Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Service Host Local Service infection?


  • Please log in to reply
14 replies to this topic

#1 pandyfackler

pandyfackler

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:dark side of the moon
  • Local time:03:53 AM

Posted 02 July 2015 - 03:05 PM

Hello, I am having a performance issue with my laptop. When I look in my task manager it appears that "Service Host" and "network, windows firewall, diagnostic policy service and base filtering engine" Are taking up 100% of my disk space. My computer is being super slow and sometimes the internet disconnects itself. Aside from the Service host that takes 100% disk space I have ten other separate instances. There are duplicates of a lot of random tasks in task manager, but I am not sure if that matters Anything you can help me with would be great! Thank you. :)



BC AdBot (Login to Remove)

 


m

#2 Nohus

Nohus

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:53 AM

Posted 02 July 2015 - 06:03 PM

I have this issue a lot too, I've looked around on forums a lot and ive seen that it tends to be an issue with windows 8. Make sure your computer is up to date, that has fixed this problem for me in the past.

#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:09:53 AM

Posted 02 July 2015 - 06:07 PM

Hello,

Please run these tools to check if there is a problem.

Farbar Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
===

MiniToolbox by Farbar

Avast users please disable your antivirus before downloading!
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards,
Alex

#4 pandyfackler

pandyfackler
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:dark side of the moon
  • Local time:03:53 AM

Posted 02 July 2015 - 06:42 PM

Farbar Service Scanner Version: 17-01-2015
Ran by Mikelle Duke (administrator) on 02-07-2015 at 16:11:47
Running from "C:\Users\Mikelle Duke\Downloads"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\windows\system32\wuaueng.dll".
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

 



#5 pandyfackler

pandyfackler
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:dark side of the moon
  • Local time:03:53 AM

Posted 02 July 2015 - 06:44 PM

sorry I am trying to figure out how to upload the result.txt



#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:09:53 AM

Posted 02 July 2015 - 06:45 PM

Just copy and paste the contents into this thread similar to what you did with the FSS log.

#7 pandyfackler

pandyfackler
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:dark side of the moon
  • Local time:03:53 AM

Posted 02 July 2015 - 06:48 PM

Heh whoops :blush:! Here ya' go:

 

MiniToolBox by Farbar  Version: 01-07-2015
Ran by Mikelle Duke (administrator) on 02-07-2015 at 16:27:45
Running from "C:\Users\Mikelle Duke\Downloads"
Microsoft Windows 8.1  (X64)
Model: 20405 Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Qualcomm Atheros AR956x Wireless Network Adapter = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global defaultcurhoplimit=64 icmpredirects=enabled
set interface interface="Loopback Pseudo-Interface 1" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled ecncapability=ecndisabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled mtu=1500 nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled mtu=1500 nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled mtu=1500 nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled mtu=1500 nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled mtu=1500 nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 4" forwarding=enabled advertise=enabled mtu=1500 nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Lenovo-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.or.comcast.net.
 
Wireless LAN adapter Local Area Connection* 4:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : 52-10-B3-14-C0-05
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 30-10-B3-14-C0-06
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 12-10-B3-14-C0-05
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : hsd1.or.comcast.net.
   Description . . . . . . . . . . . : Qualcomm Atheros AR956x Wireless Network Adapter
   Physical Address. . . . . . . . . : 30-10-B3-14-C0-05
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:1c0:c001:7a50:a15f:61e:7ccb:6405(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:1c0:c001:7a50:e862:2b51:4248:c12b(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::a15f:61e:7ccb:6405%5(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.15(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, July 2, 2015 2:12:36 PM
   Lease Expires . . . . . . . . . . : Thursday, July 9, 2015 3:29:07 PM
   Default Gateway . . . . . . . . . : fe80::21d:d3ff:fe11:c9c1%5
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 103813299
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-72-AC-ED-54-EE-75-25-65-08
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : ctrlcenter.com
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 54-EE-75-25-65-08
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  2001:558:feed::1
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Address:  2607:f8b0:400a:806::200e
 
 
Pinging google.com [2607:f8b0:400a:805::100e] with 32 bytes of data:
Request timed out.
Reply from 2607:f8b0:400a:805::100e: time=23ms 
 
Ping statistics for 2607:f8b0:400a:805::100e:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 23ms, Maximum = 23ms, Average = 23ms
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 2001:4998:44:204::a7
 98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:
Request timed out.
Reply from 2001:4998:44:204::a7: time=77ms 
 
Ping statistics for 2001:4998:44:204::a7:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 77ms, Maximum = 77ms, Average = 77ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
  9...52 10 b3 14 c0 05 ......Microsoft Hosted Network Virtual Adapter
  8...30 10 b3 14 c0 06 ......Bluetooth Device (Personal Area Network)
  6...12 10 b3 14 c0 05 ......Microsoft Wi-Fi Direct Virtual Adapter
  5...30 10 b3 14 c0 05 ......Qualcomm Atheros AR956x Wireless Network Adapter
  3...54 ee 75 25 65 08 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.15     25
         10.0.0.0    255.255.255.0         On-link         10.0.0.15    281
        10.0.0.15  255.255.255.255         On-link         10.0.0.15    281
       10.0.0.255  255.255.255.255         On-link         10.0.0.15    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.15    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.15    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  5    281 ::/0                     fe80::21d:d3ff:fe11:c9c1
  1    306 ::1/128                  On-link
  5    281 2601:1c0:c001:7a50::/64  On-link
  5    281 2601:1c0:c001:7a50:a15f:61e:7ccb:6405/128
                                    On-link
  5    281 2601:1c0:c001:7a50:e862:2b51:4248:c12b/128
                                    On-link
  5    281 fe80::/64                On-link
  5    281 fe80::a15f:61e:7ccb:6405/128
                                    On-link
  1    306 ff00::/8                 On-link
  5    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/02/2015 04:28:54 PM) (Source: ESENT) (User: )
Description: svchost (1300) SRUJet: Database C:\windows\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0).
 
Error: (07/02/2015 04:27:34 PM) (Source: ESENT) (User: )
Description: svchost (1300) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 11, PgnoRoot: 46) of database C:\windows\system32\SRU\SRUDB.dat (1000 => 1001, svchost0).
 
Error: (07/02/2015 04:25:56 PM) (Source: ESENT) (User: )
Description: svchost (1300) SRUJet: Database C:\windows\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0).
 
Error: (07/02/2015 04:24:43 PM) (Source: ESENT) (User: )
Description: svchost (1300) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 11, PgnoRoot: 46) of database C:\windows\system32\SRU\SRUDB.dat (1000 => 1001, svchost0).
 
Error: (07/02/2015 04:22:44 PM) (Source: ESENT) (User: )
Description: svchost (1300) SRUJet: Database C:\windows\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0).
 
Error: (07/02/2015 04:21:12 PM) (Source: ESENT) (User: )
Description: svchost (1300) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 11, PgnoRoot: 46) of database C:\windows\system32\SRU\SRUDB.dat (1000 => 1001, svchost0).
 
Error: (07/02/2015 04:19:28 PM) (Source: ESENT) (User: )
Description: svchost (1300) SRUJet: Database C:\windows\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0).
 
Error: (07/02/2015 04:18:13 PM) (Source: ESENT) (User: )
Description: svchost (1300) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 11, PgnoRoot: 46) of database C:\windows\system32\SRU\SRUDB.dat (1000 => 1001, svchost0).
 
Error: (07/02/2015 04:16:39 PM) (Source: ESENT) (User: )
Description: svchost (1300) SRUJet: Database C:\windows\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is corrupted (0).
 
Error: (07/02/2015 04:15:32 PM) (Source: ESENT) (User: )
Description: svchost (1300) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 11, PgnoRoot: 46) of database C:\windows\system32\SRU\SRUDB.dat (1000 => 1001, svchost0).
 
 
System errors:
=============
Error: (07/02/2015 02:12:44 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error: 
%%1058
 
Error: (07/02/2015 02:12:38 PM) (Source: Service Control Manager) (User: )
Description: The IP Helper service depends on the WinHTTP Web Proxy Auto-Discovery Service service which failed to start because of the following error: 
%%1058
 
Error: (07/02/2015 02:11:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfemms service.
 
Error: (07/02/2015 01:59:04 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (07/02/2015 00:55:39 AM) (Source: Service Control Manager) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error: 
%%1058
 
Error: (07/01/2015 09:07:37 PM) (Source: DCOM) (User: LENOVO-PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2
 
Error: (07/01/2015 01:37:27 AM) (Source: Service Control Manager) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error: 
%%1058
 
Error: (06/30/2015 11:24:41 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Update Manager service to connect.
 
Error: (06/30/2015 00:05:54 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/30/2015 00:05:37 AM) (Source: Service Control Manager) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (07/02/2015 04:28:54 PM) (Source: ESENT)(User: )
Description: svchost1300SRUJet: UserIdTimeStamp{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}C:\windows\system32\SRU\SRUDB.dat0
 
Error: (07/02/2015 04:27:34 PM) (Source: ESENT)(User: )
Description: svchost1300SRUJet: -3271146C:\windows\system32\SRU\SRUDB.dat10001001999
 
Error: (07/02/2015 04:25:56 PM) (Source: ESENT)(User: )
Description: svchost1300SRUJet: UserIdTimeStamp{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}C:\windows\system32\SRU\SRUDB.dat0
 
Error: (07/02/2015 04:24:43 PM) (Source: ESENT)(User: )
Description: svchost1300SRUJet: -3271146C:\windows\system32\SRU\SRUDB.dat10001001999
 
Error: (07/02/2015 04:22:44 PM) (Source: ESENT)(User: )
Description: svchost1300SRUJet: UserIdTimeStamp{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}C:\windows\system32\SRU\SRUDB.dat0
 
Error: (07/02/2015 04:21:12 PM) (Source: ESENT)(User: )
Description: svchost1300SRUJet: -3271146C:\windows\system32\SRU\SRUDB.dat10001001999
 
Error: (07/02/2015 04:19:28 PM) (Source: ESENT)(User: )
Description: svchost1300SRUJet: UserIdTimeStamp{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}C:\windows\system32\SRU\SRUDB.dat0
 
Error: (07/02/2015 04:18:13 PM) (Source: ESENT)(User: )
Description: svchost1300SRUJet: -3271146C:\windows\system32\SRU\SRUDB.dat10001001999
 
Error: (07/02/2015 04:16:39 PM) (Source: ESENT)(User: )
Description: svchost1300SRUJet: UserIdTimeStamp{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}C:\windows\system32\SRU\SRUDB.dat0
 
Error: (07/02/2015 04:15:32 PM) (Source: ESENT)(User: )
Description: svchost1300SRUJet: -3271146C:\windows\system32\SRU\SRUDB.dat10001001999
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-04-10 11:05:04.964
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-04 22:10:28.123
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Game Dev Tycoon version 1.4.16 (HKLM-x32\...\{BAAB62B3-52E6-4478-BE93-46AC955300FE}_is1) (Version: 1.4.16 - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.132 - PandoraTV)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo Flex 2 Demo (HKLM-x32\...\{8300CA15-AD32-4C12-A6D4-121DEBCA11CC}) (Version: 1.0.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.7 - Stoneware, Inc.)
Lenovo Recommends (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0211 - Lenovo)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.59 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.59 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Magic Transfer (HKLM-x32\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo) Hidden
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.1029 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.316 - McAfee, Inc.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.9 - Google)
Novacomd (HKLM\...\{BA9A297F-0198-4EE8-90CB-F5036C180E1D}) (Version: 1.0.0.76 - Palm, Inc.)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.80 - Synaptics Incorporated)
The Sims 4 Mod Manager version 2.2.0 (HKLM-x32\...\The Sims 4 Mod Manager_is1) (Version: 2.2.0 - )
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Katy Perry's Sweet Treats (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.3.33.1010 - Electronic Arts Inc.)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Driver Package - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Driver Package - Palm (WinUSB) Palm Devices  (10/09/2009 1.0.1) (HKLM\...\332CCC08910F1AE2E4D90D25DEDE87E3EF797832) (Version: 10/09/2009 1.0.1 - Palm)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - Ruiware)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 
========================= Devices: ================================
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\1
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\2
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\4
 
Name: Bluetooth A2DP Sink
Description: Bluetooth A2DP Sink
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: 
Device ID: BTHENUM\{0000110B-0000-1000-8000-00805F9B34FB}_LOCALMFG&0045\7&11C9A17&0&FC58FAEAFD54_C00000000
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{DA026291-1CB6-11E4-8257-806E6F6E6963}#0000006A4FF00000
 
Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\PNP0C0A\1
 
Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\PRINTQUEUES
 
Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr
Device ID: ROOT\VOLMGR\0000
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{DA026291-1CB6-11E4-8257-806E6F6E6963}#0000000000100000
 
Name: Bluetooth Handsfree
Description: Bluetooth Handsfree
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: 
Device ID: BTHENUM\{0000111E-0000-1000-8000-00805F9B34FB}_LOCALMFG&0045\7&11C9A17&0&FC58FAEAFD54_C00000000
 
Name: USB Root Hub (xHCI)
Description: USB Root Hub (xHCI)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB HUBs)
Service: USBHUB3
Device ID: USB\ROOT_HUB30\4&2B8754FF&0&0
 
Name: Bluetooth AVRCP Device
Description: Bluetooth AVRCP Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_RCP
Device ID: BTHENUM\{13B67E97-545B-41DC-AC44-6FEDE5FE6087}_LOCALMFG&0000\7&11C9A17&0&000000000000_00000000
 
Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\ACPI0003\5&1DC24A0F&0
 
Name: Send To OneNote 2013
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{E8897AFC-1769-43F5-8536-F5F4E64EA675}
 
Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
Device ID: ROOT\BASICDISPLAY\0000
 
Name: Intel® HD Graphics Family
Description: Intel® HD Graphics Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Device ID: PCI\VEN_8086&DEV_0A16&SUBSYS_397817AA&REV_0B\3&11583659&0&10
 
Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0E\2&DABA3FF&3
 
Name: Intel® 8 Series PCI Express Root Port #4 - 9C16
Description: Intel® 8 Series PCI Express Root Port #4 - 9C16
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_9C16&SUBSYS_397817AA&REV_E4\3&11583659&0&E3
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\THERMALZONE\TZS0
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\THERMALZONE\TZS1
 
Name: Microsoft Bluetooth Enumerator
Description: Microsoft Bluetooth Enumerator
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: BthEnum
Device ID: BTH\MS_BTHBRB\6&2FE68852&1&1
 
Name: Speakers (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{59B82995-836B-40FA-AAD9-51D516558FA6}
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\0
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\1
 
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0233&SUBSYS_17AA3819&REV_1000\4&157DCDAD&0&0001
 
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Device ID: BTHENUM\{CBECAB40-A2C8-4AB3-ADC1-DE0FE95D8600}_LOCALMFG&0000\7&11C9A17&0&000000000000_00000000
 
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Device ID: BTHENUM\{DD533152-01F4-435C-ABFE-984BC21A2A65}_LOCALMFG&0000\7&11C9A17&0&000000000000_00000000
 
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_8086&DEV_9C20&SUBSYS_397817AA&REV_04\3&11583659&0&D8
 
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0103\0
 
Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000
 
Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000
 
Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_03EB&PID_8A18\5&AEA7634&0&8
 
Name: HID-compliant vendor-defined device
Description: HID-compliant vendor-defined device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\VID_03EB&PID_8A18&MI_01\7&2C7C853B&0&0000
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{DA026291-1CB6-11E4-8257-806E6F6E6963}#000000708FF00000
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{DA026291-1CB6-11E4-8257-806E6F6E6963}#000000003E900000
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{DA026291-1CB6-11E4-8257-806E6F6E6963}#000000008D500000
 
Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport
Device ID: ROOT\SPACEPORT\0000
 
Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Device ID: BTH\MS_RFCOMM\6&2FE68852&1&0
 
Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Device ID: BTH\MS_BTHPAN\6&2FE68852&1&2
 
Name: Intel® USB 3.0 eXtensible Host Controller - 0100 (Microsoft)
Description: USB xHCI Compliant Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generic USB xHCI Host Controller
Service: USBXHCI
Device ID: PCI\VEN_8086&DEV_9C31&SUBSYS_397817AA&REV_04\3&11583659&0&A0
 
Name: Intel® 8 Series Chipset Family SATA AHCI Controller
Description: Intel® 8 Series Chipset Family SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaStorA
Device ID: PCI\VEN_8086&DEV_9C03&SUBSYS_397817AA&REV_04\3&11583659&0&FA
 
Name: Microphone (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{B09DE6FF-6125-46F6-A06D-122B9C624C60}
 
Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Device ID: ROOT\KDNIC\0000
 
Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{D943D8D8-F7EB-4400-8EEE-A8CFF8C894B5}
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT2
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT3
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT4
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT5
 
Name: Lenovo EasyCamera
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Device ID: USB\VID_5986&PID_055D&MI_00\6&5E97C38&0&0000
 
Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0B00\4&16B2C7AB&0
 
Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0D\2&DABA3FF&3
 
Name: Intel® Core™ i3-4030U CPU @ 1.90GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_69_-_INTEL®_CORE™_I3-4030U_CPU_@_1.90GHZ\_1
 
Name: Intel® Core™ i3-4030U CPU @ 1.90GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_69_-_INTEL®_CORE™_I3-4030U_CPU_@_1.90GHZ\_2
 
Name: Intel® Core™ i3-4030U CPU @ 1.90GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_69_-_INTEL®_CORE™_I3-4030U_CPU_@_1.90GHZ\_3
 
Name: Intel® Core™ i3-4030U CPU @ 1.90GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_69_-_INTEL®_CORE™_I3-4030U_CPU_@_1.90GHZ\_4
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{DA026291-1CB6-11E4-8257-806E6F6E6963}#0000000095500000
 
Name: Intel® Management Engine Interface 
Description: Intel® Management Engine Interface 
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Device ID: PCI\VEN_8086&DEV_9C3A&SUBSYS_397817AA&REV_04\3&11583659&0&B0
 
Name: Bluetooth Advanced Remote Control Service
Description: Bluetooth Advanced Remote Control Service
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: 
Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_LOCALMFG&0045\7&11C9A17&0&FC58FAEAFD54_C00000000
 
Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0000\4&16B2C7AB&0
 
Name: Intel® 8 Series PCI Express Root Port #1 - 9C10
Description: Intel® 8 Series PCI Express Root Port #1 - 9C10
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_9C10&SUBSYS_397817AA&REV_E4\3&11583659&0&E0
 
Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_03EB&PID_8A18&MI_00\6&380C1CE4&0&0000
 
Name: Bluetooth Hard Copy Cable Replacement Server
Description: Bluetooth Hard Copy Cable Replacement Server
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_HCRP
Device ID: BTHENUM\{8855C1D2-9BFE-4B96-BCBF-CBB9682C76BD}_LOCALMFG&0000\7&11C9A17&0&000000000000_00000000
 
Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT3F0D\4&16B2C7AB&0
 
Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: 
Device ID: HID\BTIAHIDDEVICE\8&22956277&0&0000
 
Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: PCI\VEN_8086&DEV_0A04&SUBSYS_397817AA&REV_0B\3&11583659&0&00
 
Name: Microsoft Device Association Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MSDAS\{CE958E9A-424F-4C88-86F4-11314821E75A}
 
Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000
 
Name: Bluetooth AV Remote Control Target
Description: Bluetooth AV Remote Control Target
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: 
Device ID: BTHENUM\{0000110C-0000-1000-8000-00805F9B34FB}_LOCALMFG&0045\7&11C9A17&0&FC58FAEAFD54_C00000000
 
Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0200\4&16B2C7AB&0
 
Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\0
 
Name: Lenovo ACPI-Compliant Virtual Power Controller
Description: Lenovo ACPI-Compliant Virtual Power Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo
Service: ACPIVPC
Device ID: ACPI\VPC2004\0
 
Name: Synaptics SMBus Driver
Description: Synaptics SMBus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: SmbDrvI
Device ID: PCI\VEN_8086&DEV_9C22&SUBSYS_397817AA&REV_04\3&11583659&0&FB
 
Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_5986&PID_055D\200901010001
 
Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Device ID: HTREE\ROOT\0
 
Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender
Device ID: ROOT\BASICRENDER\0000
 
Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{9D7DBACD-D102-4149-B2DB-FFEC94371EAB}
 
Name: Bluetooth Headset
Description: Bluetooth Headset
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: 
Device ID: BTHENUM\{00001108-0000-1000-8000-00805F9B34FB}_LOCALMFG&0045\7&11C9A17&0&FC58FAEAFD54_C00000000
 
Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_03EB&PID_8A18&MI_01\6&380C1CE4&0&0001
 
Name: Lenovo Pointing Device
Description: Lenovo Pointing Device
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Device ID: ACPI\SYN2B3A\4&16B2C7AB&0
 
Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&3
 
Name: HL-DT-ST DVDRAM GUA0N
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: SCSI\CDROM&VEN_HL-DT-ST&PROD_DVDRAM_GUA0N\4&30CC015D&0&010000
 
Name: HID-compliant touch screen
Description: HID-compliant touch screen
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\VID_03EB&PID_8A18&MI_00\7&8A54779&0&0000
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\IDEA0102\4&16B2C7AB&0
 
Name: Microsoft Wi-Fi Direct Virtual Adapter
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&282A4E10&0&02
 
Name: NDIS Virtual Network Adapter Enumerator
Description: NDIS Virtual Network Adapter Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisVirtualBus
Device ID: ROOT\NDISVIRTUALBUS\0000
 
Name: Microsoft Hosted Network Virtual Adapter
Description: Microsoft Hosted Network Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_SAP\5&282A4E10&0&03
 
Name: HGST HTS545050A7E660
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: SCSI\DISK&VEN_HGST&PROD_HTS545050A7E6600\4&30CC015D&0&000000
 
Name: ISBW2113
Description: Bluetooth Device
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: 
Device ID: BTHENUM\DEV_FC58FAEAFD54\7&11C9A17&0&BLUETOOTHDEVICE_FC58FAEAFD54
 
Name: HID-compliant wireless radio controls
Description: HID-compliant wireless radio controls
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\LENOVOVHID\1&632D18&0&0000
 
Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: ACPI\INT0800\4&16B2C7AB&0
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{DA026291-1CB6-11E4-8257-806E6F6E6963}#000000004ED00000
 
Name: Microsoft Bluetooth LE Enumerator
Description: Microsoft Bluetooth LE Enumerator
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: BthLEEnum
Device ID: BTH\MS_BTHLE\6&2FE68852&1&0
 
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\AUO35EC\4&25831CB2&0&UID68092928
 
Name: UMDF HID minidriver Device
Description: UMDF HID minidriver Device
Class Guid: {177b1d2a-679c-4093-98bf-fd6999695d3b}
Manufacturer: Lenovo
Service: mshidumdf
Device ID: ROOT\LENOVOVHID\0000
 
Name: Qualcomm Atheros AR956x Wireless Network Adapter
Description: Qualcomm Atheros AR956x Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Device ID: PCI\VEN_168C&DEV_0036&SUBSYS_402617AA&REV_01\4&26A9392D&0&00E2
 
Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT340E\2&DABA3FF&3
 
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Device ID: BTHENUM\{61118058-486C-4BB0-B4B8-ACE4DCADEC44}_LOCALMFG&0000\7&11C9A17&0&000000000000_00000000
 
Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Device ID: USB\VID_0CF3&PID_3004\5&AEA7634&0&6
 
Name: Intel® 8 Series PCI Express Root Port #3 - 9C14
Description: Intel® 8 Series PCI Express Root Port #3 - 9C14
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_9C14&SUBSYS_397817AA&REV_E4\3&11583659&0&E2
 
Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C09\4&16B2C7AB&0
 
Name: Picks Device
Description: Picks Device
Class Guid: {78a1c341-4539-11d3-b88d-00c04fad5171}
Manufacturer: Picks
Service: WUDFRd
Device ID: ROOT\YOGAPICKS\0000
 
Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000
 
Name: IWD Bus Enumerator
Description: IWD Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: iwdbus
Device ID: ROOT\SYSTEM\0001
 
Name: Qualcomm Atheros Bluetooth Bus
Description: Qualcomm Atheros Bluetooth Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_BUS
Device ID: ROOT\SYSTEM\0002
 
Name: Lenovo Primary iM Controller
Description: Lenovo Primary iM Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo Corporation
Service: WUDFRd
Device ID: ROOT\SYSTEM\0003
 
Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0100\4&16B2C7AB&0
 
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Device ID: ROOT\RDPBUS\0000
 
Name: Intel® 8 Series LPC Controller (Premium SKU) - 9C43
Description: Intel® 8 Series LPC Controller (Premium SKU) - 9C43
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv
Device ID: PCI\VEN_8086&DEV_9C43&SUBSYS_397817AA&REV_04\3&11583659&0&F8
 
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_381017AA&REV_10\4&2488F13A&0&00E3
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 44%
Total physical RAM: 6052.01 MB
Available physical RAM: 3352.25 MB
Total Virtual: 11428.01 MB
Available Virtual: 8143.22 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows8_OS) (Fixed) (Total:422.92 GB) (Free:217.61 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.65 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\LENOVO-PC
 
Administrator            Guest                    Mikelle Duke             
 
========================= Minidump Files ==================================
 
C:\windows\Minidump\032515-15468-01.dmp
C:\windows\Minidump\040415-16390-01.dmp
========================= Restore Points ==================================
 
16-06-2015 02:43:07 McAfee Vulnerability Scanner
17-06-2015 20:39:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
17-06-2015 20:39:49 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
24-06-2015 22:20:36 Windows Update
30-06-2015 06:01:37 Removed The Sims 3 Outdoor Living Stuff
 
**** End of log ****


#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:09:53 AM

Posted 02 July 2015 - 07:10 PM

Hi there,

Let's rule out infections before we proceed.

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.
  • Click on Scan to be taken to the scan options. If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.
  • Click on the Malware Scan button to start the scan.
  • When the scan is completed click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop, and attach it to your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
Regards,
Alex

#9 pandyfackler

pandyfackler
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:dark side of the moon
  • Local time:03:53 AM

Posted 02 July 2015 - 10:14 PM

Emsisoft Emergency Kit - Version 10.0
Last update: 7/2/2015 5:49:35 PM
User account: LENOVO-PC\Mikelle Duke
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 7/2/2015 5:51:54 PM
C:\Users\Mikelle Duke\AppData\Local\software detected: Application.AppInstall (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-424926214-3802372168-1000484015-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-424926214-3802372168-1000484015-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN detected: Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS detected: Setting.NoFolderOptions (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\CONTROL\SAFEBOOT\NETWORK\VDWFP detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{AD063C0E-0FE1-4772-B29B-679ACE94818F} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{AD063C0E-0FE1-4772-B29B-679ACE94818F} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{617E26CE-E6E1-4C75-A68A-A001F2B98491} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8128586C-DF69-4266-873F-CF4C6F705A7C} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{617E26CE-E6E1-4C75-A68A-A001F2B98491} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8128586C-DF69-4266-873F-CF4C6F705A7C} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E} detected: Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5} detected: Adware.Superfish (A)
C:\Users\Mikelle Duke\Downloads\The_Sims_4_fix\Game\Bin\RldOrigin.dll detected: Trojan.Generic.14619462 (B)
 
Scanned 87004
Found 38
 
Scan end: 7/2/2015 8:12:36 PM
Scan time: 2:20:42
 
C:\Users\Mikelle Duke\Downloads\The_Sims_4_fix\Game\Bin\RldOrigin.dll Quarantined Trojan.Generic.14619462 (B)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8128586C-DF69-4266-873F-CF4C6F705A7C} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{617E26CE-E6E1-4C75-A68A-A001F2B98491} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{AD063C0E-0FE1-4772-B29B-679ACE94818F} Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE Quarantined Adware.Superfish (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\CONTROL\SAFEBOOT\NETWORK\VDWFP Quarantined Adware.Superfish (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Quarantined Setting.NoFolderOptions (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Quarantined Setting.NoRun (A)
Value: HKEY_USERS\S-1-5-21-424926214-3802372168-1000484015-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-424926214-3802372168-1000484015-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
C:\Users\Mikelle Duke\AppData\Local\software Quarantined Application.AppInstall (A)
 
Quarantined 27


#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:09:53 AM

Posted 03 July 2015 - 05:32 AM

Hi there,

Please update Malwarebytes from the main GUI to get version 2.1.8 (it will require a reboot), then perform a Threat Scan for me and post the log here. It's in History => Application Logs.

ESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex

#11 pandyfackler

pandyfackler
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:dark side of the moon
  • Local time:03:53 AM

Posted 03 July 2015 - 03:43 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/3/2015
Scan Time: 1:11 PM
Logfile: jnjn.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.07.03.07
Rootkit Database: v2015.07.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Mikelle Duke
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 362973
Time Elapsed: 29 min, 11 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#12 pandyfackler

pandyfackler
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:dark side of the moon
  • Local time:03:53 AM

Posted 05 July 2015 - 02:59 PM

C:\Users\Mikelle Duke\AppData\Roaming\uTorrent\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
C:\Users\Mikelle Duke\AppData\Roaming\uTorrent\updates\3.4.2_34537.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting - quarantined
C:\Users\Mikelle Duke\AppData\Roaming\uTorrent\updates\3.4.2_34944.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
C:\Users\Mikelle Duke\AppData\Roaming\uTorrent\updates\3.4.2_36615.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
C:\Users\Mikelle Duke\AppData\Roaming\uTorrent\updates\3.4.2_37248.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
C:\Users\Mikelle Duke\AppData\Roaming\uTorrent\updates\3.4.2_39744.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
C:\Users\Mikelle Duke\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
C:\Users\Mikelle Duke\OneDrive\Documents\uTorrent.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting - quarantined


#13 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:09:53 AM

Posted 05 July 2015 - 03:26 PM

How is the computer running?

#14 pandyfackler

pandyfackler
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:dark side of the moon
  • Local time:03:53 AM

Posted 06 July 2015 - 02:34 PM

Much better :) Although the service host process is still jumping back and forth between normal and 100 percent disk space. It is still a little slow, but it is much better then previously.



#15 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:09:53 AM

Posted 06 July 2015 - 03:04 PM

If you see the "random duplicate tasks" in Task Manager then feel free to take a screenshot and post it here.

Let's see if this will resolve the issue by repairing Windows services.

Tweaking.com - Windows Repair All-In-One (Portable)

- Download Windows Repair All-In-One (Portable Version) from here.

- Extract tweaking.com_windows_repair_aio.zip to your Desktop.

- Disable all your antivirus and antimalware software - see how to do that here.
- Right click on QfBzvq1.png and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
(Windows Vista/7/8 users: Accept UAC warning if it is enabled.)

- A window will appear. Click Step 2.
2f8o60N.png

- Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.

- Depending on which error Windows Repair found, click Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.

- Go to Step 3, then click Check in the See If Check Disk Is Needed.

- If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk.
Ymy7crZ.png

- Go to Step 4, then click Do It.
zDtdN75.png

- Go to Step 5. Under System Restore click Create.
f7lEe1N.png

- Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.
PGv2vtD.png

- By default Windows Repair All-In-One will create a "Logs" folder in its folder on the Desktop. Please post the contents of the main log in your next reply.

Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users