Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer Running Extremely Slow

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer Running Extremely Slow

Unread postby viquilla » October 14th, 2015, 3:23 pm

When I try to use firefox it freezes. The computer takes about 10 to 15 minutes to finish loading completely and still it doesn't work properly It freezes all the time and I can hardly do anything on it. This is an i7 and my dual core is working a lot faster than this computer.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18015
Run by Monica at 15:17:54 on 2015-10-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8136.4774 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\nvvsvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\windows\system32\GWX\GWX.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Monica\AppData\Local\Amazon Music\Amazon Music Helper.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxps://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Advanced SystemCare Surfing Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Amazon Music] "C:\Users\Monica\AppData\Local\Amazon Music\Amazon Music Helper.exe"
uRun: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{DA8FC342-5BF6-4F0C-84CE-DAE5C65D3945} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DA8FC342-5BF6-4F0C-84CE-DAE5C65D3945}\16474777966696 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{DA8FC342-5BF6-4F0C-84CE-DAE5C65D3945}\25563647F62797 : DHCPNameServer = 192.168.1.2
TCP: Interfaces\{DA8FC342-5BF6-4F0C-84CE-DAE5C65D3945}\25563647F62797143636563737 : DHCPNameServer = 192.168.1.2
TCP: Interfaces\{DA8FC342-5BF6-4F0C-84CE-DAE5C65D3945}\751647562714E616C69747963637 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DA8FC342-5BF6-4F0C-84CE-DAE5C65D3945}\75169707F62747F5143636563737 : DHCPNameServer = 192.168.5.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{DA8FC342-5BF6-4F0C-84CE-DAE5C65D3945}\E45445745414251383 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DF17B9DC-0903-4D46-AB99-6B63A9FB1143} : DHCPNameServer = 172.26.38.1 172.26.38.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\windows\syswow64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mSearch Bar = hxxp://www.google.com
x64-mSearch Page = hxxp://www.google.com
x64-mSearchAssistant = hxxps://www.google.com
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\4dtcn94z.default-1388114075720\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-5-16 65224]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-5-16 274808]
R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2011-11-24 57952]
R0 LHDmgr;LHDmgr;C:\windows\System32\drivers\LhdX64.sys [2011-11-24 39008]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2011-11-24 25960]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2013-5-16 55280]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswsnx.sys [2013-5-16 1048344]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2013-5-16 447944]
R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2011-11-24 13408]
R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\windows\System32\drivers\hssdrv6.sys [2013-4-24 46792]
R1 winioex;winioex;C:\windows\System32\drivers\winioex.sys [2011-11-24 15456]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8;C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-9-3 821024]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-5-29 77128]
R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-8-4 28656]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-5-16 90968]
R2 aswStm;aswStm;C:\windows\System32\drivers\aswStm.sys [2013-12-26 150672]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-9-3 146600]
R2 DiagTrack;Diagnostics Tracking Service;C:\windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-24 13336]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2015-2-15 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE [2013-12-23 289496]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-24 2656280]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-10-25 29792]
R3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2011-11-24 437288]
R3 BTWDPAN;Bluetooth Personal Area Network;C:\windows\System32\drivers\btwdpan.sys [2011-11-24 89640]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2011-11-24 39976]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-1-28 31088]
R3 DelayMan;ACPI DelayMan Filter Service;C:\windows\System32\drivers\delayman.sys [2011-11-24 20064]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-11-24 317440]
R3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;C:\windows\System32\drivers\jmccgp.sys [2011-11-24 17880]
R3 JmUsbVideo;JMicron 31x Upper Filter Driver;C:\windows\System32\drivers\jmcam.sys [2011-11-24 57816]
R3 JmUsbVideo2;JMicron 31x Lower Filter Driver;C:\windows\System32\drivers\jmcam_lo.sys [2011-11-24 32088]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\windows\System32\drivers\k57nd60a.sys [2013-12-23 458960]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-11-18 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-11-18 181248]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\drivers\Smb_driver_Intel.sys [2013-12-23 32496]
R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-12-1 42392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-23 2909472]
S3 AvastVBoxSvc;AvastVBox COM Service;"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" --> C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [?]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-10-9 114688]
S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-11-24 174168]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2012-9-10 22528]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-12-26 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2013-4-24 42184]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-12-26 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-12-26 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2015-6-10 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-5-16 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
SUnknown fmpjjnjm;fmpjjnjm; [x]
SUnknown olztauwv;olztauwv; [x]
.
=============== Created Last 30 ================
.
2015-10-10 00:42:11 11062400 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2DE7E91-2A42-427C-8ED6-A207D353D48B}\mpengine.dll
2015-10-09 23:43:12 124624 ----a-w- C:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-10-09 23:43:12 103120 ----a-w- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-10-09 23:30:40 1737216 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2015-10-09 23:29:03 1632256 ----a-w- C:\windows\System32\dwmcore.dll
2015-10-09 23:29:02 82944 ----a-w- C:\windows\System32\dwmapi.dll
2015-10-09 23:29:02 67584 ----a-w- C:\windows\SysWow64\dwmapi.dll
2015-10-09 23:29:02 1372160 ----a-w- C:\windows\SysWow64\dwmcore.dll
2015-10-09 23:22:56 1941504 ----a-w- C:\windows\System32\authui.dll
2015-10-09 23:21:58 17920 ----a-w- C:\windows\System32\appidcertstorecheck.exe
2015-10-09 23:21:56 63488 ----a-w- C:\windows\System32\setbcdlocale.dll
2015-10-09 23:21:55 61440 ----a-w- C:\windows\System32\drivers\appid.sys
2015-10-09 23:17:36 3209216 ----a-w- C:\windows\System32\win32k.sys
2015-10-09 23:17:35 46080 ----a-w- C:\windows\System32\atmlib.dll
2015-10-09 23:17:35 41984 ----a-w- C:\windows\System32\lpk.dll
2015-10-09 23:17:35 372736 ----a-w- C:\windows\System32\atmfd.dll
2015-10-09 23:17:35 299520 ----a-w- C:\windows\SysWow64\atmfd.dll
2015-10-09 23:17:34 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2015-10-09 23:17:34 14336 ----a-w- C:\windows\System32\dciman32.dll
2015-10-09 23:17:34 10240 ----a-w- C:\windows\SysWow64\dciman32.dll
2015-10-09 23:17:33 100864 ----a-w- C:\windows\System32\fontsub.dll
2015-10-09 23:17:32 70656 ----a-w- C:\windows\SysWow64\fontsub.dll
2015-10-09 23:17:32 25600 ----a-w- C:\windows\SysWow64\lpk.dll
2015-10-09 23:13:18 774656 ----a-w- C:\windows\System32\invagent.dll
2015-10-09 23:13:17 437760 ----a-w- C:\windows\System32\devinv.dll
2015-10-09 23:13:17 17344 ----a-w- C:\windows\System32\CompatTelRunner.exe
2015-10-09 23:13:14 1116672 ----a-w- C:\windows\System32\appraiser.dll
2015-10-09 23:13:13 69120 ----a-w- C:\windows\System32\acmigration.dll
2015-10-09 23:13:12 227328 ----a-w- C:\windows\System32\aepdu.dll
2015-10-09 23:13:11 1148416 ----a-w- C:\windows\System32\aeinv.dll
2015-10-09 23:13:07 743424 ----a-w- C:\windows\System32\generaltel.dll
2015-10-04 18:16:17 94656 ----a-w- C:\windows\System32\drivers\mountmgr.sys
2015-10-04 18:16:17 1743360 ----a-w- C:\windows\System32\sysmain.dll
2015-10-04 18:16:15 2560 ----a-w- C:\windows\System32\drivers\en-US\mountmgr.sys.mui
2015-10-04 18:16:15 11264 ----a-w- C:\windows\System32\msmmsp.dll
2015-10-04 18:15:07 52736 ----a-w- C:\windows\System32\basesrv.dll
2015-10-04 17:49:58 82432 ----a-w- C:\windows\SysWow64\davclnt.dll
2015-10-04 17:49:58 260096 ----a-w- C:\windows\System32\WebClnt.dll
2015-10-04 17:49:58 206848 ----a-w- C:\windows\SysWow64\WebClnt.dll
2015-10-04 17:49:58 102912 ----a-w- C:\windows\System32\davclnt.dll
2015-10-04 17:31:07 -------- d-s---w- C:\windows\SysWow64\Microsoft
.
==================== Find3M ====================
.
2015-10-14 19:15:34 780488 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-10-14 19:15:34 142536 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-09-04 01:12:16 1048344 ----a-w- C:\windows\System32\drivers\aswsnx.sys
2015-09-04 01:11:22 150672 ----a-w- C:\windows\System32\drivers\aswStm.sys
2015-09-04 01:11:21 93528 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2015-09-04 01:11:21 90968 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2015-09-04 01:11:21 65224 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2015-09-04 01:11:21 28656 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2015-09-04 01:11:21 274808 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2015-09-04 01:10:59 43112 ----a-w- C:\windows\avastSS.scr
2015-08-27 18:18:27 2004480 ----a-w- C:\windows\System32\msxml6.dll
2015-08-27 18:18:27 1887232 ----a-w- C:\windows\System32\msxml3.dll
2015-08-27 18:13:03 2048 ----a-w- C:\windows\System32\msxml6r.dll
2015-08-27 18:13:03 2048 ----a-w- C:\windows\System32\msxml3r.dll
2015-08-27 17:58:14 1391104 ----a-w- C:\windows\SysWow64\msxml6.dll
2015-08-27 17:58:14 1241088 ----a-w- C:\windows\SysWow64\msxml3.dll
2015-08-27 17:51:26 2048 ----a-w- C:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51:26 2048 ----a-w- C:\windows\SysWow64\msxml3r.dll
2015-08-26 18:07:11 98304 ----a-w- C:\windows\System32\wudriver.dll
2015-08-26 18:07:11 3165696 ----a-w- C:\windows\System32\wucltux.dll
2015-08-26 18:07:11 192000 ----a-w- C:\windows\System32\wuwebv.dll
2015-08-26 18:06:43 91136 ----a-w- C:\windows\System32\WinSetupUI.dll
2015-08-26 18:06:33 12288 ----a-w- C:\windows\System32\wu.upgrade.ps.dll
2015-08-26 18:06:30 37376 ----a-w- C:\windows\System32\wuapp.exe
2015-08-26 17:56:25 93184 ----a-w- C:\windows\SysWow64\wudriver.dll
2015-08-26 17:56:25 173056 ----a-w- C:\windows\SysWow64\wuwebv.dll
2015-08-26 17:55:37 34816 ----a-w- C:\windows\SysWow64\wuapp.exe
2015-08-15 06:34:10 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2015-08-15 06:33:56 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2015-08-15 06:18:47 66560 ----a-w- C:\windows\System32\iesetup.dll
2015-08-15 06:18:00 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2015-08-15 06:17:54 417792 ----a-w- C:\windows\System32\html.iec
2015-08-15 06:17:49 585216 ----a-w- C:\windows\System32\vbscript.dll
2015-08-15 06:17:25 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2015-08-15 06:04:47 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2015-08-15 06:04:46 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2015-08-15 06:04:25 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2015-08-15 06:00:44 5923328 ----a-w- C:\windows\System32\jscript9.dll
2015-08-15 05:57:20 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2015-08-15 05:53:22 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-08-15 05:46:15 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2015-08-15 05:40:29 504832 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-08-15 05:40:12 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-08-15 05:39:32 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2015-08-15 05:39:22 341504 ----a-w- C:\windows\SysWow64\html.iec
2015-08-15 05:38:34 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2015-08-15 05:29:36 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2015-08-15 05:29:12 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2015-08-15 05:22:47 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2015-08-15 05:22:03 2126336 ----a-w- C:\windows\System32\inetcpl.cpl
2015-08-15 05:16:37 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-08-15 05:10:32 4520448 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-08-15 05:07:28 2427392 ----a-w- C:\windows\System32\wininet.dll
2015-08-15 05:01:47 2052608 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-08-15 05:01:23 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2015-08-15 04:43:00 1951232 ----a-w- C:\windows\SysWow64\wininet.dll
2015-08-05 17:56:14 1110016 ----a-w- C:\windows\System32\schedsvc.dll
2015-08-05 17:56:07 24576 ----a-w- C:\windows\System32\jnwmon.dll
2015-08-05 17:56:06 275456 ----a-w- C:\windows\System32\InkEd.dll
2015-08-05 17:40:50 216064 ----a-w- C:\windows\SysWow64\InkEd.dll
2015-08-04 18:03:10 692672 ----a-w- C:\windows\System32\winload.efi
2015-08-04 18:00:24 616360 ----a-w- C:\windows\System32\winresume.efi
2015-08-04 17:56:37 59392 ----a-w- C:\windows\System32\appidapi.dll
2015-08-04 17:56:37 32768 ----a-w- C:\windows\System32\appidsvc.dll
2015-08-04 17:55:57 147456 ----a-w- C:\windows\System32\appidpolicyconverter.exe
2015-08-04 17:47:42 50688 ----a-w- C:\windows\SysWow64\appidapi.dll
2015-07-30 18:06:57 2565120 ----a-w- C:\windows\System32\d3d10warp.dll
2015-07-30 18:06:57 1648128 ----a-w- C:\windows\System32\DWrite.dll
2015-07-30 18:06:57 1180160 ----a-w- C:\windows\System32\FntCache.dll
2015-07-30 17:57:30 1987584 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2015-07-30 17:57:30 1251328 ----a-w- C:\windows\SysWow64\DWrite.dll
2015-07-23 00:06:26 5568960 ----a-w- C:\windows\System32\ntoskrnl.exe
2015-07-23 00:06:25 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2015-07-23 00:06:25 155584 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2015-07-23 00:03:19 1730496 ----a-w- C:\windows\System32\ntdll.dll
2015-07-23 00:03:07 362496 ----a-w- C:\windows\System32\wow64win.dll
2015-07-23 00:03:07 243712 ----a-w- C:\windows\System32\wow64.dll
2015-07-23 00:03:07 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2015-07-23 00:03:06 215040 ----a-w- C:\windows\System32\winsrv.dll
2015-07-23 00:01:53 31232 ----a-w- C:\windows\System32\lsass.exe
2015-07-23 00:01:39 338432 ----a-w- C:\windows\System32\conhost.exe
2015-07-23 00:01:32 64000 ----a-w- C:\windows\System32\auditpol.exe
2015-07-22 23:58:17 60416 ----a-w- C:\windows\System32\msobjs.dll
2015-07-22 23:57:53 146432 ----a-w- C:\windows\System32\msaudite.dll
2015-07-22 23:51:59 686080 ----a-w- C:\windows\System32\adtschema.dll
2015-07-22 17:57:49 3989952 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2015-07-22 17:57:49 3934656 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2015-07-22 17:54:12 1311768 ----a-w- C:\windows\SysWow64\ntdll.dll
2015-07-22 17:52:52 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2015-07-22 17:52:19 50176 ----a-w- C:\windows\SysWow64\auditpol.exe
2015-07-22 17:52:03 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2015-07-22 17:52:03 665088 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2015-07-22 17:52:03 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2015-07-22 17:52:03 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2015-07-22 17:47:28 60416 ----a-w- C:\windows\SysWow64\msobjs.dll
2015-07-22 17:46:50 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2015-07-22 16:48:49 41984 ----a-w- C:\windows\System32\UtcResources.dll
2015-07-22 16:45:48 159232 ----a-w- C:\windows\System32\drivers\mrxsmb.sys
2015-07-22 16:44:51 290816 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
2015-07-22 16:44:45 129024 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys
.
============= FINISH: 15:19:11.53 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/16/2013 10:41:07 AM
System Uptime: 10/14/2015 2:39:20 PM (1 hours ago)
.
Motherboard: LENOVO | | Base Board Product Name
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz | CPU1 | 2201/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 422 GiB total, 304.639 GiB free.
D: is FIXED (NTFS) - 29 GiB total, 26.716 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: VBoxAsw Support Driver
Device ID: ROOT\LEGACY_VBOXASWDRV\0000
Manufacturer:
Name: VBoxAsw Support Driver
PNP Device ID: ROOT\LEGACY_VBOXASWDRV\0000
Service: VBoxAswDrv
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Flash Player 19 ActiveX
Adobe Flash Player 19 NPAPI
Adobe Reader XI (11.0.08)
Adobe Story
Adobe Widget Browser
Advanced SystemCare 8
Amazon Music
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Avast Free Antivirus
Bonjour
Broadcom InConcert Maestro
Broadcom NetLink Controller
CCleaner
D3DX10
Definition Update for Microsoft Office 2010 (KB3085525) 32-Bit Edition
Driver Booster
Energy Management
GIMP 2.8.4
Google Chrome
Google Drive
Google Update Helper
GPL Ghostscript
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
IObit Uninstaller
iTunes
JMicron Flash Media Controller Driver
Junk Mail filter update
Lenovo Bluetooth with Enhanced Data Rate Software
Lenovo EasyCamera
Lenovo EE Boot Optimizer
Lenovo Games Console
Lenovo OneKey Recovery
Lenovo R.I.C. (Robust Intelligent Companion)
Lenovo YouCam
LPi Express HTD 5.3
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
Mozilla Firefox 41.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Controller Driver 266.34
NVIDIA Control Panel 268.44
NVIDIA Graphics Driver 268.44
NVIDIA Install Application
NVIDIA Optimus 1.0.21
NVIDIA Update Components
Onekey Theater
PDFCreator
PxMergeModule
QuickTime 7
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek High Definition Audio Driver
RealUpgrade 1.1
Renesas Electronics USB 3.0 Host Controller Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB3023224)
Security Update for Microsoft .NET Framework 4.5.1 (KB3035490)
Security Update for Microsoft .NET Framework 4.5.1 (KB3037581)
Security Update for Microsoft .NET Framework 4.5.1 (KB3074230)
Security Update for Microsoft .NET Framework 4.5.1 (KB3074550)
Security Update for Microsoft Excel 2010 (KB3085526) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598244) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2965310) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3054965) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB3054876) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x64
SRS Control Panel
Surfing Protection
Synaptics Pointing Device Driver
Update for Microsoft Access 2010 (KB2965300) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition
Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054962) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054964) 32-Bit Edition
Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition
Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB3055041) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB3085522) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB3085513) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition
Update for Microsoft Word 2010 (KB3085518) 32-Bit Edition
UpdateService
UserGuide
VeriFace
Video Downloader
VLC media player
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
10/9/2015 8:35:38 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
10/9/2015 7:25:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Management and Security Application User Notification Service service to connect.
10/9/2015 7:25:30 PM, Error: Service Control Manager [7000] - The Intel(R) Management and Security Application User Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/9/2015 7:24:34 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
10/9/2015 7:24:34 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/9/2015 7:23:44 PM, Error: Service Control Manager [7022] - The Windows Defender service hung on starting.
10/14/2015 2:41:08 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/14/2015 2:40:01 PM, Error: Service Control Manager [7000] - The VBoxAsw Support Driver service failed to start due to the following error: The system cannot find the file specified.
10/14/2015 2:39:47 PM, Error: Service Control Manager [7000] - The sbapifs service failed to start due to the following error: The system cannot find the file specified.
10/12/2015 9:47:22 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
10/12/2015 9:45:10 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
10/12/2015 9:44:17 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the btwdins service.
10/12/2015 9:42:01 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RealPlayerUpdateSvc service.
10/12/2015 9:41:01 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WMPNetworkSvc service.
10/12/2015 9:40:31 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
10/12/2015 9:08:07 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: %%-2147024882
10/12/2015 9:05:50 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
10/12/2015 9:05:03 AM, Error: Service Control Manager [7022] - The NVIDIA Update Service Daemon service hung on starting.
10/12/2015 8:59:10 AM, Error: volmgr [46] - Crash dump initialization failed!
10/11/2015 9:35:27 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DeleteFlag with the following error: Access is denied.
10/11/2015 4:36:00 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
.
==== End Of File ===========================
viquilla
Regular Member
 
Posts: 30
Joined: February 14th, 2014, 12:26 pm
Advertisement
Register to Remove

Re: Computer Running Extremely Slow

Unread postby pgmigg » October 14th, 2015, 10:08 pm

Hello viquilla,

Welcome back to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Computer Running Extremely Slow

Unread postby pgmigg » October 15th, 2015, 1:46 am

Hello viquilla,

Step 1.
For safety reason (to have a good registry to restore if needed), I will ask you to create a System Restore Point (SRP) before most of my instructions sets...
Create a System Restore Point
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks please click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection, then choose Create.
  4. In the System Restore dialog box, type a description for the restore point and then click Create again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK, then close the System Restore dialog.

If you have successfully created a System Restore Point... we can proceed.
If you have NOT successfully created a System Restore Point... do not go any further!
Please post back so we can determine why it was unsuccessful.


Step 2.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without into the open text entry box:
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Advanced SystemCare 8
    IObit Uninstaller
    Malwarebytes Anti-Malware version 1.75.0.1300
    Surfing Protection
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot (restart) your computer.
The Advanced SystemCare and all other programs of this type are a complete and utter waste of time, and usually cause more problems than they ever resolve.

Step 3.
AdwCleaner
Please download AdwCleaner by Xplode onto your desktop.
  1. Close all open programs and internet browsers.
  2. Right click on adwcleaner.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  3. Click on Scan. When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  4. Press the Clean button.
  5. A log file C:\AdwCleaner[Sn].txt will automatically open. ([Sn] n = number of run)
  6. Please post the content of the C:\AdwCleaner[Sn].txt log file in your next reply.

Step 4.
Image Junkware Removal Tool
  1. Please download Junkware Removal Tool and save JRT.exe to your Desktop.
  2. Shut down your protection software as shown in This topic now to avoid potential conflicts.
  3. Right click on JRT.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  4. Please be patient as this can take a while to complete depending on your system's specifications.
  5. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  6. Please post the contents of JRT.txt into your next reply.

Step 5.
TDSSKiller - Rootkit Removal Tool Image
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Right-click on TDSSKiller.exe and select "Run As Administrator...".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. Click Change parameters
  4. Under Additional Options CHECK Verify file digital signatures
  5. IMPORTANT: Ensure Detect TDLFS file system remains UNCHECKED.
  6. Click OK if changes were made.
  7. Click Start scan and allow it to scan for Malicious objects.
    • If Malicious objects are detected, the default action will be Cure, ensure SKIP is selected... then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    • If Unsigned files are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    DO NOT change the default actions, other than CURE to SKIP.
  8. You may be asked to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  9. A log will be created on your root drive (usually C:) drive. The log will have a name like Name.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  10. If no reboot is required, click on Report. A log file should appear.
  11. Please post the contents of the log file in your next reply

Step 6.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL - Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Include 64 bit scans
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the AdwCleaner[Sn].txt log file
  3. Contents of the JRT.txt log file
  4. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  5. Contents of a OTL.txt log file
  6. Contents of a Extras.txt log file
  7. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Computer Running Extremely Slow

Unread postby viquilla » October 15th, 2015, 4:40 pm

# AdwCleaner v5.013 - Logfile created 15/10/2015 at 07:55:15
# Updated 09/10/2015 by Xplode
# Database : 2015-10-13.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Monica - MONICA-PC
# Running from : C:\Users\Monica\Downloads\adwcleaner_5.013 (1).exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\4dtcn94z.default-1388114075720\user.js

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLE
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLE.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLEFIELDS
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLEFIELDS.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLEHOLDER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLEHOLDER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.LSPLOGIC
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.LSPLOGIC.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.READONLYMANAGER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.READONLYMANAGER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.WATCHDOG
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.WATCHDOG.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATACONTAINER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATACONTROLLER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATACONTROLLER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATASTATISTICS
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATASTATISTICS.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [9201 bytes] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Monica on Thu 10/15/2015 at 14:58:09.18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\windows\system32\tasks\Uninstaller_SkipUac_Monica



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{927BD2E1-2287-49D2-AE71-95F492CE662E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{927BD2E1-2287-49D2-AE71-95F492CE662E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{927BD2E1-2287-49D2-AE71-95F492CE662E}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{085B7E81-7BC8-4D6F-8B7E-27FA38F38981}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{0B59798B-7629-4A08-9DD0-F9CB3793DB5B}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{13435C83-277E-4CE2-B485-C723B1775357}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{193CCED1-1A92-4B44-B6B7-1A2DC73A53F9}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{36E2BD81-EFD8-4B30-8D58-D87E1F6C9544}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{4051F83D-A3AF-41C3-936B-8D366F6FE24A}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{4399593D-3A73-48BB-8274-12EA0A3F5ACC}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{5DCB3246-4087-4AF2-BBB7-74CA4F304534}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{74A2AAAD-31E5-4E05-99CF-C6289AC9FB58}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{7B24F914-960C-4C5A-9C89-7763A6BA7E22}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{83019B02-46F8-43B7-B60A-3B7CFC5D031D}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{8AAD93F7-6689-4C49-AA0F-5D92975ACBFE}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{92078272-4ECB-49B9-9360-327FA8EC941F}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{A0E99064-CF99-4817-A31B-9C5B7E93008C}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{A46BFCBA-BA05-4E6A-9CDA-C3498265FE45}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{A493DD3E-6D0B-4339-92EB-EA2A381E4660}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{B20ED0C8-3347-457B-B02B-0F82BFB97C4D}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{B8826A9C-9D03-43B0-B81E-DDE5BF3BC204}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{BD8A6FD1-1E1D-495B-95BB-287A52435BFC}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{C0D91508-1DCD-4AA1-A36B-90309F8C98D0}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{C1F003A7-B5FA-4990-90A4-4F9823F13FC1}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{C2D326A8-0C13-45B9-BB9A-EB3C5625D197}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{C6A7D58B-B5C8-42AE-BF7D-389CD2FA8A7C}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{D3FABD1A-9891-492F-97F4-EEDC9DD5EDB3}
Successfully deleted: [Empty Folder] C:\Users\Monica\Appdata\Local\{E851FDCC-D982-498D-A4EB-5A20EFECF187}
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\Monica\AppData\Roaming\productdata



~~~ FireFox

Successfully deleted the following from C:\Users\Monica\AppData\Roaming\mozilla\firefox\profiles\4dtcn94z.default-1388114075720\prefs.js

user_pref(extensions.ascsurfingprotection@iobit.com.install-event-fired, true);
Emptied folder: C:\Users\Monica\AppData\Roaming\mozilla\firefox\profiles\4dtcn94z.default-1388114075720\minidumps [33 files]



~~~ Chrome


[C:\Users\Monica\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Monica\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Monica\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Monica\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/15/2015 at 15:08:46.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
viquilla
Regular Member
 
Posts: 30
Joined: February 14th, 2014, 12:26 pm

Re: Computer Running Extremely Slow

Unread postby viquilla » October 15th, 2015, 4:44 pm

15:44:48.0947 0x2834 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:44:52.0920 0x2834 ============================================================
15:44:52.0920 0x2834 Current date / time: 2015/10/15 15:44:52.0920
15:44:52.0920 0x2834 SystemInfo:
15:44:52.0920 0x2834
15:44:52.0923 0x2834 OS Version: 6.1.7601 ServicePack: 1.0
15:44:52.0923 0x2834 Product type: Workstation
15:44:52.0923 0x2834 ComputerName: MONICA-PC
15:44:52.0925 0x2834 UserName: Monica
15:44:52.0925 0x2834 Windows directory: C:\windows
15:44:52.0925 0x2834 System windows directory: C:\windows
15:44:52.0925 0x2834 Running under WOW64
15:44:52.0925 0x2834 Processor architecture: Intel x64
15:44:52.0925 0x2834 Number of processors: 8
15:44:52.0925 0x2834 Page size: 0x1000
15:44:52.0925 0x2834 Boot type: Normal boot
15:44:52.0925 0x2834 ============================================================
15:44:55.0521 0x2834 KLMD registered as C:\windows\system32\drivers\34244199.sys
15:44:56.0064 0x2834 System UUID: {1A9B5628-98D2-476E-1F9E-8F27DB2DEF72}
15:44:56.0904 0x2834 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:44:56.0914 0x2834 ============================================================
15:44:56.0914 0x2834 \Device\Harddisk0\DR0:
15:44:56.0914 0x2834 MBR partitions:
15:44:56.0914 0x2834 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
15:44:56.0914 0x2834 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000
15:44:56.0951 0x2834 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800
15:44:56.0951 0x2834 ============================================================
15:44:57.0039 0x2834 C: <-> \Device\Harddisk0\DR0\Partition2
15:44:57.0194 0x2834 D: <-> \Device\Harddisk0\DR0\Partition3
15:44:57.0194 0x2834 ============================================================
15:44:57.0194 0x2834 Initialize success
15:44:57.0194 0x2834 ============================================================
15:46:01.0002 0x17f0 ============================================================
15:46:01.0002 0x17f0 Scan started
15:46:01.0002 0x17f0 Mode: Manual; SigCheck;
15:46:01.0002 0x17f0 ============================================================
15:46:01.0002 0x17f0 KSN ping started
15:46:04.0156 0x17f0 KSN ping finished: true
15:46:05.0601 0x17f0 ================ Scan system memory ========================
15:46:05.0601 0x17f0 System memory - ok
15:46:05.0601 0x17f0 ================ Scan services =============================
15:46:06.0346 0x17f0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
15:46:06.0641 0x17f0 1394ohci - ok
15:46:06.0688 0x17f0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
15:46:06.0733 0x17f0 ACPI - ok
15:46:06.0761 0x17f0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
15:46:06.0836 0x17f0 AcpiPmi - ok
15:46:06.0891 0x17f0 [ 5BBFF8B826EC38D32C26334E079C7EFC, 673D46409F0225A804B55FFB77E82AF34F8C7A93BEEF92DC3DFAC7EFCC5F09B6 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
15:46:06.0933 0x17f0 ACPIVPC - ok
15:46:07.0151 0x17f0 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:46:07.0228 0x17f0 AdobeARMservice - ok
15:46:07.0793 0x17f0 [ 541F7A3298A5AA2BA0E6B35172D3D51F, 6080B75D15B76CCB2233444C7CAD7BB3D621DB5C403C9F2D80B2FF8D0812A7F6 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:46:07.0883 0x17f0 AdobeFlashPlayerUpdateSvc - ok
15:46:07.0971 0x17f0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
15:46:08.0056 0x17f0 adp94xx - ok
15:46:08.0126 0x17f0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
15:46:08.0201 0x17f0 adpahci - ok
15:46:08.0243 0x17f0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
15:46:08.0301 0x17f0 adpu320 - ok
15:46:08.0341 0x17f0 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
15:46:08.0453 0x17f0 AeLookupSvc - ok
15:46:08.0547 0x17f0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
15:46:08.0687 0x17f0 AFD - ok
15:46:08.0727 0x17f0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
15:46:08.0787 0x17f0 agp440 - ok
15:46:08.0857 0x17f0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
15:46:08.0994 0x17f0 ALG - ok
15:46:09.0027 0x17f0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
15:46:09.0074 0x17f0 aliide - ok
15:46:09.0127 0x17f0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
15:46:09.0194 0x17f0 amdide - ok
15:46:09.0249 0x17f0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
15:46:09.0349 0x17f0 AmdK8 - ok
15:46:09.0367 0x17f0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
15:46:09.0444 0x17f0 AmdPPM - ok
15:46:09.0469 0x17f0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
15:46:09.0519 0x17f0 amdsata - ok
15:46:09.0557 0x17f0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
15:46:09.0617 0x17f0 amdsbs - ok
15:46:09.0637 0x17f0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
15:46:09.0677 0x17f0 amdxata - ok
15:46:09.0754 0x17f0 [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID C:\windows\system32\drivers\appid.sys
15:46:09.0877 0x17f0 AppID - ok
15:46:09.0914 0x17f0 [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc C:\windows\System32\appidsvc.dll
15:46:09.0994 0x17f0 AppIDSvc - ok
15:46:10.0034 0x17f0 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\windows\System32\appinfo.dll
15:46:10.0132 0x17f0 Appinfo - ok
15:46:10.0374 0x17f0 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:46:10.0444 0x17f0 Apple Mobile Device Service - ok
15:46:10.0484 0x17f0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
15:46:10.0537 0x17f0 arc - ok
15:46:10.0552 0x17f0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
15:46:10.0587 0x17f0 arcsas - ok
15:46:10.0834 0x17f0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:46:10.0912 0x17f0 aspnet_state - ok
15:46:10.0954 0x17f0 [ 525F5989C095F5757414E1F4B39175B2, 0CA28553AE4BF07C3952A6E2355FAB2B0CB862CFD88DEFD7232FD48ABA99CFCB ] aswHwid C:\windows\system32\drivers\aswHwid.sys
15:46:10.0999 0x17f0 aswHwid - ok
15:46:11.0082 0x17f0 [ 76D585093398DB973470BB83FCF0CE52, F7135232E7F50270A253C9F04574F22B827A42B2BE42DE6E391CE3A56B2EA51F ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
15:46:11.0144 0x17f0 aswMonFlt - ok
15:46:11.0207 0x17f0 [ 719FF5568B5E71832541636E2A7DFE27, C49ADB31B5DE6FCFB252290D5B831A90E555F86058500538BBD288B10CDCC46F ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
15:46:11.0249 0x17f0 aswRdr - ok
15:46:11.0269 0x17f0 [ 21C13E3C9B801C8AE172FABBD235221E, 0AE02CB0F4A87C6065159B68545DD536C4E98C8C23E954ED3392A7CE5F28868C ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
15:46:11.0314 0x17f0 aswRvrt - ok
15:46:11.0472 0x17f0 [ E0F47617EB31CD205BF68B55CE88862D, EE3ED93E51E310E1D713F8692CF2A61147C0EFCFA465969C04B85DA2E271F3E6 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
15:46:11.0542 0x17f0 aswSnx - ok
15:46:11.0657 0x17f0 [ C43A0929DE32035499D6BB39A7F44439, 6269380D25D6BFFB7C234758114B700A75BD55D654B6D93ED44D50660A86FCA7 ] aswSP C:\windows\system32\drivers\aswSP.sys
15:46:11.0737 0x17f0 aswSP - ok
15:46:11.0797 0x17f0 [ 763C27EA21875F54615A0174EEC78FC4, 4EE48D475B183DD2066781137F46A4BEE2E510B3A085B9B1385F8C0043A5BE08 ] aswStm C:\windows\system32\drivers\aswStm.sys
15:46:11.0854 0x17f0 aswStm - ok
15:46:11.0889 0x17f0 [ C85B35201A253B99199C0A9F5B98FC18, 18FF49D52035C79AD70A96FBD4663C41A58830D432DD4B9EDA6E7FCDFD12C18F ] aswVmm C:\windows\system32\drivers\aswVmm.sys
15:46:11.0962 0x17f0 aswVmm - ok
15:46:11.0987 0x17f0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
15:46:12.0084 0x17f0 AsyncMac - ok
15:46:12.0152 0x17f0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
15:46:12.0229 0x17f0 atapi - ok
15:46:12.0342 0x17f0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:46:12.0424 0x17f0 AudioEndpointBuilder - ok
15:46:12.0499 0x17f0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
15:46:12.0620 0x17f0 AudioSrv - ok
15:46:13.0298 0x17f0 [ B3C4B4BFB15E2443355A3756C37149C2, 1DAFA8E5B386B7A4D4C0AEE2E1B077C72526C5067ADD69D210852880F41976C9 ] Auth Service C:\Program Files\CE\authServer.exe
15:46:13.0433 0x17f0 Auth Service - ok
15:46:13.0543 0x17f0 [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:46:13.0635 0x17f0 avast! Antivirus - ok
15:46:13.0798 0x17f0 AvastVBoxSvc - ok
15:46:13.0843 0x17f0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
15:46:13.0995 0x17f0 AxInstSV - ok
15:46:14.0075 0x17f0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
15:46:14.0203 0x17f0 b06bdrv - ok
15:46:14.0260 0x2764 Object required for P2P: [ 541F7A3298A5AA2BA0E6B35172D3D51F ] AdobeFlashPlayerUpdateSvc
15:46:14.0303 0x17f0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
15:46:14.0393 0x17f0 b57nd60a - ok
15:46:14.0488 0x17f0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
15:46:14.0588 0x17f0 BDESVC - ok
15:46:14.0625 0x17f0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
15:46:14.0785 0x17f0 Beep - ok
15:46:14.0920 0x17f0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
15:46:15.0005 0x17f0 BFE - ok
15:46:15.0113 0x17f0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
15:46:15.0233 0x17f0 BITS - ok
15:46:15.0283 0x17f0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
15:46:15.0410 0x17f0 blbdrive - ok
15:46:15.0503 0x17f0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:46:15.0586 0x17f0 Bonjour Service - ok
15:46:15.0634 0x17f0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
15:46:15.0689 0x17f0 bowser - ok
15:46:15.0731 0x17f0 [ AAA4F992F879977A000FE8B8C730CD2C, A109D3F7CA9D49B98FDA5CA34C60055690F72400CCC96D48076FA86086E4C74D ] BPntDrv C:\windows\system32\drivers\BPntDrv.sys
15:46:15.0761 0x17f0 BPntDrv - ok
15:46:15.0814 0x17f0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
15:46:15.0914 0x17f0 BrFiltLo - ok
15:46:15.0924 0x17f0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
15:46:16.0024 0x17f0 BrFiltUp - ok
15:46:16.0096 0x17f0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
15:46:16.0196 0x17f0 Browser - ok
15:46:16.0261 0x17f0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
15:46:16.0354 0x17f0 Brserid - ok
15:46:16.0361 0x17f0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
15:46:16.0401 0x17f0 BrSerWdm - ok
15:46:16.0421 0x17f0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
15:46:16.0479 0x17f0 BrUsbMdm - ok
15:46:16.0511 0x17f0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
15:46:16.0559 0x17f0 BrUsbSer - ok
15:46:16.0619 0x17f0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
15:46:16.0759 0x17f0 BthEnum - ok
15:46:16.0814 0x17f0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
15:46:16.0916 0x17f0 BTHMODEM - ok
15:46:16.0959 0x17f0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
15:46:17.0031 0x17f0 BthPan - ok
15:46:17.0166 0x17f0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
15:46:17.0251 0x17f0 BTHPORT - ok
15:46:17.0311 0x17f0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
15:46:17.0449 0x17f0 bthserv - ok
15:46:17.0466 0x17f0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
15:46:17.0539 0x17f0 BTHUSB - ok
15:46:17.0624 0x17f0 [ F8CFAFBD5BF8B3DDB0D3C2943A5AF8CE, 5E18EFBF78FE730740419059F5D2D9E706FC63F4AF2A9A75D7A25E3574D27324 ] BTWAMPFL C:\windows\system32\DRIVERS\btwampfl.sys
15:46:17.0699 0x17f0 BTWAMPFL - ok
15:46:17.0751 0x17f0 [ 44770A3C07EBD5D6D7CD7DBA915B49BC, 341811B5C0E6FE8BE59AE24CA2285784239C13EFCD3817EA9BC5D4E9B24C4088 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
15:46:17.0786 0x17f0 btwaudio - ok
15:46:17.0806 0x17f0 [ 75B59923087AE6EB064D13D8F58A02B6, 50B970DF6F41950587C27F15CAA97854D3EA661A05FCE0CEF39EAC586996481C ] btwavdt C:\windows\system32\drivers\btwavdt.sys
15:46:17.0841 0x17f0 btwavdt - ok
15:46:18.0049 0x17f0 [ E1C1BCC8211E3AE2B524DEEF071FAF2A, F6116D48BFE0CCB6A68361063CD1A2CD6B97979E8DCBC5977A0361D6ACE997E4 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
15:46:18.0109 0x17f0 btwdins - ok
15:46:18.0139 0x17f0 [ E06FE51893B481A200214760C0DE2621, 014B8964A9F55064A61F23C78A5AEA840A4969008F87AF537244279E631AC54C ] BTWDPAN C:\windows\system32\DRIVERS\btwdpan.sys
15:46:18.0171 0x17f0 BTWDPAN - ok
15:46:18.0191 0x17f0 [ B9354F9F111C64F2495B60F1E24CB453, 67B3F5867B00F84832EF5AD649D817D27B3F200351C7C53579A63D30F8E2BFDD ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
15:46:18.0221 0x17f0 btwl2cap - ok
15:46:18.0254 0x17f0 [ 9555E15F828760341751E9183BD34E60, 8D9ED8ACC0DDF0B29903B0ED4D175CED0994F0EA30FD7401C331DDF5FF91C450 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
15:46:18.0316 0x17f0 btwrchid - ok
15:46:18.0361 0x17f0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
15:46:18.0446 0x17f0 cdfs - ok
15:46:18.0496 0x17f0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
15:46:18.0569 0x17f0 cdrom - ok
15:46:18.0621 0x17f0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
15:46:18.0714 0x17f0 CertPropSvc - ok
15:46:18.0766 0x17f0 [ D1AA461625D882546E1B753B907716D0, 508622555C081D7CF45D437AE14A70C5B2E8C0D8ECD1A5024C3CE28B4D9EBA78 ] cewd64f C:\windows\system32\Drivers\cewd64f.sys
15:46:18.0769 0x17f0 Suspicious file ( NoAccess ): C:\windows\system32\Drivers\cewd64f.sys. md5: D1AA461625D882546E1B753B907716D0, sha256: 508622555C081D7CF45D437AE14A70C5B2E8C0D8ECD1A5024C3CE28B4D9EBA78
15:46:18.0771 0x17f0 cewd64f - detected LockedFile.Multi.Generic ( 1 )
15:46:20.0949 0x2764 Object send P2P result: true
15:46:22.0489 0x17f0 Detect skipped due to KSN trusted
15:46:22.0489 0x17f0 cewd64f - ok
15:46:22.0524 0x17f0 [ 772DE9952F4257D8E5EBB6C4E27FAFBC, 9968DC1A07297E27FBF6AA357E3F3776A469A32715B3EF364050BD271CE91374 ] cewd64r C:\windows\system32\Drivers\cewd64r.sys
15:46:22.0524 0x17f0 Suspicious file ( NoAccess ): C:\windows\system32\Drivers\cewd64r.sys. md5: 772DE9952F4257D8E5EBB6C4E27FAFBC, sha256: 9968DC1A07297E27FBF6AA357E3F3776A469A32715B3EF364050BD271CE91374
15:46:22.0526 0x17f0 cewd64r - detected LockedFile.Multi.Generic ( 1 )
15:46:27.0220 0x17f0 Detect skipped due to KSN trusted
15:46:27.0220 0x17f0 cewd64r - ok
15:46:27.0270 0x17f0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
15:46:27.0383 0x17f0 circlass - ok
15:46:27.0503 0x17f0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\windows\system32\CLFS.sys
15:46:27.0575 0x17f0 CLFS - ok
15:46:27.0745 0x17f0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:27.0818 0x17f0 clr_optimization_v2.0.50727_32 - ok
15:46:27.0913 0x17f0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:46:27.0975 0x17f0 clr_optimization_v2.0.50727_64 - ok
15:46:28.0200 0x17f0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:46:28.0275 0x17f0 clr_optimization_v4.0.30319_32 - ok
15:46:28.0310 0x17f0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:46:28.0368 0x17f0 clr_optimization_v4.0.30319_64 - ok
15:46:28.0445 0x17f0 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
15:46:28.0508 0x17f0 clwvd - ok
15:46:28.0540 0x17f0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
15:46:28.0648 0x17f0 CmBatt - ok
15:46:28.0680 0x17f0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
15:46:28.0745 0x17f0 cmdide - ok
15:46:28.0860 0x17f0 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\windows\system32\Drivers\cng.sys
15:46:28.0943 0x17f0 CNG - ok
15:46:28.0985 0x17f0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
15:46:29.0048 0x17f0 Compbatt - ok
15:46:29.0100 0x17f0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
15:46:29.0195 0x17f0 CompositeBus - ok
15:46:29.0210 0x17f0 COMSysApp - ok
15:46:30.0004 0x17f0 [ 6F78BE765B6D060C040FC5E6CA864272, 1FBE1B0352E6A9B9771FCA807B313F86EC9AEB4466895F0815A257017B1878D5 ] CovenantEyesCommService C:\Program Files\CE\CovenantEyesCommService.exe
15:46:30.0196 0x17f0 CovenantEyesCommService - ok
15:46:31.0174 0x17f0 [ 39811566AFCC8F743354EF7FC2C68D68, C0B74FCB7FFBC7CFD66DBC7E07783C6AED769D2EB3B0397D7A69D575D9724A3D ] CovenantEyesProxy C:\Program Files\CE\CovenantEyesProxy.exe
15:46:31.0389 0x17f0 CovenantEyesProxy - ok
15:46:31.0461 0x17f0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
15:46:31.0511 0x17f0 crcdisk - ok
15:46:31.0571 0x17f0 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\windows\system32\cryptsvc.dll
15:46:31.0691 0x17f0 CryptSvc - ok
15:46:31.0806 0x17f0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
15:46:31.0936 0x17f0 DcomLaunch - ok
15:46:31.0969 0x17f0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
15:46:32.0046 0x17f0 defragsvc - ok
15:46:32.0084 0x17f0 [ FFD82C1C4ABB5B0859EB081664DBDA11, 4F9F97975AE35127ACDAD00AB5D0F9E2DE430E8013B2A29939752AC5AF6A030C ] DelayMan C:\windows\system32\DRIVERS\delayman.sys
15:46:32.0116 0x17f0 DelayMan - ok
15:46:32.0171 0x17f0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
15:46:32.0246 0x17f0 DfsC - ok
15:46:32.0314 0x17f0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
15:46:32.0434 0x17f0 Dhcp - ok
15:46:32.0664 0x17f0 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\windows\system32\diagtrack.dll
15:46:32.0769 0x17f0 DiagTrack - ok
15:46:32.0791 0x17f0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
15:46:32.0851 0x17f0 discache - ok
15:46:32.0896 0x17f0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
15:46:32.0966 0x17f0 Disk - ok
15:46:33.0016 0x17f0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
15:46:33.0124 0x17f0 Dnscache - ok
15:46:33.0151 0x17f0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
15:46:33.0236 0x17f0 dot3svc - ok
15:46:33.0264 0x17f0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
15:46:33.0326 0x17f0 DPS - ok
15:46:33.0396 0x17f0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
15:46:33.0499 0x17f0 drmkaud - ok
15:46:33.0649 0x17f0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
15:46:33.0739 0x17f0 DXGKrnl - ok
15:46:33.0761 0x17f0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
15:46:33.0846 0x17f0 EapHost - ok
15:46:34.0206 0x17f0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
15:46:34.0391 0x17f0 ebdrv - ok
15:46:34.0449 0x17f0 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS C:\windows\System32\lsass.exe
15:46:34.0566 0x17f0 EFS - ok
15:46:34.0686 0x17f0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
15:46:34.0806 0x17f0 ehRecvr - ok
15:46:34.0829 0x17f0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
15:46:34.0916 0x17f0 ehSched - ok
15:46:35.0019 0x17f0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
15:46:35.0101 0x17f0 elxstor - ok
15:46:35.0119 0x17f0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
15:46:35.0236 0x17f0 ErrDev - ok
15:46:35.0286 0x17f0 esgiguard - ok
15:46:35.0389 0x17f0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
15:46:35.0491 0x17f0 EventSystem - ok
15:46:35.0766 0x17f0 [ 54FC81B0162478A72A93DBBEAFB35671, 1C0FA242E81105E2BB839ED32119DAF012FA4A3DB5D0E079350449CBB0CBF033 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:46:35.0846 0x17f0 EvtEng - ok
15:46:35.0894 0x17f0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
15:46:36.0016 0x17f0 exfat - ok
15:46:36.0049 0x17f0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
15:46:36.0166 0x17f0 fastfat - ok
15:46:36.0251 0x17f0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
15:46:36.0319 0x17f0 Fax - ok
15:46:36.0394 0x17f0 [ 0BDD7984DB7AAFF6DFEFD11D82D473DB, 616B20DD438DA1F18949DD99513889D47A5773E7FD98776B61A2A654733C855E ] fbfmon C:\windows\system32\drivers\fbfmon.sys
15:46:36.0461 0x17f0 fbfmon - ok
15:46:36.0524 0x17f0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
15:46:36.0595 0x17f0 fdc - ok
15:46:36.0615 0x17f0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
15:46:36.0705 0x17f0 fdPHost - ok
15:46:36.0735 0x17f0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
15:46:36.0815 0x17f0 FDResPub - ok
15:46:36.0850 0x17f0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
15:46:36.0932 0x17f0 FileInfo - ok
15:46:36.0965 0x17f0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
15:46:37.0072 0x17f0 Filetrace - ok
15:46:37.0125 0x17f0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
15:46:37.0220 0x17f0 flpydisk - ok
15:46:37.0285 0x17f0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
15:46:37.0340 0x17f0 FltMgr - ok
15:46:37.0517 0x17f0 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\windows\system32\FntCache.dll
15:46:37.0617 0x17f0 FontCache - ok
15:46:37.0692 0x17f0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:46:37.0750 0x17f0 FontCache3.0.0.0 - ok
15:46:37.0782 0x17f0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
15:46:37.0840 0x17f0 FsDepends - ok
15:46:37.0892 0x17f0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
15:46:37.0935 0x17f0 Fs_Rec - ok
15:46:38.0007 0x17f0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
15:46:38.0082 0x17f0 fvevol - ok
15:46:38.0112 0x17f0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
15:46:38.0147 0x17f0 gagp30kx - ok
15:46:38.0205 0x17f0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:46:38.0270 0x17f0 GEARAspiWDM - ok
15:46:38.0382 0x17f0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
15:46:38.0470 0x17f0 gpsvc - ok
15:46:38.0577 0x17f0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:46:38.0645 0x17f0 gupdate - ok
15:46:38.0652 0x17f0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:46:38.0685 0x17f0 gupdatem - ok
15:46:38.0727 0x17f0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
15:46:38.0790 0x17f0 hcw85cir - ok
15:46:38.0825 0x17f0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:46:38.0890 0x17f0 HdAudAddService - ok
15:46:38.0930 0x17f0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
15:46:39.0022 0x17f0 HDAudBus - ok
15:46:39.0035 0x17f0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
15:46:39.0100 0x17f0 HidBatt - ok
15:46:39.0120 0x17f0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
15:46:39.0170 0x17f0 HidBth - ok
15:46:39.0202 0x17f0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
15:46:39.0255 0x17f0 HidIr - ok
15:46:39.0277 0x17f0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
15:46:39.0367 0x17f0 hidserv - ok
15:46:39.0435 0x17f0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
15:46:39.0527 0x17f0 HidUsb - ok
15:46:39.0560 0x17f0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
15:46:39.0677 0x17f0 hkmsvc - ok
15:46:39.0715 0x17f0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:46:39.0802 0x17f0 HomeGroupListener - ok
15:46:39.0845 0x17f0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:46:39.0925 0x17f0 HomeGroupProvider - ok
15:46:39.0977 0x17f0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
15:46:40.0040 0x17f0 HpSAMD - ok
15:46:40.0087 0x17f0 [ A57FF4C6A3CC4AA2F0C0E15E29259A8B, C4A2F6A17C93A39F9B228C930193D9D991AB4F610029BA5DA23DCBE3AA5A2AFC ] HssDRV6 C:\windows\system32\DRIVERS\hssdrv6.sys
15:46:40.0125 0x17f0 HssDRV6 - ok
15:46:40.0230 0x17f0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
15:46:40.0317 0x17f0 HTTP - ok
15:46:40.0367 0x17f0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
15:46:40.0437 0x17f0 hwpolicy - ok
15:46:40.0477 0x17f0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
15:46:40.0547 0x17f0 i8042prt - ok
15:46:40.0580 0x17f0 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
15:46:40.0622 0x17f0 iaStor - ok
15:46:40.0695 0x17f0 [ 983FC69644DDF0486C8DFEA262948D1A, 329EC95117C31E61F6D22D79CFF339D70A70522710E7DC0CED06EC95E6D4B34F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:46:40.0772 0x17f0 IAStorDataMgrSvc - ok
15:46:40.0862 0x17f0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
15:46:40.0970 0x17f0 iaStorV - ok
15:46:41.0152 0x17f0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:46:41.0222 0x17f0 idsvc - ok
15:46:41.0257 0x17f0 IEEtwCollectorService - ok
15:46:42.0265 0x17f0 [ 795C99DC4F574C97C03D0BB39CF099EE, 67310B52F7A1B83A66872B961F347B1BD104C8A83A01F60507705B2ACEA76B71 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
15:46:42.0640 0x17f0 igfx - ok
15:46:42.0717 0x17f0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
15:46:42.0752 0x17f0 iirsp - ok
15:46:42.0805 0x17f0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
15:46:42.0882 0x17f0 IKEEXT - ok
15:46:43.0300 0x17f0 [ FA2B7507CD49908B2260949E52F8B9FE, 0EA0B3B25A3B668CA18313E34138DADA5C9835E476A1BFC56588B946DF0A92E0 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
15:46:43.0432 0x17f0 IntcAzAudAddService - ok
15:46:43.0517 0x17f0 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
15:46:43.0662 0x17f0 IntcDAud - ok
15:46:43.0717 0x17f0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
15:46:43.0780 0x17f0 intelide - ok
15:46:43.0832 0x17f0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
15:46:43.0927 0x17f0 intelppm - ok
15:46:43.0997 0x17f0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
15:46:44.0120 0x17f0 IPBusEnum - ok
15:46:44.0160 0x17f0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
15:46:44.0295 0x17f0 IpFilterDriver - ok
15:46:44.0405 0x17f0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
15:46:44.0480 0x17f0 iphlpsvc - ok
15:46:44.0500 0x17f0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
15:46:44.0540 0x17f0 IPMIDRV - ok
15:46:44.0560 0x17f0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
15:46:44.0637 0x17f0 IPNAT - ok
15:46:44.0790 0x17f0 [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:46:44.0840 0x17f0 iPod Service - ok
15:46:44.0892 0x17f0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
15:46:45.0010 0x17f0 IRENUM - ok
15:46:45.0042 0x17f0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
15:46:45.0107 0x17f0 isapnp - ok
15:46:45.0150 0x17f0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
15:46:45.0197 0x17f0 iScsiPrt - ok
15:46:45.0242 0x17f0 [ E56417C56B6A7316B6F527C890A1860D, 906F361967E56D8254A264E5005FA9F9251510311C88BD305BF92E66CA2E33B2 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
15:46:45.0312 0x17f0 JMCR - ok
15:46:45.0362 0x17f0 [ 2DAAF4A6AE9AAA3B95FDAC1CDB54D870, 6957ADAEE247808F6EB6A514CAFE7A145006322810A375C1E3C34C4A6CF9C5E8 ] JmUsbCcgp C:\windows\system32\DRIVERS\jmccgp.sys
15:46:45.0437 0x17f0 JmUsbCcgp - ok
15:46:45.0482 0x17f0 [ CEE475D1955602F9B5F10BEA243721E4, 636E16B63A8A9309B72A5D6CBF87DB50CC253B8C37729F80D2C9E370517FC430 ] JmUsbVideo C:\windows\system32\Drivers\jmcam.sys
15:46:45.0532 0x17f0 JmUsbVideo - ok
15:46:45.0552 0x17f0 [ FC0DBA6C704C55C1089D540024437241, 59F076B0B248A9D5B03E19735F04DF7154BB20B333F6901FB0635605CFF20D4F ] JmUsbVideo2 C:\windows\system32\Drivers\jmcam_lo.sys
15:46:45.0587 0x17f0 JmUsbVideo2 - ok
15:46:45.0685 0x17f0 [ 6EEB253FABF511192D05841B47A15FF9, 395F31E8FC186C07B4DF86FEC84429F00FA2BCA892864F616F1D2B3113A2288D ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys
15:46:45.0772 0x17f0 k57nd60a - ok
15:46:45.0827 0x17f0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
15:46:45.0920 0x17f0 kbdclass - ok
15:46:45.0955 0x17f0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
15:46:46.0010 0x17f0 kbdhid - ok
15:46:46.0047 0x17f0 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso C:\windows\system32\lsass.exe
15:46:46.0087 0x17f0 KeyIso - ok
15:46:46.0142 0x17f0 [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
15:46:46.0187 0x17f0 KSecDD - ok
15:46:46.0242 0x17f0 [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
15:46:46.0312 0x17f0 KSecPkg - ok
15:46:46.0367 0x17f0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
15:46:46.0470 0x17f0 ksthunk - ok
15:46:46.0525 0x17f0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
15:46:46.0607 0x17f0 KtmRm - ok
15:46:46.0668 0x17f0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
15:46:46.0788 0x17f0 LanmanServer - ok
15:46:46.0816 0x17f0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:46:46.0893 0x17f0 LanmanWorkstation - ok
15:46:46.0938 0x17f0 [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
15:46:47.0018 0x17f0 LHDmgr - ok
15:46:47.0386 0x17f0 [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
15:46:47.0503 0x17f0 LiveUpdateSvc - ok
15:46:47.0553 0x17f0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
15:46:47.0641 0x17f0 lltdio - ok
15:46:47.0696 0x17f0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
15:46:47.0791 0x17f0 lltdsvc - ok
15:46:47.0816 0x17f0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
15:46:47.0876 0x17f0 lmhosts - ok
15:46:47.0968 0x17f0 [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:46:48.0048 0x17f0 LMS - ok
15:46:48.0103 0x17f0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
15:46:48.0166 0x17f0 LSI_FC - ok
15:46:48.0198 0x17f0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
15:46:48.0238 0x17f0 LSI_SAS - ok
15:46:48.0256 0x17f0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
15:46:48.0296 0x17f0 LSI_SAS2 - ok
15:46:48.0321 0x17f0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
15:46:48.0363 0x17f0 LSI_SCSI - ok
15:46:48.0403 0x17f0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
15:46:48.0513 0x17f0 luafv - ok
15:46:48.0551 0x17f0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
15:46:48.0626 0x17f0 Mcx2Svc - ok
15:46:48.0653 0x17f0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
15:46:48.0701 0x17f0 megasas - ok
15:46:48.0781 0x17f0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
15:46:48.0871 0x17f0 MegaSR - ok
15:46:48.0896 0x17f0 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
15:46:48.0946 0x17f0 MEIx64 - ok
15:46:49.0243 0x17f0 Microsoft SharePoint Workspace Audit Service - ok
15:46:49.0278 0x17f0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
15:46:49.0431 0x17f0 MMCSS - ok
15:46:49.0471 0x17f0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
15:46:49.0543 0x17f0 Modem - ok
15:46:49.0578 0x17f0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
15:46:49.0673 0x17f0 monitor - ok
15:46:49.0713 0x17f0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
15:46:49.0761 0x17f0 mouclass - ok
15:46:49.0798 0x17f0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\drivers\mouhid.sys
15:46:49.0871 0x17f0 mouhid - ok
15:46:49.0933 0x17f0 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
15:46:49.0983 0x17f0 mountmgr - ok
15:46:50.0073 0x17f0 [ 6215DA3AD492CFBEBEE2ADBED0A6CC22, 07B290B58EF722825D50AF97E10B7098A2118B3F335E1FFF8F9E5E9AF7A0A6CE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:46:50.0108 0x17f0 MozillaMaintenance - ok
15:46:50.0143 0x17f0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
15:46:50.0191 0x17f0 mpio - ok
15:46:50.0203 0x17f0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
15:46:50.0273 0x17f0 mpsdrv - ok
15:46:50.0368 0x17f0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
15:46:50.0451 0x17f0 MpsSvc - ok
15:46:50.0486 0x17f0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
15:46:50.0548 0x17f0 MRxDAV - ok
15:46:50.0591 0x17f0 [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
15:46:50.0658 0x17f0 mrxsmb - ok
15:46:50.0688 0x17f0 [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
15:46:50.0736 0x17f0 mrxsmb10 - ok
15:46:50.0761 0x17f0 [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
15:46:50.0801 0x17f0 mrxsmb20 - ok
15:46:50.0823 0x17f0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
15:46:50.0856 0x17f0 msahci - ok
15:46:50.0901 0x17f0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
15:46:50.0966 0x17f0 msdsm - ok
15:46:50.0991 0x17f0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
15:46:51.0066 0x17f0 MSDTC - ok
15:46:51.0093 0x17f0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
15:46:51.0193 0x17f0 Msfs - ok
15:46:51.0243 0x17f0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
15:46:51.0316 0x17f0 mshidkmdf - ok
15:46:51.0328 0x17f0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
15:46:51.0361 0x17f0 msisadrv - ok
15:46:51.0423 0x17f0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
15:46:51.0508 0x17f0 MSiSCSI - ok
15:46:51.0513 0x17f0 msiserver - ok
15:46:51.0588 0x17f0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
15:46:51.0659 0x17f0 MSKSSRV - ok
15:46:51.0679 0x17f0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
15:46:51.0737 0x17f0 MSPCLOCK - ok
15:46:51.0757 0x17f0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
15:46:51.0877 0x17f0 MSPQM - ok
15:46:51.0932 0x17f0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
15:46:52.0007 0x17f0 MsRPC - ok
15:46:52.0024 0x17f0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
15:46:52.0069 0x17f0 mssmbios - ok
15:46:52.0129 0x17f0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
15:46:52.0219 0x17f0 MSTEE - ok
15:46:52.0239 0x17f0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
15:46:52.0277 0x17f0 MTConfig - ok
15:46:52.0299 0x17f0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
15:46:52.0332 0x17f0 Mup - ok
15:46:52.0377 0x17f0 [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0, 165EE2AB6F989E8D48AA52121B608510E932106835DA43071CC6476630C012FE ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:46:52.0457 0x17f0 MyWiFiDHCPDNS - ok
15:46:52.0504 0x17f0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
15:46:52.0587 0x17f0 napagent - ok
15:46:52.0672 0x17f0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
15:46:52.0802 0x17f0 NativeWifiP - ok
15:46:53.0089 0x17f0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
15:46:53.0152 0x17f0 NDIS - ok
15:46:53.0197 0x17f0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
15:46:53.0309 0x17f0 NdisCap - ok
15:46:53.0337 0x17f0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
15:46:53.0419 0x17f0 NdisTapi - ok
15:46:53.0449 0x17f0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
15:46:53.0524 0x17f0 Ndisuio - ok
15:46:53.0569 0x17f0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
15:46:53.0672 0x17f0 NdisWan - ok
15:46:53.0687 0x17f0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
15:46:53.0744 0x17f0 NDProxy - ok
15:46:53.0794 0x17f0 [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\windows\system32\DRIVERS\netaapl64.sys
15:46:53.0814 0x17f0 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
15:46:57.0147 0x17f0 Detect skipped due to KSN trusted
15:46:57.0147 0x17f0 Netaapl - ok
15:46:57.0182 0x17f0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
15:46:57.0279 0x17f0 NetBIOS - ok
15:46:57.0299 0x17f0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
15:46:57.0372 0x17f0 NetBT - ok
15:46:57.0392 0x17f0 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon C:\windows\system32\lsass.exe
15:46:57.0432 0x17f0 Netlogon - ok
15:46:57.0509 0x17f0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
15:46:57.0639 0x17f0 Netman - ok
15:46:57.0744 0x17f0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:57.0819 0x17f0 NetMsmqActivator - ok
15:46:57.0852 0x17f0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:57.0917 0x17f0 NetPipeActivator - ok
15:46:58.0007 0x17f0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
15:46:58.0139 0x17f0 netprofm - ok
15:46:58.0162 0x17f0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:58.0199 0x17f0 NetTcpActivator - ok
15:46:58.0209 0x17f0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:58.0249 0x17f0 NetTcpPortSharing - ok
15:46:59.0350 0x17f0 [ C0ED8FA7BC077B0045C4368D4BB214C5, E39D47157229ACAB77AF593F9FE26F7B21E1E0EFF139D97E23AD1B107CE38E5F ] NETwNs64 C:\windows\system32\DRIVERS\NETwsw00.sys
15:46:59.0686 0x17f0 NETwNs64 - ok
15:46:59.0741 0x17f0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
15:46:59.0776 0x17f0 nfrd960 - ok
15:46:59.0813 0x17f0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
15:46:59.0906 0x17f0 NlaSvc - ok
15:46:59.0928 0x17f0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
15:47:00.0013 0x17f0 Npfs - ok
15:47:00.0038 0x17f0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
15:47:00.0098 0x17f0 nsi - ok
15:47:00.0116 0x17f0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
15:47:00.0188 0x17f0 nsiproxy - ok
15:47:00.0398 0x17f0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
15:47:00.0476 0x17f0 Ntfs - ok
15:47:00.0518 0x17f0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
15:47:00.0591 0x17f0 Null - ok
15:47:00.0628 0x17f0 [ A7127E86F9FFE2A53E271B56B2C4CEDF, 9C8D60290B66976BBC6E6FE0C2B8EBBCF65B019C95116565CA75098E9F66C05D ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
15:47:00.0726 0x17f0 nusb3hub - ok
15:47:00.0758 0x17f0 [ 49BBEC6F48D5F9284B03ABF3A959B19B, 688AFDFA9E2F0AB3BDE22EC55C70FD592AA0236557DA9310E1557C083307CEC5 ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
15:47:01.0283 0x17f0 nusb3xhc - ok
15:47:02.0523 0x17f0 [ E56852A3743C2FBC46C9AF4B687522CA, ACE3C07D6CB26426CE5B06C924D0CE40FCAB5876432624041CA8D698206A9A5C ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
15:47:02.0896 0x17f0 nvlddmkm - ok
15:47:02.0958 0x17f0 [ D38952A15D728EB5AC9C6618A65FDFDE, 02579383A603ECB83C4F0CBA26A1C53BE4164FDB79E038AA8D4E85983EA4723D ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
15:47:03.0013 0x17f0 nvpciflt - ok
15:47:03.0053 0x17f0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
15:47:03.0088 0x17f0 nvraid - ok
15:47:03.0106 0x17f0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
15:47:03.0143 0x17f0 nvstor - ok
15:47:03.0346 0x17f0 [ DD9AC38BD31D8ADBC3138BD868B52289, FDF661FDC98BE66C2588C905B3F3325DA0F3669A59ED37242C9AAE8304C9C93F ] NVSvc C:\windows\system32\nvvsvc.exe
15:47:03.0426 0x17f0 NVSvc - ok
15:47:03.0701 0x17f0 [ 7C804B02415A58B0C01E79DA44BE2E32, 93E8D4DD64F1B0A548904D89D0D9816D734AE4F145D6AE50878B8A635BCFDC18 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:47:03.0783 0x17f0 nvUpdatusService - ok
15:47:03.0826 0x17f0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
15:47:03.0861 0x17f0 nv_agp - ok
15:47:03.0906 0x17f0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
15:47:03.0946 0x17f0 ohci1394 - ok
15:47:04.0061 0x17f0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:47:04.0111 0x17f0 ose - ok
15:47:04.0686 0x17f0 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:47:04.0846 0x17f0 osppsvc - ok
15:47:04.0893 0x17f0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
15:47:05.0001 0x17f0 p2pimsvc - ok
15:47:05.0051 0x17f0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
15:47:05.0108 0x17f0 p2psvc - ok
15:47:05.0153 0x17f0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
15:47:05.0273 0x17f0 Parport - ok
15:47:05.0303 0x17f0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
15:47:05.0371 0x17f0 partmgr - ok
15:47:05.0423 0x17f0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
15:47:05.0511 0x17f0 PcaSvc - ok
15:47:05.0551 0x17f0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
15:47:05.0626 0x17f0 pci - ok
15:47:05.0703 0x17f0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
15:47:05.0768 0x17f0 pciide - ok
15:47:05.0806 0x17f0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
15:47:05.0861 0x17f0 pcmcia - ok
15:47:05.0888 0x17f0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
15:47:05.0921 0x17f0 pcw - ok
15:47:06.0001 0x17f0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
15:47:06.0096 0x17f0 PEAUTH - ok
15:47:06.0391 0x17f0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
15:47:06.0511 0x17f0 PerfHost - ok
15:47:06.0696 0x17f0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
15:47:06.0808 0x17f0 pla - ok
15:47:06.0926 0x17f0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
15:47:07.0038 0x17f0 PlugPlay - ok
15:47:07.0061 0x17f0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
15:47:07.0113 0x17f0 PNRPAutoReg - ok
15:47:07.0196 0x17f0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
15:47:07.0306 0x17f0 PNRPsvc - ok
15:47:07.0418 0x17f0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
15:47:07.0526 0x17f0 PolicyAgent - ok
15:47:07.0591 0x17f0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
15:47:07.0713 0x17f0 Power - ok
15:47:07.0766 0x17f0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
15:47:07.0853 0x17f0 PptpMiniport - ok
15:47:07.0878 0x17f0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
15:47:07.0931 0x17f0 Processor - ok
15:47:08.0001 0x17f0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
15:47:08.0098 0x17f0 ProfSvc - ok
15:47:08.0111 0x17f0 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\windows\system32\lsass.exe
15:47:08.0166 0x17f0 ProtectedStorage - ok
15:47:08.0213 0x17f0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
15:47:08.0286 0x17f0 Psched - ok
15:47:08.0371 0x17f0 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
15:47:08.0418 0x17f0 PxHlpa64 - ok
15:47:08.0616 0x17f0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
15:47:08.0688 0x17f0 ql2300 - ok
15:47:08.0718 0x17f0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
15:47:08.0753 0x17f0 ql40xx - ok
15:47:08.0791 0x17f0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
15:47:08.0841 0x17f0 QWAVE - ok
15:47:08.0868 0x17f0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
15:47:08.0928 0x17f0 QWAVEdrv - ok
15:47:08.0938 0x17f0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
15:47:08.0998 0x17f0 RasAcd - ok
15:47:09.0056 0x17f0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
15:47:09.0126 0x17f0 RasAgileVpn - ok
15:47:09.0173 0x17f0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
15:47:09.0276 0x17f0 RasAuto - ok
15:47:09.0311 0x17f0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
15:47:09.0463 0x17f0 Rasl2tp - ok
15:47:09.0543 0x17f0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
15:47:09.0673 0x17f0 RasMan - ok
15:47:09.0716 0x17f0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
15:47:09.0793 0x17f0 RasPppoe - ok
15:47:09.0808 0x17f0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
15:47:09.0886 0x17f0 RasSstp - ok
15:47:09.0913 0x17f0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
15:47:09.0981 0x17f0 rdbss - ok
15:47:10.0003 0x17f0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
15:47:10.0046 0x17f0 rdpbus - ok
15:47:10.0078 0x17f0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
15:47:10.0138 0x17f0 RDPCDD - ok
15:47:10.0153 0x17f0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
15:47:10.0261 0x17f0 RDPENCDD - ok
15:47:10.0276 0x17f0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
15:47:10.0368 0x17f0 RDPREFMP - ok
15:47:10.0478 0x17f0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
15:47:10.0566 0x17f0 RdpVideoMiniport - ok
15:47:10.0653 0x17f0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
15:47:10.0696 0x17f0 RDPWD - ok
15:47:10.0761 0x17f0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
15:47:10.0798 0x17f0 rdyboost - ok
15:47:10.0871 0x17f0 [ 590DE2C0FF4E367050239BD1DDC912C1, B8D1D01C276C15EDA5B6BE5F1FD16315063D1C9BA6D22D51AED51FC93D417A17 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
15:47:10.0903 0x17f0 RealNetworks Downloader Resolver Service - ok
15:47:11.0158 0x17f0 [ AC36A47C010100B7EDFB2A70114D3E89, 3051841EB4FC8A9CDA5B1B9168D459A639F7E588E859F51D6B865CD073CFCE13 ] RealPlayer Cloud Service c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
15:47:11.0218 0x17f0 RealPlayer Cloud Service - ok
15:47:11.0281 0x17f0 [ A650FA927A4D1D71C53E317A0DDD6B7E, F1D476213CE15E0060440CDBF36806649F172408EC0977A35AEE67F30C43B15A ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
15:47:11.0313 0x17f0 RealPlayerUpdateSvc - ok
15:47:11.0496 0x17f0 [ A436F5E7D80BBDBB0826D0F176D5BEA8, 7862CE61F182C7613E34415C01AC1C228F79A45470CFD1D316DF2BD24EE09E3C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:47:11.0548 0x17f0 RegSrvc - ok
15:47:11.0581 0x17f0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
15:47:11.0653 0x17f0 RemoteAccess - ok
15:47:11.0681 0x17f0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
15:47:11.0768 0x17f0 RemoteRegistry - ok
15:47:11.0838 0x17f0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
15:47:11.0938 0x17f0 RFCOMM - ok
15:47:12.0006 0x17f0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
15:47:12.0098 0x17f0 RpcEptMapper - ok
15:47:12.0143 0x17f0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
15:47:12.0183 0x17f0 RpcLocator - ok
15:47:12.0228 0x17f0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
15:47:12.0301 0x17f0 RpcSs - ok
15:47:12.0343 0x17f0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
15:47:12.0491 0x17f0 rspndr - ok
15:47:12.0623 0x17f0 [ DABD4AB3D049ECA6AFFD61B63A997728, 6F89D5AF4A02F7FC455922533D14486D4ED86E005523302A917E4F12B70B3794 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
15:47:12.0716 0x17f0 RtkAudioService - ok
15:47:12.0764 0x17f0 [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
15:47:12.0829 0x17f0 RTL8167 - ok
15:47:12.0857 0x17f0 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs C:\windows\system32\lsass.exe
15:47:12.0904 0x17f0 SamSs - ok
15:47:12.0927 0x17f0 sbapifs - ok
15:47:12.0944 0x17f0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
15:47:12.0979 0x17f0 sbp2port - ok
15:47:13.0104 0x17f0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
15:47:13.0187 0x17f0 SCardSvr - ok
15:47:13.0199 0x17f0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
15:47:13.0259 0x17f0 scfilter - ok
15:47:13.0392 0x17f0 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\windows\system32\schedsvc.dll
15:47:13.0482 0x17f0 Schedule - ok
15:47:13.0539 0x17f0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
15:47:13.0599 0x17f0 SCPolicySvc - ok
15:47:13.0644 0x17f0 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
15:47:13.0737 0x17f0 sdbus - ok
15:47:13.0764 0x17f0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
15:47:13.0832 0x17f0 SDRSVC - ok
15:47:13.0894 0x17f0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
15:47:13.0959 0x17f0 secdrv - ok
15:47:13.0989 0x17f0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
15:47:14.0052 0x17f0 seclogon - ok
15:47:14.0077 0x17f0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
15:47:14.0139 0x17f0 SENS - ok
15:47:14.0162 0x17f0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
15:47:14.0204 0x17f0 SensrSvc - ok
15:47:14.0282 0x17f0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
15:47:14.0692 0x17f0 Serenum - ok
15:47:14.0732 0x17f0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
15:47:14.0787 0x17f0 Serial - ok
15:47:14.0817 0x17f0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
15:47:14.0857 0x17f0 sermouse - ok
15:47:14.0927 0x17f0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
15:47:14.0992 0x17f0 SessionEnv - ok
15:47:15.0009 0x17f0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
15:47:15.0077 0x17f0 sffdisk - ok
15:47:15.0097 0x17f0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
15:47:15.0149 0x17f0 sffp_mmc - ok
15:47:15.0164 0x17f0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
15:47:15.0212 0x17f0 sffp_sd - ok
15:47:15.0237 0x17f0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
15:47:15.0274 0x17f0 sfloppy - ok
15:47:15.0367 0x17f0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
15:47:15.0437 0x17f0 SharedAccess - ok
15:47:15.0517 0x17f0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:47:15.0614 0x17f0 ShellHWDetection - ok
15:47:15.0654 0x17f0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
15:47:15.0689 0x17f0 SiSRaid2 - ok
15:47:15.0717 0x17f0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
15:47:15.0752 0x17f0 SiSRaid4 - ok
15:47:15.0774 0x17f0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
15:47:15.0847 0x17f0 Smb - ok
15:47:15.0874 0x17f0 [ 5476D773EE180AEB9CADA786EA131777, BEBC1788A63FFC54047BE6633F8C3AF10F5E26C1F5B8255DAD88CEF81544B07C ] SmbDrvI C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
15:47:15.0907 0x17f0 SmbDrvI - ok
15:47:15.0932 0x17f0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
15:47:15.0979 0x17f0 SNMPTRAP - ok
15:47:15.0999 0x17f0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
15:47:16.0032 0x17f0 spldr - ok
15:47:16.0117 0x17f0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
15:47:16.0187 0x17f0 Spooler - ok
15:47:16.0482 0x17f0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
15:47:16.0634 0x17f0 sppsvc - ok
15:47:16.0677 0x17f0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
15:47:16.0739 0x17f0 sppuinotify - ok
15:47:16.0817 0x17f0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
15:47:16.0914 0x17f0 srv - ok
15:47:16.0989 0x17f0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
15:47:17.0082 0x17f0 srv2 - ok
15:47:17.0122 0x17f0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
15:47:17.0179 0x17f0 srvnet - ok
15:47:17.0247 0x17f0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
15:47:17.0357 0x17f0 SSDPSRV - ok
15:47:17.0374 0x17f0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
15:47:17.0464 0x17f0 SstpSvc - ok
15:47:17.0517 0x17f0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
15:47:17.0549 0x17f0 stexstor - ok
15:47:17.0607 0x17f0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
15:47:17.0667 0x17f0 stisvc - ok
15:47:17.0722 0x17f0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys
15:47:17.0754 0x17f0 swenum - ok
15:47:17.0949 0x17f0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
15:47:18.0037 0x17f0 swprv - ok
15:47:18.0154 0x17f0 [ 0CF653915EF33C2B6A98C7EF2F231D56, 0CBDB7BAFD70C76C022E0643FAAD759DF471AD55A6AFCC8ECBCB5678DD1153EB ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
15:47:18.0224 0x17f0 SynTP - ok
15:47:18.0427 0x17f0 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\windows\system32\sysmain.dll
15:47:18.0512 0x17f0 SysMain - ok
15:47:18.0549 0x17f0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
15:47:18.0669 0x17f0 TabletInputService - ok
15:47:18.0694 0x17f0 [ 83C57F165F0216E5CE40D7E4E00DC76D, F3740283A5DB8EF69A6A2AC52D6506FBA5423C6548AAF3A272A13F9F582A2792 ] taphss6 C:\windows\system32\DRIVERS\taphss6.sys
15:47:18.0764 0x17f0 taphss6 - ok
15:47:18.0817 0x17f0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
15:47:18.0909 0x17f0 TapiSrv - ok
15:47:18.0942 0x17f0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
15:47:19.0059 0x17f0 TBS - ok
15:47:19.0327 0x17f0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
15:47:19.0409 0x17f0 Tcpip - ok
15:47:19.0599 0x17f0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
15:47:19.0682 0x17f0 TCPIP6 - ok
15:47:19.0707 0x17f0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
15:47:19.0764 0x17f0 tcpipreg - ok
15:47:19.0794 0x17f0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
15:47:19.0832 0x17f0 TDPIPE - ok
15:47:19.0854 0x17f0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
15:47:19.0927 0x17f0 TDTCP - ok
15:47:19.0954 0x17f0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
15:47:20.0037 0x17f0 tdx - ok
15:47:20.0089 0x17f0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys
15:47:20.0157 0x17f0 TermDD - ok
15:47:20.0287 0x17f0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
15:47:20.0367 0x17f0 TermService - ok
15:47:20.0394 0x17f0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
15:47:20.0439 0x17f0 Themes - ok
15:47:20.0492 0x17f0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
15:47:20.0587 0x17f0 THREADORDER - ok
15:47:20.0602 0x17f0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
15:47:20.0699 0x17f0 TrkWks - ok
15:47:20.0847 0x17f0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:47:20.0994 0x17f0 TrustedInstaller - ok
15:47:21.0024 0x17f0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
15:47:21.0084 0x17f0 tssecsrv - ok
15:47:21.0127 0x17f0 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
15:47:21.0164 0x17f0 TsUsbFlt - ok
15:47:21.0189 0x17f0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
15:47:21.0227 0x17f0 TsUsbGD - ok
15:47:21.0289 0x17f0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
15:47:21.0362 0x17f0 tunnel - ok
15:47:21.0384 0x17f0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
15:47:21.0419 0x17f0 uagp35 - ok
15:47:21.0472 0x17f0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
15:47:21.0539 0x17f0 udfs - ok
15:47:21.0567 0x17f0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
15:47:21.0639 0x17f0 UI0Detect - ok
15:47:21.0664 0x17f0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
15:47:21.0699 0x17f0 uliagpkx - ok
15:47:21.0723 0x17f0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
15:47:21.0763 0x17f0 umbus - ok
15:47:21.0785 0x17f0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
15:47:21.0823 0x17f0 UmPass - ok
15:47:22.0163 0x17f0 [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:47:22.0263 0x17f0 UNS - ok
15:47:22.0473 0x17f0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
15:47:22.0548 0x17f0 upnphost - ok
15:47:22.0615 0x17f0 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
15:47:22.0655 0x17f0 USBAAPL64 - ok
15:47:22.0700 0x17f0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
15:47:22.0740 0x17f0 usbccgp - ok
15:47:22.0768 0x17f0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
15:47:22.0813 0x17f0 usbcir - ok
15:47:22.0833 0x17f0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
15:47:22.0870 0x17f0 usbehci - ok
15:47:22.0913 0x17f0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
15:47:22.0970 0x17f0 usbhub - ok
15:47:23.0000 0x17f0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
15:47:23.0038 0x17f0 usbohci - ok
15:47:23.0070 0x17f0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
15:47:23.0113 0x17f0 usbprint - ok
15:47:23.0160 0x17f0 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
15:47:23.0213 0x17f0 usbscan - ok
15:47:23.0230 0x17f0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
15:47:23.0270 0x17f0 USBSTOR - ok
15:47:23.0320 0x17f0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
15:47:23.0358 0x17f0 usbuhci - ok
15:47:23.0398 0x17f0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
15:47:23.0438 0x17f0 usbvideo - ok
15:47:23.0470 0x17f0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
15:47:23.0535 0x17f0 UxSms - ok
15:47:23.0583 0x17f0 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc C:\windows\system32\lsass.exe
15:47:23.0623 0x17f0 VaultSvc - ok
15:47:23.0708 0x17f0 VBoxAswDrv - ok
15:47:23.0735 0x17f0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
15:47:23.0768 0x17f0 vdrvroot - ok
15:47:23.0808 0x17f0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
15:47:23.0905 0x17f0 vds - ok
15:47:23.0918 0x17f0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
15:47:23.0958 0x17f0 vga - ok
15:47:23.0970 0x17f0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
15:47:24.0030 0x17f0 VgaSave - ok
15:47:24.0055 0x17f0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
15:47:24.0093 0x17f0 vhdmp - ok
15:47:24.0128 0x17f0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
15:47:24.0160 0x17f0 viaide - ok
15:47:24.0173 0x17f0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
15:47:24.0208 0x17f0 volmgr - ok
15:47:24.0230 0x17f0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
15:47:24.0270 0x17f0 volmgrx - ok
15:47:24.0328 0x17f0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
15:47:24.0368 0x17f0 volsnap - ok
15:47:24.0415 0x17f0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
15:47:24.0453 0x17f0 vsmraid - ok
15:47:24.0718 0x17f0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
15:47:24.0860 0x17f0 VSS - ok
15:47:24.0903 0x17f0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
15:47:24.0953 0x17f0 vwifibus - ok
15:47:24.0985 0x17f0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
15:47:25.0028 0x17f0 vwififlt - ok
15:47:25.0043 0x17f0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
15:47:25.0085 0x17f0 vwifimp - ok
15:47:25.0155 0x17f0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
15:47:25.0233 0x17f0 W32Time - ok
15:47:25.0263 0x17f0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
15:47:25.0340 0x17f0 WacomPen - ok
15:47:25.0380 0x17f0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
15:47:25.0505 0x17f0 WANARP - ok
15:47:25.0515 0x17f0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
15:47:25.0583 0x17f0 Wanarpv6 - ok
15:47:25.0715 0x17f0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
15:47:25.0808 0x17f0 WatAdminSvc - ok
15:47:25.0935 0x17f0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
15:47:26.0035 0x17f0 wbengine - ok
15:47:26.0063 0x17f0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
15:47:26.0150 0x17f0 WbioSrvc - ok
15:47:26.0195 0x17f0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
viquilla
Regular Member
 
Posts: 30
Joined: February 14th, 2014, 12:26 pm

Re: Computer Running Extremely Slow

Unread postby viquilla » October 15th, 2015, 4:44 pm

15:47:26.0283 0x17f0 wcncsvc - ok
15:47:26.0295 0x17f0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:47:26.0338 0x17f0 WcsPlugInService - ok
15:47:26.0433 0x17f0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
15:47:26.0493 0x17f0 Wd - ok
15:47:26.0553 0x17f0 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\windows\system32\DRIVERS\wdcsam64.sys
15:47:26.0628 0x17f0 WDC_SAM - ok
15:47:26.0738 0x17f0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
15:47:26.0813 0x17f0 Wdf01000 - ok
15:47:26.0850 0x17f0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
15:47:26.0923 0x17f0 WdiServiceHost - ok
15:47:26.0928 0x17f0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
15:47:26.0970 0x17f0 WdiSystemHost - ok
15:47:27.0018 0x17f0 [ 94DC2BF6CBAAA95E369C3756D3115A76, 3DF44939ADBB4E30896993A85470BE5E16B1A3EDADFDD8F113D9615A6E431C12 ] wdkmd C:\windows\system32\DRIVERS\WDKMD.sys
15:47:27.0083 0x17f0 wdkmd - ok
15:47:27.0118 0x17f0 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\windows\System32\webclnt.dll
15:47:27.0203 0x17f0 WebClient - ok
15:47:27.0253 0x17f0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
15:47:27.0338 0x17f0 Wecsvc - ok
15:47:27.0358 0x17f0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
15:47:27.0438 0x17f0 wercplsupport - ok
15:47:27.0465 0x17f0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
15:47:27.0555 0x17f0 WerSvc - ok
15:47:27.0610 0x17f0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
15:47:27.0670 0x17f0 WfpLwf - ok
15:47:27.0685 0x17f0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
15:47:27.0718 0x17f0 WIMMount - ok
15:47:27.0735 0x17f0 WinDefend - ok
15:47:27.0740 0x17f0 WinHttpAutoProxySvc - ok
15:47:27.0815 0x17f0 [ FEF576B25641012FA927B0A2703C51F9, 0A899C4631761944705CF6F12FC2860CAD2025572A5AEE355D4322B99AEFBCD4 ] winioex C:\windows\system32\drivers\winioex.sys
15:47:27.0890 0x17f0 winioex - ok
15:47:28.0050 0x17f0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
15:47:28.0190 0x17f0 Winmgmt - ok
15:47:28.0473 0x17f0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
15:47:28.0583 0x17f0 WinRM - ok
15:47:28.0655 0x17f0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\drivers\WinUsb.sys
15:47:28.0725 0x17f0 WinUsb - ok
15:47:28.0883 0x17f0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
15:47:28.0970 0x17f0 Wlansvc - ok
15:47:29.0035 0x17f0 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:47:29.0100 0x17f0 wlcrasvc - ok
15:47:29.0423 0x17f0 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:47:29.0518 0x17f0 wlidsvc - ok
15:47:29.0563 0x17f0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
15:47:29.0653 0x17f0 WmiAcpi - ok
15:47:29.0730 0x17f0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
15:47:29.0798 0x17f0 wmiApSrv - ok
15:47:29.0818 0x17f0 WMPNetworkSvc - ok
15:47:29.0870 0x17f0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
15:47:29.0948 0x17f0 WPCSvc - ok
15:47:29.0970 0x17f0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
15:47:30.0028 0x17f0 WPDBusEnum - ok
15:47:30.0063 0x17f0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
15:47:30.0178 0x17f0 ws2ifsl - ok
15:47:30.0200 0x17f0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
15:47:30.0265 0x17f0 wscsvc - ok
15:47:30.0323 0x17f0 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
15:47:30.0410 0x17f0 WSDPrintDevice - ok
15:47:30.0413 0x17f0 WSearch - ok
15:47:30.0470 0x17f0 [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
15:47:30.0538 0x17f0 wsvd - ok
15:47:30.0773 0x17f0 [ 39D604E190DFE2E483B637D6796ABAFF, 52DCCEA0DB59F00C615D94CC2B70FC1C335E553E8FC79AAC8C8C7D9EE1F6111D ] wuauserv C:\windows\system32\wuaueng.dll
15:47:30.0883 0x17f0 wuauserv - ok
15:47:30.0908 0x17f0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
15:47:30.0975 0x17f0 WudfPf - ok
15:47:31.0020 0x17f0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\drivers\WUDFRd.sys
15:47:31.0063 0x17f0 WUDFRd - ok
15:47:31.0090 0x17f0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
15:47:31.0133 0x17f0 wudfsvc - ok
15:47:31.0173 0x17f0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
15:47:31.0218 0x17f0 WwanSvc - ok
15:47:31.0285 0x17f0 ================ Scan global ===============================
15:47:31.0330 0x17f0 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
15:47:31.0385 0x17f0 [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\windows\system32\winsrv.dll
15:47:31.0428 0x17f0 [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\windows\system32\winsrv.dll
15:47:31.0503 0x17f0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
15:47:31.0570 0x17f0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
15:47:31.0595 0x17f0 [ Global ] - ok
15:47:31.0595 0x17f0 ================ Scan MBR ==================================
15:47:31.0618 0x17f0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:47:33.0868 0x17f0 \Device\Harddisk0\DR0 - ok
15:47:33.0868 0x17f0 ================ Scan VBR ==================================
15:47:33.0878 0x17f0 [ 35F722069D50A2C1910D73209916E89E ] \Device\Harddisk0\DR0\Partition1
15:47:33.0891 0x17f0 \Device\Harddisk0\DR0\Partition1 - ok
15:47:33.0903 0x17f0 [ D27DC3310CF8EBFB366A4AC8DD9FF5A1 ] \Device\Harddisk0\DR0\Partition2
15:47:33.0911 0x17f0 \Device\Harddisk0\DR0\Partition2 - ok
15:47:33.0941 0x17f0 [ 44D241C71A9E316228DFD678EC2FFE3B ] \Device\Harddisk0\DR0\Partition3
15:47:33.0953 0x17f0 \Device\Harddisk0\DR0\Partition3 - ok
15:47:33.0953 0x17f0 ================ Scan generic autorun ======================
15:47:33.0998 0x17f0 [ 364EE28F279BDB459149052E0CD8CAE7, 31637F02F472C704F0C9D15760453F2B17FE66E4995E52865FA1DDDDB4CB13DA ] C:\windows\system32\igfxtray.exe
15:47:34.0066 0x17f0 IgfxTray - ok
15:47:34.0136 0x17f0 [ A09D2FD3420339CE532D7F671163FB50, F6D9C174EC335F024755E6361BC8072D733D18F70689E761C4B5360DB1D01223 ] C:\windows\system32\hkcmd.exe
15:47:34.0208 0x17f0 HotKeysCmds - ok
15:47:34.0261 0x17f0 [ 1387EB032E1A67C5FAC3AFEA9F4A3C9E, 02F74BF10796CC02E4E458AF4C594C33EFF07585B7A3E6B9537A214E419B24A8 ] C:\windows\system32\igfxpers.exe
15:47:34.0303 0x17f0 Persistence - ok
15:47:35.0229 0x17f0 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:47:35.0609 0x17f0 RtHDVCpl - ok
15:47:35.0829 0x17f0 [ 6A94CD69E9C2BD1864096AB0B16660E6, E22F3C432F104AD25512D1F97526D772D50BE0FC7910FFF12335F4ECC0EEE184 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
15:47:35.0909 0x17f0 IntelPAN - ok
15:47:35.0912 0x17f0 SynTPEnh - ok
15:47:36.0137 0x17f0 [ 7F29CEE9BCDE3210DB0FDD6E1B1076A9, 8D72B91CB329D24EDFA74DA3E628E5E13F91B678EF6C33F6C144F4C92C82AE3F ] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
15:47:36.0202 0x17f0 OnekeyStudio - ok
15:47:36.0262 0x17f0 [ 3F35AC7163E403C1FA8D34EB2FF36302, 47AE59E315A2BAE7003A18BFDC3859EFBED511822F4BA5F2E02C6D2464A019C1 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
15:47:36.0297 0x17f0 Lenovo EE Boot Optimizer - ok
15:47:37.0012 0x17f0 [ 5464183DE5B496390DE92C1D92009FB1, 50A10707461D2BF5067CCE9E0AED2F34F7A96B4AD1CFA25CA1B19A9C7CA2ECB6 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
15:47:37.0292 0x17f0 Energy Management - ok
15:47:37.0742 0x17f0 [ F43AB67D41349AD8BB1FE045C5C49832, E79C50F6EA022AA41A502D780CB72232AC094FD008C31EDC51A1F58EF00B1F08 ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
15:47:37.0924 0x17f0 EnergyUtility - ok
15:47:37.0994 0x17f0 [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
15:47:38.0027 0x17f0 iTunesHelper - ok
15:47:39.0727 0x17f0 [ B0DF75884AD90F8DDEA3B5A59CB303C5, 711C288F4345B8F3E00782F5AEC6C639374A742C118CB5CF4AA27B578808FB4F ] C:\Program Files\CE\CovenantEyes.exe
15:47:40.0079 0x17f0 Covenant Eyes - ok
15:47:40.0202 0x17f0 [ 41D1214B86A06FD29423A797EBDA17E4, ABC79107DDD5890C54B844CD5C69747121083DA69A77C02068D2B9C349FB1614 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
15:47:40.0272 0x17f0 IAStorIcon - ok
15:47:40.0354 0x17f0 [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
15:47:40.0424 0x17f0 NUSB3MON - ok
15:47:40.0504 0x17f0 [ B00F98FF6FE8682FF941BEB2559BF191, EB443E294C5609F426BF6EE388F3A4B71EFE2C6A8216C0F6DE7AE6DB382BF620 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
15:47:40.0559 0x17f0 YouCam Mirage - ok
15:47:40.0589 0x17f0 [ 7CD9BF0A5F47F9584E59BDF674FD1C5D, 821F2A5380B1E64B0629D67259BA92A923D5D405526CB6C44BC422294C031C1F ] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe
15:47:40.0612 0x17f0 YouCam Tray - detected UnsignedFile.Multi.Generic ( 1 )
15:47:43.0948 0x17f0 Detect skipped due to KSN trusted
15:47:43.0948 0x17f0 YouCam Tray - ok
15:47:44.0100 0x17f0 [ 14C9432B5D0C82296A768C9F04FEA95B, 981FB41106CD9D94208B5307051B8CC26992A5E18C4617FFF6244C66B32E86FD ] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
15:47:44.0170 0x17f0 VeriFaceManager - ok
15:47:44.0218 0x17f0 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
15:47:44.0250 0x17f0 BCSSync - ok
15:47:44.0365 0x17f0 [ 0080EB1CDD83F14C01534B1DC754234D, D0FC9B95A12D0C92730F8031B3DB287D1309008CF15EA0C02FC14B56FAE8C320 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:47:44.0398 0x17f0 APSDaemon - ok
15:47:44.0575 0x17f0 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:47:44.0633 0x17f0 Adobe ARM - ok
15:47:45.0075 0x17f0 [ F66203AF9C159E2CBD54DF981654F499, C28A7E3D4BB50F14D40C3AE9D1267D11015381A9615663BAAAB6C0084A72E607 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:47:45.0275 0x17f0 AvastUI.exe - ok
15:47:45.0520 0x17f0 [ 42E4E281D9646F15E5C4D0CFD61CE684, 0F0ED72CA029C7B0F50DE507FD2EACFBCB89F2262B81A7DB0B260E34CB19BC05 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
15:47:45.0603 0x17f0 Wondershare Helper Compact.exe - ok
15:47:45.0683 0x17f0 [ 6403C8BC755EDCF90A0D1E8B20E586A3, C891801BA0E1297CCEAD46AF2E9AC4BF9CF18D7BE36F1331215C9FD997DA303C ] c:\program files (x86)\real\realplayer\Update\realsched.exe
15:47:45.0740 0x17f0 TkBellExe - ok
15:47:45.0848 0x17f0 [ 20989BBD2114539B5C21948E94F6E11E, 043557BC05A4AE274AF0D05B65F945B970E5C11A2AE8F1FDEF687596ABF3F737 ] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
15:47:45.0938 0x17f0 RealDownloader - ok
15:47:46.0033 0x17f0 [ C2CE42005E3381A95460876020518440, 562EB30DA9A1DB58DB221423177C0680E69A4C38EEE2D5FD936633B2EB8A616E ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:47:46.0075 0x17f0 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
15:47:49.0145 0x17f0 Detect skipped due to KSN trusted
15:47:49.0145 0x17f0 QuickTime Task - ok
15:47:49.0378 0x17f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:47:49.0470 0x17f0 Sidebar - ok
15:47:49.0525 0x17f0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:47:49.0638 0x17f0 mctadmin - ok
15:47:49.0778 0x17f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:47:49.0856 0x17f0 Sidebar - ok
15:47:49.0884 0x17f0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:47:49.0931 0x17f0 mctadmin - ok
15:47:50.0079 0x17f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:47:50.0184 0x17f0 Sidebar - ok
15:47:50.0186 0x17f0 FactoryTest - ok
15:47:50.0189 0x17f0 Power2GoExpress - ok
15:47:50.0206 0x17f0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:47:50.0251 0x17f0 mctadmin - ok
15:47:50.0364 0x17f0 [ 3A9FA910E679385D3F5647B9B8CF5CA2, DE321EB829E461CF91474C942FEDCC6FA0C20D9674067FE21C6F3DF438F61A4B ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
15:47:50.0426 0x17f0 OfficeSyncProcess - ok
15:47:50.0594 0x17f0 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
15:47:50.0669 0x17f0 Sidebar - ok
15:47:51.0299 0x17f0 [ B097DDC359318BD7DC1F1DC246935E04, 12364A1D47BD350217799119F39428A9F4C163AC33252264BE5D0476C8F380D7 ] C:\Users\Monica\AppData\Local\Amazon Music\Amazon Music Helper.exe
15:47:51.0481 0x17f0 Amazon Music - ok
15:47:51.0489 0x17f0 Waiting for KSN requests completion. In queue: 17
15:47:52.0489 0x17f0 Waiting for KSN requests completion. In queue: 9
15:47:53.0489 0x17f0 Waiting for KSN requests completion. In queue: 9
15:47:54.0489 0x17f0 Waiting for KSN requests completion. In queue: 9
15:47:55.0584 0x17f0 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41000 ( enabled : updated )
15:47:55.0616 0x17f0 Win FW state via NFP2: enabled ( trusted )
15:47:58.0590 0x17f0 ============================================================
15:47:58.0590 0x17f0 Scan finished
15:47:58.0590 0x17f0 ============================================================
15:47:58.0597 0x2be8 Detected object count: 0
15:47:58.0597 0x2be8 Actual detected object count: 0
viquilla
Regular Member
 
Posts: 30
Joined: February 14th, 2014, 12:26 pm

Re: Computer Running Extremely Slow

Unread postby viquilla » October 15th, 2015, 4:45 pm

OTL logfile created on: 10/15/2015 3:52:04 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Monica\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18015)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 4.89 Gb Available Physical Memory | 61.58% Memory free
15.89 Gb Paging File | 12.57 Gb Available in Paging File | 79.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421.81 Gb Total Space | 302.78 Gb Free Space | 71.78% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 26.72 Gb Free Space | 92.14% Space Free | Partition Type: NTFS

Computer Name: MONICA-PC | User Name: Monica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/09/23 22:34:44 | 000,815,944 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/09/03 21:12:17 | 006,111,824 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015/09/03 21:10:56 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015/05/07 15:12:28 | 005,886,784 | ---- | M] () -- C:\Users\Monica\AppData\Local\Amazon Music\Amazon Music Helper.exe
PRC - [2015/02/15 17:30:18 | 001,141,848 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2015/02/15 17:29:59 | 000,296,520 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2014/10/30 06:41:44 | 000,031,856 | ---- | M] () -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2014/10/29 20:06:54 | 000,560,192 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
PRC - [2014/10/26 23:59:24 | 000,039,568 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2014/06/25 10:14:08 | 002,020,192 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
PRC - [2014/02/17 17:49:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Monica\Desktop\OTL.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/24 04:40:14 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
PRC - [2011/11/24 04:39:51 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
PRC - [2011/05/10 00:00:20 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/01/28 19:29:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
PRC - [2011/01/12 14:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/01/12 14:00:38 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/12/20 22:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 22:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/11/16 21:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe


========== Modules (No Company Name) ==========

MOD - [2015/10/10 11:52:16 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\af660cfe9dfa04e11d4844b7bc4b08e1\IAStorUtil.ni.dll
MOD - [2015/10/10 11:48:20 | 011,923,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\38234ab6b7aa0762a54e27862d8bbdfe\System.Web.ni.dll
MOD - [2015/10/10 11:47:53 | 012,438,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09e9b52418dba5729ace249cf0487675\System.Windows.Forms.ni.dll
MOD - [2015/10/10 11:47:46 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\82ecf48db57ddf66f74fca17b0f99453\System.Drawing.ni.dll
MOD - [2015/10/10 11:47:31 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\a6265e4a24c4f8361d84fc84f10e9736\WindowsBase.ni.dll
MOD - [2015/09/23 22:34:41 | 001,501,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
MOD - [2015/09/23 22:34:40 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
MOD - [2015/09/03 21:10:59 | 000,102,864 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/09/03 21:10:56 | 000,123,976 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015/07/21 14:19:36 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/05/26 18:36:38 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll
MOD - [2015/05/26 18:36:05 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2015/05/07 15:12:28 | 005,886,784 | ---- | M] () -- C:\Users\Monica\AppData\Local\Amazon Music\Amazon Music Helper.exe
MOD - [2014/10/29 20:07:02 | 000,065,600 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
MOD - [2014/10/29 20:06:54 | 000,560,192 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MOD - [2014/10/29 20:01:58 | 001,382,048 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
MOD - [2014/10/22 20:53:27 | 005,467,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/22 20:53:07 | 007,991,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/14 14:13:20 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e8d9058b7f59f6d3d134b086916d8674\IAStorCommon.ni.dll
MOD - [2014/09/14 13:47:17 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/06/25 10:13:48 | 001,457,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
MOD - [2014/05/19 17:19:02 | 000,137,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
MOD - [2011/11/24 04:40:14 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
MOD - [2011/11/24 04:39:51 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
MOD - [2011/02/16 13:53:14 | 000,133,024 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
MOD - [2011/02/16 13:51:10 | 000,161,696 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2015/10/09 12:16:46 | 006,181,880 | ---- | M] () [Auto | Running] -- C:\Program Files\CE\CovenantEyesCommService.exe -- (CovenantEyesCommService)
SRV:64bit: - [2015/10/09 12:16:40 | 003,587,064 | ---- | M] () [Auto | Running] -- C:\Program Files\CE\authServer.exe -- (Auth Service)
SRV:64bit: - [2015/10/09 12:03:50 | 007,006,200 | ---- | M] (CovenantEyes) [Auto | Running] -- C:\Program Files\CE\CovenantEyesProxy.exe -- (CovenantEyesProxy)
SRV:64bit: - [2015/09/03 21:10:56 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2015/08/15 02:04:47 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/22 20:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/12/23 13:26:24 | 000,289,496 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/05/12 12:01:46 | 000,970,016 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011/05/02 10:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/05/02 10:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/05/02 10:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/09/22 14:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2015/10/14 16:11:27 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/09/29 21:31:01 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/08/05 17:44:46 | 002,909,472 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2015/02/15 17:30:18 | 001,141,848 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Cloud Service)
SRV - [2014/10/30 06:41:44 | 000,031,856 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2014/10/26 23:59:24 | 000,039,568 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/05/10 00:00:20 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/01/12 14:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/20 22:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 22:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2015/10/09 12:03:50 | 000,045,048 | ---- | M] () [Kernel | System | Running] -- C:\windows\SysNative\Drivers\cewd64r.sys -- (cewd64r)
DRV:64bit: - [2015/10/09 12:03:50 | 000,034,296 | ---- | M] () [File_System | System | Running] -- C:\windows\SysNative\Drivers\cewd64f.sys -- (cewd64f)
DRV:64bit: - [2015/09/03 21:12:16 | 001,048,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2015/09/03 21:11:22 | 000,150,672 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015/09/03 21:11:21 | 000,447,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2015/09/03 21:11:21 | 000,274,808 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015/09/03 21:11:21 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015/09/03 21:11:21 | 000,090,968 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015/09/03 21:11:21 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015/09/03 21:11:21 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015/06/10 23:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013/12/26 11:11:26 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/12/26 11:11:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/12/26 11:11:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/12/23 13:27:11 | 011,530,992 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw00.sys -- (NETwNs64)
DRV:64bit: - [2013/12/23 13:26:11 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013/12/23 13:26:05 | 000,458,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2013/12/23 13:25:48 | 000,032,496 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/04/24 15:28:08 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/04/24 15:18:34 | 000,046,792 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2012/09/10 10:41:06 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/24 04:48:17 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2011/11/24 04:48:15 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011/11/24 04:46:14 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2011/11/24 04:46:14 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2011/11/24 04:37:51 | 000,020,064 | ---- | M] (Ensurebit Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\delayman.sys -- (DelayMan)
DRV:64bit: - [2011/11/24 04:37:51 | 000,015,456 | ---- | M] (Ensurebit Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\winioex.sys -- (winioex)
DRV:64bit: - [2011/11/23 19:38:58 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/11/23 19:38:58 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/05/12 20:01:36 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011/05/12 20:01:34 | 000,437,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011/05/12 20:01:24 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/05/12 20:01:24 | 000,150,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/05/12 20:01:24 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/05/12 20:01:24 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/05/10 00:00:18 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/03/25 21:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/21 01:42:52 | 001,413,168 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/01/28 19:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011/01/12 13:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/12 23:31:00 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/12/01 01:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/18 22:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/11/18 22:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/10/15 04:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/08/27 13:43:14 | 000,032,088 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcam_lo.sys -- (JmUsbVideo2)
DRV:64bit: - [2010/08/27 10:01:48 | 000,057,816 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcam.sys -- (JmUsbVideo)
DRV:64bit: - [2010/07/21 06:28:50 | 000,017,880 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmccgp.sys -- (JmUsbCcgp)
DRV:64bit: - [2009/07/21 10:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 16:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{43682B77-B546-4606-A6AD-D81710E1AB36}: "URL" = https://search.perk.com/perk/mystart?pid=OC2&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lenovo.com
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1000\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultenginename.US: "Google"
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: YoutubeDownloader%40PeterOlayev.com:2.4.0.1-signed
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:41.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.15: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/09/03 21:10:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015/02/15 17:32:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{338950EA-82DB-44C1-930D-0C28E023C9F0}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2015/02/15 17:32:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\firefox-integrated-extension@covenanteyes.com: C:\Program Files\CE\extensions\firefox\firefox-integrated-extension@covenanteyes.com [2015/10/14 15:40:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/05/16 11:12:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monica\AppData\Roaming\Mozilla\Extensions
[2015/10/09 19:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\4dtcn94z.default-1388114075720\extensions
[2015/06/01 07:05:50 | 000,085,480 | ---- | M] () (No name found) -- C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\4dtcn94z.default-1388114075720\extensions\YoutubeDownloader@PeterOlayev.com.xpi
[2015/10/04 14:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/10/04 14:07:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\3.6.2_0\
CHR - Extension: No name found = C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfegkegffcbgpfmemahhkgnbkocmbain\0.9.0_0\
CHR - Extension: No name found = C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\damemajnpodbdjndboidpmfpjlabocje\1_0\
CHR - Extension: No name found = C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\

O1 HOSTS File: ([2013/12/27 11:28:45 | 000,000,860 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Covenant Eyes for Internet Explorer) - {927BD2E1-2287-49D2-AE71-95F492CE662E} - C:\Program Files\CE\extensions\ie\x64\IEExtension.dll (Covenant Eyes)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Covenant Eyes] C:\Program Files\CE\CovenantEyes.exe ()
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe ()
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2531379503-988523322-4115453658-1000..\Run: [FactoryTest] C:\Windows\Test.bat File not found
O4 - HKU\S-1-5-21-2531379503-988523322-4115453658-1000..\Run: [Power2GoExpress] NA File not found
O4 - HKU\S-1-5-21-2531379503-988523322-4115453658-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2531379503-988523322-4115453658-1001..\Run: [Amazon Music] C:\Users\Monica\AppData\Local\Amazon Music\Amazon Music Helper.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2531379503-988523322-4115453658-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-2531379503-988523322-4115453658-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\windows\SysNative\CovenantEyesProxy64.dll (CovenantEyes)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\windows\SysNative\CovenantEyesProxy64.dll (CovenantEyes)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\windows\SysNative\CovenantEyesProxy64.dll (CovenantEyes)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\windows\SysNative\CovenantEyesProxy64.dll (CovenantEyes)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\windows\SysNative\CovenantEyesProxy64.dll (CovenantEyes)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\windows\SysWow64\CovenantEyesProxy.dll (CovenantEyes)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\windows\SysWow64\CovenantEyesProxy.dll (CovenantEyes)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\windows\SysWow64\CovenantEyesProxy.dll (CovenantEyes)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\windows\SysWow64\CovenantEyesProxy.dll (CovenantEyes)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\windows\SysWow64\CovenantEyesProxy.dll (CovenantEyes)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA8FC342-5BF6-4F0C-84CE-DAE5C65D3945}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA8FC342-5BF6-4F0C-84CE-DAE5C65D3945}: NameServer = 127.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF17B9DC-0903-4D46-AB99-6B63A9FB1143}: DhcpNameServer = 172.26.38.1 172.26.38.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/12/27 14:33:35 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{c53363ed-65e8-11e3-8ddf-9439e5958070}\Shell - "" = AutoRun
O33 - MountPoints2\{c53363ed-65e8-11e3-8ddf-9439e5958070}\Shell\AutoRun\command - "" = E:\windows\AutoRun.exe {430A8AE3-8898-4DAB-8C5B-5E8ADA7D571E} 3.0.0.02 VID_19D2&PID_0358 {9B00E99F-83A4-40d4-B987-7EB04F722BB7}
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2531379503-988523322-4115453658-1001\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015/10/15 15:28:18 | 000,000,000 | ---D | C] -- C:\Users\Monica\Desktop\Church
[2015/10/15 15:16:13 | 000,000,000 | ---D | C] -- C:\Users\Monica\AppData\Roaming\ProductData
[2015/10/14 16:11:22 | 008,776,392 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2015/10/14 15:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2015/10/14 15:40:16 | 000,348,664 | ---- | C] (CovenantEyes) -- C:\windows\SysWow64\CovenantEyesProxy.dll
[2015/10/14 15:40:15 | 000,428,536 | ---- | C] (CovenantEyes) -- C:\windows\SysNative\CovenantEyesProxy64.dll
[2015/10/14 15:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covenant Eyes
[2015/10/14 15:40:09 | 000,000,000 | ---D | C] -- C:\Program Files\CE
[2015/10/14 15:39:53 | 000,000,000 | ---D | C] -- C:\ProgramData\CovenantEyes
[2015/10/09 19:43:12 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/10/09 19:43:12 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/10/09 19:31:14 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2015/10/09 19:31:14 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2015/10/09 19:31:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2015/10/09 19:31:14 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2015/10/09 19:31:14 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2015/10/09 19:31:13 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2015/10/09 19:31:13 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2015/10/09 19:31:13 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2015/10/09 19:31:13 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/10/09 19:31:13 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2015/10/09 19:31:12 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2015/10/09 19:31:12 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2015/10/09 19:31:12 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2015/10/09 19:31:10 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2015/10/09 19:31:10 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2015/10/09 19:31:10 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2015/10/09 19:31:10 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2015/10/09 19:31:10 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2015/10/09 19:31:10 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2015/10/09 19:31:10 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2015/10/09 19:31:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2015/10/09 19:31:09 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2015/10/09 19:31:09 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2015/10/09 19:31:08 | 002,126,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2015/10/09 19:31:07 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2015/10/09 19:31:07 | 000,585,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2015/10/09 19:31:07 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2015/10/09 19:31:07 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2015/10/09 19:31:06 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2015/10/09 19:31:06 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2015/10/09 19:31:06 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2015/10/09 19:31:05 | 005,923,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2015/10/09 19:31:05 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2015/10/09 19:31:05 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2015/10/09 19:31:05 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2015/10/09 19:31:05 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2015/10/09 19:31:03 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2015/10/09 19:31:03 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2015/10/09 19:31:03 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2015/10/09 19:30:33 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\InkEd.dll
[2015/10/09 19:30:33 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\InkEd.dll
[2015/10/09 19:30:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jnwmon.dll
[2015/10/09 19:29:03 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2015/10/09 19:29:02 | 001,372,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2015/10/09 19:29:02 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmapi.dll
[2015/10/09 19:28:34 | 001,390,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagtrack.dll
[2015/10/09 19:28:34 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UtcResources.dll
[2015/10/09 19:28:33 | 005,568,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2015/10/09 19:28:33 | 001,730,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2015/10/09 19:28:32 | 003,934,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2015/10/09 19:28:32 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2015/10/09 19:28:32 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll
[2015/10/09 19:28:31 | 003,989,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2015/10/09 19:28:30 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll
[2015/10/09 19:28:30 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2015/10/09 19:28:29 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2015/10/09 19:28:28 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2015/10/09 19:28:26 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2015/10/09 19:28:21 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2015/10/09 19:28:21 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2015/10/09 19:28:21 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2015/10/09 19:28:21 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2015/10/09 19:28:20 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2015/10/09 19:28:20 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2015/10/09 19:28:19 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2015/10/09 19:28:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2015/10/09 19:28:19 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2015/10/09 19:28:19 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\auditpol.exe
[2015/10/09 19:28:18 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srclient.dll
[2015/10/09 19:28:18 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\auditpol.exe
[2015/10/09 19:28:18 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptbase.dll
[2015/10/09 19:28:18 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2015/10/09 19:28:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2015/10/09 19:28:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2015/10/09 19:28:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2015/10/09 19:28:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2015/10/09 19:28:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2015/10/09 19:28:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2015/10/09 19:28:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2015/10/09 19:28:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/10/09 19:28:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/10/09 19:28:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/10/09 19:28:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/10/09 19:28:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/10/09 19:28:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/10/09 19:28:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/10/09 19:28:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/10/09 19:28:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/10/09 19:28:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/10/09 19:28:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/10/09 19:28:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/10/09 19:28:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/10/09 19:28:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/10/09 19:28:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/10/09 19:28:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/10/09 19:28:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/10/09 19:28:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/10/09 19:28:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/10/09 19:28:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/10/09 19:28:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/10/09 19:28:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/10/09 19:28:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/10/09 19:28:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/10/09 19:28:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2015/10/09 19:28:07 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/10/09 19:28:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/10/09 19:28:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/10/09 19:28:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/10/09 19:28:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/10/09 19:28:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/10/09 19:28:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/10/09 19:28:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/10/09 19:28:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/10/09 19:28:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/10/09 19:28:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/10/09 19:28:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/10/09 19:28:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/10/09 19:28:06 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
[2015/10/09 19:28:06 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
[2015/10/09 19:28:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
[2015/10/09 19:28:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
[2015/10/09 19:28:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2015/10/09 19:28:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2015/10/09 19:28:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2015/10/09 19:28:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msobjs.dll
[2015/10/09 19:28:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msobjs.dll
[2015/10/09 19:22:56 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2015/10/09 19:22:55 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2015/10/09 19:22:55 | 000,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2015/10/09 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2015/10/09 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2015/10/09 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2015/10/09 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2015/10/09 19:22:05 | 000,616,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2015/10/09 19:22:05 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidpolicyconverter.exe
[2015/10/09 19:22:04 | 000,692,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2015/10/09 19:22:04 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidapi.dll
[2015/10/09 19:22:01 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appidapi.dll
[2015/10/09 19:21:58 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidcertstorecheck.exe
[2015/10/09 19:21:56 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2015/10/09 19:17:35 | 000,372,736 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2015/10/09 19:17:35 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2015/10/09 19:17:35 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2015/10/09 19:17:35 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2015/10/09 19:17:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2015/10/09 19:17:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2015/10/09 19:17:33 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2015/10/09 19:17:32 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2015/10/09 19:15:26 | 003,165,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2015/10/09 19:15:26 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2015/10/09 19:15:26 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2015/10/09 19:15:26 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2015/10/09 19:15:26 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2015/10/09 19:15:25 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2015/10/09 19:15:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2015/10/09 19:15:25 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2015/10/09 19:15:25 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2015/10/09 19:15:25 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2015/10/09 19:15:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2015/10/09 19:15:25 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2015/10/09 19:15:25 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2015/10/09 19:15:25 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2015/10/09 19:15:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wu.upgrade.ps.dll
[2015/10/09 19:13:18 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\invagent.dll
[2015/10/09 19:13:17 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2015/10/09 19:13:17 | 000,017,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CompatTelRunner.exe
[2015/10/09 19:13:14 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
[2015/10/09 19:13:13 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acmigration.dll
[2015/10/09 19:13:12 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2015/10/09 19:13:11 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2015/10/09 19:13:07 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2015/10/04 14:16:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmmsp.dll
[2015/10/04 14:15:07 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\basesrv.dll
[2015/10/04 13:49:58 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2015/10/04 13:38:56 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2015/10/04 13:38:53 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2015/10/04 13:38:46 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\notepad.exe
[2015/10/04 13:38:45 | 005,779,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2015/10/04 13:38:44 | 004,922,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2015/10/04 13:38:43 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2015/10/04 13:38:43 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2015/10/04 13:38:43 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2015/10/04 13:38:43 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2015/10/04 13:31:07 | 000,000,000 | --SD | C] -- C:\windows\SysWow64\Microsoft
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/10/15 15:51:55 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/10/15 15:49:04 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/10/15 15:44:05 | 000,028,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/10/15 15:44:05 | 000,028,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/10/15 15:39:38 | 000,003,992 | ---- | M] () -- C:\windows\SysWow64\CovenantEyesProxyOff.ini
[2015/10/15 15:39:38 | 000,003,992 | ---- | M] () -- C:\windows\SysNative\CovenantEyesProxyOff.ini
[2015/10/15 15:39:12 | 000,209,008 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2015/10/15 15:38:24 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015/10/15 15:38:14 | 2103,332,863 | -HS- | M] () -- C:\hiberfil.sys
[2015/10/15 15:11:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015/10/14 16:11:27 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2015/10/14 16:11:27 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/10/14 16:11:22 | 008,776,392 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2015/10/12 09:07:12 | 000,782,470 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015/10/12 09:07:12 | 000,662,634 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015/10/12 09:07:12 | 000,122,470 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2015/10/12 08:58:44 | 000,000,000 | -H-- | M] () -- C:\asc_rdflag
[2015/10/10 11:43:57 | 007,220,864 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2015/10/09 12:03:50 | 000,428,536 | ---- | M] (CovenantEyes) -- C:\windows\SysNative\CovenantEyesProxy64.dll
[2015/10/09 12:03:50 | 000,348,664 | ---- | M] (CovenantEyes) -- C:\windows\SysWow64\CovenantEyesProxy.dll
[2015/10/09 12:03:50 | 000,045,048 | ---- | M] () -- C:\windows\SysNative\drivers\cewd64r.sys
[2015/10/09 12:03:50 | 000,034,296 | ---- | M] () -- C:\windows\SysNative\drivers\cewd64f.sys
[2015/10/04 14:07:50 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/10/14 15:42:47 | 000,045,048 | ---- | C] () -- C:\windows\SysNative\drivers\cewd64r.sys
[2015/10/14 15:42:33 | 000,034,296 | ---- | C] () -- C:\windows\SysNative\drivers\cewd64f.sys
[2015/10/14 15:40:12 | 000,003,992 | ---- | C] () -- C:\windows\SysWow64\CovenantEyesProxyOff.ini
[2015/10/14 15:40:12 | 000,003,992 | ---- | C] () -- C:\windows\SysNative\CovenantEyesProxyOff.ini
[2015/10/12 08:58:44 | 000,000,000 | -H-- | C] () -- C:\asc_rdflag
[2015/10/04 14:07:50 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/10/04 14:07:49 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/12/29 17:16:47 | 000,012,146 | ---- | C] () -- C:\Users\Monica\AppData\Local\recently-used.xbel
[2013/05/27 20:59:48 | 000,001,456 | ---- | C] () -- C:\Users\Monica\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/05/21 10:47:14 | 000,000,132 | ---- | C] () -- C:\Users\Monica\AppData\Roaming\Adobe PNG Format CS5 Prefs

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/07/10 13:51:25 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/10 13:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/12/26 23:35:16 | 000,000,000 | ---D | M] -- C:\Users\Monica\AppData\Roaming\AVAST Software
[2015/09/03 21:08:55 | 000,000,000 | ---D | M] -- C:\Users\Monica\AppData\Roaming\IObit
[2013/05/21 09:31:52 | 000,000,000 | ---D | M] -- C:\Users\Monica\AppData\Roaming\LPi Express HTD
[2013/05/27 20:55:01 | 000,000,000 | ---D | M] -- C:\Users\Monica\AppData\Roaming\PDF Architect
[2015/10/15 15:16:13 | 000,000,000 | ---D | M] -- C:\Users\Monica\AppData\Roaming\ProductData
[2014/08/30 12:00:28 | 000,000,000 | ---D | M] -- C:\Users\Monica\AppData\Roaming\Wondershare
[2014/04/08 09:55:51 | 000,000,000 | ---D | M] -- C:\Users\Monica\AppData\Roaming\Xerox

========== Purity Check ==========



< End of report >
viquilla
Regular Member
 
Posts: 30
Joined: February 14th, 2014, 12:26 pm

Re: Computer Running Extremely Slow

Unread postby viquilla » October 15th, 2015, 4:46 pm

OTL Extras logfile created on: 10/15/2015 3:52:04 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Monica\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18015)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 4.89 Gb Available Physical Memory | 61.58% Memory free
15.89 Gb Paging File | 12.57 Gb Available in Paging File | 79.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421.81 Gb Total Space | 302.78 Gb Free Space | 71.78% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 26.72 Gb Free Space | 92.14% Space Free | Partition Type: NTFS

Computer Name: MONICA-PC | User Name: Monica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2531379503-988523322-4115453658-1001\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06A5699C-7E15-4064-B24D-0F599B3818E9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B67C9A5-940F-49B5-B86B-28D7CF5BCFC1}" = rport=137 | protocol=17 | dir=out | app=system |
"{1327604C-6CFE-435E-BC4F-647D62DB6326}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2349254A-6280-409C-80F7-54D74D47A1D5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2F86C785-0807-43DF-B653-E7213C745188}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2FE0F430-96CE-46FC-9C54-61D974538180}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{31CDCA0A-55BC-497D-95D9-0198B5911ADD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{365FEBF5-E292-47DC-9ACB-9501BD6903BB}" = rport=139 | protocol=6 | dir=out | app=system |
"{37DF27FC-B3AF-494A-9CAA-B1E31E23A27C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3A1A754B-D742-4788-871B-6FDFC8B37BCF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3C2FDA7E-12A8-496F-9A9C-FE3EA820BA7F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{42740B7D-3465-4119-92A7-62352E030AD8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{482F6289-6416-4930-A147-5B6ABBADD5D8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5311BF61-2F7A-461B-A991-E23C27C1EF95}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{550FAD24-22D9-416F-859D-4C5F0266F82F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5A942466-41D1-4835-97DA-90CCC109D19C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6CBCA5F9-C51D-49CC-B21D-68AD38CD1B44}" = rport=445 | protocol=6 | dir=out | app=system |
"{6FCC7557-273C-4F6E-B690-2B6DCD97521A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7467D6A3-5A6E-4EFB-A839-399C61A99156}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{79682B26-85BE-4674-9367-0BE8B69F9DBF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8984649D-BC10-4D16-8B89-7A80339C6F3C}" = lport=137 | protocol=17 | dir=in | app=system |
"{950928AA-A7DF-4D31-AE56-56067546B4F9}" = lport=139 | protocol=6 | dir=in | app=system |
"{A0C1F02E-6C91-47FE-9C8C-512643E06948}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A832CE5B-A335-4D5F-8B42-B8D351B9271B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA4F5ABB-A348-4523-88D4-D7C1CD6DBD38}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BD5135BE-C5B3-444C-9CB7-C1098560672D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BE080547-646D-406B-B6A8-C8C15213089D}" = lport=445 | protocol=6 | dir=in | app=system |
"{BE3AED77-C28C-4F1E-AAC5-224B930F0A42}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{C140DB28-8BBC-42B7-ACAB-6F6CB0C72E74}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C185D10A-D641-461E-9121-DFFC2AEF392F}" = rport=138 | protocol=17 | dir=out | app=system |
"{C33D9DCB-658C-4453-A343-6A0F48483A39}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CABB9128-ADD4-4947-BC34-988E05AE2910}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D05B7344-8D25-4600-9F7F-7E2929CB9D6A}" = lport=138 | protocol=17 | dir=in | app=system |
"{D92E7D73-FD66-49AC-8D16-AB03989C24D0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{ED919081-98BF-46C0-9364-168B59171D54}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.5 |
"{F9CC9DD9-2C2F-4DF6-B9C4-B7BC5DEDB619}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04549F31-7C29-4CA3-9950-064B4C112F63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{07A1E66D-D3CF-4850-8EE0-42523CE0E718}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{14518724-6F92-45A1-B26A-6CE431A22F89}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"{16204367-CE9A-4208-B119-100ED8E589B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{17B00A5A-5634-4220-B292-3CEA067C7909}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1FBC804F-7144-4BF0-B044-F7ACE00B043F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29EF11C2-1D9C-4824-A86F-4E3F127471AF}" = protocol=6 | dir=out | app=system |
"{3331C5CF-8524-419C-8968-A3C0B9AF9666}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3524F4D1-38FB-4556-B1F4-D93F9F1C213A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{3E4A1FCE-9463-42E4-B141-AA4DEB95200F}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\rpds\bin\rpdsvc.exe |
"{4972F681-80E7-4C1E-8B5F-8A305D240345}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4DD501DD-3826-4972-8DB6-33760A74D45B}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\tictactoe.exe |
"{59918F3C-319F-4A14-9DC6-39C4B7B3F523}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{64D38528-227A-4870-833A-B1113735269D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{672429FF-3EBD-4DE7-9D95-9CB332485DC7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{7859F680-BF09-4261-B744-8621B3B8EB76}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7890AF99-2A36-4502-832A-46D19A42D0EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{84E7157E-D6CD-4A9F-B261-4E75C7282552}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{850848E3-91D0-4527-A89B-BAC8C95D5817}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{85895EC4-AD41-40BD-9D85-44659B0562CD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8C43C803-D69A-4829-AED2-03BDA4425E20}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8C6399C6-7E19-4E75-83DB-8805216A520B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E56F89C-0CF9-4455-9287-BC0713C29EBF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{9116C69A-0F86-4361-91DF-A9C10200D901}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92646B1F-EA70-43C8-90C7-73DAAA6A7FC8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9307B45B-A4FF-414B-A29D-0D698391B72C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{95C48B30-D8AD-47BC-9B8E-1226C17F10DB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9C15D445-53E5-46FC-A3D3-07CD74D650E5}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{9F841911-B69A-4768-BCBB-E03D3E8DEB8D}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\seabattle.exe |
"{A2861745-4478-4F08-8847-AB44CE7F1575}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\checkers.exe |
"{A6DDACA4-8D2F-4CB8-BAEF-1449DBDBE488}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A71AB8E3-913E-4B5C-95E1-1B3D156B1B6E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AC68771E-53A8-4AF3-849E-97112A741FF1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B7B80ACF-A468-4357-99D8-57AF8E58C85C}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{B8DD3AD4-70E3-4A2F-919E-D3A7CEB4169F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE3F4284-0E06-4054-932D-0070FCF6FF3A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C471C008-5852-4E5B-9449-B12DF16F19B4}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\backgammon.exe |
"{CB8E4EFF-A064-4644-AD11-22DE348C2E05}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\easychat.exe |
"{E7822C0C-E465-49D2-85D7-763C5EACA867}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\chess.exe |
"{EBA8CCB6-DA1F-4428-B82B-0F28128CA86C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ED82F54F-2C0D-477F-804B-FE30CE47C97C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{F8292703-1E0C-4ED9-ACC3-F751ED46171C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FEEB87DB-F056-4492-9576-EB7282C0541F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{5E8D0753-7DF8-4873-9006-E924E33B5F5A}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe |
"UDP Query User{77C60549-CFF5-4445-8497-328A3E57979F}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21E47F47-C9A7-4454-BA48-388327B0EA00}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
"{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B255D495-4734-4E9B-B4F5-96702FD4A7B9}" = Apple Application Support (64-bit)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 266.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}" = SRS Control Panel
"CCleaner" = CCleaner
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
"GIMP-2_is1" = GIMP 2.8.4
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"Lenovo R.I.C. (Robust Intelligent Companion)" = Lenovo R.I.C. (Robust Intelligent Companion)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}" = Google Drive
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AC5ED2E-2936-4B54-A429-703F9034938E}" = Covenant Eyes
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{62796191-6F12-4ABE-BA8B-B4D4A266C997}" = Video Downloader
"{627FFC10-CE0A-497F-BA2B-208CAC638010}" = QuickTime 7
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}" = RealDownloader
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7FE25256-B7C1-480D-B736-10A67A833AEA}" = Apple Application Support (32-bit)
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.08)
"{AD40A06A-77AB-4E2E-B2AA-FDE106A9977A}" = Lenovo EasyCamera
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3AE96D6-E196-45B4-AF62-2B41998B9E37}" = UpdateService
"{e6171278-8759-449d-9e0b-c1825debc2ad}" = RealDownloader
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FBEFDC9E-F8FB-4B66-A78B-09B7B380D59D}" = RealDownloader
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 19 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 19 NPAPI
"avast" = Avast Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"Driver Booster_is1" = Driver Booster
"Google Chrome" = Google Chrome
"GPL Ghostscript 9.05" = GPL Ghostscript
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Lenovo Games Console" = Lenovo Games Console
"LPi Express HTD" = LPi Express HTD 5.3
"Mozilla Firefox 41.0.1 (x86 en-US)" = Mozilla Firefox 41.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"ProInst" = Intel PROSet Wireless
"RealPlayer 17.0" = RealPlayer Cloud
"VeriFace" = VeriFace
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2531379503-988523322-4115453658-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Amazon Music" = Amazon Music

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/14/2014 11:16:39 PM | Computer Name = Monica-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9001

Error - 1/14/2014 11:16:40 PM | Computer Name = Monica-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/14/2014 11:16:40 PM | Computer Name = Monica-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10015

Error - 1/14/2014 11:16:40 PM | Computer Name = Monica-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10015

Error - 1/15/2014 9:00:02 AM | Computer Name = Monica-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/15/2014 9:00:02 AM | Computer Name = Monica-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 35012037

Error - 1/15/2014 9:00:02 AM | Computer Name = Monica-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 35012037

Error - 1/15/2014 9:00:03 AM | Computer Name = Monica-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/15/2014 9:00:03 AM | Computer Name = Monica-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 35013067

Error - 1/15/2014 9:00:03 AM | Computer Name = Monica-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 35013067

[ System Events ]
Error - 10/15/2015 3:37:36 PM | Computer Name = Monica-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Live ID Sign-in Assistant service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
10000 milliseconds: Restart the service.

Error - 10/15/2015 3:37:36 PM | Computer Name = Monica-PC | Source = Service Control Manager | ID = 7034
Description = The Intel(R) Management and Security Application User Notification
Service service terminated unexpectedly. It has done this 1 time(s).

Error - 10/15/2015 3:37:46 PM | Computer Name = Monica-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\windows\System32\IWMSSvc.dll


Error - 10/15/2015 3:37:47 PM | Computer Name = Monica-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\windows\System32\IWMSSvc.dll


Error - 10/15/2015 3:37:47 PM | Computer Name = Monica-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\windows\System32\IWMSSvc.dll


Error - 10/15/2015 3:37:47 PM | Computer Name = Monica-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\windows\System32\IWMSSvc.dll


Error - 10/15/2015 3:38:26 PM | Computer Name = Monica-PC | Source = Service Control Manager | ID = 7000
Description = The sbapifs service failed to start due to the following error: %%2

Error - 10/15/2015 3:38:36 PM | Computer Name = Monica-PC | Source = Service Control Manager | ID = 7000
Description = The VBoxAsw Support Driver service failed to start due to the following
error: %%2

Error - 10/15/2015 3:39:35 PM | Computer Name = Monica-PC | Source = DCOM | ID = 10016
Description =

Error - 10/15/2015 3:39:37 PM | Computer Name = Monica-PC | Source = WMPNetworkSvc | ID = 866300
Description =


< End of report >
viquilla
Regular Member
 
Posts: 30
Joined: February 14th, 2014, 12:26 pm

Re: Computer Running Extremely Slow

Unread postby pgmigg » October 16th, 2015, 12:11 am

Hello viquilla,

Good job! :D

I am currently reviewing your logs and will return with additional instructions. In the meantime...

Please post the answer for my last question "Do you see any changes in computer behavior?"
This question, I posted every time, is a feedback and should not be ignored when you post your replies :( - it is important for me to know that something was changed and improved or not...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Computer Running Extremely Slow

Unread postby viquilla » October 16th, 2015, 6:44 am

It is working faster now :).
viquilla
Regular Member
 
Posts: 30
Joined: February 14th, 2014, 12:26 pm

Re: Computer Running Extremely Slow

Unread postby pgmigg » October 16th, 2015, 12:04 pm

Hello viquilla,

It is working faster now :).
Very good! :D But we are not finished yet...

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :Services
    Auth Service
    CovenantEyesCommService
    CovenantEyesProxy
    
    :OTL
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{43682B77-B546-4606-A6AD-D81710E1AB36}: "URL" = https://search.perk.com/perk/mystart?pi ... OC2&q= {searchTerms}
    [2015/10/09 19:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\4dtcn94z.default-1388114075720\extensions
    [2015/06/01 07:05:50 | 000,085,480 | ---- | M] () (No name found) -- C:\User\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\4dtcn94z.default-1388114075720\extensions\YoutubeDownloader@PeterOlayev.com.xpi
    CHR - Extension: No name found = C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfegkegffcbgpfmemahhkgnbkocmbain\0.9.0_0\
    CHR - Extension: No name found = C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
    CHR - Extension: No name found = C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
    O2:64bit: - BHO: (Covenant Eyes for Internet Explorer) - {927BD2E1-2287-49D2-AE71-95F492CE662E} - C:\Program Files\CE\extensions\ie\x64\IEExtension.dll (Covenant Eyes)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [Covenant Eyes] C:\Program Files\CE\CovenantEyes.exe ()
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\windows\SysNative\CovenantEyesProxy64.dll (CovenantEyes)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\windows\SysNative\CovenantEyesProxy64.dll (CovenantEyes)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\windows\SysNative\CovenantEyesProxy64.dll (CovenantEyes)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\windows\SysNative\CovenantEyesProxy64.dll (CovenantEyes)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\windows\SysNative\CovenantEyesProxy64.dll (CovenantEyes)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\windows\SysWow64\CovenantEyesProxy.dll (CovenantEyes)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\windows\SysWow64\CovenantEyesProxy.dll (CovenantEyes)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\windows\SysWow64\CovenantEyesProxy.dll (CovenantEyes)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\windows\SysWow64\CovenantEyesProxy.dll (CovenantEyes)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\windows\SysWow64\CovenantEyesProxy.dll (CovenantEyes)
    
    :Files
    C:\Program Files\CE
    C:\ProgramData\CovenantEyes
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covenant Eyes
    C:\windows\SysWow64\CovenantEyesProxy.dll
    C:\windows\SysNative\CovenantEyesProxy64.dll
    C:\windows\SysWow64\CovenantEyesProxyOff.ini
    C:\windows\SysNative\CovenantEyesProxyOff.ini
    C:\windows\*.tmp
    ipconfig /flushdns /c
    
    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{5AC5ED2E-2936-4B54-A429-703F9034938E}" =-
    
    :Commands
    [emptyflash]
    [emptyjava]
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
  1. Please download FRST64 ... by Farbar and save it to your Desktop.
  2. Right-click FRST64.exe and select "Run as administrator..." to run it.
  3. When the tool opens click Yes to the disclaimer.
  4. Press Scan button. ... When finished a log will be created, FRST.txt.
  5. Please post the content of the FRST.txt in your next reply.
  6. The first time the tool is run, it will create another log... Addition.txt.
  7. Please post the content of the Addition.txt in your next reply.

Step 3.
I need you to run a special Search for me using FRST64 ....
  1. Right-click FRST64.exe and select "Run as administrator..." to run it.
  2. When the tool opens click Yes to the disclaimer.
  3. Copy/Paste or Type the following line into the Search: box.
    Covenant Eyes; CovenantEyes
  4. Press the Search Registry button.
  5. When finished searching a log will open on your Desktop ... Search.txt
  6. Please post it in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Contents of the FRST.txt log file
  4. Contents of the Addition.txt log file
  5. Contents of the Search.txt log file
  6. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Computer Running Extremely Slow

Unread postby viquilla » October 17th, 2015, 4:47 pm

I did the run fix with the otl and now the computer doesn't want to connect to the Internet. It says that there is a problem with the Dns
viquilla
Regular Member
 
Posts: 30
Joined: February 14th, 2014, 12:26 pm

Re: Computer Running Extremely Slow

Unread postby pgmigg » October 17th, 2015, 5:35 pm

Hello viquilla,

It says that there is a problem with the Dns
How many times you restart your computer after OTL fix?
If it was done once after OTL fix, please do it again. In any case I would like to see the OTL log after the fix!

Then,

Reset IP-Flush DNS-Renew IP
We'll release your IP address settings, flush the DNS resolver cache, then renew you IP address settings.
It will be easier and less error prone, if we create a batch file to do this - please follow these steps:
  1. Copy all text in the quote box (below) to Notepad.
    @echo off
    ipconfig /release
    ipconfig /flushdns
    ipconfig /renew
    del %0
  2. Save the Notepad file on your desktop as DNSreset.bat with save type as "All Files"
    Image
    DNSreset.bat <<------------- you should see this on your desktop.
  3. Right click on DNSreset.bat, select "Run As Administrator..." to run it.
    A black CMD window will flash, then disappear - this is normal. The batch file will be deleted when finished.
    The IP address settings should be released and renewed and the DNS cache flushed.
  4. Restart you computer and check Internet connection...

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  • If you will continue to experience problem with Internet, please post the exact error message.
    1. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  • If your problem will be resolved, please proceed to the steps 2 and 3 from my previous set of instructions (FRST).
    1. Do you have any problems executing the instructions?
    2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
    3. Contents of the FRST.txt log file
    4. Contents of the Addition.txt log file
    5. Contents of the Search.txt log file
    6. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Computer Running Extremely Slow

Unread postby viquilla » October 18th, 2015, 3:28 pm

I did the DNS reset but I still don't have internet connection on my laptop. I restarted the computer like 10 times. It connects to the network but without internet access. It says on the troubleshooting that the DNS server isn't responding. The other troubleshooting screen said that the ip Helper is not working and it couldn't resolve the problem. Here is the otl log:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Error: Unable to stop service Auth Service!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Auth Service deleted successfully.
Error: Unable to stop service CovenantEyesCommService!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CovenantEyesCommService deleted successfully.
Error: Unable to stop service CovenantEyesProxy!
Unable to delete service\driver key CovenantEyesProxy.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{43682B77-B546-4606-A6AD-D81710E1AB36}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43682B77-B546-4606-A6AD-D81710E1AB36}\ not found.
C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\4dtcn94z.default-1388114075720\extensions folder moved successfully.
File C:\User\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\4dtcn94z.default-1388114075720\extensions\YoutubeDownloader@PeterOlayev.com.xpi not found.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfegkegffcbgpfmemahhkgnbkocmbain\0.9.0_0\_metadata folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfegkegffcbgpfmemahhkgnbkocmbain\0.9.0_0\shared\tests\util folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfegkegffcbgpfmemahhkgnbkocmbain\0.9.0_0\shared\tests folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfegkegffcbgpfmemahhkgnbkocmbain\0.9.0_0\shared folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfegkegffcbgpfmemahhkgnbkocmbain\0.9.0_0 folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\_platform_specific\x86-64_ folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\_platform_specific folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\_metadata folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\audio folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0 folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_TW folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_CN folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sv folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_PT folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_BR folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419 folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_GB folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css folder moved successfully.
C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0 folder moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{927BD2E1-2287-49D2-AE71-95F492CE662E}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{927BD2E1-2287-49D2-AE71-95F492CE662E}\ deleted successfully.
C:\Program Files\CE\extensions\ie\x64\IEExtension.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Covenant Eyes deleted successfully.
File move failed. C:\Program Files\CE\CovenantEyes.exe scheduled to be moved on reboot.
64bit-Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001\ scheduled to be deleted on reboot.
File move failed. C:\Windows\SysNative\CovenantEyesProxy64.dll scheduled to be moved on reboot.
64bit-Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002\ scheduled to be deleted on reboot.
File move failed. C:\Windows\SysNative\CovenantEyesProxy64.dll scheduled to be moved on reboot.
64bit-Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003\ scheduled to be deleted on reboot.
File move failed. C:\Windows\SysNative\CovenantEyesProxy64.dll scheduled to be moved on reboot.
64bit-Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004\ scheduled to be deleted on reboot.
File move failed. C:\Windows\SysNative\CovenantEyesProxy64.dll scheduled to be moved on reboot.
64bit-Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000016\ scheduled to be deleted on reboot.
File move failed. C:\Windows\SysNative\CovenantEyesProxy64.dll scheduled to be moved on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ scheduled to be deleted on reboot.
File move failed. C:\Windows\SysWOW64\CovenantEyesProxy.dll scheduled to be moved on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ scheduled to be deleted on reboot.
File move failed. C:\Windows\SysWOW64\CovenantEyesProxy.dll scheduled to be moved on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ scheduled to be deleted on reboot.
File move failed. C:\Windows\SysWOW64\CovenantEyesProxy.dll scheduled to be moved on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ scheduled to be deleted on reboot.
File move failed. C:\Windows\SysWOW64\CovenantEyesProxy.dll scheduled to be moved on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\ scheduled to be deleted on reboot.
File move failed. C:\Windows\SysWOW64\CovenantEyesProxy.dll scheduled to be moved on reboot.
========== FILES ==========
C:\Program Files\CE\extensions\ie\x86 folder moved successfully.
C:\Program Files\CE\extensions\ie\x64 folder moved successfully.
C:\Program Files\CE\extensions\ie folder moved successfully.
C:\Program Files\CE\extensions\firefox\firefox-integrated-extension@covenanteyes.com\META-INF folder moved successfully.
C:\Program Files\CE\extensions\firefox\firefox-integrated-extension@covenanteyes.com\lib\shared-extension\tests\util folder moved successfully.
C:\Program Files\CE\extensions\firefox\firefox-integrated-extension@covenanteyes.com\lib\shared-extension\tests folder moved successfully.
C:\Program Files\CE\extensions\firefox\firefox-integrated-extension@covenanteyes.com\lib\shared-extension folder moved successfully.
C:\Program Files\CE\extensions\firefox\firefox-integrated-extension@covenanteyes.com\lib folder moved successfully.
C:\Program Files\CE\extensions\firefox\firefox-integrated-extension@covenanteyes.com\data folder moved successfully.
C:\Program Files\CE\extensions\firefox\firefox-integrated-extension@covenanteyes.com folder moved successfully.
C:\Program Files\CE\extensions\firefox folder moved successfully.
C:\Program Files\CE\extensions folder moved successfully.
Folder move failed. C:\Program Files\CE scheduled to be moved on reboot.
C:\ProgramData\CovenantEyes\WindowsClientInstaller\logs folder moved successfully.
C:\ProgramData\CovenantEyes\WindowsClientInstaller folder moved successfully.
Folder move failed. C:\ProgramData\CovenantEyes\WindowsClient\logs\filter-server scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\CovenantEyes\WindowsClient\logs\comm-service scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\CovenantEyes\WindowsClient\logs\ce scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\CovenantEyes\WindowsClient\logs\auth-server scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\CovenantEyes\WindowsClient\logs scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\CovenantEyes\WindowsClient scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\CovenantEyes scheduled to be moved on reboot.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covenant Eyes folder moved successfully.
File move failed. C:\windows\SysWow64\CovenantEyesProxy.dll scheduled to be moved on reboot.
File move failed. C:\windows\SysNative\CovenantEyesProxy64.dll scheduled to be moved on reboot.
C:\windows\SysWow64\CovenantEyesProxyOff.ini moved successfully.
C:\windows\SysNative\CovenantEyesProxyOff.ini moved successfully.
C:\windows\CD09642E061D4844BA37ED1480916404.TMP folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Monica\Desktop\cmd.bat deleted successfully.
C:\Users\Monica\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{5AC5ED2E-2936-4B54-A429-703F9034938E} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AC5ED2E-2936-4B54-A429-703F9034938E}\ not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 57472 bytes

User: Default User

User: Monica
->Flash cache emptied: 131789 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Monica

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User

User: Monica
->Temp folder emptied: 22534762 bytes
->Temporary Internet Files folder emptied: 68048383 bytes
->FireFox cache emptied: 11828857 bytes
->Google Chrome cache emptied: 67975182 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19522328 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 36410012 bytes

Total Files Cleaned = 216.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10162015_160729

Files\Folders moved on Reboot...
File move failed. C:\Program Files\CE\CovenantEyes.exe scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\CovenantEyesProxy64.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysWOW64\CovenantEyesProxy.dll scheduled to be moved on reboot.
Folder move failed. C:\Program Files\CE scheduled to be moved on reboot.
C:\ProgramData\CovenantEyes\WindowsClient\logs\filter-server folder moved successfully.
C:\ProgramData\CovenantEyes\WindowsClient\logs\comm-service folder moved successfully.
C:\ProgramData\CovenantEyes\WindowsClient\logs\ce folder moved successfully.
C:\ProgramData\CovenantEyes\WindowsClient\logs\auth-server folder moved successfully.
C:\ProgramData\CovenantEyes\WindowsClient\logs folder moved successfully.
C:\ProgramData\CovenantEyes\WindowsClient folder moved successfully.
C:\ProgramData\CovenantEyes folder moved successfully.
C:\Users\Monica\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Monica\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\windows\temp\CovenantEyesProxy.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
64bit-Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001\ scheduled to be deleted on reboot.
64bit-Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002\ scheduled to be deleted on reboot.
64bit-Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003\ scheduled to be deleted on reboot.
64bit-Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004\ scheduled to be deleted on reboot.
64bit-Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000016\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\ scheduled to be deleted on reboot.
viquilla
Regular Member
 
Posts: 30
Joined: February 14th, 2014, 12:26 pm

Re: Computer Running Extremely Slow

Unread postby pgmigg » October 19th, 2015, 11:25 am

Hello viquilla,

It says on the troubleshooting that the DNS server isn't responding.
Please don't worry - we will fix it together...

Firstly I need to know more about your network configuration.

Step 1.
Network Checking
  1. Please open the Start Menu, type cmd in the search box, right click on cmd.exe (at top), and click on "Run as administrator...". The elevated command prompt opens to C:\Windows\System32>
  2. In the elevated command prompt, type ipconfig /all >C:\Users\Public\Desktop\ipconfig.tst, then press Enter.
  3. Wait for the prompt. When the command is complete, please type exit and the elevated command prompt will be closed.
  4. Open the ipconfig.tst file on your Desktop by Notepad.
  5. Please copy and paste the contents of the ipconfig.tst file in your next reply.

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 53 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware