Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Very Slow PC

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Very Slow PC

Unread postby Gowton » December 17th, 2014, 6:50 am

Hi. My pc has been running very slow and I have been told by a professional computer repair man it's a virus or viruses. He told me he would have to wipe the hard drive and do a factory reset. Not only will I lose all my installed programmes but it will cost me £40! Surely there's another way?

Anyway, my symptoms are this... every time I boot up my pc it takes a long time to open a browser. I often find it has a message pop up saying the page has stopped responding with two buttons: cancel and wait. a lot of the time opening new web pages takes a very long time, sometimes I have to close the browser and start again for it to respond. Some of my programmes are also affected and run slow. There is a constant caching noise within my pc too.

my two DDS logs are:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496
Run by user at 10:11:35 on 2014-12-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2002.757 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.co.uk/
mWinlogon: Userinit = userinit.exe,
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [WebCamEffects] C:\Program Files (x86)\WebCamEffects\WebCamEffects.exe
uRun: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42I714180602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [Conime] C:\Windows\System32\conime.exe
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{7325DD0F-B94D-40E9-A02D-93D2EF94317B} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{7325DD0F-B94D-40E9-A02D-93D2EF94317B}\4505D2C494E4B4F5644493241313 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{7325DD0F-B94D-40E9-A02D-93D2EF94317B}\65D4731333131383D22374 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{85BB5039-C274-44F7-B928-F016C31AEA3D} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-9-23 52856]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 125584]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2014-1-20 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-9-21 351520]
S3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-9-21 4763680]
S3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\System32\drivers\NMgamingms.sys [2009-7-24 11264]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-9-23 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-9-21 1255736]
S4 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
S4 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-12-16 12:36:23 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2822DE98-EFD8-4FAE-A840-0EBCACA5F448}\offreg.dll
2014-12-16 10:40:16 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2822DE98-EFD8-4FAE-A840-0EBCACA5F448}\mpengine.dll
2014-12-16 08:15:45 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-10 18:12:51 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{90041880-2767-455E-867D-FBB7220030A5}\gapaengine.dll
2014-12-10 18:11:54 3981488 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-12-10 17:51:54 -------- d-----w- C:\Windows\System32\appraiser
2014-12-10 13:11:42 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2014-12-10 13:11:42 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2014-12-10 13:11:42 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-10 13:11:42 2048 ----a-w- C:\Windows\System32\mferror.dll
2014-12-10 13:11:41 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-10 13:11:41 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-10 13:11:41 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-10 13:11:41 206848 ----a-w- C:\Windows\System32\mfps.dll
2014-12-10 13:11:41 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-10 13:11:40 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-11-19 08:29:12 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-19 08:29:11 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-19 08:29:11 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-19 08:28:51 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-18 14:56:48 1202848 ----a-w- C:\Windows\SysWow64\FM20.DLL
.
==================== Find3M ====================
.
2014-12-10 18:12:28 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 18:12:28 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:43 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:55:16 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:23 310272 ----a-w- C:\Windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\Windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\Windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-09-29 16:22:48 122584 ----a-w- C:\Windows\System32\drivers\48230029.sys
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
.
============= FINISH: 10:13:35.84 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 21/09/2013 10:01:48
System Uptime: 17/12/2014 09:42:11 (1 hours ago)
.
Motherboard: Intel Corporation | | DQ35JO
Processor: Intel(R) Core(TM)2 Duo CPU E4700 @ 2.60GHz | J1PR | 1196/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 185.224 GiB free.
D: is CDROM ()
E: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_8086&DEV_29B4&SUBSYS_4F4A8086&REV_02\3&18D45AA6&0&18
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_8086&DEV_29B4&SUBSYS_4F4A8086&REV_02\3&18D45AA6&0&18
Service:
.
Class GUID:
Description: PCI Serial Port
Device ID: PCI\VEN_8086&DEV_29B7&SUBSYS_4F4A8086&REV_02\3&18D45AA6&0&1B
Manufacturer:
Name: PCI Serial Port
PNP Device ID: PCI\VEN_8086&DEV_29B7&SUBSYS_4F4A8086&REV_02\3&18D45AA6&0&1B
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
7-Zip 9.22beta
Adobe Digital Editions 2.0
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Photoshop Elements 7.0
Adobe Reader XI (11.0.09)
µTorrent
Bryce(R) 5
CameraHelperMsi
Curse Of Monkey Island
D3DX10
DivX Setup
erLT
Google Chrome
Google Earth
Google Update Helper
HP FWUpdateEDO2
HP Photo Creations
HP Photosmart 5520 series Basic Device Software
HP Photosmart 5520 series Help
HP Photosmart 5520 series Product Improvement Study
HP Update
HPDiagnosticAlert
IMVU Avatar Chat Software
Intel(R) Graphics Media Accelerator Driver
Junk Mail filter update
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business 2007
Microsoft Office Word MUI (English) 2007
Microsoft Rise Of Nations
Microsoft Security Client
Microsoft Security Essentials
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Monkey Island 2 LeChucks Revenge Special Edition
Movie Maker
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Nero 7 Essentials
Opera Stable 26.0.1656.32
Photo Common
Photo Gallery
Poser 6
PreReq
ScummVM 1.6.0
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition
Skype Click to Call
Skype™ 6.14
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Updater Component
WinRAR 5.11 (64-bit)
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
16/12/2014 18:22:02, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
16/12/2014 08:01:25, Error: Service Control Manager [7034] - The NMIndexingService service terminated unexpectedly. It has done this 1 time(s).
16/12/2014 08:01:19, Error: Service Control Manager [7034] - The Adobe Active File Monitor V7 service terminated unexpectedly. It has done this 1 time(s).
13/12/2014 13:00:50, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
13/12/2014 13:00:50, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
13/12/2014 13:00:47, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.
13/12/2014 12:59:47, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
13/12/2014 12:58:48, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
13/12/2014 12:58:48, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
13/12/2014 12:58:48, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
13/12/2014 12:58:47, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
13/12/2014 12:58:47, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
13/12/2014 12:58:47, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
13/12/2014 12:58:47, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
13/12/2014 12:58:47, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
13/12/2014 12:58:47, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
13/12/2014 12:58:47, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
13/12/2014 12:58:46, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).
13/12/2014 12:58:46, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
13/12/2014 12:58:46, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
13/12/2014 12:58:46, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
13/12/2014 12:36:36, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
11/12/2014 11:45:44, Error: Schannel [36888] - The following fatal alert was generated: 70. The internal error state is 105.
.
==== End Of File ===========================


Hope you can help :)
Gowton
Regular Member
 
Posts: 17
Joined: May 6th, 2012, 6:12 am
Advertisement
Register to Remove

Re: Very Slow PC

Unread postby wannabeageek » December 18th, 2014, 12:08 am

Hello Gowton, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:

    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start



P2P Advisory!
IMPORTANT There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
µTorrent

As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assistance.
If you choose NOT to remove the program(s)...indicate that in your next reply and this topic will be closed.

Otherwise, please perform the following steps:

Step 1.
Remove P2P Program(s)
  1. Click on Start > Control Panel and double click on Programs and Features.
  2. Locate the following program:
    µTorrent
  3. Click on the Change/Remove button to uninstall it.
    Carefully read any prompts...
    Some uninstallers prompt in a way to trick you into keeping the program, sometimes, preventing them from being uninstalled again!
  4. When the program(s) have been uninstalled... Close Control Panel.
By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program
itself, may be safe but the files may not... use P2P at your own risk! Keep in mind that this practice may be the source of your current malware infestation.
Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware



Step 2.
FRST - Farbar Recovery Scanner Tool for Vista-W7 Image


Please download FRST64.exe ... by Farbar. Save it to your desktop.

  1. Right click on FRST64.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it. When the tool opens click Yes to disclaimer.
  2. Press Scan button. ... A log will be created FRST.txt in the same directory the tool is run.
  3. Please copy/paste FRST.txt it to your reply.
    The first time the tool is run, it makes also another log... Addition.txt.
  4. Please copy/paste Addition.txt in your reply.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Very Slow PC

Unread postby Gowton » December 18th, 2014, 6:48 am

Hi there, thank you for assisting me :)
Following your instructions I have removed utorrent the way you indicated. I downloaded FRS and saved the logs:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by user (administrator) on USER-PC on 18-12-2014 10:30:49
Running from C:\Users\user\Downloads
Loaded Profile: user (Available profiles: user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-100026641-3184929813-4218915004-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-100026641-3184929813-4218915004-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-100026641-3184929813-4218915004-1000\...\Run: [WebCamEffects] => C:\Program Files (x86)\WebCamEffects\WebCamEffects.exe
HKU\S-1-5-21-100026641-3184929813-4218915004-1000\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-100026641-3184929813-4218915004-1000\...\MountPoints2: {ceb7f840-b7df-11e3-9a00-806e6f6e6963} - F:\curse.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-100026641-3184929813-4218915004-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
HKU\S-1-5-21-100026641-3184929813-4218915004-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-23]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Poper Blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2013-09-23]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-23]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-23]
CHR Extension: (Google News) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2014-01-26]
CHR Extension: (ZenMate) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-23]
CHR Extension: (Skype Click to Call) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-10]
CHR Extension: (Google Input Tools) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mclkkofklkfljcocdinagocijmpgbhab [2014-03-06]
CHR Extension: (Google Mail Checker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-01-26]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-09-23] (Macrovision Europe Ltd.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-30] (Duplex Secure Ltd.)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 10:30 - 2014-12-18 10:35 - 00012428 _____ () C:\Users\user\Downloads\FRST.txt
2014-12-18 10:30 - 2014-12-18 10:31 - 00000000 ____D () C:\FRST
2014-12-18 10:27 - 2014-12-18 10:29 - 02121216 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-12-17 10:13 - 2014-12-17 10:14 - 00018819 _____ () C:\Users\user\Desktop\dds.txt
2014-12-17 10:13 - 2014-12-17 10:14 - 00013460 _____ () C:\Users\user\Desktop\attach.txt
2014-12-17 10:10 - 2014-12-17 10:10 - 00688992 ____R (Swearware) C:\Users\user\Downloads\dds.scr
2014-12-15 21:06 - 2014-12-16 10:50 - 00000000 ____D () C:\Users\user\Downloads\Star Trek - Deep Space 9
2014-12-15 21:03 - 2014-12-15 21:03 - 00165148 _____ () C:\Users\user\Downloads\[kickass.filesoup.com]star.trek.deep.space.9.complete.series.448x352.torrent
2014-12-10 18:11 - 2014-12-10 18:11 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-10 17:51 - 2014-12-10 17:51 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 13:11 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 13:11 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 13:11 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 13:11 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 13:11 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 13:11 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 13:11 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 13:11 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 13:11 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 13:11 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 12:42 - 2014-12-04 02:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 12:42 - 2014-12-04 02:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 12:42 - 2014-12-04 02:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 12:42 - 2014-12-04 02:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 12:42 - 2014-12-04 02:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 12:42 - 2014-12-04 02:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 12:42 - 2014-12-04 02:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 12:42 - 2014-12-01 23:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 12:42 - 2014-11-27 01:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 12:42 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 12:42 - 2014-11-22 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 12:42 - 2014-11-22 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 12:42 - 2014-11-22 02:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 12:42 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 12:42 - 2014-11-22 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 12:42 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 12:42 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 12:42 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 12:42 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 12:42 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 12:42 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 12:42 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 12:42 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 12:42 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 12:42 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 12:42 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 12:42 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 12:42 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 12:42 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 12:42 - 2014-11-22 01:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 12:42 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 12:42 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 12:42 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 12:42 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 12:42 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 12:42 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 12:42 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 12:42 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 12:42 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 12:42 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 12:42 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 12:42 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 12:42 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 12:42 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 12:42 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 12:42 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 12:42 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 12:42 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 12:42 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 12:42 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 12:41 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 12:41 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 12:41 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 12:41 - 2014-11-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 12:41 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 12:41 - 2014-11-22 02:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 12:41 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 12:41 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 12:41 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 12:41 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 12:41 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 12:41 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 12:41 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 12:41 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 12:41 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 12:41 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 12:41 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 12:41 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 12:41 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 12:41 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 12:41 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 12:41 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 12:41 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 12:41 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 12:41 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 12:41 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 12:41 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 12:41 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 12:41 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 12:41 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 12:41 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-06 22:55 - 2014-12-06 22:55 - 00511071 _____ () C:\Users\user\Desktop\Amazon.com Willy Care Kit Automotive.html
2014-12-06 22:55 - 2014-12-06 22:55 - 00000000 ____D () C:\Users\user\Desktop\Amazon.com Willy Care Kit Automotive_files
2014-12-04 16:56 - 2014-12-04 16:57 - 18235998 _____ () C:\Users\user\Downloads\Voice 012.m4a
2014-12-03 23:37 - 2014-12-03 23:37 - 59766899 _____ () C:\Users\user\Desktop\unfinished.pmd
2014-12-03 23:37 - 2014-12-03 23:37 - 02919641 _____ () C:\Users\user\Desktop\unfinished.pz3
2014-12-03 00:49 - 2014-12-03 00:49 - 00217398 _____ () C:\Users\user\Desktop\Cute Emoticons - Facebook Symbols and Chat Emoticons.html
2014-12-03 00:49 - 2014-12-03 00:49 - 00000000 ____D () C:\Users\user\Desktop\Cute Emoticons - Facebook Symbols and Chat Emoticons_files
2014-11-28 20:54 - 2014-11-28 20:54 - 00047992 _____ () C:\Users\user\Downloads\049721794.csv
2014-11-24 18:58 - 2014-11-24 18:58 - 289074316 _____ () C:\Windows\MEMORY.DMP
2014-11-24 18:58 - 2014-11-24 18:58 - 00277232 _____ () C:\Windows\Minidump\112414-24406-01.dmp
2014-11-24 18:58 - 2014-11-24 18:58 - 00000000 ____D () C:\Windows\Minidump
2014-11-22 20:29 - 2014-11-22 20:29 - 00040105 _____ () C:\Users\user\Desktop\Six Rules Regarding Autistic Interactions.html
2014-11-19 08:29 - 2014-11-11 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 08:29 - 2014-11-11 03:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 08:29 - 2014-11-11 02:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 08:28 - 2014-11-11 02:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 10:31 - 2013-09-21 08:55 - 01747078 _____ () C:\Windows\WindowsUpdate.log
2014-12-18 10:22 - 2009-07-14 04:45 - 00023936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-18 10:22 - 2009-07-14 04:45 - 00023936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-18 10:14 - 2014-07-29 07:19 - 00017663 _____ () C:\Windows\setupact.log
2014-12-18 10:14 - 2013-09-23 12:13 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-18 10:14 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-17 23:14 - 2014-06-19 21:52 - 00000336 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-12-17 23:10 - 2013-09-23 08:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-17 23:06 - 2013-09-23 12:13 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-17 16:55 - 2014-08-03 11:11 - 00003828 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1387045483
2014-12-17 16:55 - 2013-12-14 18:24 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-16 07:37 - 2013-09-25 12:46 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-12-15 21:06 - 2014-10-24 21:19 - 00000000 ____D () C:\Users\user\Downloads\Wreck-It Ralph (2012) [1080p]
2014-12-15 21:06 - 2014-10-21 10:13 - 00000000 ____D () C:\Users\user\Downloads\Billy Idol - Kings & Queens Of The Underground (2014)
2014-12-14 18:54 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 12:58 - 2009-07-14 05:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-12 13:30 - 2013-09-23 09:48 - 00000000 ____D () C:\Users\user\Documents\Word docs
2014-12-10 18:12 - 2013-09-23 08:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 18:12 - 2013-09-23 08:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 18:12 - 2013-09-23 08:54 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 17:51 - 2014-05-06 16:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 17:51 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 17:51 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 13:21 - 2013-09-23 08:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 13:19 - 2013-09-21 10:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 13:13 - 2013-09-21 10:26 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 00:07 - 2014-07-15 12:30 - 00000000 ____D () C:\Users\user\Documents\ALG business receipts
2014-12-02 13:08 - 2009-07-14 05:13 - 00782886 _____ () C:\Windows\system32\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 10:55

