Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC is slowed down not sure why


  • Please log in to reply
5 replies to this topic

#1 peteranko

peteranko

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:51 PM

Posted 06 April 2016 - 12:10 PM

Hi,

 

I have been asked to come here.

 

Hi,

I have found my pc is working way overtime playing this one game. However it wasn't doing it when I started. 

Had someone from Microsoft help me with a windows 10 issue and in the process he found there were a heap of unwanted drivers. He said they shouldn't be there if you didn't install them. Said there may be some malware of virus putting them in.

 

Wondering is there something that can be done to find out if this is slowing my pc down on this game or is there something else in there that shouldn't be there. 


Edited by Chris Cosgrove, 06 April 2016 - 05:23 PM.
Moved from Virus, trojan, etc. logs to 'Am I infected?'

:bowdown:  :busy:

Anko


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:51 AM

Posted 07 April 2016 - 10:40 AM

Hello peteranko, run these next please.



3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 peteranko

peteranko
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:51 PM

Posted 16 April 2016 - 09:32 PM

mini toolbox results.

MiniToolBox by Farbar  Version: 07-02-2016 01

Ran by P1 (administrator) on 17-04-2016 at 12:24:27

Running from "C:\Users\P1\Downloads"

Microsoft Windows 10 Home  (X64)

Model: System Product Name Manufacturer: System manufacturer

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ============================== 

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= Hosts content: =================================

========================= IP Configuration: ================================

 

ASUS PCE-N10 11n Wireless LAN PCI-E Card = Wireless Network Connection (Connected)

Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global

set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : P1-PC

   Primary Dns Suffix  . . . . . . . : 

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

   DNS Suffix Search List. . . . . . : gateway

 

Ethernet adapter Local Area Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

   Physical Address. . . . . . . . . : 30-85-A9-46-12-4F

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Local Area Connection* 2:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter

   Physical Address. . . . . . . . . : C8-60-00-D3-E0-7F

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wireless Network Connection:

 

   Connection-specific DNS Suffix  . : gateway

   Description . . . . . . . . . . . : ASUS PCE-N10 11n Wireless LAN PCI-E Card

   Physical Address. . . . . . . . . : C8-60-00-D3-E0-7F

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:8003:2007:3800:58ea:13e2:6603:9436(Preferred) 

   Temporary IPv6 Address. . . . . . : 2001:8003:2007:3800:141c:6941:8a8a:14ae(Preferred) 

   Link-local IPv6 Address . . . . . : fe80::58ea:13e2:6603:9436%2(Preferred) 

   IPv4 Address. . . . . . . . . . . : 10.0.0.6(Preferred) 

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : Sunday, April 17, 2016 9:11:42 AM

   Lease Expires . . . . . . . . . . : Sunday, April 17, 2016 1:00:30 PM

   Default Gateway . . . . . . . . . : fe80::3291:8fff:fe6d:6a6e%2

                                       10.0.0.138

   DHCP Server . . . . . . . . . . . : 10.0.0.138

   DHCPv6 IAID . . . . . . . . . . . : 331898880

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-85-7E-DE-30-85-A9-46-12-4F

   DNS Servers . . . . . . . . . . . : 2001:8003:2007:3800::1

                                       10.0.0.138

   NetBIOS over Tcpip. . . . . . . . : Enabled

   Connection-specific DNS Suffix Search List :

                                       gateway

 

Tunnel adapter isatap.gateway:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : gateway

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:1480:395b:9a4c:31d5(Preferred) 

   Link-local IPv6 Address . . . . . : fe80::1480:395b:9a4c:31d5%5(Preferred) 

   Default Gateway . . . . . . . . . : 

   DHCPv6 IAID . . . . . . . . . . . : 553648128

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-85-7E-DE-30-85-A9-46-12-4F

   NetBIOS over Tcpip. . . . . . . . : Disabled

Server:  UnKnown

Address:  2001:8003:2007:3800::1

 

Name:    google.com

Addresses:  2404:6800:4006:801::200e

 216.58.220.110

 

 

Pinging google.com [2404:6800:4006:801::200e] with 32 bytes of data:

Reply from 2404:6800:4006:801::200e: time=7ms 

Reply from 2404:6800:4006:801::200e: time=4ms 

 

Ping statistics for 2404:6800:4006:801::200e:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 4ms, Maximum = 7ms, Average = 5ms

Server:  UnKnown

Address:  2001:8003:2007:3800::1

 

Name:    yahoo.com

Addresses:  2001:4998:58:c02::a9

 2001:4998:44:204::a7

 2001:4998:c:a06::2:4008

 98.138.253.109

 98.139.183.24

 206.190.36.45

 

 

Pinging yahoo.com [2001:4998:c:a06::2:4008] with 32 bytes of data:

Reply from 2001:4998:c:a06::2:4008: time=302ms 

Reply from 2001:4998:c:a06::2:4008: time=303ms 

 

Ping statistics for 2001:4998:c:a06::2:4008:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 302ms, Maximum = 303ms, Average = 302ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

  8...30 85 a9 46 12 4f ......Realtek PCIe GBE Family Controller

  6...c8 60 00 d3 e0 7f ......Microsoft Wi-Fi Direct Virtual Adapter

  2...c8 60 00 d3 e0 7f ......ASUS PCE-N10 11n Wireless LAN PCI-E Card

  1...........................Software Loopback Interface 1

  9...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

  5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0       10.0.0.138         10.0.0.6     25

         10.0.0.0    255.255.255.0         On-link          10.0.0.6    281

         10.0.0.6  255.255.255.255         On-link          10.0.0.6    281

       10.0.0.255  255.255.255.255         On-link          10.0.0.6    281

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link          10.0.0.6    281

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link          10.0.0.6    281

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

 If Metric Network Destination      Gateway

  2    281 ::/0                     fe80::3291:8fff:fe6d:6a6e

  1    306 ::1/128                  On-link

  5    306 2001::/32                On-link

  5    306 2001:0:9d38:6abd:1480:395b:9a4c:31d5/128

                                    On-link

  2    281 2001:8003:2007:3800::/56 fe80::3291:8fff:fe6d:6a6e

  2    281 2001:8003:2007:3800::/64 On-link

  2    281 2001:8003:2007:3800:141c:6941:8a8a:14ae/128

                                    On-link

  2    281 2001:8003:2007:3800:58ea:13e2:6603:9436/128

                                    On-link

  2    281 fe80::/64                On-link

  5    306 fe80::/64                On-link

  5    306 fe80::1480:395b:9a4c:31d5/128

                                    On-link

  2    281 fe80::58ea:13e2:6603:9436/128

                                    On-link

  1    306 ff00::/8                 On-link

  2    281 ff00::/8                 On-link

  5    306 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)

Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)

Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)

Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)

Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (04/14/2016 09:20:57 AM) (Source: Perflib) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8

 

Error: (04/13/2016 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Access is denied.

.

 

Error: (04/13/2016 08:57:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: P1-PC)

Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

 

Error: (04/11/2016 08:00:57 PM) (Source: Perflib) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8

 

Error: (04/04/2016 03:05:30 PM) (Source: ESENT) (User: )

Description: svchost (1208) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU0092E.log.

 

Error: (04/04/2016 03:53:19 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Access is denied.

.

 

Error: (04/04/2016 03:52:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: P1-PC)

Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

 

Error: (04/04/2016 03:52:23 PM) (Source: Application Error) (User: )

Description: Faulting application name: HxTsr.exe, version: 16.0.6769.4072, time stamp: 0x56fb7f57

Faulting module name: mrmcorer.dll, version: 10.0.10586.0, time stamp: 0x5632d4ba

Exception code: 0xc0000005

Fault offset: 0x000000000002a1e3

Faulting process id: 0x21cc

Faulting application start time: 0xHxTsr.exe0

Faulting application path: HxTsr.exe1

Faulting module path: HxTsr.exe2

Report Id: HxTsr.exe3

Faulting package full name: HxTsr.exe4

Faulting package-relative application ID: HxTsr.exe5

 

Error: (04/04/2016 03:52:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: P1-PC)

Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

 

Error: (04/04/2016 03:52:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: P1-PC)

Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

 

 

System errors:

=============

Error: (04/17/2016 04:04:53 AM) (Source: Service Control Manager) (User: )

Description: The User Data Access_8d0b0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (04/17/2016 04:04:53 AM) (Source: Service Control Manager) (User: )

Description: The User Data Storage_8d0b0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (04/17/2016 04:04:53 AM) (Source: Service Control Manager) (User: )

Description: The Contact Data_8d0b0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (04/17/2016 04:04:53 AM) (Source: Service Control Manager) (User: )

Description: The Sync Host_8d0b0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (04/16/2016 09:54:55 AM) (Source: Service Control Manager) (User: )

Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 

%%1058

 

Error: (04/16/2016 05:47:22 AM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_8de8c98 service to connect.

 

Error: (04/16/2016 05:47:22 AM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_8de8c98 service to connect.

 

Error: (04/16/2016 05:47:22 AM) (Source: Service Control Manager) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_8de8c98 service, but this action failed with the following error: 

%%1056

 

Error: (04/16/2016 05:47:12 AM) (Source: Service Control Manager) (User: )

Description: The User Data Access_8de8c98 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (04/16/2016 05:47:12 AM) (Source: Service Control Manager) (User: )

Description: The User Data Storage_8de8c98 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

 

Microsoft Office Sessions:

=========================

Error: (04/14/2016 09:20:57 AM) (Source: Perflib)(User: )

Description: BITSC:\Windows\System32\bitsperf.dll8

 

Error: (04/13/2016 05:00:22 PM) (Source: Microsoft-Windows-CAPI2)(User: )

Description: 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Access is denied.

 

Error: (04/13/2016 08:57:16 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: P1-PC)

Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147023170

 

Error: (04/11/2016 08:00:57 PM) (Source: Perflib)(User: )

Description: BITSC:\Windows\System32\bitsperf.dll8

 

Error: (04/04/2016 03:05:30 PM) (Source: ESENT)(User: )

Description: svchost1208SRUJet: C:\WINDOWS\system32\SRU\SRU0092E.log-1811 (0xfffff8ed)

 

Error: (04/04/2016 03:53:19 PM) (Source: Microsoft-Windows-CAPI2)(User: )

Description: 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Access is denied.

 

Error: (04/04/2016 03:52:24 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: P1-PC)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023170

 

Error: (04/04/2016 03:52:23 PM) (Source: Application Error)(User: )

Description: HxTsr.exe16.0.6769.407256fb7f57mrmcorer.dll10.0.10586.05632d4bac0000005000000000002a1e321cc01d18e362898cc72C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40721.0_x64__8wekyb3d8bbwe\HxTsr.exeC:\WINDOWS\SYSTEM32\mrmcorer.dll61ac3443-ce98-410c-a0d9-43d84d4afccdmicrosoft.windowscommunicationsapps_17.6769.40721.0_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

 

Error: (04/04/2016 03:52:19 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: P1-PC)

Description: Microsoft.WindowsStore_8wekyb3d8bbwe!App-2147023170

 

Error: (04/04/2016 03:52:19 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: P1-PC)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023170

 

 

CodeIntegrity Errors:

===================================

  Date: 2016-04-17 12:22:59.154

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-04-17 12:22:59.142

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-04-17 12:22:59.102

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-04-17 03:02:22.467

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-04-16 15:58:54.502

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-04-16 15:58:54.418

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-04-16 15:58:54.149

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-04-16 15:58:54.020

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-04-16 09:56:22.454

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-04-16 03:07:18.147

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

 

=========================== Installed Programs ============================

 

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)

Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)

BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.6.42095 - BitTorrent Inc.)

BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 2.0.105 - BitTorrent Inc.)

BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden

C4400 (HKLM-x32\...\{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden

Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)

Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden

Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden

DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden

DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden

GoToMeeting 7.16.0.4800 (HKCU\...\GoToMeeting) (Version: 7.16.0.4800 - CitrixOnline)

GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden

HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)

HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)

HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)

HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)

HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)

HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden

HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden

HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden

HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)

Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)

Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)

OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)

OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)

Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)

Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden

Polaris Office (HKLM-x32\...\{E98E2612-D7E2-4F48-BF45-CE32C40A4695}) (Version: 7.1.190 - POLARIS OFFICE Corp.) Hidden

Polaris Office (HKLM-x32\...\InstallShield_{E98E2612-D7E2-4F48-BF45-CE32C40A4695}) (Version: 7.1.190 - POLARIS OFFICE Corp.)

Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.7 - Portforward, LLC)

PS_AIO_03_C4400_Software_Min (HKLM-x32\...\{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden

Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.0.14 - QUALCOMM Incorporated)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)

Rsupport Player (HKLM-x32\...\{D815791F-7F97-4DD3-987A-4BFF8F3F57C7}) (Version: 5.00.0000 - RSUPPORT)

Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)

SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)

Skype Web Plugin (HKLM-x32\...\{75BBD24C-C19A-4885-B8FD-EB15009277D3}) (Version: 7.5.0.123 - Skype Technologies S.A.)

Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)

SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden

SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden

Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden

Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden

TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden

UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden

VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden

Windows Driver Package - 2Wire (2WIREPCP) Net  (03/22/2007 2.0) (HKLM\...\E2D312050E630E0CB2650D738A53820EE8BB1A95) (Version: 03/22/2007 2.0 - 2Wire)

Windows Driver Package - OnePlus, Inc. (WinUSB) AndroidUsbDeviceClass  (05/24/2012 6.0.0000.00000) (HKLM\...\59AFF6524BE5C0983F2711DEB8D25D511D4F4924) (Version: 05/24/2012 6.0.0000.00000 - OnePlus, Inc.)

WinRAR 5.30 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.6 - win.rar GmbH)

WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )

WPS Office (9.1.0.5200) (HKCU\...\Kingsoft Office) (Version: 9.1.0.5200 - Kingsoft Corp.)

 

========================= Memory info: ===================================

 

Percentage of memory in use: 41%

Total physical RAM: 8143.96 MB

Available physical RAM: 4770.73 MB

Total Virtual: 16335.96 MB

Available Virtual: 12430 MB

 

========================= Partitions: =====================================

 

1 Drive c: () (Fixed) (Total:930.97 GB) (Free:752.08 GB) NTFS

7 Drive i: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\P1-PC

 

Administrator            DefaultAccount           Guest                    

P1                       

 

 

**** End of log ****


:bowdown:  :busy:

Anko


#4 peteranko

peteranko
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:51 PM

Posted 16 April 2016 - 09:36 PM

TDSSKiller report.

 

12:33:31.0806 0x238c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12

12:33:51.0312 0x238c  ============================================================

12:33:51.0312 0x238c  Current date / time: 2016/04/17 12:33:51.0312

12:33:51.0312 0x238c  SystemInfo:

12:33:51.0312 0x238c  

12:33:51.0312 0x238c  OS Version: 10.0.10586 ServicePack: 0.0

12:33:51.0312 0x238c  Product type: Workstation

12:33:51.0312 0x238c  ComputerName: P1-PC

12:33:51.0312 0x238c  UserName: P1

12:33:51.0312 0x238c  Windows directory: C:\WINDOWS

12:33:51.0312 0x238c  System windows directory: C:\WINDOWS

12:33:51.0312 0x238c  Running under WOW64

12:33:51.0312 0x238c  Processor architecture: Intel x64

12:33:51.0312 0x238c  Number of processors: 8

12:33:51.0312 0x238c  Page size: 0x1000

12:33:51.0312 0x238c  Boot type: Normal boot

12:33:51.0312 0x238c  ============================================================

12:33:51.0500 0x238c  KLMD registered as C:\WINDOWS\system32\drivers\37954048.sys

12:33:52.0025 0x238c  System UUID: {854E3D2A-B463-1966-1DDC-4423D57E7DDE}

12:33:52.0378 0x238c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:33:52.0402 0x238c  ============================================================

12:33:52.0402 0x238c  \Device\Harddisk0\DR0:

12:33:52.0403 0x238c  MBR partitions:

12:33:52.0403 0x238c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

12:33:52.0403 0x238c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x745F2800

12:33:52.0403 0x238c  ============================================================

12:33:52.0416 0x238c  C: <-> \Device\Harddisk0\DR0\Partition2

12:33:52.0429 0x238c  I: <-> \Device\Harddisk0\DR0\Partition1

12:33:52.0429 0x238c  ============================================================

12:33:52.0429 0x238c  Initialize success

12:33:52.0429 0x238c  ============================================================

12:33:59.0030 0x2a98  ============================================================

12:33:59.0030 0x2a98  Scan started

12:33:59.0030 0x2a98  Mode: Manual; 

12:33:59.0030 0x2a98  ============================================================

12:33:59.0030 0x2a98  KSN ping started

12:34:01.0522 0x2a98  KSN ping finished: true

12:34:03.0058 0x2a98  ================ Scan system memory ========================

12:34:03.0058 0x2a98  System memory - ok

12:34:03.0059 0x2a98  ================ Scan services =============================

12:34:03.0187 0x2a98  1394ohci - ok

12:34:03.0193 0x2a98  3ware - ok

12:34:03.0208 0x2a98  ACPI - ok

12:34:03.0211 0x2a98  acpiex - ok

12:34:03.0216 0x2a98  acpipagr - ok

12:34:03.0224 0x2a98  AcpiPmi - ok

12:34:03.0227 0x2a98  acpitime - ok

12:34:03.0320 0x2a98  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

12:34:03.0323 0x2a98  AdobeARMservice - ok

12:34:03.0459 0x2a98  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

12:34:03.0466 0x2a98  AdobeFlashPlayerUpdateSvc - ok

12:34:03.0493 0x2a98  ADP80XX - ok

12:34:03.0506 0x2a98  AFD - ok

12:34:03.0507 0x2a98  agp440 - ok

12:34:03.0510 0x2a98  ahcache - ok

12:34:03.0523 0x2a98  AJRouter - ok

12:34:03.0531 0x2a98  ALG - ok

12:34:03.0561 0x2a98  [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe

12:34:03.0570 0x2a98  AMD External Events Utility - ok

12:34:03.0575 0x2a98  AmdK8 - ok

12:34:03.0587 0x2a98  amdkmdag - ok

12:34:03.0616 0x2a98  [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys

12:34:03.0631 0x2a98  amdkmdap - ok

12:34:03.0635 0x2a98  AmdPPM - ok

12:34:03.0636 0x2a98  amdsata - ok

12:34:03.0638 0x2a98  amdsbs - ok

12:34:03.0640 0x2a98  amdxata - ok

12:34:03.0672 0x2a98  AppHostSvc - ok

12:34:03.0674 0x2a98  AppID - ok

12:34:03.0676 0x2a98  AppIDSvc - ok

12:34:03.0677 0x2a98  Appinfo - ok

12:34:03.0679 0x2a98  AppReadiness - ok

12:34:03.0703 0x2a98  AppXSvc - ok

12:34:03.0705 0x2a98  arcsas - ok

12:34:03.0815 0x2a98  aspnet_state - ok

12:34:03.0819 0x2a98  AsyncMac - ok

12:34:03.0824 0x2a98  atapi - ok

12:34:03.0848 0x2a98  [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys

12:34:03.0852 0x2a98  AtiHDAudioService - ok

12:34:03.0871 0x2a98  AudioEndpointBuilder - ok

12:34:03.0874 0x2a98  Audiosrv - ok

12:34:03.0879 0x2a98  AxInstSV - ok

12:34:03.0883 0x2a98  b06bdrv - ok

12:34:03.0888 0x2a98  BasicDisplay - ok

12:34:03.0892 0x2a98  BasicRender - ok

12:34:03.0897 0x2a98  bcmfn - ok

12:34:03.0901 0x2a98  bcmfn2 - ok

12:34:03.0923 0x2a98  BDESVC - ok

12:34:03.0925 0x2a98  Beep - ok

12:34:03.0931 0x2a98  BFE - ok

12:34:03.0943 0x2a98  BITS - ok

12:34:03.0945 0x2a98  bowser - ok

12:34:03.0947 0x2a98  BrokerInfrastructure - ok

12:34:03.0948 0x2a98  Browser - ok

12:34:03.0950 0x2a98  BthAvrcpTg - ok

12:34:03.0952 0x2a98  BthHFEnum - ok

12:34:03.0954 0x2a98  bthhfhid - ok

12:34:03.0956 0x2a98  BthHFSrv - ok

12:34:03.0957 0x2a98  BTHMODEM - ok

12:34:03.0960 0x2a98  bthserv - ok

12:34:03.0962 0x2a98  buttonconverter - ok

12:34:04.0063 0x2a98  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

12:34:04.0084 0x2a98  c2cautoupdatesvc - ok

12:34:04.0122 0x2a98  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

12:34:04.0155 0x2a98  c2cpnrsvc - ok

12:34:04.0174 0x2a98  CapImg - ok

12:34:04.0175 0x2a98  cdfs - ok

12:34:04.0177 0x2a98  CDPSvc - ok

12:34:04.0179 0x2a98  cdrom - ok

12:34:04.0181 0x2a98  CertPropSvc - ok

12:34:04.0183 0x2a98  circlass - ok

12:34:04.0185 0x2a98  CLFS - ok

12:34:04.0192 0x2a98  ClipSVC - ok

12:34:04.0197 0x2a98  CmBatt - ok

12:34:04.0199 0x2a98  CNG - ok

12:34:04.0200 0x2a98  cnghwassist - ok

12:34:04.0243 0x2a98  CompositeBus - ok

12:34:04.0300 0x2a98  COMSysApp - ok

12:34:04.0302 0x2a98  condrv - ok

12:34:04.0304 0x2a98  CoreMessagingRegistrar - ok

12:34:04.0325 0x2a98  CryptSvc - ok

12:34:04.0327 0x2a98  dam - ok

12:34:04.0330 0x2a98  DcomLaunch - ok

12:34:04.0333 0x2a98  DcpSvc - ok

12:34:04.0335 0x2a98  defragsvc - ok

12:34:04.0337 0x2a98  DeviceAssociationService - ok

12:34:04.0340 0x2a98  DeviceInstall - ok

12:34:04.0342 0x2a98  DevQueryBroker - ok

12:34:04.0344 0x2a98  Dfsc - ok

12:34:04.0347 0x2a98  Dhcp - ok

12:34:04.0374 0x2a98  diagnosticshub.standardcollector.service - ok

12:34:04.0393 0x2a98  DiagTrack - ok

12:34:04.0397 0x2a98  disk - ok

12:34:04.0410 0x2a98  DmEnrollmentSvc - ok

12:34:04.0413 0x2a98  dmvsc - ok

12:34:04.0418 0x2a98  dmwappushservice - ok

12:34:04.0422 0x2a98  Dnscache - ok

12:34:04.0428 0x2a98  dot3svc - ok

12:34:04.0446 0x2a98  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys

12:34:04.0450 0x2a98  dot4 - ok

12:34:04.0485 0x2a98  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\WINDOWS\System32\drivers\Dot4Prt.sys

12:34:04.0487 0x2a98  Dot4Print - ok

12:34:04.0494 0x2a98  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys

12:34:04.0496 0x2a98  dot4usb - ok

12:34:04.0498 0x2a98  DPS - ok

12:34:04.0527 0x2a98  drmkaud - ok

12:34:04.0530 0x2a98  DsmSvc - ok

12:34:04.0546 0x2a98  DsSvc - ok

12:34:04.0548 0x2a98  DXGKrnl - ok

12:34:04.0559 0x2a98  Eaphost - ok

12:34:04.0561 0x2a98  ebdrv - ok

12:34:04.0563 0x2a98  EFS - ok

12:34:04.0566 0x2a98  EhStorClass - ok

12:34:04.0569 0x2a98  EhStorTcgDrv - ok

12:34:04.0571 0x2a98  embeddedmode - ok

12:34:04.0574 0x2a98  EntAppSvc - ok

12:34:04.0576 0x2a98  ErrDev - ok

12:34:04.0609 0x2a98  EventSystem - ok

12:34:04.0610 0x2a98  exfat - ok

12:34:04.0612 0x2a98  fastfat - ok

12:34:04.0614 0x2a98  Fax - ok

12:34:04.0616 0x2a98  fdc - ok

12:34:04.0617 0x2a98  fdPHost - ok

12:34:04.0619 0x2a98  FDResPub - ok

12:34:04.0621 0x2a98  fhsvc - ok

12:34:04.0623 0x2a98  FileCrypt - ok

12:34:04.0626 0x2a98  FileInfo - ok

12:34:04.0628 0x2a98  Filetrace - ok

12:34:04.0630 0x2a98  flpydisk - ok

12:34:04.0632 0x2a98  FltMgr - ok

12:34:04.0634 0x2a98  FontCache - ok

12:34:04.0668 0x2a98  FontCache3.0.0.0 - ok

12:34:04.0670 0x2a98  FsDepends - ok

12:34:04.0672 0x2a98  Fs_Rec - ok

12:34:04.0674 0x2a98  fvevol - ok

12:34:04.0676 0x2a98  gagp30kx - ok

12:34:04.0678 0x2a98  gencounter - ok

12:34:04.0680 0x2a98  genericusbfn - ok

12:34:04.0682 0x2a98  GPIOClx0101 - ok

12:34:04.0684 0x2a98  gpsvc - ok

12:34:04.0687 0x2a98  GpuEnergyDrv - ok

12:34:04.0734 0x2a98  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:34:04.0736 0x2a98  gupdate - ok

12:34:04.0740 0x2a98  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:34:04.0741 0x2a98  gupdatem - ok

12:34:04.0743 0x2a98  HDAudBus - ok

12:34:04.0745 0x2a98  HidBatt - ok

12:34:04.0747 0x2a98  HidBth - ok

12:34:04.0749 0x2a98  hidi2c - ok

12:34:04.0751 0x2a98  hidinterrupt - ok

12:34:04.0752 0x2a98  HidIr - ok

12:34:04.0754 0x2a98  hidserv - ok

12:34:04.0756 0x2a98  HidUsb - ok

12:34:04.0758 0x2a98  HomeGroupListener - ok

12:34:04.0761 0x2a98  HomeGroupProvider - ok

12:34:04.0883 0x2a98  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

12:34:04.0891 0x2a98  hpqcxs08 - ok

12:34:04.0928 0x2a98  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

12:34:04.0971 0x2a98  hpqddsvc - ok

12:34:04.0973 0x2a98  HpSAMD - ok

12:34:04.0990 0x2a98  HTTP - ok

12:34:04.0992 0x2a98  hwpolicy - ok

12:34:04.0994 0x2a98  hyperkbd - ok

12:34:04.0996 0x2a98  i8042prt - ok

12:34:04.0997 0x2a98  iai2c - ok

12:34:04.0999 0x2a98  iaLPSS2i_I2C - ok

12:34:05.0001 0x2a98  iaLPSSi_GPIO - ok

12:34:05.0003 0x2a98  iaLPSSi_I2C - ok

12:34:05.0006 0x2a98  iaStorAV - ok

12:34:05.0008 0x2a98  iaStorV - ok

12:34:05.0010 0x2a98  ibbus - ok

12:34:05.0028 0x2a98  icssvc - ok

12:34:05.0031 0x2a98  IEEtwCollectorService - ok

12:34:05.0043 0x2a98  IKEEXT - ok

12:34:05.0099 0x2a98  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

12:34:05.0821 0x2a98  Intel® Capability Licensing Service Interface - ok

12:34:05.0823 0x2a98  intelide - ok

12:34:05.0826 0x2a98  intelpep - ok

12:34:05.0827 0x2a98  intelppm - ok

12:34:05.0829 0x2a98  IoQos - ok

12:34:05.0831 0x2a98  IpFilterDriver - ok

12:34:05.0833 0x2a98  iphlpsvc - ok

12:34:05.0835 0x2a98  IPMIDRV - ok

12:34:05.0837 0x2a98  IPNAT - ok

12:34:05.0839 0x2a98  IRENUM - ok

12:34:05.0841 0x2a98  isapnp - ok

12:34:05.0843 0x2a98  iScsiPrt - ok

12:34:05.0893 0x2a98  [ 16FB3C63287DC1E0061101012844F26F, D469275B6843E09B889912F8CBA41DE7C2F72001C888A990850B592B535E34F1 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

12:34:05.0899 0x2a98  jhi_service - ok

12:34:05.0903 0x2a98  kbdclass - ok

12:34:05.0907 0x2a98  kbdhid - ok

12:34:05.0911 0x2a98  kdnic - ok

12:34:05.0915 0x2a98  KeyIso - ok

12:34:06.0054 0x2a98  [ 70D7E3B8891FA8AF9BB9E259D8AFF49C, 273073EEE2123E45B2FFFEFAA026F5EEECA130A432CCF6CF4A5876810EF72846 ] Kingsoft_WPS_UpdateService C:\Users\P1\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\wtoolex\wpsupdatesvr.exe

12:34:06.0060 0x2a98  Kingsoft_WPS_UpdateService - ok

12:34:06.0064 0x2a98  KSecDD - ok

12:34:06.0085 0x2a98  KSecPkg - ok

12:34:06.0088 0x2a98  ksthunk - ok

12:34:06.0093 0x2a98  KtmRm - ok

12:34:06.0109 0x2a98  LanmanServer - ok

12:34:06.0113 0x2a98  LanmanWorkstation - ok

12:34:06.0118 0x2a98  lfsvc - ok

12:34:06.0122 0x2a98  LicenseManager - ok

12:34:06.0125 0x2a98  lltdio - ok

12:34:06.0128 0x2a98  lltdsvc - ok

12:34:06.0139 0x2a98  lmhosts - ok

12:34:06.0177 0x2a98  [ 8D7E37CDE7393D59C46A3A61D30C6228, 328E374075B73560E9F45B07A3331BC2E032C33309011DC47B0959B8B8D0E937 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

12:34:06.0183 0x2a98  LMS - ok

12:34:06.0186 0x2a98  LSI_SAS - ok

12:34:06.0188 0x2a98  LSI_SAS2i - ok

12:34:06.0190 0x2a98  LSI_SAS3i - ok

12:34:06.0192 0x2a98  LSI_SSS - ok

12:34:06.0194 0x2a98  LSM - ok

12:34:06.0195 0x2a98  luafv - ok

12:34:06.0220 0x2a98  MapsBroker - ok

12:34:06.0240 0x2a98  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

12:34:06.0243 0x2a98  MBAMSwissArmy - ok

12:34:06.0245 0x2a98  megasas - ok

12:34:06.0247 0x2a98  megasr - ok

12:34:06.0276 0x2a98  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys

12:34:06.0277 0x2a98  MEIx64 - ok

12:34:06.0279 0x2a98  MessagingService - ok

12:34:06.0309 0x2a98  mlx4_bus - ok

12:34:06.0310 0x2a98  MMCSS - ok

12:34:06.0312 0x2a98  Modem - ok

12:34:06.0314 0x2a98  monitor - ok

12:34:06.0317 0x2a98  mouclass - ok

12:34:06.0319 0x2a98  mouhid - ok

12:34:06.0321 0x2a98  mountmgr - ok

12:34:06.0323 0x2a98  mpsdrv - ok

12:34:06.0336 0x2a98  MpsSvc - ok

12:34:06.0337 0x2a98  MQAC - ok

12:34:06.0342 0x2a98  MRxDAV - ok

12:34:06.0352 0x2a98  mrxsmb - ok

12:34:06.0363 0x2a98  mrxsmb10 - ok

12:34:06.0364 0x2a98  mrxsmb20 - ok

12:34:06.0366 0x2a98  MsBridge - ok

12:34:06.0370 0x2a98  MSDTC - ok

12:34:06.0373 0x2a98  Msfs - ok

12:34:06.0375 0x2a98  msgpiowin32 - ok

12:34:06.0377 0x2a98  mshidkmdf - ok

12:34:06.0378 0x2a98  mshidumdf - ok

12:34:06.0380 0x2a98  msisadrv - ok

12:34:06.0382 0x2a98  MSiSCSI - ok

12:34:06.0384 0x2a98  msiserver - ok

12:34:06.0386 0x2a98  MSKSSRV - ok

12:34:06.0388 0x2a98  MsLldp - ok

12:34:06.0390 0x2a98  MSMQ - ok

12:34:06.0391 0x2a98  MSPCLOCK - ok

12:34:06.0393 0x2a98  MSPQM - ok

12:34:06.0395 0x2a98  MsRPC - ok

12:34:06.0397 0x2a98  mssmbios - ok

12:34:06.0399 0x2a98  MSTEE - ok

12:34:06.0401 0x2a98  MTConfig - ok

12:34:06.0403 0x2a98  Mup - ok

12:34:06.0405 0x2a98  mvumis - ok

12:34:06.0410 0x2a98  NativeWifiP - ok

12:34:06.0411 0x2a98  NcaSvc - ok

12:34:06.0430 0x2a98  NcbService - ok

12:34:06.0431 0x2a98  NcdAutoSetup - ok

12:34:06.0433 0x2a98  ndfltr - ok

12:34:06.0435 0x2a98  NDIS - ok

12:34:06.0437 0x2a98  NdisCap - ok

12:34:06.0439 0x2a98  NdisImPlatform - ok

12:34:06.0441 0x2a98  NdisTapi - ok

12:34:06.0443 0x2a98  Ndisuio - ok

12:34:06.0444 0x2a98  NdisVirtualBus - ok

12:34:06.0446 0x2a98  NdisWan - ok

12:34:06.0448 0x2a98  ndiswanlegacy - ok

12:34:06.0450 0x2a98  ndproxy - ok

12:34:06.0452 0x2a98  Ndu - ok

12:34:06.0489 0x2a98  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

12:34:06.0498 0x2a98  Net Driver HPZ12 - ok

12:34:06.0501 0x2a98  NetBIOS - ok

12:34:06.0507 0x2a98  NetBT - ok

12:34:06.0512 0x2a98  Netlogon - ok

12:34:06.0521 0x2a98  Netman - ok

12:34:06.0539 0x2a98  NetMsmqActivator - ok

12:34:06.0540 0x2a98  NetPipeActivator - ok

12:34:06.0544 0x2a98  netprofm - ok

12:34:06.0551 0x2a98  NetSetupSvc - ok

12:34:06.0553 0x2a98  NetTcpActivator - ok

12:34:06.0555 0x2a98  NetTcpPortSharing - ok

12:34:06.0560 0x2a98  NgcCtnrSvc - ok

12:34:06.0563 0x2a98  NgcSvc - ok

12:34:06.0565 0x2a98  NlaSvc - ok

12:34:06.0568 0x2a98  Npfs - ok

12:34:06.0570 0x2a98  npsvctrig - ok

12:34:06.0573 0x2a98  nsi - ok

12:34:06.0575 0x2a98  nsiproxy - ok

12:34:06.0593 0x2a98  NTFS - ok

12:34:06.0594 0x2a98  Null - ok

12:34:06.0597 0x2a98  nvraid - ok

12:34:06.0598 0x2a98  nvstor - ok

12:34:06.0600 0x2a98  nv_agp - ok

12:34:06.0612 0x2a98  OneSyncSvc - ok

12:34:06.0643 0x2a98  p2pimsvc - ok

12:34:06.0647 0x2a98  p2psvc - ok

12:34:06.0675 0x2a98  Parport - ok

12:34:06.0678 0x2a98  partmgr - ok

12:34:06.0682 0x2a98  PcaSvc - ok

12:34:06.0686 0x2a98  pci - ok

12:34:06.0690 0x2a98  pciide - ok

12:34:06.0694 0x2a98  pcmcia - ok

12:34:06.0696 0x2a98  pcw - ok

12:34:06.0698 0x2a98  pdc - ok

12:34:06.0701 0x2a98  PEAUTH - ok

12:34:06.0706 0x2a98  percsas2i - ok

12:34:06.0708 0x2a98  percsas3i - ok

12:34:06.0766 0x2a98  PerfHost - ok

12:34:06.0787 0x2a98  PhoneSvc - ok

12:34:06.0803 0x2a98  PimIndexMaintenanceSvc - ok

12:34:06.0824 0x2a98  pla - ok

12:34:06.0833 0x2a98  PlugPlay - ok

12:34:06.0853 0x2a98  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

12:34:06.0856 0x2a98  Pml Driver HPZ12 - ok

12:34:06.0858 0x2a98  PNRPAutoReg - ok

12:34:06.0861 0x2a98  PNRPsvc - ok

12:34:06.0881 0x2a98  PolicyAgent - ok

12:34:06.0884 0x2a98  Power - ok

12:34:06.0887 0x2a98  PptpMiniport - ok

12:34:07.0011 0x2a98  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll

12:34:07.0165 0x2a98  PrintNotify - ok

12:34:07.0169 0x2a98  Processor - ok

12:34:07.0188 0x2a98  ProfSvc - ok

12:34:07.0189 0x2a98  Psched - ok

12:34:07.0214 0x2a98  [ AFDDC1669BDB7E3A617D7E5B86666100, 8638B15D36FBFCB82FB0C8E5E106FB8F99C3F499221238B0299D09E1F7D6B666 ] qcusbser        C:\WINDOWS\system32\DRIVERS\qcusbser.sys

12:34:07.0225 0x2a98  qcusbser - ok

12:34:07.0243 0x2a98  QWAVE - ok

12:34:07.0247 0x2a98  QWAVEdrv - ok

12:34:07.0259 0x2a98  RasAcd - ok

12:34:07.0261 0x2a98  RasAgileVpn - ok

12:34:07.0277 0x2a98  RasAuto - ok

12:34:07.0285 0x2a98  Rasl2tp - ok

12:34:07.0296 0x2a98  RasMan - ok

12:34:07.0297 0x2a98  RasPppoe - ok

12:34:07.0299 0x2a98  RasSstp - ok

12:34:07.0301 0x2a98  rdbss - ok

12:34:07.0304 0x2a98  rdpbus - ok

12:34:07.0306 0x2a98  RDPDR - ok

12:34:07.0311 0x2a98  RdpVideoMiniport - ok

12:34:07.0313 0x2a98  rdyboost - ok

12:34:07.0315 0x2a98  ReFSv1 - ok

12:34:07.0317 0x2a98  RemoteAccess - ok

12:34:07.0319 0x2a98  RemoteRegistry - ok

12:34:07.0340 0x2a98  RetailDemo - ok

12:34:07.0341 0x2a98  RpcEptMapper - ok

12:34:07.0358 0x2a98  RpcLocator - ok

12:34:07.0360 0x2a98  RpcSs - ok

12:34:07.0364 0x2a98  rspndr - ok

12:34:07.0409 0x2a98  rssasnt - ok

12:34:07.0412 0x2a98  rt640x64 - ok

12:34:07.0425 0x2a98  rtwlane_13 - ok

12:34:07.0429 0x2a98  s3cap - ok

12:34:07.0433 0x2a98  SamSs - ok

12:34:07.0437 0x2a98  sbp2port - ok

12:34:07.0446 0x2a98  SCardSvr - ok

12:34:07.0448 0x2a98  ScDeviceEnum - ok

12:34:07.0450 0x2a98  scfilter - ok

12:34:07.0453 0x2a98  Schedule - ok

12:34:07.0458 0x2a98  SCPolicySvc - ok

12:34:07.0465 0x2a98  sdbus - ok

12:34:07.0467 0x2a98  SDRSVC - ok

12:34:07.0475 0x2a98  sdstor - ok

12:34:07.0479 0x2a98  seclogon - ok

12:34:07.0480 0x2a98  SENS - ok

12:34:07.0482 0x2a98  SensorDataService - ok

12:34:07.0513 0x2a98  SensorService - ok

12:34:07.0514 0x2a98  SensrSvc - ok

12:34:07.0516 0x2a98  SerCx - ok

12:34:07.0518 0x2a98  SerCx2 - ok

12:34:07.0542 0x2a98  Serenum - ok

12:34:07.0553 0x2a98  Serial - ok

12:34:07.0555 0x2a98  sermouse - ok

12:34:07.0559 0x2a98  SessionEnv - ok

12:34:07.0562 0x2a98  sfloppy - ok

12:34:07.0564 0x2a98  SharedAccess - ok

12:34:07.0567 0x2a98  ShellHWDetection - ok

12:34:07.0570 0x2a98  SiSRaid2 - ok

12:34:07.0572 0x2a98  SiSRaid4 - ok

12:34:07.0635 0x2a98  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

12:34:07.0646 0x2a98  SkypeUpdate - ok

12:34:07.0650 0x2a98  smphost - ok

12:34:07.0668 0x2a98  SmsRouter - ok

12:34:07.0673 0x2a98  SNMPTRAP - ok

12:34:07.0676 0x2a98  spaceport - ok

12:34:07.0679 0x2a98  SpbCx - ok

12:34:07.0681 0x2a98  Spooler - ok

12:34:07.0684 0x2a98  sppsvc - ok

12:34:07.0686 0x2a98  srv - ok

12:34:07.0689 0x2a98  srv2 - ok

12:34:07.0691 0x2a98  srvnet - ok

12:34:07.0694 0x2a98  SSDPSRV - ok

12:34:07.0697 0x2a98  SstpSvc - ok

12:34:07.0701 0x2a98  StateRepository - ok

12:34:07.0703 0x2a98  stexstor - ok

12:34:07.0706 0x2a98  stisvc - ok

12:34:07.0708 0x2a98  storahci - ok

12:34:07.0711 0x2a98  storflt - ok

12:34:07.0713 0x2a98  stornvme - ok

12:34:07.0715 0x2a98  storqosflt - ok

12:34:07.0717 0x2a98  StorSvc - ok

12:34:07.0719 0x2a98  storufs - ok

12:34:07.0721 0x2a98  storvsc - ok

12:34:07.0723 0x2a98  svsvc - ok

12:34:07.0724 0x2a98  swenum - ok

12:34:07.0726 0x2a98  swprv - ok

12:34:07.0733 0x2a98  Synth3dVsc - ok

12:34:07.0734 0x2a98  SysMain - ok

12:34:07.0741 0x2a98  SystemEventsBroker - ok

12:34:07.0743 0x2a98  TabletInputService - ok

12:34:07.0745 0x2a98  TapiSrv - ok

12:34:07.0747 0x2a98  Tcpip - ok

12:34:07.0748 0x2a98  Tcpip6 - ok

12:34:07.0751 0x2a98  tcpipreg - ok

12:34:07.0754 0x2a98  tdx - ok

12:34:07.0755 0x2a98  terminpt - ok

12:34:07.0757 0x2a98  TermService - ok

12:34:07.0759 0x2a98  Themes - ok

12:34:07.0761 0x2a98  TieringEngineService - ok

12:34:07.0763 0x2a98  tiledatamodelsvc - ok

12:34:07.0778 0x2a98  TimeBroker - ok

12:34:07.0779 0x2a98  TPM - ok

12:34:07.0781 0x2a98  TrkWks - ok

12:34:07.0824 0x2a98  TrustedInstaller - ok

12:34:07.0826 0x2a98  tsusbflt - ok

12:34:07.0828 0x2a98  TsUsbGD - ok

12:34:07.0830 0x2a98  tunnel - ok

12:34:07.0847 0x2a98  tzautoupdate - ok

12:34:07.0848 0x2a98  uagp35 - ok

12:34:07.0850 0x2a98  UASPStor - ok

12:34:07.0852 0x2a98  UcmCx0101 - ok

12:34:07.0854 0x2a98  UcmUcsi - ok

12:34:07.0856 0x2a98  Ucx01000 - ok

12:34:07.0857 0x2a98  UdeCx - ok

12:34:07.0859 0x2a98  udfs - ok

12:34:07.0861 0x2a98  UEFI - ok

12:34:07.0863 0x2a98  Ufx01000 - ok

12:34:07.0865 0x2a98  UfxChipidea - ok

12:34:07.0866 0x2a98  ufxsynopsys - ok

12:34:07.0870 0x2a98  UI0Detect - ok

12:34:07.0872 0x2a98  uliagpkx - ok

12:34:07.0873 0x2a98  umbus - ok

12:34:07.0875 0x2a98  UmPass - ok

12:34:07.0877 0x2a98  UmRdpService - ok

12:34:07.0879 0x2a98  UnistoreSvc - ok

12:34:07.0991 0x2a98  [ F8626F1D56FA417C3B4AB6114D8471D5, C8AC74A6B0395A2C317F4600630B47D433CF483F7E516EF7356084DA1E8C3275 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

12:34:08.0004 0x2a98  UNS - ok

12:34:08.0008 0x2a98  upnphost - ok

12:34:08.0012 0x2a98  UrsChipidea - ok

12:34:08.0015 0x2a98  UrsCx01000 - ok

12:34:08.0017 0x2a98  UrsSynopsys - ok

12:34:08.0019 0x2a98  usbccgp - ok

12:34:08.0021 0x2a98  usbcir - ok

12:34:08.0023 0x2a98  usbehci - ok

12:34:08.0025 0x2a98  usbhub - ok

12:34:08.0027 0x2a98  USBHUB3 - ok

12:34:08.0030 0x2a98  usbohci - ok

12:34:08.0032 0x2a98  usbprint - ok

12:34:08.0057 0x2a98  [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

12:34:08.0059 0x2a98  usbscan - ok

12:34:08.0077 0x2a98  usbser - ok

12:34:08.0078 0x2a98  USBSTOR - ok

12:34:08.0080 0x2a98  usbuhci - ok

12:34:08.0082 0x2a98  USBXHCI - ok

12:34:08.0093 0x2a98  UserDataSvc - ok

12:34:08.0146 0x2a98  UserManager - ok

12:34:08.0147 0x2a98  UsoSvc - ok

12:34:08.0149 0x2a98  VaultSvc - ok

12:34:08.0151 0x2a98  vdrvroot - ok

12:34:08.0153 0x2a98  vds - ok

12:34:08.0155 0x2a98  VerifierExt - ok

12:34:08.0156 0x2a98  vhdmp - ok

12:34:08.0158 0x2a98  vhf - ok

12:34:08.0180 0x2a98  [ EF2270C2DF2B61FF1B8C422DC443CEFE, 30C74108BC0DE5884D64C7611CE8282CE556D9B42D7BE1FE569DE2067FBB4D5A ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys

12:34:08.0202 0x2a98  VIAHdAudAddService - ok

12:34:08.0233 0x2a98  [ 004175DA13E0372DA58F523104921631, 413A4C8169EDFDBAA58DA5FEDCBF1D0525F64A7AD34BAF17E29BCD14C1C189A7 ] VIAKaraokeService C:\WINDOWS\system32\viakaraokesrv.exe

12:34:08.0253 0x2a98  VIAKaraokeService - ok

12:34:08.0255 0x2a98  vmbus - ok

12:34:08.0257 0x2a98  VMBusHID - ok

12:34:08.0278 0x2a98  vmicguestinterface - ok

12:34:08.0279 0x2a98  vmicheartbeat - ok

12:34:08.0281 0x2a98  vmickvpexchange - ok

12:34:08.0283 0x2a98  vmicrdv - ok

12:34:08.0285 0x2a98  vmicshutdown - ok

12:34:08.0287 0x2a98  vmictimesync - ok

12:34:08.0289 0x2a98  vmicvmsession - ok

12:34:08.0290 0x2a98  vmicvss - ok

12:34:08.0292 0x2a98  volmgr - ok

12:34:08.0297 0x2a98  volmgrx - ok

12:34:08.0299 0x2a98  volsnap - ok

12:34:08.0301 0x2a98  vpci - ok

12:34:08.0321 0x2a98  [ DDF7522FBEF8D50E015E743813595801, F4839D7BC540219463A52E85370B6CD77CFDD8E3068869BAF52DB9F7FAC0C2EB ] vrvd5           C:\WINDOWS\system32\DRIVERS\vrvd5.sys

12:34:08.0329 0x2a98  vrvd5 - ok

12:34:08.0331 0x2a98  vsmraid - ok

12:34:08.0333 0x2a98  VSS - ok

12:34:08.0335 0x2a98  VSTXRAID - ok

12:34:08.0337 0x2a98  vwifibus - ok

12:34:08.0339 0x2a98  vwififlt - ok

12:34:08.0341 0x2a98  vwifimp - ok

12:34:08.0355 0x2a98  W32Time - ok

12:34:08.0372 0x2a98  w3logsvc - ok

12:34:08.0386 0x2a98  W3SVC - ok

12:34:08.0387 0x2a98  WacomPen - ok

12:34:08.0389 0x2a98  WalletService - ok

12:34:08.0391 0x2a98  wanarp - ok

12:34:08.0392 0x2a98  wanarpv6 - ok

12:34:08.0394 0x2a98  WAS - ok

12:34:08.0396 0x2a98  wbengine - ok

12:34:08.0398 0x2a98  WbioSrvc - ok

12:34:08.0400 0x2a98  Wcmsvc - ok

12:34:08.0402 0x2a98  wcncsvc - ok

12:34:08.0404 0x2a98  WcsPlugInService - ok

12:34:08.0406 0x2a98  WdBoot - ok

12:34:08.0408 0x2a98  Wdf01000 - ok

12:34:08.0410 0x2a98  WdFilter - ok

12:34:08.0412 0x2a98  WdiServiceHost - ok

12:34:08.0413 0x2a98  WdiSystemHost - ok

12:34:08.0415 0x2a98  wdiwifi - ok

12:34:08.0417 0x2a98  WdNisDrv - ok

12:34:08.0440 0x2a98  WdNisSvc - ok

12:34:08.0442 0x2a98  WebClient - ok

12:34:08.0444 0x2a98  Wecsvc - ok

12:34:08.0446 0x2a98  WEPHOSTSVC - ok

12:34:08.0448 0x2a98  wercplsupport - ok

12:34:08.0450 0x2a98  WerSvc - ok

12:34:08.0452 0x2a98  WFPLWFS - ok

12:34:08.0454 0x2a98  WiaRpc - ok

12:34:08.0472 0x2a98  WIMMount - ok

12:34:08.0473 0x2a98  WinDefend - ok

12:34:08.0485 0x2a98  WindowsTrustedRT - ok

12:34:08.0487 0x2a98  WindowsTrustedRTProxy - ok

12:34:08.0489 0x2a98  WinHttpAutoProxySvc - ok

12:34:08.0491 0x2a98  WinMad - ok

12:34:08.0537 0x2a98  Winmgmt - ok

12:34:08.0561 0x2a98  WinRM - ok

12:34:08.0568 0x2a98  WINUSB - ok

12:34:08.0572 0x2a98  WinVerbs - ok

12:34:08.0577 0x2a98  WlanSvc - ok

12:34:08.0581 0x2a98  wlidsvc - ok

12:34:08.0584 0x2a98  WmiAcpi - ok

12:34:08.0588 0x2a98  wmiApSrv - ok

12:34:08.0589 0x2a98  WMPNetworkSvc - ok

12:34:08.0612 0x2a98  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys

12:34:08.0617 0x2a98  Wof - ok

12:34:08.0638 0x2a98  workfolderssvc - ok

12:34:08.0639 0x2a98  wpcfltr - ok

12:34:08.0641 0x2a98  WPDBusEnum - ok

12:34:08.0643 0x2a98  WpdUpFltr - ok

12:34:08.0645 0x2a98  WpnService - ok

12:34:08.0647 0x2a98  ws2ifsl - ok

12:34:08.0650 0x2a98  wscsvc - ok

12:34:08.0652 0x2a98  WSearch - ok

12:34:08.0671 0x2a98  WSService - ok

12:34:08.0682 0x2a98  wuauserv - ok

12:34:08.0683 0x2a98  WudfPf - ok

12:34:08.0685 0x2a98  WUDFRd - ok

12:34:08.0688 0x2a98  wudfsvc - ok

12:34:08.0689 0x2a98  WUDFWpdFs - ok

12:34:08.0691 0x2a98  WUDFWpdMtp - ok

12:34:08.0693 0x2a98  WwanSvc - ok

12:34:08.0713 0x2a98  XblAuthManager - ok

12:34:08.0719 0x2a98  XblGameSave - ok

12:34:08.0720 0x2a98  xboxgip - ok

12:34:08.0732 0x2a98  XboxNetApiSvc - ok

12:34:08.0744 0x2a98  xinputhid - ok

12:34:08.0745 0x2a98  ================ Scan global ===============================

12:34:08.0777 0x2a98  [ Global ] - ok

12:34:08.0777 0x2a98  ================ Scan MBR ==================================

12:34:08.0789 0x2a98  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

12:34:09.0029 0x2a98  \Device\Harddisk0\DR0 - ok

12:34:09.0030 0x2a98  ================ Scan VBR ==================================

12:34:09.0032 0x2a98  [ D0B8030297329534E68A5FBB63400328 ] \Device\Harddisk0\DR0\Partition1

12:34:09.0125 0x2a98  \Device\Harddisk0\DR0\Partition1 - ok

12:34:09.0128 0x2a98  [ 32895A0C2AEBA8E6DDC176AF7FB660CC ] \Device\Harddisk0\DR0\Partition2

12:34:09.0202 0x2a98  \Device\Harddisk0\DR0\Partition2 - ok

12:34:09.0203 0x2a98  ================ Scan generic autorun ======================

12:34:09.0354 0x2a98  [ 3D6737ADDB9B1DF81605C442ED6D2D90, 5B8D68945E1A97FD1AF40333448FE335743F48F46A70E303ADF406CC0CC253FB ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

12:34:09.0404 0x2a98  HDAudDeck - ok

12:34:09.0526 0x2a98  [ 72860972F8196EBB3C896F53D2B95470, 95C046A66DD0089377867F073CADCE585B7C69CA23E724DCAD9D896BF01E023D ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

12:34:09.0581 0x2a98  hpqSRMon - ok

12:34:09.0615 0x2a98  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

12:34:09.0616 0x2a98  HP Software Update - ok

12:34:09.0676 0x2a98  OneDriveSetup - ok

12:34:09.0678 0x2a98  OneDriveSetup - ok

12:34:09.0748 0x2a98  [ 06FAA58219BF8B6D1BC25C2783763E11, 1BC470250A55A9AACF02EA7B024C65DCEA4B167DA2E0C37376C2D989820FE4BC ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

12:34:09.0760 0x2a98  GoogleChromeAutoLaunch_C18D0731EB9582FDECD6DEE9B7D30E74 - ok

12:34:09.0942 0x2a98  [ 036784100DC051B2E63AC8A886E52BAA, 6DB04E57F049A88D924231570D994D9A17ED5378665B37508F670B01B6DC0624 ] C:\Users\P1\AppData\Roaming\BitTorrent\BitTorrent.exe

12:34:09.0962 0x2a98  BitTorrent - ok

12:34:09.0964 0x2a98  OneDriveSetup - ok

12:34:10.0007 0x2a98  WAB Migrate - ok

12:34:10.0007 0x2a98  Waiting for KSN requests completion. In queue: 36

12:34:11.0008 0x2a98  Waiting for KSN requests completion. In queue: 36

12:34:11.0360 0x0f18  Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc

12:34:12.0009 0x2a98  Waiting for KSN requests completion. In queue: 30

12:34:13.0009 0x2a98  Waiting for KSN requests completion. In queue: 22

12:34:14.0009 0x2a98  Waiting for KSN requests completion. In queue: 22

12:34:14.0441 0x0f18  Object send P2P result: true

12:34:15.0024 0x2a98  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated )

12:34:15.0029 0x2a98  Win FW state via NFP2: enabled ( trusted )

12:34:17.0682 0x2a98  ============================================================

12:34:17.0682 0x2a98  Scan finished

12:34:17.0682 0x2a98  ============================================================

12:34:17.0693 0x1e30  Detected object count: 0

12:34:17.0694 0x1e30  Actual detected object count: 0


:bowdown:  :busy:

Anko


#5 peteranko

peteranko
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:51 PM

Posted 16 April 2016 - 09:43 PM

AdwareCleaner report.

 

# AdwCleaner v3.305 - Report created 15/08/2014 at 23:40:02

# Updated 14/08/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : P1 - P1-PC

# Running from : C:\Users\P1\Downloads\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17239

 

 

-\\ Google Chrome v36.0.1985.125

 

[ File : C:\Users\P1\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted [Startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=M2E6D389C-35DC-4806-8E38-8C658D702ECB&SearchSource=55&CUI=&UM=6&UP=SP018660F4-5F05-4F31-B508-B59966F1BD7D&SSPV=

Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl

Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb

 

*************************

 

AdwCleaner[R0].txt - [1500 octets] - [04/04/2014 17:06:39]

AdwCleaner[R1].txt - [1497 octets] - [15/08/2014 23:25:39]

AdwCleaner[S0].txt - [1402 octets] - [04/04/2014 17:43:49]

AdwCleaner[S1].txt - [1424 octets] - [15/08/2014 23:40:02]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1484 octets] ##########

# AdwCleaner v5.111 - Logfile created 17/04/2016 at 12:38:20

# Updated 14/04/2016 by Xplode

# Database : 2016-04-15.1 [Server]

# Operating system : Windows 10 Home  (X64)

# Username : P1 - P1-PC

# Running from : C:\Users\P1\Downloads\AdwCleaner.exe

# Option : Scan

# Support : http://toolslib.net/forum

 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

Folder Found : C:\Program Files (x86)\Super Optimizer

Folder Found : C:\ProgramData\apn

Folder Found : C:\ProgramData\Application Data\apn

Folder Found : C:\Users\P1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi

 

***** [ Files ] *****

 

File Found : C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb

 

***** [ DLL ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKLM\SOFTWARE\Classes\s

Key Found : HKCU\Software\EpicScale

Key Found : HKU\.DEFAULT\Software\AskPartnerNetwork

Key Found : HKU\S-1-5-21-812273118-480833136-1416732224-1000\Software\EpicScale

Key Found : HKU\S-1-5-18\Software\AskPartnerNetwork

 

***** [ Web browsers ] *****

 

 

*************************

 

C:\AdwCleaner\AdwCleaner[R0].txt - [1500 bytes] - [04/04/2014 17:06:39]

C:\AdwCleaner\AdwCleaner[R1].txt - [1497 bytes] - [15/08/2014 23:25:39]

C:\AdwCleaner\AdwCleaner[R2].txt - [1238 bytes] - [20/08/2014 14:59:40]

C:\AdwCleaner\AdwCleaner[R3].txt - [1497 bytes] - [13/09/2014 11:04:13]

C:\AdwCleaner\AdwCleaner[R4].txt - [1557 bytes] - [13/09/2014 11:17:44]

C:\AdwCleaner\AdwCleaner[S0].txt - [1402 bytes] - [04/04/2014 17:43:49]

C:\AdwCleaner\AdwCleaner[S1].txt - [3196 bytes] - [15/08/2014 23:40:02]

C:\AdwCleaner\AdwCleaner[S2].txt - [1302 bytes] - [20/08/2014 15:08:35]

C:\AdwCleaner\AdwCleaner[S3].txt - [1622 bytes] - [13/09/2014 11:29:08]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3415 bytes] ##########


:bowdown:  :busy:

Anko


#6 peteranko

peteranko
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:51 PM

Posted 16 April 2016 - 09:58 PM

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.4 (03.14.2016)

Operating System: Windows 10 Home x64 

Ran by P1 (Administrator) on 17-Apr-16 at 12:46:47.82

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

File System: 11 

 

Successfully deleted: C:\ProgramData\1454110933.bdinstall.bin (File) 

Successfully deleted: C:\ProgramData\1454111845.bdinstall.bin (File) 

Successfully deleted: C:\ProgramData\apn (Folder) 

Successfully deleted: C:\Users\P1\AppData\Local\cre (Folder) 

Successfully deleted: C:\WINDOWS\apppatch\custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb (File) 

Successfully deleted: C:\WINDOWS\system32\Tasks\update-S-1-5-21-812273118-480833136-1416732224-1000 (Task)

Successfully deleted: C:\WINDOWS\system32\Tasks\update-sys (Task)

Successfully deleted: C:\WINDOWS\Tasks\update-S-1-5-21-812273118-480833136-1416732224-1000.job (Task) 

Successfully deleted: C:\WINDOWS\Tasks\update-sys.job (Task) 

Successfully deleted: C:\Program Files (x86)\super optimizer (Folder) 

Successfully deleted: C:\WINDOWS\prefetch\DRIVERINSTALLER64.EXE-4683DA1C.pf (File) 

 

 

 

Registry: 2 

 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\EpicScale (Registry Value) 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_C18D0731EB9582FDECD6DEE9B7D30E74 (Registry Value) 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 17-Apr-16 at 12:48:08.75

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


:bowdown:  :busy:

Anko





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users