Address Length:                 16
Socket Type:                        2
Protocol:                           17
Service Flags:                      0x22609
Protocol Chain Length:              1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type:                         Base Service Provider (32)
Description:                        MSAFD RfComm [Bluetooth]
Provider ID:                        {9FC48064-7298-43E4-B7BD-181F2089792A}
Provider Path:                      %SystemRoot%\system32\mswsock.dll
Catalog Entry ID:                   1011
Version:                            2
Address Family:                     32
Max Address Length:                 30
Min Address Length:                 30
Socket Type:                        1
Protocol:                           3
Service Flags:                      0x20026
Protocol Chain Length:              1

Name Space Provider Entry
------------------------------------------------------
Description:                        Network Location Awareness Legacy (NLAv1) Namespace
Provider ID:                        {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Name Space:                         15
Active:                             1
Version:                            0


Name Space Provider Entry
------------------------------------------------------
Description:                        E-mail Naming Shim Provider
Provider ID:                        {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Name Space:                         37
Active:                             1
Version:                            0


Name Space Provider Entry
------------------------------------------------------
Description:                        PNRP Cloud Namespace Provider
Provider ID:                        {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Name Space:                         39
Active:                             1
Version:                            0


Name Space Provider Entry
------------------------------------------------------
Description:                        PNRP Name Namespace Provider
Provider ID:                        {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Name Space:                         38
Active:                             1
Version:                            0


Name Space Provider Entry
------------------------------------------------------
Description:                        Tcpip
Provider ID:                        {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Name Space:                         12
Active:                             1
Version:                            0


Name Space Provider Entry
------------------------------------------------------
Description:                        NTDS
Provider ID:                        {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Name Space:                         32
Active:                             1
Version:                            0


Name Space Provider Entry
------------------------------------------------------
Description:                        Bluetooth Namespace
Provider ID:                        {06AA63E0-7D60-41FF-AFB2-3EE6D2D9392D}
Name Space:                         16
Active:                             1
Version:                            0


Name Space Provider Entry (32)
------------------------------------------------------
Description:                        Network Location Awareness Legacy (NLAv1) Namespace
Provider ID:                        {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Name Space:                         15
Active:                             1
Version:                            0


Name Space Provider Entry (32)
------------------------------------------------------
Description:                        E-mail Naming Shim Provider
Provider ID:                        {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Name Space:                         37
Active:                             1
Version:                            0


Name Space Provider Entry (32)
------------------------------------------------------
Description:                        PNRP Cloud Namespace Provider
Provider ID:                        {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Name Space:                         39
Active:                             1
Version:                            0


Name Space Provider Entry (32)
------------------------------------------------------
Description:                        PNRP Name Namespace Provider
Provider ID:                        {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Name Space:                         38
Active:                             1
Version:                            0


Name Space Provider Entry (32)
------------------------------------------------------
Description:                        Tcpip
Provider ID:                        {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Name Space:                         12
Active:                             1
Version:                            0


Name Space Provider Entry (32)
------------------------------------------------------
Description:                        NTDS
Provider ID:                        {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Name Space:                         32
Active:                             1
Version:                            0


Name Space Provider Entry (32)
------------------------------------------------------
Description:                        Bluetooth Namespace
Provider ID:                        {06AA63E0-7D60-41FF-AFB2-3EE6D2D9392D}
Name Space:                         16
Active:                             1
Version:                            0



Awatar użytkownika
djarta

Globalny Moderator
Posty: 5854
Rejestracja: 26 gru 2008, 17:15
Lokalizacja: Białystok
Kontaktowanie:

ping jest ale strony nie otwieraja sie

Post09 lip 2016, 11:22


tholin85

Użytkownik
Posty: 3
Rejestracja: 08 lip 2016, 22:24

ping jest ale strony nie otwieraja sie

Post09 lip 2016, 16:09

bylem dzis w pracy i internet smiga a w domu nie.
dodam ze komputer sluzbowy.

Kod: Zaznacz cały

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2016
Ran by az001 (2016-07-09 14:29:20)
Running from C:\2. Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-09-30 12:33:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1989012621-2353769758-1042696421-500 - Administrator - Disabled)
Alfonzo Lopez (S-1-5-21-1989012621-2353769758-1042696421-1000 - Administrator - Enabled) => C:\Users\Alfonzo Lopez
Guest (S-1-5-21-1989012621-2353769758-1042696421-501 - Limited - Disabled)
SophosSAULIBRA0 (S-1-5-21-1989012621-2353769758-1042696421-1001 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Sophos Client Firewall (Disabled) {539079D2-74D9-BC45-BA38-256B34D54D52}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
7-Zip 16.01 (x64) (HKLM\...\7-Zip) (Version: 16.01 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{977CC22B-7461-5A6F-7143-9801C4287BE6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Bullzip PDF Printer 10.24.0.2543 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.24.0.2543 - Bullzip)
Common Components3 (x32 Version: 1.00.0001 - MITSUBISHI) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
CW Configurator (HKLM-x32\...\{FC365B28-14E9-42F1-A5D7-1EC7A56E0635}) (Version: 1.000A - MITSUBISHI ELECTRIC CORPORATION)
CW Configurator (x32 Version: 1.00.00153 - MITSUBISHI ELECTRIC CORPORATION) Hidden
DataTransfer (HKLM-x32\...\{10CCB691-12D1-4FF8-9B4E-6F3E45F482EA}) (Version: 3.12N - MITSUBISHI ELECTRIC CORPORATION)
DataTransfer (x32 Version: 1.15.9999 - MITSUBISHI ELECTRIC CORPORATION) Hidden
DisplayLink Core Software (HKLM\...\{58F4C39B-D946-4A45-A314-DEFC2AFDF397}) (Version: 7.5.54609.0 - DisplayLink Corp.)
DocumentConverter (HKLM-x32\...\{8DF227D4-3B7C-4192-979D-141024285DAB}) (Version: 2.09K - MITSUBISHI ELECTRIC CORPORATION)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
DriverTools 1.0 (HKLM-x32\...\DriverTools) (Version: 1.0 - Huawei Technologies Co.,Ltd)
E-Designer 7 (HKLM-x32\...\{B7FEEEC2-76AD-493E-9ACA-CD3B155778BA}) (Version:  - )
e-Manual Viewer (HKLM-x32\...\{B32A5030-4C4A-400A-B481-E83FD13F930E}) (Version: 1.08.000 - MITSUBISHI ELECTRIC CORPORATION)
FR Configurator2 (HKLM-x32\...\{E8205322-F92F-4D7D-BF4C-4A8A78D21DB5}) (Version: 1.03D - MITSUBISHI ELECTRIC CORPORATION)
FR Configurator2(Developer) (x32 Version: 1.99.00012 - MITSUBISHI ELECTRIC CORPORATION) Hidden
FX Configurator-EN (HKLM-x32\...\FX Configurator-EN) (Version:  - )
FX Configurator-FP (HKLM-x32\...\FX Configurator-FP) (Version:  - )
FX-TRN-BEG-E (HKLM-x32\...\FX-TRN-BEG-E) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GT Converter2 (HKLM-x32\...\{827827CE-6F04-4F93-B0FC-33B2ABFC599F}) (Version: 3.16S - MITSUBISHI ELECTRIC CORPORATION)
GT Designer3 (GOT1000) (HKLM-x32\...\{08A028CB-C02D-4EB6-A8D6-A3A340A0CBA7}) (Version: 1.127H - MITSUBISHI ELECTRIC CORPORATION)
GT Designer3 (GOT1000) (x32 Version: 1.00.0000 - MITSUBISHI ELECTRIC CORPORATION) Hidden
GT Designer3 (GOT2000) (HKLM-x32\...\{AA642D58-D246-4948-86F9-4D3587F58B32}) (Version: 1.127H - MITSUBISHI ELECTRIC CORPORATION)
GT Designer3 (GOT2000) (x32 Version: 1.00.00 - MITSUBISHI ELECTRIC CORPORATION) Hidden
GT Designer3 (GOT2000) Help (English) (HKLM-x32\...\{011FE72D-7580-4BCF-9426-90EF91C65893}) (Version: 1.127H - MITSUBISHI ELECTRIC CORPORATION)
GT Designer3 (GOT2000) Help (Japanese) (HKLM-x32\...\{F81A392C-0A84-4A4E-8CEC-EB2D48109C50}) (Version: 1.127H - MITSUBISHI ELECTRIC CORPORATION)
GT Designer3 (GOT2000) Help (Simplified Chinese) (HKLM-x32\...\{B0756A59-9DE7-48EE-9F63-E5494075EDCE}) (Version: 1.127H - MITSUBISHI ELECTRIC CORPORATION)
GT Manual3 2000 (HKLM-x32\...\{614357D6-E400-4F8C-B9D4-0885FD83D358}) (Version: 1.127H - MITSUBISHI ELECTRIC CORPORATION)
GX Developer (HKLM-x32\...\SWnD5-GPPW) (Version:  - )
GX Simulator (HKLM-x32\...\SWnD5-LLT) (Version:  - )
GX Works2 (HKLM-x32\...\{503ECC02-4461-4D63-B587-83C16E944F06}) (Version: 1.536J - MITSUBISHI ELECTRIC CORPORATION)
GX Works2 (x32 Version: 1.525.00183 - MITSUBISHI ELECTRIC CORPORATION) Hidden
GX Works2 Help (for FXCPU) (HKLM-x32\...\{EAA760B6-690B-4202-8CC9-76509ADC56E4}) (Version: 1.499V - MITSUBISHI ELECTRIC CORPORATION)
GX Works3 (HKLM-x32\...\{3C1033A8-038C-48CA-9254-1CDE9EEE780A}) (Version: 1.015R - MITSUBISHI ELECTRIC CORPORATION)
GX Works3 (x32 Version: 1.07.00919 - MITSUBISHI ELECTRIC CORPORATION) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4285 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.3.60 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{5BBC7722-E4D9-4406-A8B9-1E11A23B9EAF}) (Version: 5.0.32.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation)
iPlus manager 2.3 (HKLM-x32\...\iPlus manager_is1) (Version:  - )
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
keytech 13 (HKLM-x32\...\{003D810A-E763-4832-9860-F226797561B2}) (Version: 13.01.0008 - keytech Software GmbH)
K-Lite Mega Codec Pack 12.1.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.1.5 - KLCP)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.12 - )
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.16.0 - Lenovo)
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.80.10 - Lenovo)
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
Lenovo PowerENGAGE (HKLM-x32\...\{15B15395-FF53-44E1-ADAD-FCC279E3CA10}) (Version: 2.51.0040 - Lenovo Inc.)
Lenovo QuickControl (HKLM-x32\...\{04128C8C-7812-4DCC-816E-9C8AB1D6EECE}) (Version: 2.40 - Lenovo Group Limited)
Lenovo Service Bridge (HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\dda9ca0b023f4c56) (Version: 1.6.3.5 - Lenovo)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0029 - Lenovo)
Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
MELSOFT iQ Works (Disc1) (HKLM-x32\...\{48C00D97-E010-47A2-9ED5-AAE6B9FED81B}) (Version: 2.07H - MITSUBISHI ELECTRIC CORPORATION)
MELSOFT iQ Works (Disc2) (HKLM-x32\...\{179C2806-83DD-4DD2-98C3-859C30188CCC}) (Version: 2.07H - MITSUBISHI ELECTRIC CORPORATION)
MELSOFT Navigator (x32 Version: 2.00.0106 - MITSUBISHI ELECTRIC CORPORATION) Hidden
Message Center Plus (HKLM\...\{C2C2DB64-1BCE-4FA7-962D-457795ECCEC0}) (Version: 3.3.0004.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4833.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MR Configurator2 (HKLM-x32\...\{0A644D63-7BAF-4D2F-828E-E1FF6959E803}) (Version: 1.45X - MITSUBISHI ELECTRIC CORPORATION)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MT Developer2 (HKLM-x32\...\{B71D4666-6BAD-43E6-87DA-AB0A2281CBFF}) (Version: 1.111R - MITSUBISHI ELECTRIC CORPORATION)
MT Developer2 (x32 Version: 1.111.9999 - MITSUBISHI ELECTRIC CORPORATION) Hidden
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
PKZIP Server for Windows 12.40.0008 (HKLM-x32\...\{134A51EB-1BBB-4249-BAF5-494C3D186A06}) (Version: 12.40.0008 - PKWARE, Inc)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited)
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10282 - Realtek Semiconductor Corp.)
RT ToolBox2 (HKLM-x32\...\InstallShield_{2E0433F5-D860-4020-B12D-87BCDF7F1800}) (Version: 1.03.0300 - MITSUBISHI ELECTRIC CORPORATION)
RT ToolBox2 (x32 Version: 1.03.0300 - MITSUBISHI ELECTRIC CORPORATION) Hidden
Siemens Automation License Manager (Version: 05.03.0001 - Siemens AG) Hidden
Siemens Automation License Manager V5.3 + Upd1   (HKLM\...\{34A9817D-BA56-4688-A810-C76ECB118DB4}LicenseManager) (Version: 05.03.0001 - Siemens AG)
SIMATIC  STEP 7 (x32 Version: 05.05.0400 - Siemens AG) Hidden
SIMATIC  STEP 7 V5.5 + SP4   (HKLM-x32\...\{F294AB40-F065-4E65-B510-4EB239B02D70}STEP7) (Version: 05.05.0400 - Siemens AG)
SIMATIC Device Drivers (Version: 01.02.0400 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0100 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0400 - Siemens AG) Hidden
SIMATIC Prosave (x32 Version: 09.00.0300 - Siemens AG) Hidden
SIMATIC Prosave V9.0 incl. SP3   (HKLM-x32\...\{AE533A06-4655-41E8-88BB-48293AAF1FA0}Prosave) (Version: 09.00.0300 - Siemens AG)
SIMATIC S7-Block Privacy (x32 Version: 01.00.0300 - Siemens AG) Hidden
SIMATIC S7-Block Privacy V1.0 + SP3   (HKLM-x32\...\{294F0CDE-61D0-4F05-AABC-EAD7D6289BFD}S7BLP) (Version: 01.00.0300 - Siemens AG)
SIMATIC S7-PCT (x32 Version: 03.02.0000 - Siemens AG) Hidden
SIMATIC S7-PCT V3.2   (HKLM-x32\...\{23037B92-E705-49FF-9584-F8C628A4697B}S7PCT) (Version: 03.02.0000 - Siemens AG)
SIMATIC S7-Web2PLC (x32 Version: 01.00.0201 - Siemens AG) Hidden
SIMATIC S7-Web2PLC V1.0 + SP2 + HF1   (HKLM-x32\...\{D489C025-1B61-4164-BE7F-88242CF27902}Web2PLC) (Version: 01.00.0201 - Siemens AG)
SIMATIC WinCC flexible 2008 SP3 (HKLM-x32\...\InstallShield_{4859C171-B826-4B74-ABCE-501B4C725EA2}) (Version: 01.04.0000 - Siemens AG)
SIMATIC WinCC flexible OCX (x32 Version: 01.04.0000 - Siemens AG) Hidden
SIMATIC WinCC flexible Runtime (x32 Version: 01.04.0000 - Siemens AG) Hidden
SIMATIC WinCC flexible Runtime 2008 SP3   (HKLM-x32\...\{BA076DAD-B2E9-4DE6-8DC3-A12C0E569EAC}HmiRTm) (Version: 01.04.0000 - Siemens AG)
SIMATIC WinCC flexible Runtime Driver (x64) (Version: 01.04.0000 - Siemens AG) Hidden
SIMATIC WinCC flexible Simulator (x32 Version: 01.08.0300 - Siemens AG) Hidden
SIMATIC WinCC flexible Tag Simulator (x32 Version: 01.04.0000 - Siemens AG) Hidden
Simple Motion Module Setting (HKLM-x32\...\{83411090-8959-4A91-AC33-84BECB957B8F}) (Version: 1.117X - MITSUBISHI ELECTRIC CORPORATION)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sophos Anti-Virus (HKLM-x32\...\{09863DA9-7A9B-4430-9561-E04D178D7017}) (Version: 10.6.3.537 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{BCF53039-A7FC-4C79-A3E3-437AE28FD918}) (Version: 5.2.0.276 - Sophos Limited)
Sophos Client Firewall (HKLM-x32\...\{A805FB2A-A844-4cba-8088-CA64087D59E1}) (Version: 2.9.5 - Sophos Limited)
Sophos Network Threat Protection (HKLM\...\{66967E5F-43E8-4402-87A4-04685EE5C2CB}) (Version: 1.2.2.50 - Sophos Limited)
Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 4.0.6 - Sophos Limited)
Sophos System Protection (HKLM-x32\...\{1093B57D-A613-47F3-90CF-0FD5C5DCFFE6}) (Version: 1.3.0 - Sophos Limited)
Tether (HKLM-x32\...\{C5C67EA4-16FA-473C-B274-904A71162DE4}) (Version: 1.0.1 - ClockworkMod)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.36 - Lenovo)
ThinkPad UltraNav Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.216.1616.137 - ALPS ELECTRIC CO., LTD.)
Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.4.911.2013 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.80.03.00 - Lenovo)
VMware Player (HKLM\...\{537B7F85-2B95-44ED-8D90-765F6F36D666}) (Version: 12.1.1 - VMware, Inc.)
WinCC flexible (x32 Version: 01.04.0000 - Siemens AG) Hidden
WinCC flexible Graphics (x32 Version: 1.04.0000 - Siemens AG) Hidden
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Driver Package - Intel (e1dexpress) Net  (09/29/2014 12.12.80.19) (HKLM\...\4ED8788498CF43D3423E6F8A41D0FAAF62902DB0) (Version: 09/29/2014 12.12.80.19 - Intel)
Windows Driver Package - Intel Corporation (iaStorA) HDC  (08/22/2014 13.5.0.1056) (HKLM\...\5EC6580D569A9D3B15C34964E5BB5BC263F05FE5) (Version: 08/22/2014 13.5.0.1056 - Intel Corporation)
Windows Driver Package - Lenovo 1.67.09.03 (11/07/2014 1.67.09.03) (HKLM\...\FA3F6F3D6E8958FDDEE1E09CC77DFA71B0D7835A) (Version: 11/07/2014 1.67.09.03 - Lenovo)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2431899495-1264369763-495456795-6182_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\az001\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2431899495-1264369763-495456795-6182_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\az001\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2431899495-1264369763-495456795-6182_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E82FC84-1F61-481E-BFE9-A546EA1AD4C5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {255DEFE0-4E15-4657-BCD0-135BD05084F0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {28083777-8968-4535-A0FC-74DF2447D0A4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2A9E2BF5-8B98-4A59-92A8-290A5FF2D438} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {2E37E4A7-6E66-457C-8C94-B6AF0CC1B84B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {390A26AD-AAEF-4B44-8322-51477ECC006A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {3DE3B91D-511B-4E48-82FB-F195AC737A65} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-08] (Google Inc.)
Task: {3DF44AEE-2278-41BD-A290-FC4AFA47B5F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-08] (Google Inc.)
Task: {42A0B30E-D839-4F2B-B612-0DE08151E97B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {4732B791-6F2C-4247-9FF9-097EF3CFCEBC} - System32\Tasks\Lenovo\Lenovo PowerENGAGE Update => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)
Task: {4DD17250-0A0E-4ED3-81DA-818A8F4C5CE8} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
Task: {4E545C9B-E101-4115-A79C-EC63F9B4DE82} - System32\Tasks\TVT\LaunchFR => C:\Program Files (x86)\Lenovo\Factory Recovery\FRReminder.exe [2014-08-21] (TODO: <Company name>)
Task: {55FA2654-1672-454A-97E6-A6C7EC08E323} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {5E776D5D-F9BF-4216-9C8A-39D1C0FBEFFA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {62B09DF8-D3F7-4A6A-96FA-F5F4BC78E255} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-05-25] ()
Task: {7814D55B-F49A-4340-BE07-5D481B7B88FD} - System32\Tasks\Weekly => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\BackgroundScanClient.exe [2016-04-11] (Sophos Limited)
Task: {894A1731-BAD1-49CB-A002-AEBBF54F6FEE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {8E4BBB20-E49A-4112-9855-7F2F4517E4BD} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-05-24] ()
Task: {92E1E966-1E37-4D3A-A692-E524F8E9CB9A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {9369CE86-4A91-4346-84F0-8BF0E0483616} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] ()
Task: {A408C1EE-7001-4CDC-ABAD-3382A4397A21} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (Lenovo Group Limited)
Task: {ADD306B5-630B-490D-8A8D-F8F58BB7B7A1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {C167757E-CB25-43A4-B0AD-39EEEA90E4F5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C24BD041-24FA-4444-986B-2A913DA551D9} - System32\Tasks\Lenovo\Lenovo PowerENGAGE => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)
Task: {CB7E3B4F-24E4-4A2A-85EA-444A1E0FCDA3} - System32\Tasks\{5942D743-AADD-455C-A525-5EEEBDCDC2AE} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {D7173435-F84B-4D94-AA41-0F6E030C5555} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
Task: {D80E513D-D4F9-4A53-BA8F-BA3BDEB3F6E7} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2431899495-1264369763-495456795-6182 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\az001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {EB5BF015-9C59-42F2-874E-378868D34626} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2014-09-13] (Lenovo)
Task: {EE7681FC-0314-4A68-AA29-ECC89A1F5B57} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F06BAC24-F42C-4E22-830B-DF0571392AE3} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {FCE8C10B-A7D6-4E82-9771-EC80F19D9BD6} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Weekly.job => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\BackgroundScanClient.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-01-13 10:00 - 2014-01-13 10:00 - 00774144 _____ () C:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin64.dll
2015-10-01 09:46 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-07-04 19:27 - 2013-07-04 19:27 - 00848096 _____ () C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\sn_regbase.dll
2016-04-11 10:09 - 2016-04-11 10:09 - 00233608 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\http.plg
2016-04-11 10:09 - 2016-04-11 10:09 - 00140696 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\ip.plg
2016-04-11 10:09 - 2016-04-11 10:09 - 00119344 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\ipv6.plg
2016-04-11 10:09 - 2016-04-11 10:09 - 00076704 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\portmap.plg
2016-04-11 10:09 - 2016-04-11 10:09 - 00165000 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\tcp.plg
2016-04-11 10:09 - 2016-04-11 10:09 - 00148440 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\udp.plg
2016-06-02 17:02 - 2016-06-02 17:02 - 00959168 _____ () C:\Users\az001\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-10-28 17:34 - 2015-09-01 17:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-06-05 02:55 - 2016-04-14 06:08 - 00107008 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2015-06-05 02:43 - 2014-07-03 19:04 - 00915968 _____ () C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
2015-06-05 02:56 - 2011-08-03 04:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-06-05 02:56 - 2011-08-03 04:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2011-12-06 22:11 - 2011-12-06 22:11 - 00061776 _____ () C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\zlib.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 01276680 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 01094408 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00347400 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00465160 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_AnyTypeCode.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00087816 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00254216 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00511752 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00059144 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_CodecFactory.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00149768 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PI.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00832264 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00044808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Svc_Utils.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00075016 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00069384 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PI_Server.dll
2016-04-11 10:07 - 2016-04-11 10:07 - 00052488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Codeset.dll
2016-04-14 17:17 - 2016-04-14 17:17 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2016-06-02 17:02 - 2016-06-02 17:02 - 00679624 _____ () C:\Users\az001\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2015-10-01 09:46 - 2016-02-23 09:08 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-10-01 09:46 - 2016-02-23 09:08 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-10-10 17:37 - 2014-10-10 17:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-07-09 06:53 - 2016-07-09 06:53 - 00016384 _____ () C:\Users\az001\AppData\Local\Temp\nsrD26D.tmp\registry.dll
2016-05-22 14:06 - 2016-04-28 00:25 - 01738904 _____ () C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\50.0.2661.94\libglesv2.dll
2016-05-22 14:06 - 2016-04-28 00:25 - 00086168 _____ () C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\50.0.2661.94\libegl.dll
2016-04-14 17:17 - 2016-04-14 17:17 - 00070336 _____ () C:\Program Files (x86)\VMware\VMware Player\zlib1.dll
2013-07-09 11:41 - 2013-07-09 11:41 - 00766688 _____ () C:\Windows\SysWOW64\sn_regbase.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SntpService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Sophos Client Firewall => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Sophos Client Firewall Manager => ""="service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-04-16 11:33 - 00000804 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
192.168.10.45   intsearch
188.39.160.226  mon.practicalnetworks.co.uk

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2431899495-1264369763-495456795-6182\Control Panel\Desktop\\Wallpaper -> C:\Users\az001\AppData\Local\Temp\bginfo
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GXW3PluginPreloader.lnk => C:\Windows\pss\GXW3PluginPreloader.lnk.CommonStartup
MSCONFIG\startupreg: e-Manual Viewer Service Server => C:\ProgramData\MELSOFT\e-Manual Viewer\mvserver.exe
MSCONFIG\startupreg: S7UB Start => "C:\Program Files (x86)\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
MSCONFIG\startupreg: USBIdentifier => C:\Program Files (x86)\MELSOFT\GPPW3\Components\UsbIdentifier\UsbIdentifier.exe
MSCONFIG\startupreg: WinCC flexible Smart Start => "C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" /startup

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1049E592-2E25-40CE-AF29-52362847B05F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{074F26B4-262E-463C-8B9F-B78E180DD242}] => (Allow) C:\Windows\dwrcs\DWRCS.EXE

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Intel(R) Technology Access Filter Driver
Description: Intel(R) Technology Access Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ndisrd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2016 01:56:11 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT AUTHORITY)
Description: DNS lookup failure trying to resolve the following addresses: bristol,bristol.guyson.local.%%3

Error: (07/09/2016 01:48:32 PM) (Source: dwmrcs) (EventID: 110) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10038
System Message: An operation was attempted on something that is not a socket.

 (srv 64 bit)

Error: (07/09/2016 01:47:53 PM) (Source: dwmrcs) (EventID: 110) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10038
System Message: An operation was attempted on something that is not a socket.

 (srv 64 bit)

Error: (07/09/2016 01:46:00 PM) (Source: dwmrcs) (EventID: 110) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10038
System Message: An operation was attempted on something that is not a socket.

 (srv 64 bit)

Error: (07/09/2016 01:46:00 PM) (Source: dwmrcs) (EventID: 110) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10049
System Message: The requested address is not valid in its context.

 (srv 64 bit)

Error: (07/09/2016 01:45:30 PM) (Source: dwmrcs) (EventID: 110) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_ADD_MEMBERSHIP)

System Error: 10065
System Message: A socket operation was attempted to an unreachable host.

 (srv 64 bit)

Error: (07/09/2016 01:45:30 PM) (Source: dwmrcs) (EventID: 110) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10038
System Message: An operation was attempted on something that is not a socket.

 (srv 64 bit)

Error: (07/09/2016 01:45:30 PM) (Source: dwmrcs) (EventID: 110) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10049
System Message: The requested address is not valid in its context.

 (srv 64 bit)

Error: (07/09/2016 01:45:29 PM) (Source: dwmrcs) (EventID: 110) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_ADD_MEMBERSHIP)

System Error: 10065
System Message: A socket operation was attempted to an unreachable host.

 (srv 64 bit)

Error: (07/09/2016 01:45:29 PM) (Source: dwmrcs) (EventID: 110) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10038
System Message: An operation was attempted on something that is not a socket.

 (srv 64 bit)


System errors:
=============
Error: (07/09/2016 01:45:40 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: GUYSON)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (07/09/2016 01:45:39 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain GUYSON due to the following:
%%1311 = There are currently no logon servers available to service the logon request.


This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (07/09/2016 01:45:36 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (07/09/2016 06:52:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bluetooth OBEX Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (07/09/2016 06:52:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Bluetooth OBEX Service service to connect.

Error: (07/09/2016 06:52:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bluetooth Media Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (07/09/2016 06:52:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Bluetooth Media Service service to connect.

Error: (07/09/2016 06:52:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bluetooth Device Monitor service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (07/09/2016 06:52:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Bluetooth Device Monitor service to connect.

Error: (07/09/2016 06:52:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bluetooth OBEX Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.



CodeIntegrity:
===================================
  Date: 2016-07-05 11:12:54.084
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lenovo\System Update\ApsIns64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-05 11:12:54.084
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lenovo\System Update\ApsIns64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-28 14:52:15.456
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lenovo\System Update\ApsIns64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-28 14:52:15.456
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lenovo\System Update\ApsIns64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-20 12:07:31.070
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lenovo\System Update\ApsIns64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-20 12:07:31.069
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lenovo\System Update\ApsIns64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-20 11:32:51.558
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lenovo\System Update\ApsIns64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-20 11:32:51.547
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lenovo\System Update\ApsIns64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-05-23 08:53:29.587
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\az001\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-05-23 08:53:29.524
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\az001\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 82%
Total physical RAM: 7926.18 MB
Available physical RAM: 1364.48 MB
Total Virtual: 15850.54 MB
Available Virtual: 8988.43 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:446.2 GB) (Free:138.78 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:18.1 GB) (Free:5.23 GB) NTFS
Drive w: (Offline) (Network) (Total:446.2 GB) (Free:138.78 GB) CSC-CACHE

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CFD5D472)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



Kod: Zaznacz cały

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2016
Ran by az001 (administrator) on LIBRA (09-07-2016 14:27:25)
Running from C:\2. Downloads
Loaded Profiles: az001 (Available Profiles: Alfonzo Lopez & az001)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFManager.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFService.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(SolarWinds) C:\Windows\dwrcs\DWRCS.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Mitsubishi Electric Corporation) C:\Program Files (x86)\MELSOFT\MSF\Common\MMS\MMSserve.exe
(Mitsubishi Electric Corporation) C:\Program Files (x86)\MELSOFT\MSF\Common\MMS\MMSserve.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\Bin\s7hspsvx.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(Siemens AG) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(SolarWinds) C:\Windows\dwrcs\DWRCST.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(PortableApps.com) C:\4. PROGRAMY_az\GoogleChromePortable\GoogleChromePortable.exe
(Google Inc.) C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\chrome.exe
(Google Inc.) C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\chrome.exe
(Google Inc.) C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\chrome.exe
(Google Inc.) C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\chrome.exe
(Google Inc.) C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\chrome.exe
(Google Inc.) C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\chrome.exe
(Google Inc.) C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\chrome.exe
(Google Inc.) C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\chrome.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-unity-helper.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\x64\vmware-vmx.exe
(Lenovo) C:\Users\az001\AppData\Local\Apps\2.0\V9G3PQRK.W33\02W6HD47.CMO\lsb...tion_2d7b41b05b24775e_0001.0006_6c5982beb50abfca\LSB.exe
(Google Inc.) C:\4. PROGRAMY_az\GoogleChromePortable\App\Chrome-bin\chrome.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [326440 2015-10-15] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [555760 2014-12-09] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295712 2014-08-07] (Lenovo Group Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [166616 2014-07-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [DameWare MRC Agent] => C:\Windows\dwrcs\DWRCST.exe [665016 2016-04-01] (SolarWinds)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2014-12-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1531872 2016-04-11] (Sophos Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [iPlusManager] => C:\Program Files (x86)\iPlus\iPlusChecker.exe [468288 2010-11-25] ()
HKU\S-1-5-21-2431899495-1264369763-495456795-6182 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKU\S-1-5-21-2431899495-1264369763-495456795-6182 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKU\S-1-5-21-2431899495-1264369763-495456795-6182 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKU\S-1-5-21-2431899495-1264369763-495456795-6182 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <===== ATTENTION
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\Run: [OneLinkManager] => C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe [915968 2014-07-03] ()
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\MountPoints2: D - D:\AutoRun.exe
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\MountPoints2: {0eed6acb-2404-11e6-8c6c-88e0bbaee53b} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\MountPoints2: {20bd306d-4390-11e6-8692-0050b6c3ea89} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\MountPoints2: {62332595-2740-11e6-8fcb-34e6adfa38f8} - D:\AutoRun.exe
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\MountPoints2: {623325ae-2740-11e6-8fcb-34e6adfa38f8} - D:\AutoRun.exe
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\MountPoints2: {62332602-2740-11e6-8fcb-34e6adfa38f8} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\MountPoints2: {9de4a130-264a-11e6-972f-34e6adfa38f8} - D:\AutoRun.exe
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\...\MountPoints2: {9de4a14d-264a-11e6-972f-34e6adfa38f8} - D:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [231936 2016-04-11] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [289040 2016-04-11] (Sophos Limited)
Startup: C:\Users\az001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-07-06]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-2431899495-1264369763-495456795-6182] => Proxy is enabled.
ProxyServer: [S-1-5-21-2431899495-1264369763-495456795-6182] => 192.168.10.252:8080
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-11] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-11] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-11] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-11] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-11] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-11] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-11] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-11] (Sophos Limited)
Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-11] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-11] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-11] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-11] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-11] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-11] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-11] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-11] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-11] (Sophos Limited)
Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-11] (Sophos Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0BB75B44-825C-47AE-8EE2-2B935166954B}: [NameServer] 172.31.139.17 172.30.139.17
Tcpip\..\Interfaces\{6E60CA5A-22B5-4FA4-834A-0B1ABCD2345E}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{867168FE-BE5A-4BEE-9471-E494981B97D1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F150D31E-AD45-4C38-AC1B-BEFC905C26F2}: [DhcpNameServer] 192.168.1.1
ManualProxies: 1192.168.10.252:8080

Internet Explorer:
==================
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://morgan:90
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-2431899495-1264369763-495456795-6182\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://home.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {8DEEAACC-16BE-4CD3-8E74-3C40A68FDF27} URL =
SearchScopes: HKU\.DEFAULT -> {8DEEAACC-16BE-4CD3-8E74-3C40A68FDF27} URL =
SearchScopes: HKU\S-1-5-21-2431899495-1264369763-495456795-6182 -> DefaultScope {8DEEAACC-16BE-4CD3-8E74-3C40A68FDF27} URL =
SearchScopes: HKU\S-1-5-21-2431899495-1264369763-495456795-6182 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D061716-AD42D1DB7E9&form=CONBDF&conlogo=CT3334497&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2431899495-1264369763-495456795-6182 -> {8DEEAACC-16BE-4CD3-8E74-3C40A68FDF27} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-09] (Oracle Corporation)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.7.0/jinstall-7u72-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\az001\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Web Store) - C:\Users\az001\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-09]
CHR Extension: (Web Store) - C:\Users\az001\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-09]
CHR HKU\S-1-5-21-2431899495-1264369763-495456795-6182\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.E54E56NJO4NGAH5TA37LXVB32I - D:\AriZar\PortableApps\GoogleChromePortable\App\Chrome-bin\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1563968 2014-01-13] (SIEMENS AG)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [93480 2015-10-13] (Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9954096 2014-04-01] (DisplayLink Corp.)
S2 DNTUS26; C:\Windows\SYSTEM32\DNTUS26.EXE [114688 2009-02-04] (DameWare Development LLC) [File not signed]
R2 dwmrcs; C:\Windows\dwrcs\DWRCS.EXE [3785656 2016-04-01] (SolarWinds)
S2 GX Works2 Service; C:\Program Files (x86)\MELSOFT\GPPW2\GX Works2 Service.exe [61440 2015-06-25] (MITSUBISHI ELECTRIC CORPORATION) [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-11] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [363440 2015-09-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197408 2014-08-07] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-09] (Lenovo Group Limited)
S3 LenovoProdRegManager; C:\Program Files (x86)\Lenovo Registration\EngageService.exe [293416 2015-01-09] (Aviata, Inc.)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-04-22] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MELSOFT Mediative Server; C:\Program Files (x86)\MELSOFT\MSF\Common\MMS\MMSserve.exe [2139648 2014-12-17] (Mitsubishi Electric Corporation) [File not signed]
R2 MSSQL$WINCCFLEXEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12-04] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2988544 2015-09-08] (Microsoft Corporation) [File not signed]
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited)
R2 s7hspsvx; C:\Program Files (x86)\Common Files\Siemens\bin\s7hspsvx.exe [32818 2014-05-07] (SIEMENS AG) [File not signed]
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [144608 2014-03-19] (Siemens AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [472288 2014-03-19] (Siemens AG)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [311544 2016-04-11] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [285136 2016-04-11] (Sophos Limited)
U2 smartserver; C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe [558416 2011-12-06] (Siemens AG)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe [901248 2016-04-11] (Sophos Limited)
R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [396040 2016-04-11] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [604000 2016-04-11] (Sophos Limited)
R2 Sophos Client Firewall; C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFService.exe [64808 2015-09-30] (Sophos Limited)
R2 Sophos Client Firewall Manager; C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFManager.exe [158504 2015-09-30] (Sophos Limited)
R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [1069832 2016-04-11] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341800 2015-09-30] (Sophos Limited)
R2 sophossps; C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe [2455816 2016-04-11] (Sophos Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-05-25] ()
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3339736 2016-04-11] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2118896 2016-04-11] (Sophos Limited)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-12-04] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
S3 AX88179; C:\Windows\System32\DRIVERS\ax88179_178a.sys [85000 2016-04-19] (ASIX Electronics Corp.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
S3 CMUACWO; C:\Windows\System32\DRIVERS\CMUACWO.sys [357376 2014-07-03] (C-Media Inc.)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259584 2013-08-07] (Siemens AG)
R3 dpmconv; C:\Windows\SysWOW64\DRIVERS\dpmconv.sys [267776 2003-10-16] (Siemens AG) [File not signed]
S3 dpmcslv; C:\Windows\System32\Drivers\dpmcslv.sys [68280 2005-07-04] (Siemens AG) [File not signed]
S2 Dpmtrcdd; C:\Windows\SysWOW64\DRIVERS\dpmtrcdd.sys [30192 2003-10-16] (Siemens AG) [File not signed]
R3 DwMirror; C:\Windows\System32\DRIVERS\DamewareMini.sys [5632 2008-03-14] (DameWare Development, LLC)
R1 dwvkbd; C:\Windows\System32\DRIVERS\dwvkbd64.sys [30720 2007-02-15] (DameWare)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-11-25] (Huawei Technologies Co., Ltd.)
R3 EZSocketGOT; C:\Windows\System32\drivers\EZSocketGOT.sys [257536 2011-05-22] (Jungo)
R3 EZSocketInv; C:\Windows\System32\drivers\EZSocketInv.sys [254976 2010-08-31] (Jungo)
R3 EZSocketSv; C:\Windows\System32\drivers\EZSocketSv.sys [257536 2011-05-22] (Jungo)
R3 fwkbdrtm; C:\Windows\system32\drivers\fwkbdrtm.sys [24152 2011-12-06] (Windows (R) Win 7 DDK provider)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30360 2014-10-09] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [220104 2014-08-11] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 MELFAusb; C:\Windows\System32\drivers\MELFAusb.sys [257536 2015-10-01] (Jungo)
S1 ndisrd; C:\Windows\System32\DRIVERS\ndisrfl.sys [41176 2014-10-31] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3437848 2014-12-08] (Intel Corporation)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9127128 2014-07-11] (Realtek Semiconductor Corp.)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2012-12-19] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2012-07-24] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121856 2012-07-24] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [153600 2012-07-24] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [262656 2014-03-07] (Siemens AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [196096 2012-07-24] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [138240 2014-02-21] (Siemens AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2012-05-09] (SIEMENS AG)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2016-04-11] (Sophos Limited)
R1 scfdriver; C:\Windows\system32\Drivers\scfdriver.sys [102688 2015-09-30] (Sophos Limited)
R1 scfndis; C:\Windows\System32\DRIVERS\scfndis.sys [55072 2015-09-30] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2016-04-11] (Sophos Limited)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [359648 2013-10-28] (Siemens AG)
R2 sntp; C:\Windows\System32\DRIVERS\sntp.sys [116144 2016-04-11] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2016-04-11] (Sophos Limited)
S3 USA19H; C:\Windows\System32\DRIVERS\USA19Hx64.sys [740096 2007-10-30] (Keyspan)
S3 USA19HP; C:\Windows\System32\DRIVERS\USA19Hx64p.SYS [35840 2007-10-23] (Keyspan)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [128000 2013-08-07] (SIEMENS AG)
R3 vsnl2ada; C:\Windows\SysWOW64\DRIVERS\vsnl2ada.sys [75776 2003-10-16] (SIEMENS AG) [File not signed]
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
S3 s7oefs_x; \SystemRoot\System32\drivers\s7oefs_x.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-09 14:25 - 2016-07-09 14:27 - 00000000 ____D C:\FRST
2016-07-09 06:52 - 2016-07-09 06:52 - 00000000 ____D C:\Users\az001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2016-07-08 19:25 - 2016-07-08 19:25 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-08 19:25 - 2016-07-08 19:25 - 00002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-08 19:24 - 2016-07-09 13:46 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-08 19:24 - 2016-07-09 06:52 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-08 19:24 - 2016-07-08 19:32 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-08 19:24 - 2016-07-08 19:32 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-08 08:19 - 2016-07-08 08:19 - 00000000 ___HD C:\OneDriveTemp
2016-07-08 08:18 - 2016-05-26 13:24 - 00000000 ____D C:\Users\az001\Downloads\20160523
2016-07-08 08:18 - 2016-05-24 11:48 - 00000000 ____D C:\Users\az001\Downloads\5.80.00-FTServices-A-DVD
2016-07-08 01:04 - 2016-07-08 01:04 - 00000000 ____D C:\Users\az001\AppData\Local\Sophos
2016-07-08 00:46 - 2016-07-08 00:58 - 00000000 ____D C:\ProgramData\HitmanPro
2016-07-07 22:33 - 2016-06-26 01:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-07 22:33 - 2016-06-26 01:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-07 22:33 - 2016-06-22 14:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-07 22:33 - 2016-06-17 19:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-07 22:33 - 2016-06-17 19:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-07 22:33 - 2016-06-17 19:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-07 22:33 - 2016-06-17 19:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-07 22:33 - 2016-06-17 19:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-07 22:33 - 2016-06-17 19:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-07 08:22 - 2016-07-08 14:59 - 140686625 _____ C:\Users\az001\Downloads\VMware-Player-12.1.1-3770994.x86_64.bundle
2016-07-07 08:22 - 2016-07-07 08:23 - 73130024 _____ (VMware, Inc.) C:\Users\az001\Downloads\VMware-player-12.1.1-3770994.exe
2016-07-07 08:05 - 2016-07-07 08:05 - 00264598 _____ C:\Users\az001\Downloads\TDS_WirelessMouse5000.pdf
2016-06-30 09:46 - 2016-06-30 09:47 - 00000000 ____D C:\RA
2016-06-30 08:15 - 2016-05-17 00:14 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-06-30 08:15 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-06-30 08:15 - 2016-05-16 22:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-06-30 08:15 - 2016-05-16 22:10 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-06-30 08:15 - 2016-05-16 22:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-30 08:15 - 2016-05-16 22:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-06-30 08:15 - 2016-05-16 22:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-06-30 08:15 - 2016-05-16 22:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-06-30 08:15 - 2016-05-16 22:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-06-30 08:15 - 2016-05-04 18:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-30 08:15 - 2016-05-04 18:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-30 08:14 - 2016-05-17 00:22 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-06-30 08:14 - 2016-05-17 00:19 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-30 08:14 - 2016-05-17 00:19 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-06-30 08:14 - 2016-05-17 00:19 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-30 08:14 - 2016-05-17 00:19 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-30 08:14 - 2016-05-17 00:18 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-06-30 08:14 - 2016-05-17 00:18 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-06-30 08:14 - 2016-05-17 00:17 - 01732888 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-06-30 08:14 - 2016-05-17 00:16 - 01314136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-30 08:14 - 2016-05-17 00:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-06-30 08:14 - 2016-05-16 22:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-06-30 08:14 - 2016-05-16 22:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-30 08:14 - 2016-05-16 22:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-06-30 08:14 - 2016-05-16 22:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-06-30 08:14 - 2016-05-16 22:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-06-30 08:14 - 2016-05-16 22:16 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-30 08:14 - 2016-05-16 22:15 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-30 08:14 - 2016-05-16 22:15 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-30 08:14 - 2016-05-16 22:14 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-06-30 08:14 - 2016-05-16 22:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-30 08:14 - 2016-05-16 22:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-30 08:14 - 2016-05-16 22:10 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-06-30 08:14 - 2016-05-16 22:10 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-06-30 08:14 - 2016-05-16 22:10 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-06-30 08:14 - 2016-05-13 23:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-06-30 08:14 - 2016-05-13 23:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-06-30 08:14 - 2016-05-13 23:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-06-30 08:14 - 2016-05-13 23:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-06-30 08:14 - 2016-05-13 22:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-30 08:14 - 2016-05-13 22:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-06-30 08:14 - 2016-05-13 22:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-06-30 08:14 - 2016-05-13 22:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-30 08:14 - 2016-05-13 22:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-06-30 08:14 - 2016-05-13 22:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-06-30 08:14 - 2016-05-13 22:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-06-30 08:14 - 2016-05-13 22:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-06-30 08:14 - 2016-05-13 22:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-06-30 08:14 - 2016-05-13 22:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-06-30 08:14 - 2016-05-13 22:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-06-30 08:14 - 2016-05-13 22:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-06-30 08:14 - 2016-05-12 18:14 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-06-30 08:14 - 2016-05-12 18:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-06-30 08:14 - 2016-05-12 16:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-06-30 08:14 - 2016-05-12 16:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-30 08:14 - 2016-05-12 16:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-06-30 08:14 - 2016-05-04 18:21 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-30 08:14 - 2016-05-04 18:17 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-30 08:14 - 2016-05-04 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-30 08:14 - 2016-05-04 18:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-30 08:14 - 2016-05-04 18:17 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-30 08:14 - 2016-05-04 18:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-30 08:14 - 2016-05-04 18:16 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-30 08:14 - 2016-05-04 18:16 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-30 08:14 - 2016-05-04 16:04 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-30 08:14 - 2016-05-04 15:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-29 16:02 - 2016-06-29 16:02 - 00000000 ____D C:\Users\az001\AppData\Roaming\MELSOFT GT Designer3 (GOT2000)
2016-06-28 13:56 - 2015-10-15 11:44 - 00572160 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Drivers\Apfiltr.sys
2016-06-28 13:56 - 2015-10-13 10:33 - 00215336 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll
2016-06-28 08:12 - 2016-06-28 08:12 - 00003728 _____ C:\Users\az001\Desktop\GoogleChromePortable - Shortcut.lnk
2016-06-22 08:03 - 2016-06-22 08:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2016-06-21 08:54 - 2016-06-21 08:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2016-06-20 12:40 - 2016-06-20 12:40 - 00000000 ____D C:\swshare
2016-06-20 12:20 - 2016-06-20 12:21 - 00000000 ____D C:\Users\az001\AppData\Local\LSC
2016-06-20 12:20 - 2016-06-20 12:20 - 00000000 ____D C:\Users\az001\AppData\Roaming\Lenovo
2016-06-20 12:20 - 2016-06-20 12:20 - 00000000 ____D C:\Users\az001\.QtWebEngineProcess
2016-06-20 12:20 - 2016-06-20 12:20 - 00000000 ____D C:\Users\az001\.LSC
2016-06-20 12:11 - 2016-06-20 12:11 - 00002096 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2016-06-20 12:10 - 2016-06-20 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2016-06-20 11:46 - 2016-06-20 11:46 - 00000000 ____D C:\Users\az001\AppData\Local\Tvsukernel
2016-06-20 08:06 - 2016-06-20 08:06 - 00000000 ____D C:\Windows\pss
2016-06-19 18:05 - 2014-07-11 19:36 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
2016-06-19 18:00 - 2016-06-19 18:00 - 00000000 ____D C:\Users\az001\AppData\Local\Conexant
2016-06-19 17:45 - 2016-06-19 17:45 - 00000000 ____D C:\Users\az001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-06-18 14:43 - 2016-06-18 14:43 - 00000000 ___HD C:\$Windows.~WS
2016-06-17 23:26 - 2016-06-17 23:26 - 00000000 ____D C:\Users\az001\AppData\Roaming\MPC-HC
2016-06-17 22:49 - 2016-06-17 22:49 - 00003564 _____ C:\Windows\System32\Tasks\klcp_update
2016-06-17 22:49 - 2016-06-17 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-06-17 22:49 - 2016-06-17 22:49 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-06-17 22:49 - 2016-05-08 10:27 - 03613696 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2016-06-17 22:49 - 2016-05-08 10:19 - 03642880 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2016-06-17 22:49 - 2015-12-18 10:00 - 00755200 _____ C:\Windows\system32\xvidcore.dll
2016-06-17 22:49 - 2015-12-18 10:00 - 00674816 _____ C:\Windows\SysWOW64\xvidcore.dll
2016-06-17 22:49 - 2015-12-18 10:00 - 00309248 _____ C:\Windows\system32\xvidvfw.dll
2016-06-17 22:49 - 2015-12-18 10:00 - 00282112 _____ C:\Windows\SysWOW64\xvidvfw.dll
2016-06-17 22:49 - 2015-10-24 17:00 - 00126976 _____ C:\Windows\system32\ff_vfw.dll
2016-06-17 22:49 - 2015-10-24 17:00 - 00112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2016-06-17 22:49 - 2012-07-21 11:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2016-06-17 22:49 - 2012-07-21 11:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2016-06-17 22:49 - 2011-12-07 18:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2016-06-17 22:49 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2016-06-17 22:40 - 2016-06-17 22:49 - 00000000 ____D C:\Users\az001\AppData\Roaming\BESTplayer
2016-06-17 10:52 - 2016-05-12 18:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-17 10:52 - 2016-05-12 16:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-17 10:51 - 2016-05-13 23:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-17 10:51 - 2016-05-13 23:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-17 10:51 - 2016-05-13 23:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-17 10:51 - 2016-05-13 23:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-17 10:51 - 2016-05-13 23:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-17 10:51 - 2016-05-13 22:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-17 10:51 - 2016-05-13 22:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-17 10:51 - 2016-05-13 22:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-17 10:51 - 2016-05-13 22:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-17 10:51 - 2016-05-13 22:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-17 10:51 - 2016-05-12 16:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-17 10:51 - 2016-05-12 15:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-17 10:51 - 2016-05-12 15:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-17 10:51 - 2016-05-12 15:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-17 10:51 - 2016-05-12 14:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-17 10:51 - 2016-05-12 14:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-17 10:51 - 2016-05-12 14:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-17 10:51 - 2016-05-11 18:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-17 10:51 - 2016-05-11 18:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-17 10:51 - 2016-05-11 18:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-17 10:51 - 2016-05-11 18:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-17 10:51 - 2016-05-11 16:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-17 10:51 - 2016-05-11 16:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-17 10:51 - 2016-05-11 16:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-17 10:51 - 2016-05-11 16:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-17 10:51 - 2016-05-11 16:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-17 10:51 - 2016-05-11 16:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-17 10:51 - 2016-05-11 15:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-17 10:50 - 2016-05-18 17:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-17 10:50 - 2016-05-18 17:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-17 10:50 - 2016-05-12 18:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-17 10:50 - 2016-05-12 18:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-17 10:50 - 2016-05-12 18:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-17 10:50 - 2016-05-12 18:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-17 10:50 - 2016-05-12 18:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-17 10:50 - 2016-05-12 18:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-17 10:50 - 2016-05-12 18:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-17 10:50 - 2016-05-12 18:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-17 10:50 - 2016-05-12 16:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-17 10:50 - 2016-05-12 16:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-17 10:50 - 2016-05-12 16:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-17 10:50 - 2016-05-12 16:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-17 10:50 - 2016-05-12 16:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-17 10:50 - 2016-05-12 16:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-06-17 10:50 - 2016-05-12 15:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-17 10:50 - 2016-05-12 15:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-06-17 10:48 - 2016-05-20 22:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-17 10:48 - 2016-05-20 22:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-17 10:48 - 2016-05-20 22:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-17 10:48 - 2016-05-20 22:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-17 10:47 - 2016-05-24 00:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-17 10:47 - 2016-05-23 23:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-17 10:47 - 2016-05-21 18:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-17 10:47 - 2016-05-21 17:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-17 10:47 - 2016-05-20 23:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-17 10:47 - 2016-05-20 23:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-17 10:47 - 2016-05-20 23:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-17 10:47 - 2016-05-20 23:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-17 10:47 - 2016-05-20 23:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-17 10:47 - 2016-05-20 23:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-17 10:47 - 2016-05-20 23:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-17 10:47 - 2016-05-20 23:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-17 10:47 - 2016-05-20 23:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-17 10:47 - 2016-05-20 23:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-17 10:47 - 2016-05-20 23:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-17 10:47 - 2016-05-20 22:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-17 10:47 - 2016-05-20 22:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-17 10:47 - 2016-05-20 22:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-17 10:47 - 2016-05-20 22:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-17 10:47 - 2016-05-20 22:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-17 10:47 - 2016-05-20 22:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-17 10:47 - 2016-05-20 22:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-17 10:47 - 2016-05-20 22:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-17 10:47 - 2016-05-20 22:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-17 10:47 - 2016-05-20 22:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-17 10:47 - 2016-05-20 22:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-17 10:47 - 2016-05-20 22:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-17 10:47 - 2016-05-20 22:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-17 10:47 - 2016-05-20 22:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-17 10:47 - 2016-05-20 22:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-17 10:47 - 2016-05-20 22:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-17 10:47 - 2016-05-20 22:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-17 10:47 - 2016-05-20 22:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-17 10:47 - 2016-05-20 22:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-17 10:47 - 2016-05-20 22:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-17 10:47 - 2016-05-20 22:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-17 10:47 - 2016-05-20 22:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-17 10:47 - 2016-05-20 22:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-17 10:47 - 2016-05-20 22:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-17 10:47 - 2016-05-20 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-17 10:47 - 2016-05-20 22:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-17 10:47 - 2016-05-20 22:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-17 10:47 - 2016-05-20 22:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-17 10:47 - 2016-05-20 22:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-17 10:47 - 2016-05-20 22:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-17 10:47 - 2016-05-20 22:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-17 10:47 - 2016-05-20 22:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-17 10:47 - 2016-05-20 22:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-17 10:47 - 2016-05-20 22:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-17 10:47 - 2016-05-20 22:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-17 10:47 - 2016-05-20 22:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-17 10:47 - 2016-05-20 22:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-17 10:47 - 2016-05-20 22:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-17 10:47 - 2016-05-20 22:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-17 10:47 - 2016-05-20 22:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-17 10:47 - 2016-05-20 22:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-17 10:47 - 2016-05-20 21:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-17 10:47 - 2016-05-20 21:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-17 10:47 - 2016-05-20 21:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-17 10:47 - 2016-05-20 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-17 10:47 - 2016-05-20 21:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-17 10:47 - 2016-05-20 21:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-17 10:25 - 2015-09-08 19:53 - 02473472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-06-17 10:24 - 2016-06-17 10:24 - 00000000 _____ C:\Windows\HPMProp.INI
2016-06-17 08:57 - 2016-06-30 08:04 - 00159200 ____T C:\Users\az001\AppData\Roaming\CrashRpt1402.dll
2016-06-17 08:57 - 2016-06-17 08:57 - 00000000 ____D C:\Users\az001\AppData\Local\CrashRpt
2016-06-15 22:07 - 2016-06-15 22:07 - 00193471 _____ C:\Users\az001\Desktop\Zaświadczenie o przebiegu ubezpieczenia.pdf
2016-06-15 08:05 - 2016-06-18 14:42 - 00000693 _____ C:\Users\az001\Desktop\Windows 10 Upgrade Assistant.lnk
2016-06-09 13:41 - 2016-06-09 13:41 - 00000000 ____D C:\Users\az001\TOSHIBA
2016-06-09 08:54 - 2016-06-09 08:54 - 00000000 ____D C:\$WINDOWS.~BT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-09 14:27 - 2016-05-25 16:28 - 00000000 ____D C:\2. Downloads
2016-07-09 13:45 - 2016-05-18 10:32 - 00000000 ____D C:\ProgramData\VMware
2016-07-09 10:51 - 2009-07-14 06:13 - 00866090 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-09 10:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-07-09 10:33 - 2015-09-30 13:51 - 00000120 _____ C:\Windows\system32\config\netlogon.ftl
2016-07-09 07:05 - 2009-07-14 05:45 - 00032208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-09 07:05 - 2009-07-14 05:45 - 00032208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-09 06:54 - 2016-05-20 09:28 - 00000000 ____D C:\Users\az001\AppData\Roaming\VMware
2016-07-09 06:54 - 2016-05-20 09:28 - 00000000 ____D C:\Users\az001\AppData\Local\VMware
2016-07-09 06:52 - 2016-05-17 16:55 - 00000000 __SHD C:\Users\az001\IntelGraphicsProfiles
2016-07-09 06:51 - 2015-09-30 13:53 - 00010461 __RSH C:\ProgramData\ntuser.pol
2016-07-09 06:50 - 2015-09-30 18:09 - 00000142 _____ C:\Windows\ODBC.INI
2016-07-09 06:50 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-08 20:37 - 2016-05-24 12:14 - 00598842 _____ C:\Windows\ntbtlog.txt
2016-07-08 19:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-08 19:25 - 2016-05-20 17:41 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-08 14:57 - 2016-06-02 16:51 - 00000000 ____D C:\Users\az001\AppData\Roaming\PSpad
2016-07-08 14:57 - 2016-05-10 09:00 - 00000000 ____D C:\Users\az001\AppData\Roaming\PwrMgr
2016-07-08 08:20 - 2016-05-20 17:41 - 00000000 ____D C:\Users\az001\AppData\Local\Deployment
2016-07-08 08:16 - 2015-10-01 15:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-08 08:16 - 2015-10-01 15:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-08 07:13 - 2015-10-01 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-08 07:12 - 2016-05-31 08:59 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-08 07:12 - 2016-05-31 08:59 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-07 22:35 - 2015-09-30 18:06 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-07 22:35 - 2014-11-14 20:30 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-07 14:00 - 2015-09-30 14:03 - 00000542 _____ C:\Windows\Tasks\Weekly.job
2016-07-07 11:50 - 2016-05-10 08:56 - 00017394 __RSH C:\Users\az001\ntuser.pol
2016-07-07 11:50 - 2016-05-10 08:56 - 00000000 ____D C:\Users\az001
2016-07-06 16:49 - 2016-05-19 16:10 - 00000000 ____D C:\Users\az001\AppData\Local\ElevatedDiagnostics
2016-07-01 22:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-06-30 11:46 - 2016-05-19 17:19 - 00000000 ____D C:\Users\az001\AppData\Local\RockwellAutomation
2016-06-29 13:49 - 2016-05-10 08:57 - 00000000 ____D C:\Users\az001\AppData\Local\MITSUBISHI
2016-06-29 13:46 - 2016-05-24 14:57 - 00000000 ____D C:\1. Project
2016-06-28 14:56 - 2015-06-05 02:46 - 00000000 ____D C:\Program Files\Apoint2K
2016-06-28 11:01 - 2016-06-06 08:03 - 00000000 ____D C:\Users\az001\AppData\Roaming\Thunderbird
2016-06-28 09:59 - 2016-05-20 20:09 - 00000000 ___RD C:\Users\az001\OneDrive
2016-06-28 08:24 - 2015-06-04 09:11 - 00000000 ____D C:\ProgramData\Lenovo
2016-06-22 08:23 - 2015-10-01 09:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-22 08:20 - 2015-10-01 09:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-21 15:48 - 2016-06-02 17:06 - 00000000 ____D C:\3. Documents
2016-06-21 12:13 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-20 12:20 - 2016-05-10 08:57 - 00000000 ____D C:\Users\az001\AppData\Local\Lenovo
2016-06-20 12:11 - 2015-06-05 02:56 - 00000000 ____D C:\Program Files\Lenovo
2016-06-20 12:11 - 2015-06-05 02:28 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2016-06-20 12:11 - 2015-06-05 02:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-06-20 12:10 - 2015-06-05 02:56 - 00000000 ____D C:\Windows\Downloaded Installations
2016-06-20 12:10 - 2015-06-05 02:55 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-06-20 12:10 - 2015-06-05 02:28 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-06-20 11:46 - 2015-06-05 03:13 - 00000000 ____D C:\Program Files\Intel Corporation
2016-06-20 11:46 - 2015-06-05 02:34 - 00000000 ____D C:\ProgramData\Intel
2016-06-20 11:46 - 2015-06-05 02:28 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-20 11:32 - 2015-06-05 03:10 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2016-06-20 08:15 - 2016-05-20 08:43 - 00000000 ____D C:\4. PROGRAMY_az
2016-06-19 18:05 - 2015-06-05 02:44 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-06-19 18:00 - 2015-06-05 02:51 - 00000000 ____D C:\ProgramData\Conexant
2016-06-19 17:55 - 2015-06-05 03:16 - 00000000 ____D C:\Windows\SysWOW64\sda
2016-06-18 17:32 - 2014-11-13 22:15 - 00000000 ____D C:\Windows\Panther
2016-06-18 14:42 - 2016-06-03 11:31 - 00000705 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
2016-06-18 14:42 - 2016-06-03 11:31 - 00000000 ____D C:\Windows10Upgrade
2016-06-17 22:50 - 2016-05-20 09:46 - 00425744 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2016-06-17 22:50 - 2016-05-20 09:46 - 00345360 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2016-06-17 22:50 - 2016-05-20 09:46 - 00003024 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2016-06-17 22:50 - 2016-05-20 09:46 - 00003024 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2016-06-17 12:54 - 2016-05-10 08:56 - 00000614 ___SH C:\Users\az001\ntuser.ini
2016-06-17 11:03 - 2009-07-14 05:45 - 00381088 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-17 10:53 - 2015-09-30 15:52 - 00000000 ____D C:\Windows\system32\MRT
2016-06-17 10:53 - 2015-09-30 15:51 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-17 10:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\spool

==================== Files in the root of some directories =======

2016-06-17 08:57 - 2016-06-30 08:04 - 0159200 ____T () C:\Users\az001\AppData\Roaming\CrashRpt1402.dll
2016-05-24 16:47 - 2016-05-24 16:47 - 0000017 _____ () C:\Users\az001\AppData\Local\resmon.resmoncfg
2015-06-05 02:51 - 2015-06-05 02:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-05 03:01 - 2015-06-05 03:02 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2015-06-05 02:59 - 2015-06-05 03:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-06-05 03:00 - 2015-06-05 03:01 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2015-06-05 03:01 - 2015-06-05 03:01 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log

Some files in TEMP:
====================
C:\Users\administrator\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\administrator\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\az001\AppData\Local\Temp\CCP11s.dll
C:\Users\az001\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\az001\AppData\Local\Temp\epuapdll3909735160782779399.dll
C:\Users\az001\AppData\Local\Temp\exie.exe
C:\Users\az001\AppData\Local\Temp\expb.exe
C:\Users\az001\AppData\Local\Temp\ResetDevice.exe
C:\Users\az001\AppData\Local\Temp\simaticn.exe
C:\Users\az001\AppData\Local\Temp\webtopwin32.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-08 02:17

==================== End of FRST.txt ============================


-- 09 lip 2016, 16:09 --

trzeci plik ma chińskie znaki link do elektrody gdzie można pobrać pliki

Dostępne tylko dla zarejestrowanych użytkowników

Awatar użytkownika
djarta

Globalny Moderator
Posty: 5854
Rejestracja: 26 gru 2008, 17:15
Lokalizacja: Białystok
Kontaktowanie:

ping jest ale strony nie otwieraja sie

Post09 lip 2016, 16:19

Odinstaluj Sophos Anti-Virus. I powiedz czy są jakieś poprawy.

tholin85

Użytkownik
Posty: 3
Rejestracja: 08 lip 2016, 22:24

ping jest ale strony nie otwieraja sie

Post09 lip 2016, 18:42

sophos endpoint security and control jest zainstalowany służbowy sprzed bez działu IT sie nie obejdzie.

Awatar użytkownika
djarta

Globalny Moderator
Posty: 5854
Rejestracja: 26 gru 2008, 17:15
Lokalizacja: Białystok
Kontaktowanie:

ping jest ale strony nie otwieraja sie

Post09 lip 2016, 18:44

W takim razie nie pomożemy Tobie. W systemie jest wiele do zrobienia.



  • Reklama

Wróć do „Bezpieczeństwo”



Kto jest online

Użytkownicy przeglądający to forum: Obecnie na forum nie ma żadnego zarejestrowanego użytkownika i 11 gości