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by user at 2014-12-18 10:40:28
Running from C:\Users\user\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Bryce(R) 5 (HKLM-x32\...\Bryce 5) (Version: - )
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Curse Of Monkey Island (HKLM-x32\...\bgbennyboyCMIReplacementSetup_is1) (Version: 1.0 - Quick and Easy Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
IMVU Avatar Chat Software (HKU\S-1-5-21-100026641-3184929813-4218915004-1000\...\IMVU Avatar chat client software BETA) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Rise Of Nations (HKLM-x32\...\RiseOfNations 1.0) (Version: - Microsoft)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-100026641-3184929813-4218915004-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Monkey Island 2 LeChucks Revenge Special Edition (HKLM-x32\...\Monkey Island 2 LeChucks Revenge Special Edition_is1) (Version: - )
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nero 7 Essentials (HKLM-x32\...\{8E72B982-D54F-486F-B35A-C24B6F171033}) (Version: 7.03.0581 - Nero AG)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Poser 6 (HKLM-x32\...\Poser 6) (Version: - )
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-100026641-3184929813-4218915004-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-100026641-3184929813-4218915004-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-100026641-3184929813-4218915004-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-100026641-3184929813-4218915004-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

17-12-2014 17:30:05 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2A051E71-2714-43ED-A8DD-F78932F51EA4} - System32\Tasks\{B898717A-631D-427E-BBDC-6BA37BAC95BE} => pcalua.exe -a "C:\Users\user\Documents\poser add ons\ps_bn023 - David 3 Base.exe" -d "C:\Users\user\Documents\poser add ons"
Task: {2C2548FD-A141-463E-A599-CFB3FB300A47} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-02-21] ()
Task: {35380C8F-7730-4F24-B13F-3FB2EE0D3501} - System32\Tasks\{53205C24-74C5-4810-8441-556232E8F234} => C:\Program Files (x86)\Microsoft Games\Rise of Nations\rise.exe [2003-04-18] (Big Huge Games, Inc.)
Task: {47151A1C-8C8E-4D67-9377-C882C93DE9A2} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {53DD9631-2161-4FCE-8322-A110CCEB29B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-23] (Google Inc.)
Task: {B7F69501-996E-4EC5-BC2A-35BB38216E32} - System32\Tasks\Opera scheduled Autoupdate 1387045483 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {C37FE9B1-88DE-43FB-A951-3B55850DF583} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {DF17ABE1-8BCA-4D24-B9FA-BC20C380807D} - System32\Tasks\{57391240-83D8-4B33-A929-56D5BE550CD4} => C:\Program Files (x86)\Microsoft Games\Rise of Nations\rise.exe [2003-04-18] (Big Huge Games, Inc.)
Task: {E1704DBC-6FB2-4AB9-8889-0D41CC63EE1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-23] (Google Inc.)
Task: {E51E7AE7-581A-40DE-9EAA-AD42887E5766} - System32\Tasks\{D716F460-B83A-466C-857D-CBE17EA9F926} => C:\Program Files (x86)\Microsoft Games\Rise of Nations\rise.exe [2003-04-18] (Big Huge Games, Inc.)
Task: {E5270D79-DB12-4DE6-A5FD-08CD4F229FA1} - System32\Tasks\{470C7EFE-8CF3-4DD4-AA56-1DBC2428E443} => C:\Program Files (x86)\Microsoft Games\Rise of Nations\rise.exe [2003-04-18] (Big Huge Games, Inc.)
Task: {E99138C0-D813-44C6-801F-75C35C150437} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {EAE07B4A-5CDC-41CE-B44B-4B00664A99DC} - System32\Tasks\{608211D8-535F-44C6-A287-47D47CD0F8CA} => C:\Program Files (x86)\Microsoft Games\Rise of Nations\rise.exe [2003-04-18] (Big Huge Games, Inc.)
Task: {EFF6FD44-65C8-48DF-91E8-2EC85CF7DC99} - System32\Tasks\{6C7F83B8-3785-4D4B-8C82-8E6F8D917611} => C:\Program Files (x86)\Microsoft Games\Rise of Nations\rise.exe [2003-04-18] (Big Huge Games, Inc.)
Task: {FD6DEB10-5CA1-4987-AC20-DBE5C6ACD40A} - System32\Tasks\{45D27B0C-B86B-49FD-8096-1AF494FB80E0} => pcalua.exe -a "C:\Users\user\Documents\poser add ons\v3 &amp; s3P Clothing Pack 2 - Ps Ac840.exe" -d "C:\Users\user\Documents\poser add ons"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) =============

2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2014-12-11 22:13 - 2014-12-06 01:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 22:13 - 2014-12-06 01:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 22:13 - 2014-12-06 01:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 22:13 - 2014-12-06 01:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-17 16:55 - 2014-12-17 16:54 - 00556152 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\launcher_lib.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: WMZuneComm => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: ZuneNetworkSvc => 3
MSCONFIG\Services: ZuneWlanCfgSvc => 3

========================= Accounts: ==========================

Administrator (S-1-5-21-100026641-3184929813-4218915004-500 - Administrator - Disabled)
Guest (S-1-5-21-100026641-3184929813-4218915004-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-100026641-3184929813-4218915004-1002 - Limited - Enabled)
user (S-1-5-21-100026641-3184929813-4218915004-1000 - Administrator - Enabled) => C:\Users\user

==================== Faulty Device Manager Devices =============

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/18/2014 10:16:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMIndexStoreSvr.exe, version: 2.0.16.0, time stamp: 0x46825db6
Faulting module name: NMSearchPluginSimilarImages.dll, version: 2.0.16.0, time stamp: 0x46825c19
Exception code: 0xc0000005
Fault offset: 0x00010dff
Faulting process id: 0xb68
Faulting application start time: 0xNMIndexStoreSvr.exe0
Faulting application path: NMIndexStoreSvr.exe1
Faulting module path: NMIndexStoreSvr.exe2
Report Id: NMIndexStoreSvr.exe3

Error: (12/17/2014 09:43:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMIndexStoreSvr.exe, version: 2.0.16.0, time stamp: 0x46825db6
Faulting module name: NMSearchPluginSimilarImages.dll, version: 2.0.16.0, time stamp: 0x46825c19
Exception code: 0xc0000005
Fault offset: 0x00010dff
Faulting process id: 0xb4c
Faulting application start time: 0xNMIndexStoreSvr.exe0
Faulting application path: NMIndexStoreSvr.exe1
Faulting module path: NMIndexStoreSvr.exe2
Report Id: NMIndexStoreSvr.exe3

Error: (12/16/2014 07:37:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMIndexStoreSvr.exe, version: 2.0.16.0, time stamp: 0x46825db6
Faulting module name: NMSearchPluginSimilarImages.dll, version: 2.0.16.0, time stamp: 0x46825c19
Exception code: 0xc0000005
Fault offset: 0x00010dff
Faulting process id: 0xb44
Faulting application start time: 0xNMIndexStoreSvr.exe0
Faulting application path: NMIndexStoreSvr.exe1
Faulting module path: NMIndexStoreSvr.exe2
Report Id: NMIndexStoreSvr.exe3

Error: (12/15/2014 09:27:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMIndexStoreSvr.exe, version: 2.0.16.0, time stamp: 0x46825db6
Faulting module name: NMSearchPluginSimilarImages.dll, version: 2.0.16.0, time stamp: 0x46825c19
Exception code: 0xc0000005
Fault offset: 0x00010dff
Faulting process id: 0x830
Faulting application start time: 0xNMIndexStoreSvr.exe0
Faulting application path: NMIndexStoreSvr.exe1
Faulting module path: NMIndexStoreSvr.exe2
Report Id: NMIndexStoreSvr.exe3

Error: (12/14/2014 05:22:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMIndexStoreSvr.exe, version: 2.0.16.0, time stamp: 0x46825db6
Faulting module name: NMSearchPluginSimilarImages.dll, version: 2.0.16.0, time stamp: 0x46825c19
Exception code: 0xc0000005
Fault offset: 0x00010dff
Faulting process id: 0x378
Faulting application start time: 0xNMIndexStoreSvr.exe0
Faulting application path: NMIndexStoreSvr.exe1
Faulting module path: NMIndexStoreSvr.exe2
Report Id: NMIndexStoreSvr.exe3

Error: (12/13/2014 00:32:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMIndexStoreSvr.exe, version: 2.0.16.0, time stamp: 0x46825db6
Faulting module name: NMSearchPluginSimilarImages.dll, version: 2.0.16.0, time stamp: 0x46825c19
Exception code: 0xc0000005
Fault offset: 0x00010dff
Faulting process id: 0xb84
Faulting application start time: 0xNMIndexStoreSvr.exe0
Faulting application path: NMIndexStoreSvr.exe1
Faulting module path: NMIndexStoreSvr.exe2
Report Id: NMIndexStoreSvr.exe3

Error: (12/13/2014 00:32:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1305.

Error: (12/12/2014 01:22:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMIndexStoreSvr.exe, version: 2.0.16.0, time stamp: 0x46825db6
Faulting module name: NMSearchPluginSimilarImages.dll, version: 2.0.16.0, time stamp: 0x46825c19
Exception code: 0xc0000005
Fault offset: 0x00010dff
Faulting process id: 0xbac
Faulting application start time: 0xNMIndexStoreSvr.exe0
Faulting application path: NMIndexStoreSvr.exe1
Faulting module path: NMIndexStoreSvr.exe2
Report Id: NMIndexStoreSvr.exe3

Error: (12/11/2014 02:42:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMIndexStoreSvr.exe, version: 2.0.16.0, time stamp: 0x46825db6
Faulting module name: NMSearchPluginSimilarImages.dll, version: 2.0.16.0, time stamp: 0x46825c19
Exception code: 0xc0000005
Fault offset: 0x00010dff
Faulting process id: 0xb4c
Faulting application start time: 0xNMIndexStoreSvr.exe0
Faulting application path: NMIndexStoreSvr.exe1
Faulting module path: NMIndexStoreSvr.exe2
Report Id: NMIndexStoreSvr.exe3

Error: (12/11/2014 02:00:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMIndexStoreSvr.exe, version: 2.0.16.0, time stamp: 0x46825db6
Faulting module name: NMSearchPluginSimilarImages.dll, version: 2.0.16.0, time stamp: 0x46825c19
Exception code: 0xc0000005
Fault offset: 0x00010dff
Faulting process id: 0xcdc
Faulting application start time: 0xNMIndexStoreSvr.exe0
Faulting application path: NMIndexStoreSvr.exe1
Faulting module path: NMIndexStoreSvr.exe2
Report Id: NMIndexStoreSvr.exe3


System errors:
=============
Error: (12/16/2014 06:22:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/16/2014 08:01:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NMIndexingService service terminated unexpectedly. It has done this 1 time(s).

Error: (12/16/2014 08:01:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Active File Monitor V7 service terminated unexpectedly. It has done this 1 time(s).

Error: (12/14/2014 05:24:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NMIndexingService service terminated unexpectedly. It has done this 1 time(s).

Error: (12/14/2014 05:24:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Active File Monitor V7 service terminated unexpectedly. It has done this 1 time(s).

Error: (12/14/2014 00:06:00 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/13/2014 01:00:50 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
%%1056

Error: (12/13/2014 01:00:50 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error:
%%1056

Error: (12/13/2014 01:00:47 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error:
%%1056

Error: (12/13/2014 00:59:47 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:
%%1056


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E4700 @ 2.60GHz
Percentage of memory in use: 70%
Total physical RAM: 2001.65 MB
Available physical RAM: 599.31 MB
Total Pagefile: 4003.3 MB
Available Pagefile: 2126.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:183.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2B7E7AE6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

(took forever to remove utorrent open page to download FRS which also took forever)

Hope you find the problem/s
Gowton
Regular Member
 
Posts: 17
Joined: May 6th, 2012, 6:12 am

Re: Very Slow PC

Unread postby wannabeageek » December 18th, 2014, 11:31 pm

Hello Gowton,

DESKTOP WARNING!
Please be sure to Save and then Run all your programs from your Desktop. These programs are designed to operate from the desktop.
If you have saved files to your download folder; %userprofile%\Downloads, please copy them to your desktop; %userprofile%\desktop
You can easily do this by copying the colored text and pasting into the "Search programs and files" bar and hitting enter to open the folders.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by user (administrator) on USER-PC on 18-12-2014 10:30:49
Running from C:\Users\user\Downloads



Step 1.
AdwCleaner Download and Run

Click on this link to download : ADWCleaner
Click on the Download Now button and save it to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:

Image

You will then see the screen below. Click on the Scan button (as indicated), accept any prompts that appear and allow it to run.
It may take several minutes to complete. When it is done click on the Clean button, accept any prompts that appear and allow the system to reboot.
You will then be presented with the report. Copy & Paste it into your next post.

Image

Please post the content of the C:\AdwCleaner[S?].txt logfile in your next reply.


Step 2.
Junkware Removal Tool
  • Please download and run the following program: JRT.exe and save it to your desktop.
  • Right-click JRT.exe and select " Run as administrator " to run it.
  • When the program is finished running, post the log JRT.txt in your next reply.


Step 3.
TDSSKiller

Please goto Bleepingcomputer TDSSKiller Download.
Click on the .exe version download button.
  • Move this file to your desktop from the folder that your browser saved it in. Most likely here: C:\Users\???????\Downloads or %userprofile\downloads
  • Once on your desktop, double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • A log file should be created on your C: drive named something like TDSSKiller.2.4.0.0 24.07.2010.
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT


What I need back from you:
Post each separately.
  1. Make sure you are running programs from your desktop
  2. Contents of C:\AdwCleaner[S?].txt
  3. Contents of JRT.txt
  4. Contents of C:\TDSSKiller.X.X.X.X XX.XX.XXXX
  5. Any problem executing the instructions?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Very Slow PC

Unread postby Gowton » December 19th, 2014, 7:24 am

# AdwCleaner v4.105 - Report created 19/12/2014 at 10:38:37
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : user - USER-PC
# Running from : C:\Users\user\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : c2cautoupdatesvc
[#] Service Deleted : c2cpnrsvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\uk.ask.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Google Chrome v39.0.2171.95

[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

-\\ Opera v26.0.1656.60

[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [3440 octets] - [19/12/2014 10:35:13]
AdwCleaner[S0].txt - [3601 octets] - [19/12/2014 10:38:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3661 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by user on 19/12/2014 at 10:49:45.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/12/2014 at 10:54:25.70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tried posting this with TDSSkiller but I kept getting a message telling me I was exceeding the 100000 characters. I need to make another reply for TDSSkiller report.
Gowton
Regular Member
 
Posts: 17
Joined: May 6th, 2012, 6:12 am

Re: Very Slow PC

Unread postby Gowton » December 19th, 2014, 7:25 am

Here is the TDSSkiller report:

11:03:56.0914 0x11a8 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
11:04:13.0773 0x11a8 ============================================================
11:04:13.0773 0x11a8 Current date / time: 2014/12/19 11:04:13.0773
11:04:13.0773 0x11a8 SystemInfo:
11:04:13.0773 0x11a8
11:04:13.0773 0x11a8 OS Version: 6.1.7601 ServicePack: 1.0
11:04:13.0773 0x11a8 Product type: Workstation
11:04:13.0773 0x11a8 ComputerName: USER-PC
11:04:13.0773 0x11a8 UserName: user
11:04:13.0773 0x11a8 Windows directory: C:\Windows
11:04:13.0773 0x11a8 System windows directory: C:\Windows
11:04:13.0773 0x11a8 Running under WOW64
11:04:13.0773 0x11a8 Processor architecture: Intel x64
11:04:13.0773 0x11a8 Number of processors: 2
11:04:13.0773 0x11a8 Page size: 0x1000
11:04:13.0773 0x11a8 Boot type: Normal boot
11:04:13.0773 0x11a8 ============================================================
11:04:18.0742 0x11a8 KLMD registered as C:\Windows\system32\drivers\38755042.sys
11:04:21.0320 0x11a8 System UUID: {2A09376D-04EC-5532-F973-E9D949394C5D}
11:04:23.0900 0x11a8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:04:24.0056 0x11a8 ============================================================
11:04:24.0056 0x11a8 \Device\Harddisk0\DR0:
11:04:24.0072 0x11a8 MBR partitions:
11:04:24.0072 0x11a8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:04:24.0072 0x11a8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
11:04:24.0072 0x11a8 ============================================================
11:04:24.0197 0x11a8 C: <-> \Device\Harddisk0\DR0\Partition2
11:04:24.0400 0x11a8 ============================================================
11:04:24.0400 0x11a8 Initialize success
11:04:24.0400 0x11a8 ============================================================
11:04:30.0505 0x1218 ============================================================
11:04:30.0505 0x1218 Scan started
11:04:30.0505 0x1218 Mode: Manual;
11:04:30.0505 0x1218 ============================================================
11:04:30.0505 0x1218 KSN ping started
11:04:33.0599 0x1218 KSN ping finished: true
11:04:35.0380 0x1218 ================ Scan system memory ========================
11:04:35.0380 0x1218 System memory - ok
11:04:35.0380 0x1218 ================ Scan services =============================
11:04:35.0787 0x1218 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:04:35.0833 0x1218 1394ohci - ok
11:04:36.0099 0x1218 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:04:36.0115 0x1218 ACPI - ok
11:04:36.0130 0x1218 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:04:36.0130 0x1218 AcpiPmi - ok
11:04:36.0255 0x1218 [ 3FD8DC2C9735C2AA70155102CFB93EDA, 92C066ECF295C757EB51DC42336329950A1920865051ABF47A6CFF8CC96E152E ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
11:04:36.0302 0x1218 AdobeActiveFileMonitor7.0 - ok
11:04:36.0396 0x1218 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:04:36.0630 0x1218 AdobeARMservice - ok
11:04:36.0771 0x1218 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:04:36.0802 0x1218 AdobeFlashPlayerUpdateSvc - ok
11:04:36.0927 0x1218 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:04:36.0958 0x1218 adp94xx - ok
11:04:37.0037 0x1218 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:04:37.0052 0x1218 adpahci - ok
11:04:37.0083 0x1218 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:04:37.0130 0x1218 adpu320 - ok
11:04:37.0162 0x1218 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:04:37.0162 0x1218 AeLookupSvc - ok
11:04:37.0240 0x1218 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
11:04:37.0349 0x1218 AFD - ok
11:04:37.0427 0x1218 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
11:04:37.0458 0x1218 agp440 - ok
11:04:37.0537 0x1218 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
11:04:37.0583 0x1218 ALG - ok
11:04:37.0630 0x1218 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
11:04:37.0630 0x1218 aliide - ok
11:04:37.0662 0x1218 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
11:04:37.0771 0x1218 amdide - ok
11:04:37.0818 0x1218 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:04:37.0844 0x1218 AmdK8 - ok
11:04:37.0892 0x1218 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:04:37.0892 0x1218 AmdPPM - ok
11:04:37.0955 0x1218 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:04:37.0970 0x1218 amdsata - ok
11:04:38.0033 0x1218 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:04:38.0078 0x1218 amdsbs - ok
11:04:38.0125 0x1218 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:04:38.0125 0x1218 amdxata - ok
11:04:38.0187 0x1218 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
11:04:38.0218 0x1218 AppID - ok
11:04:38.0250 0x1218 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:04:38.0265 0x1218 AppIDSvc - ok
11:04:38.0296 0x1218 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
11:04:38.0296 0x1218 Appinfo - ok
11:04:38.0359 0x1218 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:04:38.0406 0x1218 arc - ok
11:04:38.0421 0x1218 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:04:38.0421 0x1218 arcsas - ok
11:04:38.0593 0x1218 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:04:38.0718 0x1218 aspnet_state - ok
11:04:38.0734 0x1218 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:04:38.0734 0x1218 AsyncMac - ok
11:04:38.0765 0x1218 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
11:04:38.0765 0x1218 atapi - ok
11:04:38.0921 0x1218 [ 8C56E93749BA53A4B645963D3439E01E, 5B33294474756A423E850A4B29B1D071D7A3235A88BE2C96F57DA5E5D0554566 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:04:39.0187 0x1218 athr - ok
11:04:39.0234 0x1218 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:04:39.0250 0x1218 AudioEndpointBuilder - ok
11:04:39.0281 0x1218 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:04:39.0296 0x1218 AudioSrv - ok
11:04:39.0359 0x1218 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:04:39.0375 0x1218 AxInstSV - ok
11:04:39.0437 0x1218 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:04:39.0515 0x1218 b06bdrv - ok
11:04:39.0578 0x1218 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:04:39.0593 0x1218 b57nd60a - ok
11:04:39.0640 0x1218 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
11:04:39.0640 0x1218 BDESVC - ok
11:04:39.0687 0x1218 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
11:04:39.0687 0x1218 Beep - ok
11:04:39.0781 0x1218 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
11:04:39.0859 0x1218 BFE - ok
11:04:40.0062 0x1218 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
11:04:40.0234 0x1218 BITS - ok
11:04:40.0281 0x1218 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:04:40.0281 0x1218 blbdrive - ok
11:04:40.0312 0x1218 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:04:40.0312 0x1218 bowser - ok
11:04:40.0343 0x1218 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:04:40.0359 0x1218 BrFiltLo - ok
11:04:40.0390 0x1218 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:04:40.0406 0x1218 BrFiltUp - ok
11:04:40.0437 0x1218 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
11:04:40.0453 0x1218 Browser - ok
11:04:40.0484 0x1218 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:04:40.0515 0x1218 Brserid - ok
11:04:40.0531 0x1218 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:04:40.0562 0x1218 BrSerWdm - ok
11:04:40.0593 0x1218 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:04:40.0593 0x1218 BrUsbMdm - ok
11:04:40.0656 0x1218 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:04:40.0687 0x1218 BrUsbSer - ok
11:04:40.0703 0x1218 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:04:40.0750 0x1218 BTHMODEM - ok
11:04:40.0781 0x1218 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
11:04:40.0781 0x1218 bthserv - ok
11:04:40.0812 0x1218 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:04:40.0812 0x1218 cdfs - ok
11:04:40.0890 0x1218 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:04:40.0906 0x1218 cdrom - ok
11:04:40.0937 0x1218 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
11:04:40.0953 0x1218 CertPropSvc - ok
11:04:40.0984 0x1218 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:04:41.0015 0x1218 circlass - ok
11:04:41.0078 0x1218 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
11:04:41.0109 0x1218 CLFS - ok
11:04:41.0156 0x1218 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:04:41.0187 0x1218 clr_optimization_v2.0.50727_32 - ok
11:04:41.0250 0x1218 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:04:41.0265 0x1218 clr_optimization_v2.0.50727_64 - ok
11:04:41.0359 0x1218 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:04:41.0609 0x1218 clr_optimization_v4.0.30319_32 - ok
11:04:41.0609 0x1218 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:04:41.0687 0x1218 clr_optimization_v4.0.30319_64 - ok
11:04:41.0718 0x1218 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:04:41.0734 0x1218 CmBatt - ok
11:04:41.0750 0x1218 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:04:41.0781 0x1218 cmdide - ok
11:04:41.0828 0x1218 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
11:04:41.0875 0x1218 CNG - ok
11:04:41.0906 0x1218 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:04:41.0906 0x1218 Compbatt - ok
11:04:41.0953 0x1218 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:04:41.0968 0x1218 CompositeBus - ok
11:04:41.0984 0x1218 COMSysApp - ok
11:04:42.0000 0x1218 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:04:42.0015 0x1218 crcdisk - ok
11:04:42.0046 0x1218 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:04:42.0062 0x1218 CryptSvc - ok
11:04:42.0093 0x1218 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:04:42.0156 0x1218 DcomLaunch - ok
11:04:42.0171 0x1218 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
11:04:42.0203 0x1218 defragsvc - ok
11:04:42.0234 0x1218 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:04:42.0234 0x1218 DfsC - ok
11:04:42.0281 0x1218 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:04:42.0296 0x1218 Dhcp - ok
11:04:42.0328 0x1218 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
11:04:42.0328 0x1218 discache - ok
11:04:42.0375 0x1218 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:04:42.0406 0x1218 Disk - ok
11:04:42.0468 0x1218 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:04:42.0468 0x1218 Dnscache - ok
11:04:42.0531 0x1218 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
11:04:42.0546 0x1218 dot3svc - ok
11:04:42.0593 0x1218 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
11:04:42.0625 0x1218 DPS - ok
11:04:42.0656 0x1218 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:04:42.0656 0x1218 drmkaud - ok
11:04:42.0750 0x1218 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:04:42.0796 0x1218 DXGKrnl - ok
11:04:42.0828 0x1218 [ 416A2007878ED1D6FC5DDDB9E1F6DB3E, 2B8FE69BFCE48CFD25E0B9FEBA0F15EE144F3565B5D208509FCF548DD2CC4EF7 ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
11:04:42.0859 0x1218 e1express - ok
11:04:42.0906 0x1218 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
11:04:42.0921 0x1218 EapHost - ok
11:04:43.0093 0x1218 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:04:43.0265 0x1218 ebdrv - ok
11:04:43.0343 0x1218 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
11:04:43.0359 0x1218 EFS - ok
11:04:43.0453 0x1218 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:04:43.0546 0x1218 ehRecvr - ok
11:04:43.0609 0x1218 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
11:04:43.0625 0x1218 ehSched - ok
11:04:43.0671 0x1218 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:04:43.0734 0x1218 elxstor - ok
11:04:43.0765 0x1218 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:04:43.0765 0x1218 ErrDev - ok
11:04:43.0828 0x1218 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
11:04:43.0859 0x1218 EventSystem - ok
11:04:43.0875 0x1218 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
11:04:43.0890 0x1218 exfat - ok
11:04:43.0921 0x1218 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:04:43.0921 0x1218 fastfat - ok
11:04:44.0078 0x1218 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
11:04:44.0109 0x1218 Fax - ok
11:04:44.0140 0x1218 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:04:44.0156 0x1218 fdc - ok
11:04:44.0234 0x1218 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
11:04:44.0250 0x1218 fdPHost - ok
11:04:44.0281 0x1218 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
11:04:44.0281 0x1218 FDResPub - ok
11:04:44.0312 0x1218 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:04:44.0312 0x1218 FileInfo - ok
11:04:44.0328 0x1218 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:04:44.0328 0x1218 Filetrace - ok
11:04:44.0531 0x1218 [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:04:44.0593 0x1218 FLEXnet Licensing Service - ok
11:04:44.0625 0x1218 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:04:44.0640 0x1218 flpydisk - ok
11:04:44.0750 0x1218 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:04:44.0750 0x1218 FltMgr - ok
11:04:44.0968 0x1218 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
11:04:45.0015 0x1218 FontCache - ok
11:04:45.0046 0x1218 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:04:45.0078 0x1218 FontCache3.0.0.0 - ok
11:04:45.0109 0x1218 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:04:45.0140 0x1218 FsDepends - ok
11:04:45.0218 0x1218 [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
11:04:45.0250 0x1218 fssfltr - ok
11:04:45.0390 0x1218 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:04:45.0484 0x1218 fsssvc - ok
11:04:45.0562 0x1218 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:04:45.0578 0x1218 Fs_Rec - ok
11:04:45.0625 0x1218 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:04:45.0703 0x1218 fvevol - ok
11:04:45.0734 0x1218 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:04:45.0765 0x1218 gagp30kx - ok
11:04:45.0828 0x1218 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
11:04:45.0875 0x1218 gpsvc - ok
11:04:45.0937 0x1218 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:04:45.0984 0x1218 gupdate - ok
11:04:46.0000 0x1218 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:04:46.0000 0x1218 gupdatem - ok
11:04:46.0031 0x1218 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:04:46.0031 0x1218 hcw85cir - ok
11:04:46.0093 0x1218 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:04:46.0140 0x1218 HdAudAddService - ok
11:04:46.0187 0x1218 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:04:46.0203 0x1218 HDAudBus - ok
11:04:46.0281 0x1218 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:04:46.0328 0x1218 HidBatt - ok
11:04:46.0359 0x1218 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:04:46.0359 0x1218 HidBth - ok
11:04:46.0390 0x1218 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:04:46.0390 0x1218 HidIr - ok
11:04:46.0468 0x1218 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
11:04:46.0484 0x1218 hidserv - ok
11:04:46.0562 0x1218 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:04:46.0562 0x1218 HidUsb - ok
11:04:46.0609 0x1218 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:04:46.0640 0x1218 hkmsvc - ok
11:04:46.0687 0x1218 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:04:46.0734 0x1218 HomeGroupListener - ok
11:04:46.0765 0x1218 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:04:46.0765 0x1218 HomeGroupProvider - ok
11:04:46.0843 0x1218 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:04:46.0843 0x1218 HpSAMD - ok
11:04:46.0937 0x1218 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:04:47.0015 0x1218 HTTP - ok
11:04:47.0062 0x1218 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:04:47.0078 0x1218 hwpolicy - ok
11:04:47.0156 0x1218 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:04:47.0156 0x1218 i8042prt - ok
11:04:47.0218 0x1218 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:04:47.0250 0x1218 iaStorV - ok
11:04:47.0328 0x1218 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:04:47.0421 0x1218 idsvc - ok
11:04:47.0484 0x1218 IEEtwCollectorService - ok
11:04:48.0046 0x1218 [ 24CC43ECDEEFD4C19FBBEE4951B647F1, 416799965E6602F8F03E2A92E8BB42B1D5643C65EF09815FC5A56A2FA73E6773 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:04:48.0312 0x1218 igfx - ok
11:04:48.0406 0x1218 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:04:48.0406 0x1218 iirsp - ok
11:04:48.0484 0x1218 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
11:04:48.0562 0x1218 IKEEXT - ok
11:04:48.0578 0x1218 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
11:04:48.0578 0x1218 intelide - ok
11:04:48.0625 0x1218 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:04:48.0625 0x1218 intelppm - ok
11:04:48.0671 0x1218 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:04:48.0750 0x1218 IPBusEnum - ok
11:04:48.0781 0x1218 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:04:48.0781 0x1218 IpFilterDriver - ok
11:04:48.0828 0x1218 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:04:48.0859 0x1218 iphlpsvc - ok
11:04:48.0890 0x1218 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:04:48.0890 0x1218 IPMIDRV - ok
11:04:48.0906 0x1218 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:04:48.0921 0x1218 IPNAT - ok
11:04:48.0968 0x1218 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:04:48.0968 0x1218 IRENUM - ok
11:04:49.0015 0x1218 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:04:49.0078 0x1218 isapnp - ok
11:04:49.0234 0x1218 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:04:49.0250 0x1218 iScsiPrt - ok
11:04:49.0296 0x1218 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:04:49.0296 0x1218 kbdclass - ok
11:04:49.0328 0x1218 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:04:49.0328 0x1218 kbdhid - ok
11:04:49.0359 0x1218 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
11:04:49.0359 0x1218 KeyIso - ok
11:04:49.0421 0x1218 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:04:49.0437 0x1218 KSecDD - ok
11:04:49.0468 0x1218 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:04:49.0484 0x1218 KSecPkg - ok
11:04:49.0500 0x1218 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:04:49.0531 0x1218 ksthunk - ok
11:04:49.0609 0x1218 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
11:04:49.0640 0x1218 KtmRm - ok
11:04:49.0671 0x1218 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:04:49.0687 0x1218 LanmanServer - ok
11:04:49.0703 0x1218 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:04:49.0734 0x1218 LanmanWorkstation - ok
11:04:49.0765 0x1218 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:04:49.0781 0x1218 lltdio - ok
11:04:49.0828 0x1218 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:04:49.0906 0x1218 lltdsvc - ok
11:04:49.0937 0x1218 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:04:49.0937 0x1218 lmhosts - ok
11:04:49.0984 0x1218 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:04:49.0984 0x1218 LSI_FC - ok
11:04:50.0031 0x1218 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:04:50.0046 0x1218 LSI_SAS - ok
11:04:50.0062 0x1218 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:04:50.0062 0x1218 LSI_SAS2 - ok
11:04:50.0078 0x1218 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:04:50.0109 0x1218 LSI_SCSI - ok
11:04:50.0140 0x1218 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
11:04:50.0187 0x1218 luafv - ok
11:04:50.0234 0x1218 [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
11:04:50.0390 0x1218 LVRS64 - ok
11:04:50.0593 0x1218 [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
11:04:51.0000 0x1218 LVUVC64 - ok
11:04:51.0046 0x1218 MBAMSwissArmy - ok
11:04:51.0078 0x1218 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:04:51.0109 0x1218 Mcx2Svc - ok
11:04:51.0140 0x1218 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:04:51.0140 0x1218 megasas - ok
11:04:51.0187 0x1218 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:04:51.0203 0x1218 MegaSR - ok
11:04:51.0234 0x1218 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
11:04:51.0234 0x1218 MMCSS - ok
11:04:51.0265 0x1218 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
11:04:51.0281 0x1218 Modem - ok
11:04:51.0312 0x1218 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:04:51.0312 0x1218 monitor - ok
11:04:51.0328 0x1218 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:04:51.0328 0x1218 mouclass - ok
11:04:51.0359 0x1218 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:04:51.0359 0x1218 mouhid - ok
11:04:51.0390 0x1218 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:04:51.0390 0x1218 mountmgr - ok
11:04:51.0546 0x1218 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
11:04:51.0641 0x1218 MpFilter - ok
11:04:51.0688 0x1218 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
11:04:51.0704 0x1218 mpio - ok
11:04:51.0797 0x1218 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:04:51.0813 0x1218 mpsdrv - ok
11:04:51.0907 0x1218 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:04:51.0954 0x1218 MpsSvc - ok
11:04:52.0016 0x1218 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:04:52.0047 0x1218 MRxDAV - ok
11:04:52.0172 0x1218 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:04:52.0172 0x1218 mrxsmb - ok
11:04:52.0219 0x1218 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:04:52.0235 0x1218 mrxsmb10 - ok
11:04:52.0266 0x1218 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:04:52.0282 0x1218 mrxsmb20 - ok
11:04:52.0313 0x1218 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
11:04:52.0344 0x1218 msahci - ok
11:04:52.0375 0x1218 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:04:52.0391 0x1218 msdsm - ok
11:04:52.0407 0x1218 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
11:04:52.0422 0x1218 MSDTC - ok
11:04:52.0454 0x1218 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:04:52.0469 0x1218 Msfs - ok
11:04:52.0500 0x1218 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:04:52.0516 0x1218 mshidkmdf - ok
11:04:52.0547 0x1218 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:04:52.0579 0x1218 msisadrv - ok
11:04:52.0641 0x1218 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:04:52.0657 0x1218 MSiSCSI - ok
11:04:52.0672 0x1218 msiserver - ok
11:04:52.0735 0x1218 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:04:52.0735 0x1218 MSKSSRV - ok
11:04:52.0844 0x1218 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:04:52.0860 0x1218 MsMpSvc - ok
11:04:52.0891 0x1218 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:04:52.0891 0x1218 MSPCLOCK - ok
11:04:52.0938 0x1218 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:04:52.0938 0x1218 MSPQM - ok
11:04:53.0016 0x1218 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:04:53.0032 0x1218 MsRPC - ok
11:04:53.0094 0x1218 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:04:53.0094 0x1218 mssmbios - ok
11:04:53.0141 0x1218 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:04:53.0141 0x1218 MSTEE - ok
11:04:53.0188 0x1218 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:04:53.0219 0x1218 MTConfig - ok
11:04:53.0250 0x1218 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
11:04:53.0250 0x1218 Mup - ok
11:04:53.0360 0x1218 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
11:04:53.0407 0x1218 napagent - ok
11:04:53.0500 0x1218 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:04:53.0547 0x1218 NativeWifiP - ok
11:04:53.0875 0x1218 [ B498A14133BD09AD0817590ACE4470AD, 14CCC922C6596C97A5CF580209C4AFB6138A8FFD3A0E60CD506810DFCBC43A1A ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
11:04:54.0063 0x1218 NBService - ok
11:04:54.0125 0x1218 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
11:04:54.0157 0x1218 NDIS - ok
11:04:54.0204 0x1218 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:04:54.0235 0x1218 NdisCap - ok
11:04:54.0282 0x1218 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:04:54.0282 0x1218 NdisTapi - ok
11:04:54.0313 0x1218 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:04:54.0329 0x1218 Ndisuio - ok
11:04:54.0360 0x1218 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:04:54.0375 0x1218 NdisWan - ok
11:04:54.0407 0x1218 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:04:54.0422 0x1218 NDProxy - ok
11:04:54.0469 0x1218 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:04:54.0469 0x1218 NetBIOS - ok
11:04:54.0500 0x1218 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:04:54.0532 0x1218 NetBT - ok
11:04:54.0547 0x1218 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
11:04:54.0547 0x1218 Netlogon - ok
11:04:54.0594 0x1218 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
11:04:54.0610 0x1218 Netman - ok
11:04:54.0688 0x1218 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:04:54.0766 0x1218 NetMsmqActivator - ok
11:04:54.0782 0x1218 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:04:54.0782 0x1218 NetPipeActivator - ok
11:04:54.0813 0x1218 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
11:04:54.0829 0x1218 netprofm - ok
11:04:54.0875 0x1218 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:04:54.0891 0x1218 NetTcpActivator - ok
11:04:54.0907 0x1218 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:04:54.0907 0x1218 NetTcpPortSharing - ok
11:04:54.0938 0x1218 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:04:54.0938 0x1218 nfrd960 - ok
11:04:54.0985 0x1218 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:04:54.0985 0x1218 NisDrv - ok
11:04:55.0000 0x1218 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
11:04:55.0032 0x1218 NisSrv - ok
11:04:55.0047 0x1218 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:04:55.0063 0x1218 NlaSvc - ok
11:04:55.0110 0x1218 [ FBCA3FD51604147770EB4FB53D6144A8, F542A902721AD25D85B6E4CBCD034710D15D2B7508AEE501DF69E76A6234DE15 ] NMgamingmsFltr C:\Windows\system32\drivers\NMgamingms.sys
11:04:55.0110 0x1218 NMgamingmsFltr - ok
11:04:55.0172 0x1218 [ A328A46D87BB92CE4D8A4528E9D84787, D3245ED700151111592BA82FB675B284DA7FCE52B07A7F68352F64A402CAB37C ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
11:04:55.0204 0x1218 NMIndexingService - ok
11:04:55.0219 0x1218 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:04:55.0235 0x1218 Npfs - ok
11:04:55.0266 0x1218 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
11:04:55.0266 0x1218 nsi - ok
11:04:55.0297 0x1218 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:04:55.0391 0x1218 nsiproxy - ok
11:04:55.0485 0x1218 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:04:55.0594 0x1218 Ntfs - ok
11:04:55.0610 0x1218 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
11:04:55.0610 0x1218 Null - ok
11:04:55.0641 0x1218 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:04:55.0657 0x1218 nvraid - ok
11:04:55.0688 0x1218 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:04:55.0688 0x1218 nvstor - ok
11:04:55.0719 0x1218 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:04:55.0719 0x1218 nv_agp - ok
11:04:55.0829 0x1218 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:04:55.0860 0x1218 odserv - ok
11:04:55.0891 0x1218 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:04:55.0954 0x1218 ohci1394 - ok
11:04:56.0000 0x1218 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:04:56.0016 0x1218 ose - ok
11:04:56.0047 0x1218 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:04:56.0063 0x1218 p2pimsvc - ok
11:04:56.0110 0x1218 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
11:04:56.0141 0x1218 p2psvc - ok
11:04:56.0172 0x1218 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:04:56.0172 0x1218 Parport - ok
11:04:56.0188 0x1218 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:04:56.0188 0x1218 partmgr - ok
11:04:56.0235 0x1218 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
11:04:56.0235 0x1218 PcaSvc - ok
11:04:56.0266 0x1218 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
11:04:56.0297 0x1218 pci - ok
11:04:56.0313 0x1218 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
11:04:56.0313 0x1218 pciide - ok
11:04:56.0375 0x1218 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:04:56.0454 0x1218 pcmcia - ok
11:04:56.0532 0x1218 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
11:04:56.0563 0x1218 pcw - ok
11:04:56.0625 0x1218 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:04:56.0672 0x1218 PEAUTH - ok
11:04:56.0782 0x1218 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:04:56.0782 0x1218 PerfHost - ok
11:04:56.0938 0x1218 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
11:04:56.0985 0x1218 pla - ok
11:04:57.0032 0x1218 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:04:57.0110 0x1218 PlugPlay - ok
11:04:57.0141 0x1218 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:04:57.0157 0x1218 PNRPAutoReg - ok
11:04:57.0188 0x1218 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:04:57.0204 0x1218 PNRPsvc - ok
11:04:57.0250 0x1218 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:04:57.0313 0x1218 PolicyAgent - ok
11:04:57.0360 0x1218 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
11:04:57.0407 0x1218 Power - ok
11:04:57.0454 0x1218 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:04:57.0469 0x1218 PptpMiniport - ok
11:04:57.0485 0x1218 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:04:57.0485 0x1218 Processor - ok
11:04:57.0532 0x1218 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
11:04:57.0563 0x1218 ProfSvc - ok
11:04:57.0579 0x1218 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:04:57.0579 0x1218 ProtectedStorage - ok
11:04:57.0610 0x1218 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:04:57.0657 0x1218 Psched - ok
11:04:57.0688 0x1218 [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
11:04:57.0688 0x1218 PxHlpa64 - ok
11:04:57.0813 0x1218 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:04:57.0907 0x1218 ql2300 - ok
11:04:57.0938 0x1218 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:04:58.0000 0x1218 ql40xx - ok
11:04:58.0032 0x1218 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
11:04:58.0047 0x1218 QWAVE - ok
11:04:58.0063 0x1218 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:04:58.0079 0x1218 QWAVEdrv - ok
11:04:58.0094 0x1218 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:04:58.0110 0x1218 RasAcd - ok
11:04:58.0157 0x1218 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:04:58.0157 0x1218 RasAgileVpn - ok
11:04:58.0172 0x1218 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
11:04:58.0188 0x1218 RasAuto - ok
11:04:58.0219 0x1218 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:04:58.0250 0x1218 Rasl2tp - ok
11:04:58.0282 0x1218 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
11:04:58.0329 0x1218 RasMan - ok
11:04:58.0360 0x1218 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:04:58.0360 0x1218 RasPppoe - ok
11:04:58.0407 0x1218 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:04:58.0422 0x1218 RasSstp - ok
11:04:58.0469 0x1218 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:04:58.0500 0x1218 rdbss - ok
11:04:58.0532 0x1218 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:04:58.0532 0x1218 rdpbus - ok
11:04:58.0563 0x1218 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:04:58.0563 0x1218 RDPCDD - ok
11:04:58.0579 0x1218 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:04:58.0579 0x1218 RDPENCDD - ok
11:04:58.0610 0x1218 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:04:58.0610 0x1218 RDPREFMP - ok
11:04:58.0641 0x1218 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:04:58.0704 0x1218 RDPWD - ok
11:04:58.0766 0x1218 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:04:58.0782 0x1218 rdyboost - ok
11:04:58.0829 0x1218 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:04:58.0860 0x1218 RemoteAccess - ok
11:04:58.0938 0x1218 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:04:58.0969 0x1218 RemoteRegistry - ok
11:04:58.0985 0x1218 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:04:58.0985 0x1218 RpcEptMapper - ok
11:04:59.0000 0x1218 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
11:04:59.0000 0x1218 RpcLocator - ok
11:04:59.0079 0x1218 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
11:04:59.0094 0x1218 RpcSs - ok
11:04:59.0125 0x1218 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:04:59.0141 0x1218 rspndr - ok
11:04:59.0157 0x1218 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
11:04:59.0157 0x1218 SamSs - ok
11:04:59.0188 0x1218 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:04:59.0266 0x1218 sbp2port - ok
11:04:59.0297 0x1218 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:04:59.0313 0x1218 SCardSvr - ok
11:04:59.0344 0x1218 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:04:59.0422 0x1218 scfilter - ok
11:04:59.0485 0x1218 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
11:04:59.0532 0x1218 Schedule - ok
11:04:59.0625 0x1218 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:04:59.0625 0x1218 SCPolicySvc - ok
11:04:59.0672 0x1218 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:04:59.0688 0x1218 SDRSVC - ok
11:04:59.0735 0x1218 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:04:59.0735 0x1218 secdrv - ok
11:04:59.0750 0x1218 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
11:04:59.0797 0x1218 seclogon - ok
11:04:59.0829 0x1218 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
11:04:59.0844 0x1218 SENS - ok
11:04:59.0875 0x1218 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:04:59.0891 0x1218 SensrSvc - ok
11:04:59.0907 0x1218 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:04:59.0907 0x1218 Serenum - ok
11:04:59.0938 0x1218 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:04:59.0969 0x1218 Serial - ok
11:05:00.0016 0x1218 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:05:00.0047 0x1218 sermouse - ok
11:05:00.0079 0x1218 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
11:05:00.0110 0x1218 SessionEnv - ok
11:05:00.0125 0x1218 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:05:00.0141 0x1218 sffdisk - ok
11:05:00.0157 0x1218 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:05:00.0157 0x1218 sffp_mmc - ok
11:05:00.0188 0x1218 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:05:00.0204 0x1218 sffp_sd - ok
11:05:00.0235 0x1218 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:05:00.0297 0x1218 sfloppy - ok
11:05:00.0375 0x1218 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:05:00.0422 0x1218 SharedAccess - ok
11:05:00.0485 0x1218 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:05:00.0563 0x1218 ShellHWDetection - ok
11:05:00.0657 0x1218 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:05:00.0672 0x1218 SiSRaid2 - ok
11:05:00.0704 0x1218 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:05:00.0719 0x1218 SiSRaid4 - ok
11:05:00.0797 0x1218 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:05:00.0844 0x1218 SkypeUpdate - ok
11:05:00.0875 0x1218 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:05:00.0907 0x1218 Smb - ok
11:05:00.0938 0x1218 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:05:00.0938 0x1218 SNMPTRAP - ok
11:05:00.0954 0x1218 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
11:05:00.0954 0x1218 spldr - ok
11:05:01.0047 0x1218 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
11:05:01.0110 0x1218 Spooler - ok
11:05:01.0532 0x1218 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
11:05:01.0688 0x1218 sppsvc - ok
11:05:01.0797 0x1218 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:05:01.0844 0x1218 sppuinotify - ok
11:05:01.0954 0x1218 [ 74D30C2EF66C2EB19F17ED5423AA8038, F79AB2B2B60620565FB2169255F95F4B37F6113F0AF776D1BAD02681EBE0DB54 ] sptd C:\Windows\System32\Drivers\sptd.sys
11:05:03.0594 0x1218 sptd - ok
11:05:03.0657 0x1218 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:05:03.0688 0x1218 srv - ok
11:05:03.0704 0x1218 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:05:03.0735 0x1218 srv2 - ok
11:05:03.0766 0x1218 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:05:03.0829 0x1218 srvnet - ok
11:05:03.0891 0x1218 [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
11:05:03.0922 0x1218 ssadbus - ok
11:05:04.0016 0x1218 [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
11:05:04.0016 0x1218 ssadmdfl - ok
11:05:04.0047 0x1218 [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
11:05:04.0110 0x1218 ssadmdm - ok
11:05:04.0157 0x1218 [ D33D1BD3EC0E766211A234F56A12726D, 53EEAA94865554F8422D111D717B548DF553B5B8647D2A45F3718BF4AEEBEC27 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
11:05:04.0188 0x1218 ssadserd - ok
11:05:04.0250 0x1218 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:05:04.0282 0x1218 SSDPSRV - ok
11:05:04.0297 0x1218 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:05:04.0344 0x1218 SstpSvc - ok
11:05:04.0375 0x1218 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:05:04.0375 0x1218 stexstor - ok
11:05:04.0547 0x1218 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:05:04.0657 0x1218 StillCam - ok
11:05:04.0782 0x1218 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
11:05:04.0860 0x1218 stisvc - ok
11:05:04.0907 0x1218 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
11:05:04.0938 0x1218 swenum - ok
11:05:05.0047 0x1218 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
11:05:05.0125 0x1218 swprv - ok
11:05:05.0454 0x1218 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
11:05:05.0547 0x1218 SysMain - ok
11:05:05.0594 0x1218 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:05:05.0610 0x1218 TabletInputService - ok
11:05:05.0672 0x1218 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
11:05:05.0735 0x1218 TapiSrv - ok
11:05:05.0766 0x1218 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
11:05:05.0829 0x1218 TBS - ok
11:05:06.0094 0x1218 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:05:06.0204 0x1218 Tcpip - ok
11:05:06.0297 0x1218 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:05:06.0329 0x1218 TCPIP6 - ok
11:05:06.0360 0x1218 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:05:06.0360 0x1218 tcpipreg - ok
11:05:06.0391 0x1218 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:05:06.0391 0x1218 TDPIPE - ok
11:05:06.0422 0x1218 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:05:06.0422 0x1218 TDTCP - ok
11:05:06.0454 0x1218 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:05:06.0485 0x1218 tdx - ok
11:05:06.0516 0x1218 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
11:05:06.0532 0x1218 TermDD - ok
11:05:06.0579 0x1218 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
11:05:06.0641 0x1218 TermService - ok
11:05:06.0657 0x1218 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
11:05:06.0672 0x1218 Themes - ok
11:05:06.0719 0x1218 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
11:05:06.0719 0x1218 THREADORDER - ok
11:05:06.0782 0x1218 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
11:05:06.0782 0x1218 TPM - ok
11:05:06.0797 0x1218 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
11:05:06.0813 0x1218 TrkWks - ok
11:05:06.0875 0x1218 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:05:06.0875 0x1218 TrustedInstaller - ok
11:05:06.0922 0x1218 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:05:06.0938 0x1218 tssecsrv - ok
11:05:07.0000 0x1218 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:05:07.0016 0x1218 TsUsbFlt - ok
11:05:07.0079 0x1218 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:05:07.0141 0x1218 tunnel - ok
11:05:07.0172 0x1218 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:05:07.0250 0x1218 uagp35 - ok
11:05:07.0344 0x1218 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:05:07.0438 0x1218 udfs - ok
11:05:07.0500 0x1218 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:05:07.0563 0x1218 UI0Detect - ok
11:05:07.0594 0x1218 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:05:07.0641 0x1218 uliagpkx - ok
11:05:07.0735 0x1218 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:05:07.0750 0x1218 umbus - ok
11:05:07.0797 0x1218 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:05:07.0844 0x1218 UmPass - ok
11:05:07.0938 0x1218 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
11:05:07.0969 0x1218 upnphost - ok
11:05:08.0016 0x1218 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:05:08.0063 0x1218 usbaudio - ok
11:05:08.0094 0x1218 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:05:08.0125 0x1218 usbccgp - ok
11:05:08.0172 0x1218 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:05:08.0235 0x1218 usbcir - ok
11:05:08.0266 0x1218 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:05:08.0282 0x1218 usbehci - ok
11:05:08.0372 0x1218 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:05:08.0387 0x1218 usbhub - ok
11:05:08.0418 0x1218 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:05:08.0434 0x1218 usbohci - ok
11:05:08.0450 0x1218 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:05:08.0481 0x1218 usbprint - ok
11:05:08.0552 0x1218 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:05:08.0583 0x1218 usbscan - ok
11:05:08.0615 0x1218 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:05:08.0646 0x1218 USBSTOR - ok
11:05:08.0677 0x1218 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:05:08.0677 0x1218 usbuhci - ok
11:05:08.0708 0x1218 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
11:05:08.0755 0x1218 UxSms - ok
11:05:08.0771 0x1218 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
11:05:08.0771 0x1218 VaultSvc - ok
11:05:08.0787 0x1218 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:05:08.0802 0x1218 vdrvroot - ok
11:05:08.0833 0x1218 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
11:05:08.0896 0x1218 vds - ok
11:05:08.0912 0x1218 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:05:08.0927 0x1218 vga - ok
11:05:08.0943 0x1218 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:05:08.0958 0x1218 VgaSave - ok
11:05:08.0990 0x1218 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:05:09.0005 0x1218 vhdmp - ok
11:05:09.0037 0x1218 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
11:05:09.0052 0x1218 viaide - ok
11:05:09.0099 0x1218 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:05:09.0146 0x1218 volmgr - ok
11:05:09.0193 0x1218 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:05:09.0240 0x1218 volmgrx - ok
11:05:09.0271 0x1218 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:05:09.0287 0x1218 volsnap - ok
11:05:09.0349 0x1218 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:05:09.0396 0x1218 vsmraid - ok
11:05:09.0599 0x1218 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
11:05:09.0662 0x1218 VSS - ok
11:05:09.0677 0x1218 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:05:09.0724 0x1218 vwifibus - ok
11:05:09.0740 0x1218 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:05:09.0740 0x1218 vwififlt - ok
11:05:09.0771 0x1218 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
11:05:09.0818 0x1218 W32Time - ok
11:05:09.0849 0x1218 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:05:09.0849 0x1218 WacomPen - ok
11:05:09.0896 0x1218 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:05:09.0896 0x1218 WANARP - ok
11:05:09.0912 0x1218 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:05:09.0912 0x1218 Wanarpv6 - ok
11:05:09.0990 0x1218 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:05:10.0037 0x1218 WatAdminSvc - ok
11:05:10.0099 0x1218 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
11:05:10.0193 0x1218 wbengine - ok
11:05:10.0224 0x1218 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:05:10.0271 0x1218 WbioSrvc - ok
11:05:10.0333 0x1218 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:05:10.0365 0x1218 wcncsvc - ok
11:05:10.0396 0x1218 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:05:10.0443 0x1218 WcsPlugInService - ok
11:05:10.0458 0x1218 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:05:10.0458 0x1218 Wd - ok
11:05:10.0552 0x1218 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:05:10.0630 0x1218 Wdf01000 - ok
11:05:10.0662 0x1218 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:05:10.0677 0x1218 WdiServiceHost - ok
11:05:10.0677 0x1218 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:05:10.0677 0x1218 WdiSystemHost - ok
11:05:10.0708 0x1218 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
11:05:10.0740 0x1218 WebClient - ok
11:05:10.0771 0x1218 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:05:10.0787 0x1218 Wecsvc - ok
11:05:10.0802 0x1218 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:05:10.0802 0x1218 wercplsupport - ok
11:05:10.0818 0x1218 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
11:05:10.0833 0x1218 WerSvc - ok
11:05:10.0849 0x1218 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:05:10.0849 0x1218 WfpLwf - ok
11:05:10.0880 0x1218 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:05:10.0896 0x1218 WIMMount - ok
11:05:10.0943 0x1218 WinDefend - ok
11:05:10.0958 0x1218 WinHttpAutoProxySvc - ok
11:05:11.0021 0x1218 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:05:11.0052 0x1218 Winmgmt - ok
11:05:11.0302 0x1218 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
11:05:11.0474 0x1218 WinRM - ok
11:05:11.0537 0x1218 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:05:11.0537 0x1218 WinUsb - ok
11:05:11.0630 0x1218 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:05:11.0693 0x1218 Wlansvc - ok
11:05:12.0083 0x1218 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:05:12.0208 0x1218 wlidsvc - ok
11:05:12.0302 0x1218 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:05:12.0333 0x1218 WmiAcpi - ok
11:05:12.0443 0x1218 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:05:12.0537 0x1218 wmiApSrv - ok
11:05:12.0677 0x1218 WMPNetworkSvc - ok
11:05:12.0927 0x1218 [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
11:05:13.0052 0x1218 WMZuneComm - ok
11:05:13.0083 0x1218 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:05:13.0115 0x1218 WPCSvc - ok
11:05:13.0162 0x1218 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:05:13.0240 0x1218 WPDBusEnum - ok
11:05:13.0271 0x1218 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:05:13.0302 0x1218 ws2ifsl - ok
11:05:13.0365 0x1218 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
11:05:13.0396 0x1218 wscsvc - ok
11:05:13.0396 0x1218 WSearch - ok
11:05:13.0880 0x1218 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
11:05:13.0990 0x1218 wuauserv - ok
11:05:14.0052 0x1218 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:05:14.0146 0x1218 WudfPf - ok
11:05:14.0365 0x1218 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:05:14.0490 0x1218 WUDFRd - ok
11:05:14.0724 0x1218 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:05:14.0818 0x1218 wudfsvc - ok
11:05:15.0083 0x1218 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:05:15.0552 0x1218 WwanSvc - ok
11:05:18.0474 0x1218 [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
11:05:18.0944 0x1218 ZuneNetworkSvc - ok
11:05:19.0350 0x1218 [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
11:05:19.0553 0x1218 ZuneWlanCfgSvc - ok
11:05:19.0647 0x1218 ================ Scan global ===============================
11:05:19.0834 0x1218 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:05:20.0131 0x1218 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:05:20.0256 0x1218 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:05:20.0397 0x1218 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:05:20.0678 0x1218 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
11:05:20.0772 0x1218 [ Global ] - ok
11:05:20.0772 0x1218 ================ Scan MBR ==================================
11:05:20.0834 0x1218 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:05:27.0303 0x1218 \Device\Harddisk0\DR0 - ok
11:05:27.0303 0x1218 ================ Scan VBR ==================================
11:05:27.0334 0x1218 [ 6C4061D38F7D638BDE2622E9733B3874 ] \Device\Harddisk0\DR0\Partition1
11:05:27.0334 0x1218 \Device\Harddisk0\DR0\Partition1 - ok
11:05:27.0350 0x1218 [ C8CE4352275CDB5106E3EF07AF51D17D ] \Device\Harddisk0\DR0\Partition2
11:05:27.0428 0x1218 \Device\Harddisk0\DR0\Partition2 - ok
11:05:27.0428 0x1218 ================ Scan generic autorun ======================
11:05:27.0491 0x1218 [ 92FDB0658CA16974B4AE80E248A5B118, 9E0CF6A9C845C5F9E4B80B9105DBECE15ACC27984FCBFD8774C00EBE20DB652F ] C:\Windows\system32\igfxtray.exe
11:05:27.0522 0x1218 IgfxTray - ok
11:05:27.0584 0x1218 [ 23A6AE66AA4BEF792649736385BB51BA, FC85E38B2F5F52E970EAE5DAFC3B738BCC8BF596AF3766F0EDA03040664E1F08 ] C:\Windows\system32\hkcmd.exe
11:05:27.0647 0x1218 HotKeysCmds - ok
11:05:27.0709 0x1218 [ F6FA1865978214FB7FCD80149BBF1C13, 3CA24827982B521986DBE1E5600316155800C3777BAF415B978C7FE9F3AA3DD2 ] C:\Windows\system32\igfxpers.exe
11:05:27.0741 0x1218 Persistence - ok
11:05:27.0897 0x1218 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
11:05:28.0053 0x1218 MSC - ok
11:05:28.0131 0x1218 [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C, 6C6B186A2FC1DFD800041B160A7D71F5F1B3C70D62C7696B8DA89148A8D87D47 ] C:\Program Files\Zune\ZuneLauncher.exe
11:05:28.0147 0x1218 Zune Launcher - ok
11:05:28.0584 0x1218 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:05:29.0288 0x1218 Adobe ARM - ok
11:05:29.0444 0x1218 [ 112067B1E0C808FD01AB4E4E1FF32E95, 9445BC48E49BB04750869E21AA2E55F2A8D4184B936CDA5B0C82323F1DAD4731 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
11:05:29.0600 0x1218 DivXMediaServer - ok
11:05:29.0600 0x1218 Conime - ok
11:05:29.0803 0x1218 [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
11:05:29.0834 0x1218 LWS - ok
11:05:29.0959 0x1218 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
11:05:30.0022 0x1218 HP Software Update - ok
11:05:30.0178 0x1218 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:05:30.0303 0x1218 Sidebar - ok
11:05:30.0334 0x1218 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:05:30.0366 0x1218 mctadmin - ok
11:05:30.0538 0x1218 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:05:30.0553 0x1218 Sidebar - ok
11:05:30.0553 0x1218 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:05:30.0569 0x1218 mctadmin - ok
11:05:30.0772 0x1218 [ 86F0D0B3A07C142C81DAB47E8495A822, DA214C967FFE0B3E2BBCE99E7330DBB74EB0BB7F21833FE689277109B0FF92B5 ] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
11:05:30.0788 0x1218 BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
11:05:30.0788 0x1218 Waiting for KSN requests completion. In queue: 14
11:05:31.0788 0x1218 Waiting for KSN requests completion. In queue: 14
11:05:32.0788 0x1218 Waiting for KSN requests completion. In queue: 14
11:05:34.0975 0x1218 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
11:05:35.0225 0x1218 Win FW state via NFP2: enabled
11:05:38.0241 0x1218 ============================================================
11:05:38.0241 0x1218 Scan finished
11:05:38.0241 0x1218 ============================================================
11:05:38.0241 0x1210 Detected object count: 0
11:05:38.0241 0x1210 Actual detected object count: 0
Gowton
Regular Member
 
Posts: 17
Joined: May 6th, 2012, 6:12 am

Re: Very Slow PC

Unread postby wannabeageek » December 20th, 2014, 1:15 am

Hi Gowton,

Please run the following:

Please download SystemLook from one of the links below and save it to your Desktop.
For 64 bit Systems:
Download Mirror #1
Download Mirror #2


  • Double-click SystemLook.exe to run it.
  • Right mouse click SystemLook.exe, select "Run As Administrator" to run it... if UAC prompts, please allow it.
  • Copy and paste the content of the following codebox into the main textfield;
  • To make this easy, click the "select all" button then hover over the highlighted text and right mouse click to select copy.
    Code: Select all
    :filefind
    *AskToolbar*
    *Ask.com*
    *Bandoo*
    *Babylon*
    *Conduit*
    *datamngr*
    *searchab*
    *Fun4IM*
    *Funmoods*
    *iLivid*
    *IObit*
    *Iminent*
    *OpenCandy*
    *Searchqu*
    *Searchnu*
    *smartbar*
    *Softonic*
    *Tarma*
    *trolltech*
    *Vafmusic2*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :folderfind
    *AskToolbar*
    *Ask.com*
    *Babylon*
    *Bandoo*
    *Conduit*
    *datamngr*
    *searchab*
    *smartbar*
    *Fun4IM*
    *Funmoods*
    *iLivid*
    *IObit*
    *Iminent*
    *OpenCandy*
    *Searchqu*
    *Searchnu*
    *Softonic*
    *Tarma*
    *trolltech*
    *Vafmusic2*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :Regfind
    AskToolbar
    Ask.com
    Babylon
    Bandoo
    Conduit
    datamngr
    searchab
    Fun4IM
    Funmoods
    iLivid
    IObit
    Iminent
    OpenCandy
    Searchqu
    Searchnu
    smartbar
    Softonic
    Tarma
    trolltech
    Vafmusic2
    vshare
    whitesmoke
    Yontoo
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Very Slow PC

Unread postby Gowton » December 20th, 2014, 2:14 am

SystemLook 30.07.11 by jpshortstuff
Log created at 05:24 on 20/12/2014 by user
Administrator - Elevation successful

========== filefind ==========

Searching for "*AskToolbar*"
No files found.

Searching for "*Ask.com*"
No files found.

Searching for "*Bandoo*"
No files found.

Searching for "*Babylon*"
C:\Users\user\Documents\Pictures\doodlebug portfolio\MENE MENE TEKEL PARSIN (divine pronouncement of doom upon the kingdom of Babylon).bmp --a---- 1815606 bytes [09:34 23/09/2013] [04:02 13/04/2007] 4A2A11EA3D4E2203B71C513FDED53580
C:\Users\user\Documents\Pictures\doodlebug portfolio\MENE MENE TEKEL PARSIN (divine pronouncement of doom upon the kingdom of Babylon).jpg --a---- 455477 bytes [09:34 23/09/2013] [20:34 14/08/2011] D0C893F21DED7A488518A0548707CC68

Searching for "*Conduit*"
No files found.

Searching for "*datamngr*"
C:\Users\user\AppData\Local\Temp\jrt\datamngr_del.reg --a---- 536 bytes [10:48 19/12/2014] [11:31 08/11/2014] EC8FEEB4FB3638F6D5E01895A2BA0F57

Searching for "*searchab*"
No files found.

Searching for "*Fun4IM*"
No files found.

Searching for "*Funmoods*"
No files found.

Searching for "*iLivid*"
No files found.

Searching for "*IObit*"
No files found.

Searching for "*Iminent*"
No files found.

Searching for "*OpenCandy*"
No files found.

Searching for "*Searchqu*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*smartbar*"
No files found.

Searching for "*Softonic*"
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\DKZ3QFIK\en.softonic[1].xml --a---- 13 bytes [15:02 03/11/2013] [15:02 03/11/2013] C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\TJS5QX08\adblock-ie.en.softonic[1].xml --a---- 13 bytes [14:54 03/11/2013] [15:02 03/11/2013] C1DDEA3EF6BBEF3E7060A1A9AD89E4C5

Searching for "*Tarma*"
No files found.

Searching for "*trolltech*"
No files found.

Searching for "*Vafmusic2*"
No files found.

Searching for "*vshare*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*Yontoo*"
No files found.

========== folderfind ==========

Searching for "*AskToolbar*"
No folders found.

Searching for "*Ask.com*"
No folders found.

Searching for "*Babylon*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*Conduit*"
No folders found.

Searching for "*datamngr*"
No folders found.

Searching for "*searchab*"
No folders found.

Searching for "*smartbar*"
No folders found.

Searching for "*Fun4IM*"
No folders found.

Searching for "*Funmoods*"
No folders found.

Searching for "*iLivid*"
No folders found.

Searching for "*IObit*"
No folders found.

Searching for "*Iminent*"
No folders found.

Searching for "*OpenCandy*"
No folders found.

Searching for "*Searchqu*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Softonic*"
No folders found.

Searching for "*Tarma*"
No folders found.

Searching for "*trolltech*"
No folders found.

Searching for "*Vafmusic2*"
No folders found.

Searching for "*vshare*"
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\94N6C724\vshare.eu d------ [20:49 27/11/2014]
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\94N6C724\www.movshare.net d------ [18:54 12/08/2014]
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\94N6C724\macromedia.com\support\flashplayer\sys\#vshare.eu d------ [20:49 27/11/2014]
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\94N6C724\macromedia.com\support\flashplayer\sys\#www.movshare.net d------ [18:54 12/08/2014]
C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V5F7J6MS\www.movshare.net d------ [17:18 23/02/2014]
C:\Users\user\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.movshare.net d------ [17:18 23/02/2014]

Searching for "*whitesmoke*"
No folders found.

Searching for "*Yontoo*"
No folders found.

========== Regfind ==========

Searching for "AskToolbar"
No data found.

Searching for "Ask.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"

Searching for "Babylon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"

Searching for "Bandoo"
No data found.

Searching for "Conduit"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitSearchProtect]
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitSearchProtect]
"PageId"="ConduitSearchProtect"

Searching for "datamngr"
No data found.

Searching for "searchab"
No data found.

Searching for "Fun4IM"
No data found.

Searching for "Funmoods"
No data found.

Searching for "iLivid"
No data found.

Searching for "IObit"
No data found.

Searching for "Iminent"
No data found.

Searching for "OpenCandy"
No data found.

Searching for "Searchqu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NeroSearch.NeroSearchQuerySourceSettings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NeroSearch.NeroSearchQuerySourceSettings]
@="NeroSearchQuerySourceSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NeroSearch.NeroSearchQuerySourceSettings\CurVer]
@="NeroSearch.NeroSearchQuerySourceSettings.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NeroSearch.NeroSearchQuerySourceSettings.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NeroSearch.NeroSearchQuerySourceSettings.1]
@="NeroSearchQuerySourceSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQueryConfigManager]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQueryConfigManager]
@="NMSearchQueryConfigManager Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQueryConfigManager\CurVer]
@="NMSearch.NMSearchQueryConfigManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQueryConfigManager.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQueryConfigManager.1]
@="NMSearchQueryConfigManager Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQuerySyntaxTree]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQuerySyntaxTree]
@="NMSearchQuerySyntaxTree Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQuerySyntaxTree\CurVer]
@="NMSearch.NMSearchQuerySyntaxTree.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQuerySyntaxTree.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NMSearch.NMSearchQuerySyntaxTree.1]
@="NMSearchQuerySyntaxTree Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}]
@="NeroSearchQuerySourceSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}\ProgID]
@="NeroSearch.NeroSearchQuerySourceSettings.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}\VersionIndependentProgID]
@="NeroSearch.NeroSearchQuerySourceSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}]
@="NMSearchQuerySyntaxTree Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}\ProgID]
@="NMSearch.NMSearchQuerySyntaxTree.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}\VersionIndependentProgID]
@="NMSearch.NMSearchQuerySyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}]
@="NMSearchQueryConfigManager Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}\ProgID]
@="NMSearch.NMSearchQueryConfigManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}\VersionIndependentProgID]
@="NMSearch.NMSearchQueryConfigManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{09BB29E0-C8C5-4AF3-B553-FD2158D99852}]
@="INMSearchQueryConfigHolder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{183AA129-9D53-4735-BB1F-92BA2B66B575}]
@="INMSearchQueryCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{21E4A815-2464-4CB1-BDD9-82DD0EF9D922}]
@="INeroSearchQueryTranslator2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{227DF978-FB93-4247-BD8F-2CDB4C485EFD}]
@="INeroSearchQueryDNF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2D9A4D8E-AEC7-4434-BB6C-B2FB6CFEBDB8}]
@="INeroSearchQueryOperandString"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2F2FD52C-3D82-4B96-81DB-F1D41442BB9B}]
@="INMSearchQueryHandle"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3C453A7C-D1C6-4D48-B063-CEAFCEF7042A}]
@="INeroSearchQuerySourceSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{422A9ACE-3453-44DF-BC41-71B8D89C22A3}]
@="INeroSearchQueryOperandCriterion"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{43D899E4-4085-4B50-8E5F-F9334FBA7C2A}]
@="INMSearchQueryConstSyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48DEBF52-F73F-4F0F-9255-ECBC1C922D7C}]
@="INeroSearchQueryTerm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{4B07C813-AA0B-4E71-BBB0-D343CC42DF1C}]
@="INMSearchQueryResult"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5D75DC77-4997-4E83-9A6B-B1E4C1C0CB87}]
@="INeroSearchQueryTranslator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5D824B76-5027-4936-AC1A-1266E0763522}]
@="INMSearchQueryContext"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{607C2DEF-18DB-4F34-A645-2D3A5349000F}]
@="INMSearchQueryErrorEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{7A1FBB2E-27A9-438B-9CED-57B03D61D9D0}]
@="INMSearchQuerySource"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8A3637CB-97D5-4956-AF77-1356D61F7AA3}]
@="INeroSearchQueryOperandNumber"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B931B92F-FBF7-42DA-B690-C64A26160B77}]
@="INMSearchQueryResultEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BA41016E-B64A-47E2-B4E7-58AAE086819A}]
@="INMSearchQueryResult2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C84C7F87-F9FE-4024-A214-17AE8C22257C}]
@="INMSearchQueryResultEnumerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D0A51603-B44E-4B2D-8DA1-D0CFD83AF832}]
@="INeroSearchQueryKeyword"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DFA5ADF8-8326-49E3-9B04-2751097A6510}]
@="INeroSearchQueryCNF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E0297562-6321-4938-9B2F-A3D330E44079}]
@="INeroSearchQuerySourceEnumerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F1B98CD5-F00C-49E3-B355-C9571B1348C3}]
@="INMSearchQueryConfigManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F45EA53D-A0AC-40ED-B446-EAE772F635B2}]
@="INMSearchQueryResultDirectoryAccessor"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F82BA77D-ED8F-4999-A71A-0CDB7223E30B}]
@="INMSearchQueryRefinement"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{FDC8ED21-7F9F-4E80-846B-6A02DDFF4AF2}]
@="INMSearchQuerySyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{FECB3D13-009D-452E-B7C3-B3EFA98D1FB5}]
@="INMSearchQuerySourceDeprecated"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}]
@="NeroSearchQuerySourceSettings Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}\ProgID]
@="NeroSearch.NeroSearchQuerySourceSettings.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8408BA8D-2245-49A0-8FEA-538669B0CFF7}\VersionIndependentProgID]
@="NeroSearch.NeroSearchQuerySourceSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}]
@="NMSearchQuerySyntaxTree Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}\ProgID]
@="NMSearch.NMSearchQuerySyntaxTree.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8C9E6B7A-6B70-4768-9656-444DCA6890B2}\VersionIndependentProgID]
@="NMSearch.NMSearchQuerySyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}]
@="NMSearchQueryConfigManager Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}\ProgID]
@="NMSearch.NMSearchQueryConfigManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BFF3B8F9-4CF4-4843-9DA6-097193056FB3}\VersionIndependentProgID]
@="NMSearch.NMSearchQueryConfigManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{09BB29E0-C8C5-4AF3-B553-FD2158D99852}]
@="INMSearchQueryConfigHolder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{183AA129-9D53-4735-BB1F-92BA2B66B575}]
@="INMSearchQueryCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{21E4A815-2464-4CB1-BDD9-82DD0EF9D922}]
@="INeroSearchQueryTranslator2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{227DF978-FB93-4247-BD8F-2CDB4C485EFD}]
@="INeroSearchQueryDNF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{2D9A4D8E-AEC7-4434-BB6C-B2FB6CFEBDB8}]
@="INeroSearchQueryOperandString"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{2F2FD52C-3D82-4B96-81DB-F1D41442BB9B}]
@="INMSearchQueryHandle"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{3C453A7C-D1C6-4D48-B063-CEAFCEF7042A}]
@="INeroSearchQuerySourceSettings"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{422A9ACE-3453-44DF-BC41-71B8D89C22A3}]
@="INeroSearchQueryOperandCriterion"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{43D899E4-4085-4B50-8E5F-F9334FBA7C2A}]
@="INMSearchQueryConstSyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{48DEBF52-F73F-4F0F-9255-ECBC1C922D7C}]
@="INeroSearchQueryTerm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{4B07C813-AA0B-4E71-BBB0-D343CC42DF1C}]
@="INMSearchQueryResult"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{5D75DC77-4997-4E83-9A6B-B1E4C1C0CB87}]
@="INeroSearchQueryTranslator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{5D824B76-5027-4936-AC1A-1266E0763522}]
@="INMSearchQueryContext"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{607C2DEF-18DB-4F34-A645-2D3A5349000F}]
@="INMSearchQueryErrorEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{7A1FBB2E-27A9-438B-9CED-57B03D61D9D0}]
@="INMSearchQuerySource"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{8A3637CB-97D5-4956-AF77-1356D61F7AA3}]
@="INeroSearchQueryOperandNumber"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{B931B92F-FBF7-42DA-B690-C64A26160B77}]
@="INMSearchQueryResultEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{BA41016E-B64A-47E2-B4E7-58AAE086819A}]
@="INMSearchQueryResult2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{C84C7F87-F9FE-4024-A214-17AE8C22257C}]
@="INMSearchQueryResultEnumerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{D0A51603-B44E-4B2D-8DA1-D0CFD83AF832}]
@="INeroSearchQueryKeyword"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{DFA5ADF8-8326-49E3-9B04-2751097A6510}]
@="INeroSearchQueryCNF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{E0297562-6321-4938-9B2F-A3D330E44079}]
@="INeroSearchQuerySourceEnumerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{F1B98CD5-F00C-49E3-B355-C9571B1348C3}]
@="INMSearchQueryConfigManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{F45EA53D-A0AC-40ED-B446-EAE772F635B2}]
@="INMSearchQueryResultDirectoryAccessor"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{F82BA77D-ED8F-4999-A71A-0CDB7223E30B}]
@="INMSearchQueryRefinement"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{FDC8ED21-7F9F-4E80-846B-6A02DDFF4AF2}]
@="INMSearchQuerySyntaxTree"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{FECB3D13-009D-452E-B7C3-B3EFA98D1FB5}]
@="INMSearchQuerySourceDeprecated"

Searching for "Searchnu"
No data found.

Searching for "smartbar"
No data found.

Searching for "Softonic"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\48ef5887_0]
@="{0.0.0.00000000}.{d73c8d13-fee5-47ae-b457-6e79c69295f8}|\Device\HarddiskVolume2\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJY9BCCR\SoftonicDownloader_for_adblock-ie.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f287b13f_0]
@="{0.0.0.00000000}.{d73c8d13-fee5-47ae-b457-6e79c69295f8}|\Device\HarddiskVolume2\Users\user\Downloads\SoftonicDownloader_for_webcameffects.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-100026641-3184929813-4218915004-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\48ef5887_0]
@="{0.0.0.00000000}.{d73c8d13-fee5-47ae-b457-6e79c69295f8}|\Device\HarddiskVolume2\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJY9BCCR\SoftonicDownloader_for_adblock-ie.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-100026641-3184929813-4218915004-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f287b13f_0]
@="{0.0.0.00000000}.{d73c8d13-fee5-47ae-b457-6e79c69295f8}|\Device\HarddiskVolume2\Users\user\Downloads\SoftonicDownloader_for_webcameffects.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "Tarma"
No data found.

Searching for "trolltech"
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.3\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:]
[HKEY_USERS\S-1-5-21-100026641-3184929813-4218915004-1000\Software\Trolltech]
[HKEY_USERS\S-1-5-21-100026641-3184929813-4218915004-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.3\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-100026641-3184929813-4218915004-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-100026641-3184929813-4218915004-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-100026641-3184929813-4218915004-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:]

Searching for "Vafmusic2"
No data found.

Searching for "vshare"
No data found.

Searching for "whitesmoke"
No data found.

Searching for "Yontoo"
No data found.

-= EOF =-
Gowton
Regular Member
 
Posts: 17
Joined: May 6th, 2012, 6:12 am

Re: Very Slow PC

Unread postby wannabeageek » December 21st, 2014, 3:24 am

Hi Gowton,

Please run the following:

Step 1.
Registry Backup (TCRB)

Please download tweaking.com_registry_backup_setup.exe
Choose a download site for the installer... download and save it to your desktop.
Double click on the "...setup.exe" program and install the program. Let the install use the default installation. How to tutorial here.

Once the program is installed...
  1. Double click the Tweaking.com Registry Backup icon ... on your Desktop to open the program.
  2. Right mouse click the Tweaking.com Registry Backup icon, select "Run As Administrator" to run it... if UAC prompts, please allow it.
  3. It should open with the Backup Registry tab selected and all file options checked. Check any that are not already checked.
  4. Click on Backup Now to create a backup of your Registry.
    You'll see "Waiting for Volume Shadow Copy snapshot..." this may take a few moments, just be patient.
  5. When completed you should see a message saying something like ... Successful ??/?? Registry Files Backed Up ... ?? is total number of files, both numbers should match.
  6. Close and exit the program.

< STOP > If you did not successfully complete this step. < STOP > Do not continue with any other steps, post back and let me know!


Step 2.
  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the quote box below into Notepad.
    • To make this easy, click the "select all" button then hover over the highlighted text and right mouse click to select copy.
Code: Select all
C:\Users\user\AppData\Local\Temp\jrt\datamngr_del.reg
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\DKZ3QFIK\en.softonic[1].xml
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\TJS5QX08\adblock-ie.en.softonic[1].xml
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\94N6C724\vshare.eu
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\94N6C724\macromedia.com\support\flashplayer\sys\#vshare.eu
EmptyTemp:



    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log


Step 3.
ESET online scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • First please Disable any Antivirus you have active, as shown in This topic. Scroll down to find your product.
  • Note: Remember to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scanner
  • Press the Blue Run ESET Online Scanner button on the left side of the page.
  • A popup box will open.
  • Select the option YES, I accept the Terms of Use then click on Start.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • When the scan is completed and you would like the program removed, select Uninstall application on close. Be sure you have copied the log file first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Remember to re-enable your Anti-Virus application after running the above scan!


Please include in your next reply:
  1. Contents of fixlog.txt
  2. Contents of C:\Program Files\ESET\EsetOnlineScanner\log.txt
  3. Any problem executing the instructions?
  4. How is the computer behaving?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Very Slow PC

Unread postby Gowton » December 21st, 2014, 9:08 pm

Hi. I did the backup just fine. I copied the contents of the quote box you gave me and saved it as fixlits.txt to my desktop which is where the FRST.exe is. However when I started up FRST and clicked on the fix button all I got was a window pop up that said "Line9871 (File"C:\Users\user\desktop\FRTS64.exe"): Error: Error in expression."
I don't know if I did what you told me to, I thought I did. Not sure if I should have waited but I carried on anyway and continued with the next step and copied the ESET log:

C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\007\t\00\00000000 Win32/AdWare.1ClickDownload.AW application
C:\Users\user\Documents\downloads\MAGIX Music Maker MX Production Suite v18.0.3.0 - deepstatus exclusive\MAGIX Music Maker MX Production Suite v18.0.3.0 - Inc. Patch ASSiGN + crack.rar a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\user\Downloads\cbsidlm-cbsi134-CBR_Reader-ORG-75609749.exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\user\Downloads\cbsidlm-cbsi134-EPUB_File_Reader-ORG-75982127.exe a variant of Win32/CNETInstaller.B potentially unwanted application

PC still slow
Gowton
Regular Member
 
Posts: 17
Joined: May 6th, 2012, 6:12 am

Re: Very Slow PC

Unread postby wannabeageek » December 21st, 2014, 9:18 pm

Hi Gowton,

Run these please and post the results:

Step 1.
Run CKScanner

  • Please download CKScanner from Here
  • Important: - Save it to your desktop.
  • Right-click CKScanner.exe > select " Run as administrator " then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please Run the program only once.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


NOTE: If you get an error when running the MGA Diagnostic utility only means it failed to create support files which are not needed for posting the report.
You should still be able to click the Copy button and paste the report into this thread so please do so.


Step 2.
Download and run MGA Diagnostic Tool
This tool will aid us in determining what additional steps will need to be performed.

  1. Click here to download the MGA Diagnostics Tool from Microsoft and save it to your Desktop. The MGADiag.exe icon will appear on your Desktop.
  2. Right-click the MGADiag.exe icon on your Desktop and then select Run As Administrator from the popup menu.. The tools' window will be displayed.
  3. Click the Continue button. The scan will be performed. Once the scan is complete the report information will be displayed and a Copy button will be provided.
  4. Click the Copy button.
  5. Open Notepad and paste the contents of the report into the Notepad window.
  6. Save the report and paste the contents into your reply.


Step 3.
Please download and run WVCheck and post back the report it creates:
  • Right-click the WVCheck.exe icon on your Desktop and then select Run As Administrator from the popup menu..
  • As indicated by the prompt, this program can take a while depending on your hard drive space.
  • Once the program is done, copy the contents of the Notepad file as a reply.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Very Slow PC

Unread postby Gowton » December 22nd, 2014, 7:17 am

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\curious labs\poser 6\runtime\libraries\pose\butterfliesp4\queencracker.pz2
c:\program files (x86)\curious labs\poser 6\runtime\libraries\pose\butterfliesp4\queencracker.rsr
c:\program files (x86)\curious labs\poser 6\runtime\libraries\pose\butterfliesp5p6\queencracker.pz2
c:\program files (x86)\curious labs\poser 6\runtime\libraries\pose\butterfliesp5p6\queencracker.rsr
c:\program files (x86)\curious labs\poser 6\runtime\libraries\pose\butterfliespp\queencracker.pz2
c:\program files (x86)\curious labs\poser 6\runtime\libraries\pose\butterfliespp\queencracker.rsr
c:\program files (x86)\curious labs\poser 6\runtime\libraries\pose\spywear mat files\bob - firecracker.pz2
c:\program files (x86)\curious labs\poser 6\runtime\libraries\pose\spywear mat files\bob - firecracker.rsr
c:\users\user\desktop\monkey island 1 - the secret of monkey island (special edition)\crack-reloaded.zip
c:\users\user\desktop\monkey island 2 - lechuck's revenge (special edition)\crack-skidrow.zip
c:\users\user\documents\downloads\magix music maker mx production suite v18.0.3.0 - deepstatus exclusive\magix music maker mx production suite v18.0.3.0 - inc. patch assign + crack.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\p6cu1_w.zip
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part02.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part03.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part04.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part05.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part06.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part07.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part08.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part09.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part10.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part11.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6.part12.rar
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\autorun.apm
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\autorun.exe
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\autorun.inf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\icon.ico
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser 6 eula.txt
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser 6 readme.txt
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser 6 registration form.pdf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\amslng.9
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu1.bah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu1.bal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu1.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu1.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu1.daw
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu1.ttf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu10.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu10.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu11.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu11.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu12.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu12.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu13.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu13.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu14.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu14.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu15.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu15.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu16.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu16.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu17.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu17.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu18.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu18.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu2.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu2.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu3.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu3.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu4.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu4.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu5.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu5.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu6.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu6.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu7.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu7.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu8.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu8.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu9.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\data\menu9.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\documentation\poser 6 qrc.pdf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\documentation\poser 6 reference manual.pdf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\documentation\poser 6 tutorial manual.pdf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\documentation\poserpython methods.pdf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser 6 installer\poser 6 setup.exe
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\autorun.apm
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\autorun.exe
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\autorun.inf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\icon.ico
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\poser 6 content updater.exe
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\poser 6 eula.txt
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\poser 6 readme.txt
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\poser 6 registration form.pdf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\amslng.9
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu1.bah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu1.bal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu1.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu1.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu1.daw
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu1.ttf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu10.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu10.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu11.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu11.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu12.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu12.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu13.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu13.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu14.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu14.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu15.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu15.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu16.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu16.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu17.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu17.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu18.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu18.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu2.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu2.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu3.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu3.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu4.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu4.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu5.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu5.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu6.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu6.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu7.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu7.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu8.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu8.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu9.dah
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\data\menu9.dal
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\documentation\poser 6 qrc.pdf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\documentation\poser 6 reference manual.pdf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\documentation\poser 6 tutorial manual.pdf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\documentation\poserpython methods.pdf
c:\users\user\documents\downloads\poser 6 + update serial y keygen\poser6\poser6\poser 6 installer\poser 6 setup.exe
c:\users\user\documents\poser add ons\poser 5\poser 5 [valid crack].exe
c:\users\user\documents\poser add ons\poser 5\poser 5 [valid crack]\poser.exe
c:\users\user\documents\poser add ons\poser 5\poser 5 [valid crack]\sinister.nfo
c:\users\user\documents\thumb drive contents\adobe photoshop cs6 extended + crack full version\serial.txt
c:\users\user\documents\thumb drive contents\adobe photoshop cs6 extended + crack full version\setup.exe
c:\users\user\downloads\[isohunt] adobe photoshop elements 7 keygen-lndl.torrent
c:\users\user\downloads\adobe photoshop elements 7+keygen-lndl\setup\setup.exe
scanner sequence 3.ZZ.11.FIAPXZ
----- EOF -----

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-79KBQ-HMDQ7-JRX97
Windows Product Key Hash: C3S5KsRvUhSi8SHstamXytGbRk0=
Windows Product ID: 00359-OEM-9808944-43676
Windows Product ID Type: 8
Windows License Type: COA SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {464B2161-991B-4000-A98F-B9CF254EAD81}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.140303-2144
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Small Business 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-b01a_E2AD56EA-766-0_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{464B2161-991B-4000-A98F-B9CF254EAD81}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-JRX97</PKey><PID>00359-OEM-9808944-43676</PID><PIDType>8</PIDType><SID>S-1-5-21-100026641-3184929813-4218915004</SID><SYSTEM><Manufacturer>INTEL_</Manufacturer><Model>DQ3510J_</Model></SYSTEM><BIOS><Manufacturer>Intel Corp.</Manufacturer><Version>JOQ3510J.86A.0882.2008.0423.1925</Version><SMBIOSVersion major="2" minor="4"/><Date>20080423000000.000000+000</Date></BIOS><HWID>64A73207018400FA</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-00CA-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Small Business 2007</Name><Ver>12</Ver><Val>AE00984C68865AE</Val><Hash>p2DHfC+K0vmKshzIQmNgcPx+Smg=</Hash><Pid>81606-OEM-6472711-59107</Pid><PidType>4</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
Activation ID: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00196-089-443676-02-2057-7600.0000-2642013
Installation ID: 010002068171801724985815645304312124758351431395003784
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: JRX97
License Status: Licensed
Remaining Windows rearm count: 4
Trusted time: 22/12/2014 09:35:58

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: PAAAAAEACAABAAIAAAABAAAAAgABAAEAJJQqOwSDKK/kNoj9jGNk/saY3tTInIj7QJeAcpRlVAcUFyqF

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC INTEL DQ3510J
FACP INTEL DQ3510J
MCFG INTEL DQ3510J
WDDT INTEL DQ3510J
ASF! INTEL DQ3510J
ASPT INTEL DQ3510J
WDTT INTEL DQ3510J
SSDT INTEL CpuPm
SSDT INTEL CpuPm
SSDT INTEL CpuPm
SSDT INTEL CpuPm
SSDT INTEL CpuPm
SSDT INTEL CpuPm
SSDT INTEL CpuPm
SSDT INTEL CpuPm
SSDT INTEL CpuPm
TCPA INTEL TIANO



Windows Validation Check
Version: 1.9.12.5
Log Created On: 0940_22-12-2014
-----------------------

Windows Information
-----------------------
Windows Version: Windows 7 Service Pack 1
Windows Mode: Normal
Systemroot Path: C:\Windows

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
-----------------------
Last Success Time for Update Detection: 2014-12-22 09:03:29
Last Success Time for Update Download: 2014-12-18 10:44:25
Last Success Time for Update Installation: 2014-12-18 14:41:51


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
C:\Windows\System32\slwga.dll
Size: 14336 bytes
Creation; 23/9/2013 11:0:48
Modification; 20/11/2010 3:21:26
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\SysWOW64\slwga.dll
Size: 14336 bytes
Creation; 23/9/2013 11:0:48
Modification; 20/11/2010 3:21:26
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_5d778f71b9f4fd55\slwga.dll
Size: 15360 bytes
Creation; 23/9/2013 10:59:37
Modification; 20/11/2010 4:27:28
MD5; b6d6886149573278cba6abd44c4317f5
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_0158f3ee01978c1f\slwga.dll
Size: 14336 bytes
Creation; 23/9/2013 11:0:48
Modification; 20/11/2010 3:21:26
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------


WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.


WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - 5e0db2d8b2750543cd2ebb9ea8e6cdd3


-------- End of File, program close at 0944_22-12-2014 --------
Gowton
Regular Member
 
Posts: 17
Joined: May 6th, 2012, 6:12 am

Re: Very Slow PC

Unread postby Cypher » December 22nd, 2014, 11:43 am

Cracked - Illegal Software

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we bring this to your attention.

If you wish to receive help from us, you must remove any and all of the following from your computer:
  • Illegal software
  • Cracked software
  • illegal software key generators

Once the software and/or keygens have been removed, if you still need help, please start a new thread... include a link to your closed topic and include NEW DDS logs :
  • DDS.txt.
  • Attach.txt.
  • Details of the problems you're experiencing.
Wait for a new helper. Do not reply to your topic before a helper has replied.

This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 116 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware