Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible infection - general performance issues, very slow laptop


  • Please log in to reply

#1
valleyboy

valleyboy

    Member

  • Member
  • PipPipPip
  • 217 posts

Hi

 

Thanks very much in advance for any assistance offered.

 

Per title, can't put my finger on exactly what happened but the laptop id virtually non-functioning. I am currently running in safe mode with networking.

 

Kind regards

 

Logs below:.......................................

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.05.2018
Ran by user1 (administrator) on GARDNERHOME (13-05-2018 20:47:53)
Running from C:\Users\user1\Desktop
Loaded Profiles: user1 (Available Profiles: user1 & user2 & user3 & Test123)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera_crashreporter.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Opera Software) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-05] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2017-03-28] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\...\Run: [Dropbox Update] => C:\Users\user1\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-20] (Dropbox, Inc.)
HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\...\MountPoints2: {7a872a7d-9e8d-11e2-9cae-005056c00008} - G:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\...\MountPoints2: {b082d905-54e5-11e3-a3c3-005056c00008} - I:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog9 12 C:\Windows\SysWOW64\nutafun4.dll [164232 2012-10-12] (MKS Software Inc.)
Winsock: Catalog9 13 C:\Windows\SysWOW64\nutafun4.dll [164232 2012-10-12] (MKS Software Inc.)
Winsock: Catalog9-x64 12 C:\Windows\system32\nutafun4.dll [205624 2012-10-12] (MKS Software Inc.)
Winsock: Catalog9-x64 13 C:\Windows\system32\nutafun4.dll [205624 2012-10-12] (MKS Software Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8068DE56-8C54-4C5F-A2B5-D6728C8A214F}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKLM -> {1E2C55FE-11F9-463A-8907-E79231CC1A12} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {3E1AED7B-B105-4FEA-A6C4-693DEE62926F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {9395328B-9A9D-44F0-8AEE-BBA7EA4B9B80} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {1E2C55FE-11F9-463A-8907-E79231CC1A12} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {3E1AED7B-B105-4FEA-A6C4-693DEE62926F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9395328B-9A9D-44F0-8AEE-BBA7EA4B9B80} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001 -> {1E2C55FE-11F9-463A-8907-E79231CC1A12} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001 -> {3E1AED7B-B105-4FEA-A6C4-693DEE62926F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001 -> {9395328B-9A9D-44F0-8AEE-BBA7EA4B9B80} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-05] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-05] (AVAST Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
 
FireFox:
========
FF ProfilePath: C:\Users\user1\AppData\Roaming\Mozilla\Firefox\Profiles\v3m3uj4v.default [2017-07-09]
FF NetworkProxy: Mozilla\Firefox\Profiles\v3m3uj4v.default -> type", 0
FF Extension: (Translate This!) - C:\Users\user1\AppData\Roaming\Mozilla\Firefox\Profiles\v3m3uj4v.default\Extensions\[email protected] [2015-11-15] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\user1\AppData\Roaming\Mozilla\Firefox\Profiles\v3m3uj4v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-19] [Legacy]
FF Extension: (Block site) - C:\Users\user1\AppData\Roaming\Mozilla\Firefox\Profiles\v3m3uj4v.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-05-30] [Legacy]
FF SearchPlugin: C:\Users\user1\AppData\Roaming\Mozilla\Firefox\Profiles\v3m3uj4v.default\searchplugins\google-avast.xml [2015-01-30]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-06-28] [Legacy]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2013-04-04] (PTC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://mail.ru/cnt/10445?gp=811040
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=811040"
CHR Profile: C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default [2017-11-05]
CHR Extension: (Tampermonkey) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-11-05]
CHR Extension: (Adobe Acrobat) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-09]
CHR Extension: (Avast Online Security) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-05]
CHR Extension: (Chrome Media Router) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR Extension: (Magic Actions for YouTube™) - C:\Users\user1\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlffnljnicbkfhnlomjhjlebndachaka [2016-12-28]
OPR Extension: (Google™ Keep) - C:\Users\user1\AppData\Roaming\Opera Software\Opera Stable\Extensions\pfdafkloejmpdifkkmfimkpbpggfihce [2016-12-25]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2012-12-12] (Adobe Systems) [File not signed]
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-11-05] (AVAST Software s.r.o.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-05] (AVAST Software)
S2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-02-02] (Macrovision Europe Ltd.) [File not signed]
S4 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]
S2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
S2 PortmapperService; C:\Program Files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe [510976 2017-06-23] (PTC Inc.) [File not signed]
S4 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [254904 2016-03-25] (RaMMicHaeL)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138872 2011-08-19] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138872 2011-08-19] (SlySoft, Inc.)
S1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [321032 2017-11-05] (AVAST Software s.r.o.)
S0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-11-05] (AVAST Software s.r.o.)
S0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-11-05] (AVAST Software s.r.o.)
S0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-11-05] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47008 2017-11-05] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41800 2017-07-10] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147776 2017-11-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-11-05] (AVAST Software)
S0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-11-05] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1029872 2017-11-05] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [587168 2017-11-05] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [201352 2017-11-05] (AVAST Software)
S0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [363440 2017-11-05] (AVAST Software)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [43008 2010-10-14] (Motorola, Inc.)
S4 LMIRfsClientNP; no ImagePath
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2014-01-09] (MotioninJoy) [File not signed]
S2 Sentinel; C:\Windows\SysWOW64\Drivers\SENTINEL.SYS [76288 2003-06-03] (Rainbow Technologies, Inc.) [File not signed]
S3 Sntnlusb; C:\Windows\SysWOW64\DRIVERS\SNTNLUSB.SYS [26120 2003-06-03] (Rainbow Technologies Inc.)
S4 SOFTLOK; no ImagePath
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [198400 2009-03-11] (Vimicro Corporation) [File not signed]
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation) [File not signed]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S4 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S4 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S4 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S4 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S4 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S4 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S4 Ndisrd; system32\DRIVERS\ndisrd.sys [X]
S4 nmwcdnsucx64; system32\drivers\nmwcdnsucx64.sys [X]
S4 nmwcdnsux64; system32\drivers\nmwcdnsux64.sys [X]
S0 vmci; system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-13 20:47 - 2018-05-13 20:49 - 000021007 _____ C:\Users\user1\Desktop\FRST.txt
2018-05-13 20:46 - 2018-05-13 20:47 - 000000000 ____D C:\FRST
2018-05-13 20:44 - 2018-05-13 20:44 - 002404864 _____ (Farbar) C:\Users\user1\Desktop\FRST64.exe
2018-05-13 20:32 - 2018-05-13 20:45 - 000000000 ____D C:\Users\user1\Desktop\2018 PC Revival
2018-05-13 20:20 - 2018-05-13 20:20 - 000000000 ____D C:\Windows\SysWOW64\gf2engine
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-13 20:25 - 2009-07-14 06:13 - 000006736 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-13 20:15 - 2009-07-14 05:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-05-13 20:15 - 2009-07-14 05:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-05-13 20:04 - 2017-03-23 21:25 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-05-13 20:04 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
 
==================== Files in the root of some directories =======
 
2013-10-04 21:44 - 2004-03-19 21:29 - 000159232 _____ () C:\Users\user1\astlibrary.dll
2012-03-18 15:53 - 2014-10-06 23:16 - 000000132 _____ () C:\Users\user1\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2013-06-14 21:34 - 2013-06-14 21:34 - 000000062 _____ () C:\Users\user1\AppData\Roaming\Camdata.ini
2013-06-14 21:34 - 2013-06-14 21:34 - 000000408 _____ () C:\Users\user1\AppData\Roaming\CamLayout.ini
2013-06-14 21:34 - 2013-06-14 21:34 - 000000408 _____ () C:\Users\user1\AppData\Roaming\CamShapes.ini
2013-06-14 21:34 - 2013-06-14 21:34 - 000004510 _____ () C:\Users\user1\AppData\Roaming\CamStudio.cfg
2015-11-21 17:33 - 2015-11-21 17:33 - 000099384 _____ () C:\Users\user1\AppData\Roaming\inst.exe
2012-01-30 22:13 - 2015-11-21 17:33 - 000007859 _____ () C:\Users\user1\AppData\Roaming\pcouffin.cat
2012-01-30 22:13 - 2015-11-21 17:33 - 000001167 _____ () C:\Users\user1\AppData\Roaming\pcouffin.inf
2012-01-30 22:13 - 2015-11-21 17:33 - 000000055 _____ () C:\Users\user1\AppData\Roaming\pcouffin.log
2012-01-30 22:13 - 2015-11-21 17:33 - 000082816 _____ (VSO Software) C:\Users\user1\AppData\Roaming\pcouffin.sys
2012-12-08 23:29 - 2012-12-08 23:29 - 000024390 _____ () C:\Users\user1\AppData\Roaming\UserTile.png
2012-01-14 14:13 - 2014-09-21 20:43 - 000001057 _____ () C:\Users\user1\AppData\Roaming\vso_ts_preview.xml
2013-01-15 22:21 - 2013-01-15 22:21 - 000000102 _____ () C:\Users\user1\AppData\Local\fusioncache.dat
2011-10-09 21:41 - 2011-10-10 04:45 - 000001576 _____ () C:\Users\user1\AppData\Local\mbt-actwiz.log
2013-10-22 22:00 - 2014-07-07 21:20 - 000000600 _____ () C:\Users\user1\AppData\Local\PUTTY.RND
2013-10-21 19:38 - 2013-10-21 19:38 - 000007601 _____ () C:\Users\user1\AppData\Local\Resmon.ResmonCfg
2014-05-08 18:31 - 2014-05-08 18:38 - 000000028 _____ () C:\Users\user1\AppData\Local\settings.ini
 
Some files in TEMP:
====================
2015-11-22 10:12 - 2015-01-26 15:59 - 000060296 _____ (Autodesk, Inc.) C:\Users\user1\AppData\Local\Temp\AcDeltree.exe
2016-12-28 15:12 - 2017-04-20 09:17 - 000050720 _____ (HP Inc.) C:\Users\user1\AppData\Local\Temp\ACLMInstaller.exe
2015-11-22 11:21 - 2015-11-23 14:00 - 000335872 _____ () C:\Users\user1\AppData\Local\Temp\DLMGuardian.exe
2015-11-23 14:47 - 2015-11-23 14:47 - 000071168 _____ () C:\Users\user1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgz5qgd.dll
2016-03-26 17:31 - 2016-03-26 17:31 - 001962752 _____ (Flexera Software LLC) C:\Users\user1\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
2017-07-09 10:44 - 2017-07-09 10:44 - 002584280 _____ () C:\Users\user1\AppData\Local\Temp\KB6E4F373881CD781D.exe
2017-07-09 10:44 - 2017-07-09 10:44 - 000399336 _____ (Mail.Ru) C:\Users\user1\AppData\Local\Temp\KB8F5B8F2AD3F3F7D7.exe
2017-06-23 10:34 - 2017-04-17 06:01 - 000535008 _____ (Microsoft Corporation) C:\Users\user1\AppData\Local\Temp\msvcp110.dll
2017-06-23 10:34 - 2017-04-17 06:01 - 000875472 _____ (Microsoft Corporation) C:\Users\user1\AppData\Local\Temp\msvcr110.dll
2017-03-03 21:52 - 2017-03-03 21:52 - 001562624 _____ (Opera Software) C:\Users\user1\AppData\Local\Temp\Opera_installer_2017335231720.dll
2017-06-23 10:34 - 2017-04-19 06:57 - 000310536 _____ (PTC) C:\Users\user1\AppData\Local\Temp\pimuninstall.exe
2017-03-03 20:37 - 2017-03-03 20:38 - 090906712 _____ () C:\Users\user1\AppData\Local\Temp\playstv_patch.exe
2017-03-03 20:36 - 2017-03-03 20:36 - 059432328 _____ () C:\Users\user1\AppData\Local\Temp\raptrpatch.exe
2017-03-03 20:36 - 2017-03-03 20:36 - 000221632 _____ () C:\Users\user1\AppData\Local\Temp\raptr_stub.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
safeboot: Network => The system is configured to boot to Safe Mode <==== ATTENTION
 
LastRegBack: 2016-04-30 09:12
 
==================== End of FRST.txt ============================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.05.2018
Ran by user1 (13-05-2018 20:50:09)
Running from C:\Users\user1\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-14 19:40:20)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2630062223-3020690476-3795785273-500 - Administrator - Disabled)
user1 (S-1-5-21-2630062223-3020690476-3795785273-1001 - Administrator - Enabled) => C:\Users\user1
ASPNET (S-1-5-21-2630062223-3020690476-3795785273-1008 - Limited - Enabled)
Guest (S-1-5-21-2630062223-3020690476-3795785273-501 - Limited - Disabled)
user2 (S-1-5-21-2630062223-3020690476-3795785273-1003 - Limited - Enabled) => C:\Users\user2
HomeGroupUser$ (S-1-5-21-2630062223-3020690476-3795785273-1005 - Limited - Enabled)
user3 (S-1-5-21-2630062223-3020690476-3795785273-1004 - Limited - Enabled) => C:\Users\user3
Test123 (S-1-5-21-2630062223-3020690476-3795785273-1350 - Limited - Enabled) => C:\Users\Test123
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ACADE Private (HKLM\...\{5783F2D7-F007-0000-3102-0060B0CE6BBA}) (Version: 13.0.50.0 - Autodesk) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.20 - Adobe Systems)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (HKLM-x32\...\WT087420) (Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.8.5.8 - SlySoft)
AutoCAD Electrical 2016 (HKLM\...\{5783F2D7-F007-0000-0102-0060B0CE6BBA}) (Version: 13.0.50.0 - Autodesk) Hidden
AutoCAD Electrical 2016 Content Language Pack - English (HKLM\...\{5783F2D7-F007-0409-6102-0060B0CE6BBA}) (Version: 13.0.50.0 - Autodesk) Hidden
AutoCAD Electrical 2016 Content Pack (HKLM\...\{5783F2D7-F007-0000-5102-0060B0CE6BBA}) (Version: 13.0.50.0 - Autodesk) Hidden
AutoCAD Electrical 2016 Language Pack - English (HKLM\...\{5783F2D7-F007-0409-1102-0060B0CE6BBA}) (Version: 13.0.50.0 - Autodesk) Hidden
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Bejeweled 2 Deluxe (HKLM-x32\...\WT087428) (Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (HKLM-x32\...\WT087453) (Version: 2.2.0.95 - WildTangent) Hidden
Combined Community Codec Pack 2013-08-01 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.08.01.0 - CCCP Project)
Creo Direct Version 2.0 Datecode [M240] (HKLM-x32\...\Creo Direct Version 2.0 Datecode [M240]) (Version: 2.0 - PTC)
Creo Distributed Services Manager Version 2.0 Datecode [M240] (HKLM-x32\...\Creo Distributed Services Manager Version 2.0 Datecode [M240]) (Version: 2.0 - PTC)
Creo Layout Version 2.0 Datecode [M240] (HKLM-x32\...\Creo Layout Version 2.0 Datecode [M240]) (Version: 2.0 - PTC)
Creo Parametric Version 2.0 Datecode [M240] (HKLM-x32\...\Creo Parametric Version 2.0 Datecode [M240]) (Version: 2.0 - PTC)
Creo Simulate Version 2.0 Datecode [M240] (HKLM-x32\...\Creo Simulate Version 2.0 Datecode [M240]) (Version: 2.0 - PTC)
Creo Thumbnail Viewer 2.0 (HKLM\...\{4D85F56E-B7C6-4635-ADAD-E35FD9906BA1}) (Version: 30.16.360 - PTC)
Creo View Express 2.0 (HKLM\...\{03F6002E-A32B-4C68-818F-DEE386463FBC}) (Version: 10.1.40.15 - PTC)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
Dora's Carnival Adventure (HKLM-x32\...\WT087342) (Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\...\Dropbox) (Version: 38.4.27 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4121 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4121 - Hewlett-Packard)
DWG TrueView 2016 - English (HKLM\...\{5783F2D7-F028-0409-0100-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (HKLM-x32\...\WT087360) (Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FARO LS 1.1.503.3 (64bit) (HKLM-x32\...\{1C05E654-FB81-4274-BF32-292E3707701D}) (Version: 5.3.3.38662 - FARO Scanner Production)
FATE (HKLM-x32\...\WT087361) (Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (HKLM-x32\...\WT087362) (Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Documentation (HKLM-x32\...\{132234A4-9362-4829-957F-FF11715F7815}) (Version: 1.1.1.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4215 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.1.1208 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{BB1C717E-376C-4AA1-8940-81BFC38D9778}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{6C302296-6129-4125-9FD6-2188ECD8814E}) (Version: 4.1.6.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.7.27.15 - HP)
HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
Intel WiDi Media Share (HKLM-x32\...\{275CD120-A23B-47C7-944A-9B6D9CDA583F}) (Version: 1.2.1.20 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel® WiDi Media Share (HKLM-x32\...\{7b96006a-fc9b-44b3-a79b-afe98678bc56}) (Version: 1.2.1.20 - Intel Corporation)
Jewel Quest - Heritage (HKLM-x32\...\WT087374) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Licensing Service Install (HKLM-x32\...\{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}) (Version: 2.0.1.181 - Protexis Inc.)
LightScribe System Software (HKLM-x32\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
Media Player Utilities 4.33 (HKLM-x32\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.33 -  )
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MKS Platform Components 9.x (HKLM\...\{30276636-0000-0905-9ABB-000BDB5CF35D}) (Version: 9.5.0000 - Mortice Kern Systems)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.1.5990 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 en-GB)) (Version: 45.1.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Opera Stable 48.0.2685.52 (HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\...\Opera 48.0.2685.52) (Version: 48.0.2685.52 - Opera Software)
Pdf995 (HKLM-x32\...\Pdf995) (Version:  - )
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Plants vs. Zombies (HKLM-x32\...\WT087501) (Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PTC Creo Platform Agent 2.49 (HKLM-x32\...\{79BCA967-0760-4B6A-88FA-1D785EAE052D}) (Version: 2.49.0 - PTC)
PTC Portmapper Version 2.0 Datecode [M240] (HKLM-x32\...\PTC Portmapper Version 2.0 Datecode [M240]) (Version: 2.0 - PTC)
PX Profile Update (HKLM-x32\...\{12A98725-C278-32D9-11CA-ADCFF8D58FEB}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{F90DE865-1A3D-D6D6-0638-F1D2EFCB5C29}) (Version: 1.00.1. - AMD) Hidden
Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.10.4 - Intuit)
Ralink Motorola BC4 Bluetooth 3.0+HS Adapter (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.42.298 - Motorola Solutions, Inc.)
Ralink RT3090 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.01.18.0 - Ralink)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3023 - CyberLink Corp.) Hidden
Saab WIS (HKLM-x32\...\{69D79D53-5D42-4D85-9BEC-43287F50CEF7}) (Version: 1.0.3 - cactuz)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Sentinel System Driver (HKLM-x32\...\Rainbow Sentinel Driver) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
UE4 Prerequisites (x64) (HKLM\...\{457BE011-43FF-44A7-9FA7-B3BE181E2076}) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
Unchecky v0.4.3 (HKLM-x32\...\Unchecky) (Version: 0.4.3 - RaMMicHaeL)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Virtual Villagers - The Secret City (HKLM-x32\...\WT087513) (Version: 2.2.0.95 - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wondershare Video Converter Platinum(Build 5.1.2.0) (HKLM-x32\...\Wondershare Video Converter Platinum_is1) (Version:  - Wondershare Software)
Zuma Deluxe (HKLM-x32\...\WT087533) (Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\iDrop.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxTest.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtCp.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppCtrl.Ocx => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\UCxTextBtn.Ocx => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\SolidObject.Dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\Inventor.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxApprenticeServer.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ColorButton.Ocx => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxInventorUtilities.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\InvResc.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\InvTXTStack.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2630062223-3020690476-3795785273-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-05] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-05] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1-x32: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk)
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-05] (AVAST Software)
ContextMenuHandlers1-x32: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files\Motorola\Bluetooth\btmshell.dll [2011-02-15] (Motorola Solutions, Inc.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-05] (AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-07-28] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-05] (AVAST Software)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2630062223-3020690476-3795785273-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2630062223-3020690476-3795785273-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2630062223-3020690476-3795785273-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\user1\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers6_S-1-5-21-2630062223-3020690476-3795785273-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll -> No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {019F9004-29B1-4433-AB13-971FD78E559C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-11] (Adobe Systems Incorporated)
Task: {0B0E0DB3-5A3E-48E1-97E6-A7F62675AA14} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2630062223-3020690476-3795785273-1001Core => C:\Users\user1\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-12-20] (Dropbox, Inc.)
Task: {16319453-4BE7-4914-84DC-271A67A5FE40} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
Task: {207F9420-8DF9-4F7C-AA62-1DD1CFA18DFD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {31CCB084-0CC0-42A3-992F-07A7069BB1D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {466FAF79-D456-4237-B4DC-8492C75D8512} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-27] (Google Inc.)
Task: {53C4C2A1-7E43-4358-83A6-B32142E16B05} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-05] (AVAST Software)
Task: {60BB2724-59FA-485B-A030-15DA0A423CE1} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {62798B71-0BD6-43A1-A8A2-FA3E01794841} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {6A345AD3-D1B4-4611-9654-0E34FC03C5B5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {6A345AD3-D1B4-4611-9654-0E34FC03C5B5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {75646CCF-92C0-41D1-908C-DB66ADBD8853} - System32\Tasks\avastBCLRestartS-1-5-21-2630062223-3020690476-3795785273-1001 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {865BD967-EA56-482E-B524-70C8E8B7C345} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {8DFABA32-0BA6-4955-8A1A-6AC7F2101DE3} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
Task: {900FAD72-55E3-4A9B-AEF4-2B67EA8BE1BD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {900FAD72-55E3-4A9B-AEF4-2B67EA8BE1BD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {900FAD72-55E3-4A9B-AEF4-2B67EA8BE1BD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {966AEC24-8DE3-4EB5-A547-FB02F519F8B3} - System32\Tasks\SafeZone scheduled Autoupdate 1470058203 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {A16FD220-D873-4A28-8A2F-0E1EDBAF684E} - System32\Tasks\ShutDown => C:\Windows\System32\shutdown.exe [2009-07-14] (Microsoft Corporation)
Task: {B0ABA3D9-BD23-4915-BB02-7B35444E1416} - System32\Tasks\{309B5227-0DBF-4E41-8D6A-B36553A6CA66} => C:\Windows\system32\pcalua.exe -a "C:\Users\user1\Downloads\Magic Desktop\Magic Desktop\MDSetupPremium.exe" -d "C:\Users\user1\Downloads\Magic Desktop\Magic Desktop"
Task: {B1CEC56B-3861-4BAF-8188-419ACFDD22FF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-13] (AVAST Software)
Task: {BCAAB673-5724-4A4C-8C80-4F978B7E245F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {BCAAB673-5724-4A4C-8C80-4F978B7E245F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {C3BA8562-436F-4348-ACD1-E5EAC20E61A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2014-08-21] (Hewlett-Packard Company)
Task: {C7529A92-4270-4542-ACD7-98BF6E48C0BE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {C7529A92-4270-4542-ACD7-98BF6E48C0BE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {D7211FA4-74DA-438F-9E5D-C430A200071C} - System32\Tasks\Opera scheduled Autoupdate 1448042914 => C:\Users\user1\AppData\Local\Programs\Opera\launcher.exe [2017-10-24] (Opera Software)
Task: {D87731BD-D271-4533-901A-4E4664A4E059} - System32\Tasks\{01313230-CADA-4CE8-BE44-70C61AF82F82} => C:\Windows\system32\pcalua.exe -a "C:\Users\user1\Downloads\NOKIA Files_BB5_6280 RM-78_RM-78_dp_v_167.0_mcusw03.70.exe" -d "C:\Users\user1\Downloads"
Task: {E5292E02-F595-47AA-8D7F-E031F4F4CBB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-27] (Google Inc.)
Task: {E944CB43-F566-4630-8C3E-CEBC9A402BE7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {F0950AC0-C8B2-463B-84C5-BA25DCC95AC9} - System32\Tasks\{BACF5158-098A-4E62-A51E-36FC5D2E56DF} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.2.0.166.321/en/go/help.faq.installer?LastError=1603
Task: {FCC611C9-AF02-4064-880E-B059A35B7D37} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2630062223-3020690476-3795785273-1001UA => C:\Users\user1\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-12-20] (Dropbox, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2630062223-3020690476-3795785273-1001Core.job => C:\Users\user1\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2630062223-3020690476-3795785273-1001UA.job => C:\Users\user1\AppData\Local\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\user1\Desktop\Creo Shortcuts\ModelCHECK.lnk -> C:\Program Files\PTC\Creo 2.0\Parametric\bin\modelcheck.bat ()
Shortcut: C:\Users\user1\Desktop\Creo Shortcuts\Structure.lnk -> C:\Program Files\PTC\Creo 2.0\Common Files\M240\mech\bin\mstruct.bat ()
Shortcut: C:\Users\user1\Desktop\Creo Shortcuts\Thermal.lnk -> C:\Program Files\PTC\Creo 2.0\Common Files\M240\mech\bin\mtherm.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-11-05 11:22 - 2017-10-24 06:42 - 067055192 _____ () C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera_browser.dll
2017-11-05 11:22 - 2017-10-24 06:43 - 001937496 _____ () C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\swiftshader\libglesv2.dll
2017-11-05 11:22 - 2017-10-24 06:43 - 000115288 _____ () C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\swiftshader\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-03-18 14:52 - 2016-03-29 14:56 - 000002411 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2630062223-3020690476-3795785273-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Bluetooth Device Manager => 3
MSCONFIG\Services: Bluetooth Media Service => 3
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FLEXnet Licensing Service 64 => 3
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: GoToAssist => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HP Wireless Assistant Service => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: HPWMISVC => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: LcSvrAdm => 2
MSCONFIG\Services: LcSvrAuf => 3
MSCONFIG\Services: LcSvrDba => 2
MSCONFIG\Services: LcSvrHis => 2
MSCONFIG\Services: LcSvrPAS => 2
MSCONFIG\Services: LcSvrSaz => 2
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: Unchecky => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\startupfolder: C:^Users^user1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Autodesk Product Design Suite 2016 Trial Tray.lnk => C:\Windows\pss\Autodesk Product Design Suite 2016 Trial Tray.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\user1\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Bing Bar => "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe"
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CCleaner Monitoring => "I:\ABC\Useful Programs\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Dropbox Update => "C:\Users\user1\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: PeerBlock => C:\Program Files\PeerBlock\peerblock.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: StartCCC => "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: VMonitorVMUVC => "C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{01D0A581-E726-4E84-ACB9-109FCD7DA042}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{0CA07B5A-BB44-40BC-8C9C-A2F4557FD4AD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{2D12BE9F-1E49-4896-A820-DD4AED65FBE3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{323F83DD-1A00-4EF5-A98C-8805389DEC3B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe
FirewallRules: [{A668C3FD-0A32-4FDE-BB7D-B994B9684D71}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe
FirewallRules: [{998B87C7-F1C8-4438-B1E5-AAE77E3F76F8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [TCP Query User{1E920761-26D1-4A8E-81A7-DB346D43306C}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [UDP Query User{0FCFB294-C38B-4077-988E-0BF9E587B1B2}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [TCP Query User{C5D182F4-FE11-462B-A63B-A929AF89D228}C:\program files (x86)\unified remote\remoteserver.exe] => (Block) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [UDP Query User{55756FCF-9F61-425C-A622-22EEE8AC8B9E}C:\program files (x86)\unified remote\remoteserver.exe] => (Block) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [{29A5BD96-6355-48FC-BC90-06D4E328866C}] => (Allow) C:\Users\user1\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E89BC33B-8685-4A05-89D0-2F8D57293837}] => (Allow) C:\Users\user1\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{684A0629-194A-494F-B794-BD4265CDBFED}] => (Allow) C:\Users\user1\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4E28DFD2-DA9B-4376-9623-D3FDD617068C}] => (Allow) C:\Users\user1\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{83632768-32B6-4F13-A382-FDDD1805A1AF}] => (Allow) LPort=1700
FirewallRules: [{44FFC397-BE48-4BA1-A19C-BF19FCFBADC9}] => (Allow) LPort=1701
FirewallRules: [{388893F5-F952-4EAE-A3C7-F563822F44B8}] => (Allow) LPort=1702
FirewallRules: [{A98791CE-A413-4943-84B8-4E5CCC285B60}] => (Allow) LPort=1703
FirewallRules: [{C55E797F-45F3-4BD4-80FE-F950E852346E}] => (Allow) LPort=1704
FirewallRules: [{06BBB6B1-0F92-42EA-8E6A-A1E587F0FB9B}] => (Allow) LPort=1705
FirewallRules: [{953ECD66-11FF-4C1E-8C3E-B65520900165}] => (Allow) LPort=1706
FirewallRules: [{1814DE3C-381D-469D-879E-235C4C745E88}] => (Allow) LPort=1707
FirewallRules: [{24A1D27A-F512-489E-B922-40E9F642E667}] => (Allow) LPort=1708
FirewallRules: [{A22CA3A5-A9AE-42AB-A313-77F6BD3A0A65}] => (Allow) LPort=1709
FirewallRules: [{4E521053-AB37-45B0-B1B7-DAAE1A554A0B}] => (Allow) LPort=1641
FirewallRules: [{E4B10AF2-24FC-4DB6-8A54-F5E42EBA7B47}] => (Allow) LPort=1647
FirewallRules: [{0DA2CAE5-8A1A-49AE-B2AD-B2EDC5A13D31}] => (Allow) LPort=5432
FirewallRules: [{193484E0-574E-4E33-88A4-A47FAD6EBA29}] => (Allow) C:\Users\user1\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4AB0E9A0-35D6-4C32-8336-E5D5218B153D}] => (Allow) C:\Users\user1\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3BD02ADC-041C-46B0-8389-695DABD92C6E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C4788B8E-927C-4BD1-92E0-D6132BC19912}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{DF456965-2464-4E09-8548-46BF32501BA0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{3DC7CBBA-0B82-4559-BCAD-EBA3DA7F2338}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{BAE26E83-4269-479E-9680-04889916DBFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2E0FAA3C-B50F-4E2A-88CB-858DD07E78C0}] => (Allow) C:\Users\user1\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{575B379E-E64B-438C-8013-6D009E99841D}] => (Allow) C:\Users\user1\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{55ADA0C5-6A63-42E5-A240-F65481027C54}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{664AC88B-0A94-49B6-80D4-8237F2F72364}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B5242EE-FB0B-4478-BE5C-0547447F0BD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{02702132-3ACF-4CEC-B50E-B452D6A0E219}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{A79C0AEC-FF88-43CA-A1C9-04D1A9139D08}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{314746EA-F565-48DF-9C22-1C7DA233EFA8}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{0C0CD8CC-1389-4CB6-B069-AC61EE2FD1F5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{467EC1E0-811D-4DDC-A482-674F5DC9C952}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{285F3853-49DF-4293-B641-1304EF89E2F9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{AA359064-3C22-4364-809A-DB9D92D7841A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{3975758A-5815-4CC2-B6C2-6C4FF165BFE2}C:\users\user3\desktop\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\user3\desktop\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [UDP Query User{806340CD-8040-45A2-9374-A50D873046AF}C:\users\user3\desktop\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\user3\desktop\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [{1DEBEAA8-F70A-427A-AED8-6F364B184D00}] => (Allow) C:\Program Files\PTC\Creo 2.0\Parametric\bin\parametric.exe
FirewallRules: [{196482E5-593D-4928-8472-F34F664CB931}] => (Allow) C:\Program Files\PTC\Creo 2.0\Parametric\bin\parametric.exe
FirewallRules: [{926824AC-99EF-4205-96FF-248A5E8AF554}] => (Allow) C:\Program Files\PTC\Creo 2.0\Parametric\bin\parametric.exe
FirewallRules: [{4681A67D-E5E7-4D26-BEF4-87E16369B2FC}] => (Allow) C:\Program Files\PTC\Creo 2.0\Parametric\bin\parametric.exe
FirewallRules: [TCP Query User{BBF73157-47AA-459A-A631-377A28D48E28}C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\nms\nmsd.exe] => (Block) C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\nms\nmsd.exe
FirewallRules: [UDP Query User{F4ECE4C1-39EE-4B5B-AF2D-50DB37065496}C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\nms\nmsd.exe] => (Block) C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\nms\nmsd.exe
FirewallRules: [TCP Query User{83295D9C-DE9F-4F2B-B57D-3C672165295D}C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\obj\xtop.exe] => (Block) C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\obj\xtop.exe
FirewallRules: [UDP Query User{0CB1323C-38A3-42C2-8903-B7572C602E94}C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\obj\xtop.exe] => (Block) C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\obj\xtop.exe
FirewallRules: [TCP Query User{637EC569-C50B-4982-A683-FDB86C6AC20F}C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\obj\pro_comm_msg.exe] => (Block) C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [UDP Query User{E7D8FA6F-C8C4-4331-A22D-75B19D540F0D}C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\obj\pro_comm_msg.exe] => (Block) C:\program files\ptc\creo 2.0\common files\m240\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [{326620D4-14D6-409C-86BA-13BBF5365D81}] => (Allow) C:\Program Files\PTC\Creo 2.0\View Express\i486_nt\obj\productview.exe
FirewallRules: [TCP Query User{562094A5-2205-4C2E-98B5-53FC31AC7E35}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [UDP Query User{DD158F59-D9AE-495C-B347-D8CB39231D62}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [{21970C94-0BEF-47CB-B044-5AA0F89F088C}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_1\SZBrowser.exe
FirewallRules: [{7ECB5553-78F8-48D8-ACD9-04BE19399105}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{F21DDBE7-61B3-4003-8F03-DDADCE9099E4}] => (Allow) C:\Users\user1\AppData\Local\Programs\Opera\47.0.2631.55\opera.exe
FirewallRules: [{160844E6-7C53-4537-BECF-4A4E2604270D}] => (Allow) C:\Users\user1\AppData\Local\Programs\Opera\48.0.2685.52\opera.exe
FirewallRules: [{E608D990-6B36-4C0B-9566-7C2A73F7F5B3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
23-06-2017 12:26:38 Installed Creo Thumbnail Viewer 2.0
23-06-2017 12:28:36 Installed Creo View Express 2.0
23-06-2017 12:32:23 Installed PTC Creo Platform Agent 2.49
28-06-2017 21:24:46 Installed Adobe Acrobat XI Pro.
09-07-2017 11:00:08 Removed Arbortext IsoView 7.3.
09-07-2017 11:01:34 Removed Diagnostic Tools
16-07-2017 19:13:57 Intel® WiDi Media Share
31-07-2017 08:01:20 Windows Update
31-07-2017 13:05:52 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Consumer IR Devices
Description: Consumer IR Devices
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: circlass
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/13/2018 08:25:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (05/13/2018 08:25:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (05/13/2018 08:17:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (05/13/2018 08:17:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (05/13/2018 08:10:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (05/13/2018 08:10:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/05/2017 11:13:04 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/05/2017 11:13:04 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
 
System errors:
=============
Error: (05/13/2018 08:48:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (05/13/2018 08:48:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (05/13/2018 08:48:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (05/13/2018 08:47:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (05/13/2018 08:47:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (05/13/2018 08:47:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (05/13/2018 08:47:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (05/13/2018 08:47:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
 
 
Windows Defender:
===================================
Date: 2015-02-06 08:47:15.405
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x80070714
Error description:The specified image file did not contain a resource section. 
Signature version:0.0.0.0
Engine version:0.0.0.0
 
Date: 2015-02-06 08:47:08.307
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source:Signature Update Folder
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:
Previous Engine Version:
Error code:0x80070002
Error description:The system cannot find the file specified. 
 
Date: 2015-02-03 11:38:04.916
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source:Signature Update Folder
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:
Previous Engine Version:
Error code:0x80070002
Error description:The system cannot find the file specified. 
 
Date: 2015-02-03 11:36:07.525
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.191.3880.0
Previous Signature Version:
Update Source:User
Signature Type:AntiSpyware
Update Type:Full
Current Engine Version:1.1.11302.0
Previous Engine Version:
Error code:0x8050a004
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
Date: 2015-02-03 11:36:07.525
Description: 
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.11302.0
Previous Engine Version:
Update Source:User
Error Code:0x8050a004
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
CodeIntegrity:
===================================
 
Date: 2015-05-15 16:47:11.595
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 70%
Total physical RAM: 2933.86 MB
Available physical RAM: 873.78 MB
Total Virtual: 5865.9 MB
Available Virtual: 3616.32 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:277.73 GB) (Free:57.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:20.06 GB) (Free:2.9 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
 
\\?\Volume{ffa43657-df4b-11e0-b1d7-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.15 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: E5539939)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=277.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


This next may not work in Safe Mode with Networking.

 

Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


If possible please boot into regular mode and get a process explorer log there.
 


  • 0

#3
valleyboy

valleyboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 217 posts

Hello there

 

Thank you, and apologies for the delay, I have been away from home. Here's the info that you requested:

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 75.53 0 K 24 K 0
AvastSvc.exe 11.91 134,016 K 114,596 K 1680 Avast Service AVAST Software (Verified) AVAST Software s.r.o.
Interrupts 4.78 0 K 0 K n/a Hardware Interrupts and DPCs
procexp64.exe 2.20 35,976 K 55,624 K 2648 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
opera.exe 1.22 57,724 K 69,680 K 4180 Opera Internet Browser Opera Software (Verified) Opera Software AS
dwm.exe 0.87 65,156 K 33,532 K 1360 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
System 0.94 176 K 1,452 K 4
svchost.exe 0.58 34,652 K 39,452 K 1076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
AvastUI.exe 0.38 21,960 K 34,720 K 1692 Avast Antivirus AVAST Software (Verified) AVAST Software s.r.o.
csrss.exe 0.23 3,352 K 13,508 K 656 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
SynTPEnh.exe 0.29 9,348 K 3,452 K 2304 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
CompatTelRunner.exe 0.19 27,064 K 33,408 K 3752 Microsoft Compatibility Telemetry Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.05 14,944 K 20,408 K 1052 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
opera.exe 0.05 119,664 K 171,504 K 5724 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 0.05 54,696 K 69,708 K 4980 Opera Internet Browser Opera Software (Verified) Opera Software AS
svchost.exe 0.05 130,068 K 135,348 K 1028 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
explorer.exe 0.04 41,312 K 58,032 K 1208 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.13 5,272 K 8,632 K 876 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
opera.exe 0.04 42,016 K 59,936 K 5680 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 0.03 173,900 K 190,232 K 4812 Opera Internet Browser Opera Software (Verified) Opera Software AS
LMS.exe 0.03 2,344 K 4,860 K 4880 Local Manageability Service Intel Corporation (Verified) Intel Corporation
SearchIndexer.exe 0.02 29,340 K 15,312 K 3696 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
lsass.exe < 0.01 8,120 K 13,840 K 772 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
opera.exe 0.02 47,208 K 61,564 K 5380 Opera Internet Browser Opera Software (Verified) Opera Software AS
AdobeARM.exe 0.02 5,104 K 10,540 K 7096 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems
opera.exe 0.02 45,112 K 57,272 K 6532 Opera Internet Browser Opera Software (Verified) Opera Software AS
svchost.exe 0.01 16,960 K 16,352 K 1496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
HPWA_Service.exe 0.01 49,796 K 35,360 K 5704 HPPA_Service Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
HPSA_Service.exe 0.01 31,156 K 25,896 K 3976 HP Support Assistant Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
csrss.exe 0.01 2,664 K 4,552 K 572 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
aswidsagenta.exe 0.01 29,080 K 45,164 K 6056 Avast Behavior Shield AVAST Software (Verified) AVAST Software s.r.o.
opera.exe 0.01 47,376 K 61,084 K 6268 Opera Internet Browser Opera Software (Verified) Opera Software AS
svchost.exe < 0.01 9,648 K 16,560 K 2208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 20,592 K 10,852 K 4568 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
AGSService.exe < 0.01 2,912 K 8,664 K 5836 Adobe Genuine Software Integrity Service Adobe Systems, Incorporated (Verified) Adobe Systems Incorporated
opera.exe < 0.01 47,536 K 63,368 K 7056 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe < 0.01 46,128 K 61,316 K 4788 Opera Internet Browser Opera Software (Verified) Opera Software AS
svchost.exe < 0.01 14,100 K 16,920 K 4988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
stacsv64.exe < 0.01 12,388 K 7,712 K 1132 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
opera.exe < 0.01 47,316 K 63,092 K 2060 Opera Internet Browser Opera Software (Verified) Opera Software AS
unchecky_bg.exe < 0.01 2,036 K 6,824 K 3044 Unchecky Background Process Reason Software Company Inc. (Verified) Reason Software Company Inc.
ezSharedSvcHost.exe < 0.01 1,556 K 4,492 K 2140 Shared EasyBits services for Windows EasyBits Software AS (Certificate expired) EasyBits Software AS
svchost.exe 5,544 K 8,316 K 976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe < 0.01 13,152 K 12,308 K 1640 Host Process for Windows Tasks Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
conhost.exe < 0.01 1,400 K 3,320 K 4708 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
HPWA_Main.exe < 0.01 57,392 K 55,608 K 1908 HP Wireless Assistant Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
TeamViewer_Service.exe < 0.01 5,932 K 9,964 K 2812 TeamViewer 9 TeamViewer GmbH (Verified) TeamViewer
audiosrv.exe < 0.01 2,808 K 7,244 K 2708 Bluetooth Media Service Motorola Solutions, Inc. (Verified) Motorola Inc
hpservice.exe < 0.01 2,132 K 4,256 K 1444 HpService Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
devmgrsrv.exe < 0.01 7,940 K 10,364 K 2064 Bluetooth Device Manager Motorola Solutions, Inc. (Verified) Motorola Inc
WmiPrvSE.exe 8,148 K 12,208 K 4044 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3,480 K 7,956 K 4820 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 1,444 K 2,828 K 3860 Microsoft® Windows Live ID Service Monitor Microsoft Corporation (Verified) Microsoft Corporation
WLIDSVC.EXE 5,036 K 10,348 K 3032 Microsoft® Windows Live ID Service Microsoft Corporation (Verified) Microsoft Corporation
winlogon.exe 3,144 K 5,740 K 712 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,740 K 3,736 K 664 Windows Start-Up Application Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
VCDDaemon.exe 1,664 K 5,668 K 4408 Virtual CloneDrive Daemon Elaborate Bytes AG (Verified) Elaborate Bytes AG
unsecapp.exe 2,152 K 5,908 K 2564 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1,820 K 5,152 K 4716 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
UNS.exe 5,072 K 10,232 K 3968 User Notification Service Intel Corporation (Verified) Intel Corporation
unchecky_svc.exe 2,456 K 5,332 K 3000 Unchecky Service Reason Software Company Inc. (Verified) Reason Software Company Inc.
taskeng.exe 2,688 K 5,936 K 2240 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,384 K 5,780 K 3828 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
SZBrowser_autoupdate.exe 4,444 K 11,216 K 1324 Avast SafeZone auto-updater Avast Software (Verified) AVAST Software s.r.o.
SynTPHelper.exe 1,928 K 812 K 3704 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 28,480 K 23,752 K 424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 13,740 K 13,508 K 1940 Host Process for Windows Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 2,620 K 5,692 K 3636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,108 K 5,368 K 1380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,096 K 4,804 K 2772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,040 K 8,696 K 2104 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sttray64.exe 7,608 K 16,968 K 3832 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
sppsvc.exe 3,240 K 9,252 K 5712 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 9,160 K 11,272 K 1852 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 632 K 1,116 K 352 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 0.02 7,676 K 8,164 K 764 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 4,432 K 12,108 K 4144 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 2,136 K 5,688 K 3996 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
PsiService_2.exe 1,132 K 3,420 K 2712 PsiService PsiService Protexis Inc. (Verified) Protexis Inc.
procexp.exe 5,772 K 8,796 K 7804 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
portmap.exe 2,400 K 3,952 K 2632 Creo 2.0 from PTC PTC Inc. (No signature was present in the subject) PTC Inc.
opera_crashreporter.exe 1,500 K 4,652 K 364 Opera crash-reporter Opera Software (Verified) Opera Software AS
opera.exe 37,932 K 56,428 K 188 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 50,572 K 63,476 K 4248 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 55,644 K 54,816 K 368 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 26,736 K 37,984 K 4544 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 22,032 K 31,856 K 4500 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 18,588 K 26,896 K 5228 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 22,060 K 35,224 K 2492 Opera Internet Browser Opera Software (Verified) Opera Software AS
obexsrv.exe 2,272 K 5,668 K 2100 Bluetooth OBEX Service Motorola Solutions, Inc. (Verified) Motorola Inc
nutsrv4.exe 1,980 K 3,988 K 2432 NuTCRACKER Service MKS Software Inc. (Verified) MKS Software
LSSrvc.exe 1,356 K 3,936 K 2332 LightScribe Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
lsm.exe 0.01 2,848 K 4,000 K 780 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
LightScribeControlPanel.exe 5,768 K 11,108 K 4316 Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
launcher.exe 1,840 K 5,232 K 7860 Avast SafeZone Browser Avast Software (Verified) AVAST Software s.r.o.
igfxtray.exe 2,992 K 7,272 K 148 igfxTray Module Intel Corporation (Verified) Intel Corporation
igfxpers.exe 2,664 K 7,248 K 3116 persistence Module Intel Corporation (Verified) Intel Corporation
HPWMISVC.exe 1,200 K 3,516 K 2292 HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.
HPSupportSolutionsFrameworkService.exe 32,908 K 29,988 K 3724 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
hpqwmiex.exe 2,104 K 6,884 K 248 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
HPCEE.exe 13,032 K 17,096 K 4628 HP Ceement Hewlett-Packard (A certificate was explicitly revoked by its issuer) Hewlett-Packard
HPAdvisor.exe 36,672 K 7,876 K 5884 HP Advisor Hewlett-Packard (Verified) Hewlett-Packard Company
hkcmd.exe 3,904 K 11,000 K 4116 hkcmd Module Intel Corporation (Verified) Intel Corporation
FNPLicensingService64.exe 2,064 K 3,724 K 3268 Activation Licensing Service Flexera Software LLC (Verified) Flexera Software LLC
dllhost.exe 2,864 K 7,764 K 5548 COM Surrogate Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
csc.exe 2,352 K 8,396 K 5792 Visual C# Command Line Compiler Microsoft Corporation (Verified) Microsoft Corporation
conhost.exe 2,268 K 5,604 K 7940 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 1,464 K 3,624 K 5192 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
CompatTelRunner.exe 1,336 K 884 K 6792 Microsoft Compatibility Telemetry Microsoft Corporation (Verified) Microsoft Windows
btplayerctrl.exe 1,452 K 4,764 K 5128 Bluetooth Media Player Controller Motorola Solutions, Inc. (Verified) Motorola Inc
audiodg.exe 17,052 K 17,312 K 1188 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe 1,720 K 4,252 K 416 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,688 K 6,224 K 1576 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
armsvc.exe 1,248 K 3,768 K 1432 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AnyDVDtray.exe 18,064 K 26,860 K 4488 AnyDVD Application SlySoft, Inc. (The digital signature of the object did not verify) SlySoft, Inc.
AESTSr64.exe 1,304 K 2,420 K 1520 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (No signature was present in the subject) Andrea Electronics Corporation
ADvdDiscHlp64.exe 2,272 K 5,540 K 5176 AnyDVD 64bit helper (Verified) SlySoft Inc.
AdAppMgrSvc.exe 6,196 K 14,088 K 1320 Autodesk Application Manager Autodesk Inc. (Verified) Autodesk
AdAppMgr.exe 23,988 K 48,224 K 2880 Autodesk Application Manager Autodesk Inc. (Verified) Autodesk
acrotray.exe 2,228 K 6,392 K 2644 AcroTray Adobe Systems Inc. (Verified) Adobe Systems
 
 
_________________________________________________________________________________
 
 
 
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       352 N/A                                         
csrss.exe                      572 N/A                                         
csrss.exe                      656 N/A                                         
wininit.exe                    664 N/A                                         
winlogon.exe                   712 N/A                                         
services.exe                   764 N/A                                         
lsass.exe                      772 KeyIso, SamSs                               
lsm.exe                        780 N/A                                         
svchost.exe                    876 DcomLaunch, PlugPlay, Power                 
svchost.exe                    976 RpcEptMapper, RpcSs                         
atiesrxx.exe                   416 AMD External Events Utility                 
svchost.exe                    424 AudioSrv, Dhcp, eventlog,                   
                                   HomeGroupProvider, lmhosts, wscsvc          
svchost.exe                   1028 AudioEndpointBuilder, HomeGroupListener,    
                                   IPBusEnum, Netman, PcaSvc, SysMain, TrkWks, 
                                   UxSms, WdiSystemHost, Wlansvc               
svchost.exe                   1052 EventSystem, fdPHost, FontCache, netprofm,  
                                   nsi, SstpSvc, WdiServiceHost,               
                                   WinHttpAutoProxySvc                         
svchost.exe                   1076 AeLookupSvc, BITS, Browser, EapHost,        
                                   IKEEXT, iphlpsvc, LanmanServer, ProfSvc,    
                                   RasMan, Schedule, SENS, ShellHWDetection,   
                                   Themes, Winmgmt, wuauserv                   
stacsv64.exe                  1132 STacSV                                      
svchost.exe                   1380 gpsvc                                       
hpservice.exe                 1444 hpsrv                                       
svchost.exe                   1496 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc, TapiSrv                             
atieclxx.exe                  1576 N/A                                         
AvastSvc.exe                  1680 avast! Antivirus                            
spoolsv.exe                   1852 Spooler                                     
svchost.exe                   1940 BFE, DPS, MpsSvc                            
AdAppMgrSvc.exe               1320 AdAppMgrSvc                                 
taskhost.exe                  1640 N/A                                         
armsvc.exe                    1432 AdobeARMservice                             
AESTSr64.exe                  1520 AESTFilters                                 
devmgrsrv.exe                 2064 Bluetooth Device Manager                    
svchost.exe                   2104 DiagTrack                                   
ezSharedSvcHost.exe           2140 ezSharedSvc                                 
svchost.exe                   2208 FDResPub, SSDPSRV, upnphost, wcncsvc        
taskeng.exe                   2240 N/A                                         
HPWMISVC.exe                  2292 HPWMISVC                                    
SynTPEnh.exe                  2304 N/A                                         
LSSrvc.exe                    2332 LightScribeService                          
nutsrv4.exe                   2432 NuTCRACKERService                           
portmap.exe                   2632 PortmapperService                           
PsiService_2.exe              2712 PSI_SVC_2                                   
svchost.exe                   2772 stisvc                                      
TeamViewer_Service.exe        2812 TeamViewer9                                 
unchecky_svc.exe              3000 Unchecky                                    
WLIDSVC.EXE                   3032 wlidsvc                                     
unchecky_bg.exe               3044 N/A                                         
obexsrv.exe                   2100 Bluetooth OBEX Service                      
dwm.exe                       1360 N/A                                         
explorer.exe                  1208 N/A                                         
FNPLicensingService64.exe     3268 FLEXnet Licensing Service 64                
svchost.exe                   3636 PolicyAgent                                 
SearchIndexer.exe             3696 WSearch                                     
WLIDSVCM.EXE                  3860 N/A                                         
rundll32.exe                  3996 N/A                                         
WmiPrvSE.exe                  4044 N/A                                         
sttray64.exe                  3832 N/A                                         
igfxpers.exe                  3116 N/A                                         
igfxtray.exe                   148 N/A                                         
AvastUI.exe                   1692 N/A                                         
hkcmd.exe                     4116 N/A                                         
rundll32.exe                  4144 N/A                                         
LightScribeControlPanel.e     4316 N/A                                         
AnyDVDtray.exe                4488 N/A                                         
unsecapp.exe                  4716 N/A                                         
WmiPrvSE.exe                  4820 N/A                                         
svchost.exe                   4988 p2pimsvc, p2psvc, PNRPsvc                   
wmpnetwk.exe                  4568 WMPNetworkSvc                               
acrotray.exe                  2644 N/A                                         
audiosrv.exe                  2708 Bluetooth Media Service                     
VCDDaemon.exe                 4408 N/A                                         
btplayerctrl.exe              5128 N/A                                         
ADvdDiscHlp64.exe             5176 N/A                                         
conhost.exe                   5192 N/A                                         
dllhost.exe                   5548 N/A                                         
AGSService.exe                5836 AGSService                                  
AdAppMgr.exe                  2880 N/A                                         
opera.exe                     5724 N/A                                         
opera_crashreporter.exe        364 N/A                                         
opera.exe                      368 N/A                                         
opera.exe                     4500 N/A                                         
opera.exe                     4544 N/A                                         
opera.exe                     5228 N/A                                         
opera.exe                     4180 N/A                                         
opera.exe                     5680 N/A                                         
opera.exe                      188 N/A                                         
SynTPHelper.exe               3704 N/A                                         
HPSA_Service.exe              3976 HP Support Assistant Service                
HPWA_Service.exe              5704 HP Wireless Assistant Service               
HPWA_Main.exe                 1908 N/A                                         
HPSupportSolutionsFramewo     3724 HPSupportSolutionsFrameworkService          
hpqwmiex.exe                   248 hpqwmiex                                    
LMS.exe                       4880 LMS                                         
HPAdvisor.exe                 5884 N/A                                         
opera.exe                     2060 N/A                                         
opera.exe                     4812 N/A                                         
opera.exe                     4788 N/A                                         
opera.exe                     4248 N/A                                         
opera.exe                     7056 N/A                                         
opera.exe                     6268 N/A                                         
aswidsagenta.exe              6056 aswbIDSAgent                                
opera.exe                     6532 N/A                                         
UNS.exe                       3968 UNS                                         
opera.exe                     2492 N/A                                         
unsecapp.exe                  2564 N/A                                         
opera.exe                     5380 N/A                                         
taskeng.exe                   3828 N/A                                         
opera.exe                     4980 N/A                                         
CompatTelRunner.exe           6792 N/A                                         
conhost.exe                   4708 N/A                                         
CompatTelRunner.exe           3752 N/A                                         
AdobeARM.exe                  7096 N/A                                         
sppsvc.exe                    5712 sppsvc                                      
procexp.exe                   7804 N/A                                         
procexp64.exe                 2648 N/A                                         
HPCEE.exe                     4628 N/A                                         
csc.exe                       5792 N/A                                         
conhost.exe                   7940 N/A                                         
SearchProtocolHost.exe        7904 N/A                                         
SearchFilterHost.exe          1896 N/A                                         
overseer.exe                  3664 N/A                                         
instup.exe                    6384 N/A                                         
VSSVC.exe                     7288 VSS                                         
svchost.exe                    760 swprv                                       
cmd.exe                       5972 N/A                                         
conhost.exe                   6392 N/A                                         
tasklist.exe                  6108 N/A                                         
 

 

Attached Files


  • 0

#4
valleyboy

valleyboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 217 posts

Also, forgot to mention that the process explorer log was from regular mode.

 

Thanks again.


  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP
 
System Idle Process 75.53 0 K 24 K 0
AvastSvc.exe 11.91 134,016 K 114,596 K 1680 Avast Service AVAST Software (Verified) AVAST Software s.r.o.
Interrupts 4.78 0 K 0 K n/a Hardware Interrupts and DPCs
procexp64.exe 2.20 35,976 K 55,624 K 2648 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
opera.exe 1.22 57,724 K 69,680 K 4180 Opera Internet Browser Opera Software (Verified) Opera Software AS
dwm.exe 0.87 65,156 K 33,532 K 1360 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows

System 0.94 176 K 1,452 K

 

 

Interrupts is way too high.  Should be under 1.4

 

What does it look like in Safe Mode?

 

Avast may need to be reinstalled as it is using too much CPU tho this may be normal if the Process Explorer log was taken too soon in the boot process.

 

Speccy says it is running hot.  Speccy is often wrong about temps so let's get a second opinion:

 

run Speedfan to monitor your temps in real time:



http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).

It will tell you your temps in real time tho the default is to show the hard drive temp in the systray.  You can change it:  Hit Configure then click on the highest temp and check Show in tray.  With no other programs running what is the highest temp you see?  Run an anti-virus scan, play one of your games or watch a video for at least 5 minutes.  What is the highest temp now?
 

We don't really want it to go over about 65 under load.  If it does it usually means either the fan is defective (speedfan should tell you your fan speed so you can see if it is running) or (most likely) the interface between the fan and the heatsink is clogged with dust. The best fix for a clogged heatsink is to remove the fan (not the heatsink or heatpipe) and vacuum out the heatsink.  However on some PCs this is major surgery.  Sometimes you can blow air backwards through the exhaust vent while vacuuming at the input vent and if you are lucky it may clear the heatsink.  Don't do it too long as the fan may overrev.

 

 

 

et's try Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.51

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.


  • 0

#6
valleyboy

valleyboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 217 posts

Thank you, and good evening.

 

Here's the details you requested:

 

Highest temp with no other progs running was 49C. After 5 mins of Netflix and virus scanning this went up to 85C. I didn't check fan speed using the app but it is definitely running, it sounds like it is taking off when the temp gets above 70C then goes much quieter when there is no load and temp drops back down to sub 50C. The laptop recently started to auto shut-down after overheating so I took it apart, removed all of the dust (there was lots), and cleaned the heat sink and applied fresh paste. The fan was running flat out continuously prior to this maintenance but is now running at what sounds like a moderate level.

 

Here's the procexp details:

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 98.92 0 K 24 K 0
procexp64.exe 0.56 26,180 K 43,344 K 1588 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
csrss.exe 0.28 3,036 K 7,864 K 488 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
Interrupts 0.12 0 K 0 K n/a Hardware Interrupts and DPCs
PicasaPhotoViewer.exe 0.08 12,856 K 18,792 K 1028 Picasa Photo Viewer Google Inc. (Verified) Google Inc
System 0.01 160 K 1,108 K 4
explorer.exe 0.01 24,664 K 47,428 K 360 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 4,524 K 9,292 K 696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
services.exe < 0.01 3,428 K 6,932 K 588 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe < 0.01 8,236 K 10,236 K 1396 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 8,600 K 6,832 K 936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,784 K 6,936 K 1852 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,136 K 6,200 K 524 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,632 K 4,724 K 496 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 12,508 K 18,816 K 892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,912 K 9,680 K 856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,884 K 6,464 K 768 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
smss.exe 548 K 1,240 K 296 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
procexp.exe 5,360 K 8,300 K 1576 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
lsm.exe 2,540 K 4,380 K 604 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 3,596 K 9,828 K 596 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
ctfmon.exe 1,968 K 3,732 K 1072 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 1,956 K 3,912 K 452 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
 
 
LatencyMon details:
 
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be having trouble handling real-time audio and other tasks. You are likely to experience buffer underruns appearing as drop outs, clicks or pops. One or more DPC routines that belong to a driver running in your system appear to be executing for too long. At least one detected problem appears to be network related. In case you are using a WLAN adapter, try disabling it to get better results. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates. 
LatencyMon has been analyzing your system for  0:01:30  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        GARDNERHOME
OS version:                                           Windows 7 Service Pack 1, 6.1, build: 7601 (x64)
Hardware:                                             HP Pavilion dv6 Notebook PC, Hewlett-Packard, 144A
CPU:                                                  GenuineIntel Intel® Core™ i3 CPU M 350 @ 2.27GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  2933 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   2261 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   4353.988552
Average measured interrupt to process latency (µs):   5.310054
 
Highest measured interrupt to DPC latency (µs):       2108.390088
Average measured interrupt to DPC latency (µs):       1.252526
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              141.921274
Driver with highest ISR routine execution time:       i8042prt.sys - i8042 Port Driver, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.111115
Driver with highest ISR total time:                   i8042prt.sys - i8042 Port Driver, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.301831
 
ISR count (execution time <250 µs):                   144935
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                0
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              2158.296771
Driver with highest DPC routine execution time:       ndis.sys - NDIS 6.20 driver, Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.158406
Driver with highest DPC total execution time:         rspLLL64.sys - Resplendence Latency Monitoring and Auxiliary Kernel Library, Resplendence Software Projects Sp.
 
Total time spent in DPCs (%)                          0.520679
 
DPC count (execution time <250 µs):                   506241
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                55
DPC count (execution time 1000-1999 µs):              108
DPC count (execution time 2000-3999 µs):              4
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 avastsvc.exe
 
Total number of hard pagefaults                       6721
Hard pagefault count of hardest hit process:          6691
Highest hard pagefault resolution time (µs):          176640.239275
Total time spent in hard pagefaults (%):              13.567650
Number of processes hit:                              11
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       3.306880
CPU 0 ISR highest execution time (µs):                141.921274
CPU 0 ISR total execution time (s):                   0.468246
CPU 0 ISR count:                                      104087
CPU 0 DPC highest execution time (µs):                2158.296771
CPU 0 DPC total execution time (s):                   1.279847
CPU 0 DPC count:                                      470889
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       1.243569
CPU 1 ISR highest execution time (µs):                135.211411
CPU 1 ISR total execution time (s):                   0.274119
CPU 1 ISR count:                                      13828
CPU 1 DPC highest execution time (µs):                682.259177
CPU 1 DPC total execution time (s):                   0.204493
CPU 1 DPC count:                                      9977
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.968541
CPU 2 ISR highest execution time (µs):                117.307828
CPU 2 ISR total execution time (s):                   0.169765
CPU 2 ISR count:                                      13568
CPU 2 DPC highest execution time (µs):                606.135338
CPU 2 DPC total execution time (s):                   0.188435
CPU 2 DPC count:                                      13257
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       2.838001
CPU 3 ISR highest execution time (µs):                127.778859
CPU 3 ISR total execution time (s):                   0.177819
CPU 3 ISR count:                                      13452
CPU 3 DPC highest execution time (µs):                627.275542
CPU 3 DPC total execution time (s):                   0.207460
CPU 3 DPC count:                                      12285
_________________________________________________________________________________________________________
 
 
Much appreciated!!!
VB

 


  • 0

#7
valleyboy

valleyboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 217 posts

For the record, fan speed is min 103C, max 200RPM.


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

I would uninstall Avast.  It's out of date and seems to be causing a lot of problems.  You should download the latest version before you uninstall then reboot after the uninstall and install the new version.

 

Check Process Explorer again in regular mode and see if things improve after the reinstall.  If not try temporarily disabling the network adapter.

 

Do you still need:

nutsrv4.exe 1,980 K 3,988 K 2432 NuTCRACKER Service MKS Software Inc. (Verified) MKS Software
PTC Creo Platform Agent 2.49 (HKLM-x32\...\{79BCA967-0760-4B6A-88FA-1D785EAE052D}) (Version: 2.49.0 - PTC)
PTC Portmapper Version 2.0 Datecode [M240] (HKLM-x32\...\PTC Portmapper Version 2.0 Datecode [M240]) (Version: 2.0 - PTC)

  • 0

#9
valleyboy

valleyboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 217 posts
Thanks again....

I don't need any of the items that you listed above.

I'll carry out the Avast actions soon, probably over the next couple of days.

VB
  • 0

#10
valleyboy

valleyboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 217 posts

Good evening.

 

I've reinstalled Avast! This time I did a minimal install. There is a log below from procexp for reference.

 

I checked SpeedFan too, temperature is presently approx 10C lower.

 

Please advise what to do with the redundant items that you queried. Thanks again.

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 95.31 0 K 24 K 0
procexp64.exe 1.86 35,616 K 55,604 K 7708 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 0.58 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.52 59,896 K 29,648 K 3400 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
AvastUI.exe 0.48 22,356 K 58,512 K 5300 Avast Antivirus AVAST Software (Verified) AVAST Software s.r.o.
System 0.21 168 K 1,096 K 4
SynTPEnh.exe 0.17 9,312 K 1,948 K 2852 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
Skype.exe 0.14 127,352 K 68,592 K 1112 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
csrss.exe 0.14 2,924 K 6,228 K 628 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
opera.exe 0.07 124,176 K 143,552 K 7404 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 0.07 108,148 K 158,940 K 6116 Opera Internet Browser Opera Software (Verified) Opera Software AS
aswidsagenta.exe 0.05 18,348 K 22,772 K 1144 Avast Behavior Shield AVAST Software (Verified) AVAST Software s.r.o.
svchost.exe 0.05 26,136 K 23,396 K 744 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
opera.exe 0.04 54,856 K 79,072 K 7312 Opera Internet Browser Opera Software (Verified) Opera Software AS
wmpnetwk.exe 0.04 20,056 K 20,192 K 5052 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
opera.exe 0.02 62,032 K 81,008 K 1188 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 0.02 42,056 K 63,064 K 6316 Opera Internet Browser Opera Software (Verified) Opera Software AS
LMS.exe 0.02 2,492 K 2,360 K 4148 Local Manageability Service Intel Corporation (Verified) Intel Corporation
explorer.exe 0.02 48,572 K 55,272 K 3648 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
opera.exe 0.02 112,324 K 117,776 K 6312 Opera Internet Browser Opera Software (Verified) Opera Software AS
AnyDVDtray.exe 0.02 18,156 K 8,272 K 2944 AnyDVD Application SlySoft, Inc. (The digital signature of the object did not verify) SlySoft, Inc.
lsass.exe 0.02 6,152 K 7,852 K 688 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 5,420 K 5,376 K 792 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 13,896 K 12,856 K 540 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 0.01 2,828 K 2,544 K 696 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
opera.exe 0.01 39,540 K 57,024 K 6224 Opera Internet Browser Opera Software (Verified) Opera Software AS
svchost.exe 0.01 9,800 K 11,864 K 1804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
opera.exe 0.01 117,096 K 122,956 K 7596 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 0.01 116,552 K 120,480 K 6376 Opera Internet Browser Opera Software (Verified) Opera Software AS
AGSService.exe 0.01 2,464 K 2,316 K 1996 Adobe Genuine Software Integrity Service Adobe Systems, Incorporated (Verified) Adobe Systems Incorporated
AvastSvc.exe 0.01 84,460 K 41,140 K 5368 Avast Service AVAST Software (Verified) AVAST Software s.r.o.
opera.exe 0.01 115,664 K 122,260 K 7064 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe < 0.01 39,824 K 60,620 K 6660 Opera Internet Browser Opera Software (Verified) Opera Software AS
svchost.exe < 0.01 14,140 K 10,536 K 1688 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 41,288 K 19,412 K 2176 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
HPWA_Main.exe < 0.01 55,632 K 17,208 K 3120 HP Wireless Assistant Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
opera.exe < 0.01 54,748 K 50,976 K 4728 Opera Internet Browser Opera Software (Verified) Opera Software AS
stacsv64.exe < 0.01 12,416 K 2,632 K 1036 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe < 0.01 5,464 K 5,600 K 868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
unchecky_bg.exe < 0.01 2,264 K 5,168 K 2648 Unchecky Background Process Reason Software Company Inc. (Verified) Reason Software Company Inc.
taskhost.exe < 0.01 8,504 K 6,364 K 2440 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
ezSharedSvcHost.exe < 0.01 1,552 K 1,724 K 1724 Shared EasyBits services for Windows EasyBits Software AS (Certificate expired) EasyBits Software AS
svchost.exe < 0.01 15,272 K 9,528 K 1428 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe < 0.01 3,772 K 9,000 K 4776 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
HPWA_Service.exe < 0.01 50,408 K 17,196 K 1752 HPPA_Service Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
TeamViewer_Service.exe < 0.01 5,856 K 3,632 K 2344 TeamViewer 9 TeamViewer GmbH (Verified) TeamViewer
HPSA_Service.exe < 0.01 31,644 K 7,876 K 1704 HP Support Assistant Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
csrss.exe < 0.01 3,008 K 3,092 K 536 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 138,252 K 127,820 K 340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
devmgrsrv.exe < 0.01 8,096 K 5,648 K 2036 Bluetooth Device Manager Motorola Solutions, Inc. (Verified) Motorola Inc
audiosrv.exe < 0.01 2,676 K 2,484 K 5016 Bluetooth Media Service Motorola Solutions, Inc. (Verified) Motorola Inc
hpservice.exe < 0.01 1,900 K 1,804 K 1372 HpService Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
WmiPrvSE.exe 7,416 K 6,952 K 3388 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3,632 K 5,088 K 4504 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 1,448 K 1,080 K 3440 Microsoft® Windows Live ID Service Monitor Microsoft Corporation (Verified) Microsoft Corporation
WLIDSVC.EXE 4,844 K 4,356 K 2636 Microsoft® Windows Live ID Service Microsoft Corporation (Verified) Microsoft Corporation
winlogon.exe 3,300 K 2,088 K 972 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,704 K 1,204 K 604 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
VCDDaemon.exe 1,660 K 1,984 K 4308 Virtual CloneDrive Daemon Elaborate Bytes AG (Verified) Elaborate Bytes AG
unsecapp.exe 1,876 K 2,628 K 4300 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
UNS.exe 5,180 K 2,672 K 4636 User Notification Service Intel Corporation (Verified) Intel Corporation
unchecky_svc.exe 3,208 K 4,680 K 2572 Unchecky Service Reason Software Company Inc. (Verified) Reason Software Company Inc.
taskeng.exe 2,680 K 3,844 K 2812 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 1,612 K 528 K 3936 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 14,440 K 9,460 K 4732 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 19,916 K 13,168 K 1004 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,980 K 2,848 K 1216 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,564 K 3,660 K 3176 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,020 K 1,684 K 2304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,012 K 8,064 K 1392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sttray64.exe 7,608 K 5,248 K 2868 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
spoolsv.exe 9,536 K 5,000 K 1640 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 972 K 716 K 316 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 7,188 K 5,984 K 664 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe 3,480 K 7,568 K 7084 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 4,604 K 3,984 K 3876 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 2,104 K 2,312 K 3580 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
PsiService_2.exe 1,108 K 1,168 K 2248 PsiService PsiService Protexis Inc. (Verified) Protexis Inc.
procexp.exe 5,848 K 8,812 K 3452 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
portmap.exe 2,392 K 1,216 K 2216 Creo 2.0 from PTC PTC Inc. (No signature was present in the subject) PTC Inc.
opera_crashreporter.exe 1,780 K 4,916 K 3244 Opera crash-reporter Opera Software (Verified) Opera Software AS
opera.exe 18,028 K 26,768 K 4940 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 19,452 K 28,052 K 2284 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 34,880 K 48,800 K 2888 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 26,968 K 43,032 K 1980 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 21,332 K 30,648 K 4384 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 18,684 K 27,412 K 5408 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 22,468 K 33,348 K 1572 Opera Internet Browser Opera Software (Verified) Opera Software AS
obexsrv.exe 2,280 K 1,976 K 2692 Bluetooth OBEX Service Motorola Solutions, Inc. (Verified) Motorola Inc
nutsrv4.exe 1,980 K 1,656 K 2156 NuTCRACKER Service MKS Software Inc. (Verified) MKS Software
LSSrvc.exe 1,340 K 1,296 K 1400 LightScribe Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
LightScribeControlPanel.exe 5,752 K 3,544 K 2892 Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
igfxtray.exe 2,980 K 2,548 K 3720 igfxTray Module Intel Corporation (Verified) Intel Corporation
igfxpers.exe 2,636 K 2,772 K 3776 persistence Module Intel Corporation (Verified) Intel Corporation
HPWMISVC.exe 1,376 K 1,444 K 504 HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.
HPSupportSolutionsFrameworkService.exe 32,920 K 9,280 K 1576 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
hpqwmiex.exe 2,092 K 2,256 K 2860 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hkcmd.exe 3,728 K 3,772 K 3844 hkcmd Module Intel Corporation (Verified) Intel Corporation
FNPLicensingService64.exe 2,112 K 1,452 K 1616 Activation Licensing Service Flexera Software LLC (Verified) Flexera Software LLC
dllhost.exe 2,820 K 2,652 K 2468 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 1,460 K 1,292 K 4200 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
btplayerctrl.exe 1,416 K 1,604 K 4168 Bluetooth Media Player Controller Motorola Solutions, Inc. (Verified) Motorola Inc
AvastUI.exe 64,716 K 94,140 K 5840 Avast Antivirus AVAST Software (Verified) AVAST Software s.r.o.
atiesrxx.exe 1,708 K 1,568 K 924 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,712 K 2,128 K 1340 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
armsvc.exe 1,220 K 1,268 K 1940 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AESTSr64.exe 1,316 K 948 K 1964 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
ADvdDiscHlp64.exe 2,264 K 1,868 K 4176 AnyDVD 64bit helper (Verified) SlySoft Inc.
AdobeARM.exe 4,492 K 620 K 5892 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems
AdAppMgrSvc.exe 5,812 K 9,504 K 1888 Autodesk Application Manager Autodesk Inc. (Verified) Autodesk
AdAppMgr.exe 24,084 K 15,652 K 2864 Autodesk Application Manager Autodesk Inc. (Verified) Autodesk
acrotray.exe 2,212 K 2,376 K 4240 AcroTray Adobe Systems Inc. (Verified) Adobe Systems

  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

Looks like the reinstall of Avast fixed it as far as Process Explorer is concerned.  System Idle over 95% and Interrupts down to 0.58%

 

What does Latency Monitor say now?


  • 0

#12
valleyboy

valleyboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 217 posts

Hi. Thanks again. It's better but still not super speedy. Here's the latest latencymon info:

 

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be having trouble handling real-time audio and other tasks. You are likely to experience buffer underruns appearing as drop outs, clicks or pops. One or more DPC routines that belong to a driver running in your system appear to be executing for too long. At least one detected problem appears to be network related. In case you are using a WLAN adapter, try disabling it to get better results. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates. 
LatencyMon has been analyzing your system for  0:07:22  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        GARDNERHOME
OS version:                                           Windows 7 Service Pack 1, 6.1, build: 7601 (x64)
Hardware:                                             HP Pavilion dv6 Notebook PC, Hewlett-Packard, 144A
CPU:                                                  GenuineIntel Intel® Core™ i3 CPU M 350 @ 2.27GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  2933 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   2261 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   31986.031130
Average measured interrupt to process latency (µs):   12.508168
 
Highest measured interrupt to DPC latency (µs):       2097.051223
Average measured interrupt to DPC latency (µs):       1.524552
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              158.241928
Driver with highest ISR routine execution time:       i8042prt.sys - i8042 Port Driver, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.126163
Driver with highest ISR total time:                   i8042prt.sys - i8042 Port Driver, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.324741
 
ISR count (execution time <250 µs):                   755863
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                0
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              4498.715613
Driver with highest DPC routine execution time:       ndis.sys - NDIS 6.20 driver, Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.168705
Driver with highest DPC total execution time:         rspLLL64.sys - Resplendence Latency Monitoring and Auxiliary Kernel Library, Resplendence Software Projects Sp.
 
Total time spent in DPCs (%)                          0.538372
 
DPC count (execution time <250 µs):                   2438261
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                137
DPC count (execution time 1000-1999 µs):              555
DPC count (execution time 2000-3999 µs):              11
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 avastsvc.exe
 
Total number of hard pagefaults                       904
Hard pagefault count of hardest hit process:          368
Highest hard pagefault resolution time (µs):          539576.360902
Total time spent in hard pagefaults (%):              0.685654
Number of processes hit:                              31
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       13.129052
CPU 0 ISR highest execution time (µs):                158.241928
CPU 0 ISR total execution time (s):                   2.142352
CPU 0 ISR count:                                      519658
CPU 0 DPC highest execution time (µs):                4498.715613
CPU 0 DPC total execution time (s):                   6.170195
CPU 0 DPC count:                                      2270012
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       28.025434
CPU 1 ISR highest execution time (µs):                140.673153
CPU 1 ISR total execution time (s):                   1.336325
CPU 1 ISR count:                                      78582
CPU 1 DPC highest execution time (µs):                600.656347
CPU 1 DPC total execution time (s):                   1.181781
CPU 1 DPC count:                                      47744
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       7.027950
CPU 2 ISR highest execution time (µs):                108.992481
CPU 2 ISR total execution time (s):                   1.106832
CPU 2 ISR count:                                      78857
CPU 2 DPC highest execution time (µs):                1676.603715
CPU 2 DPC total execution time (s):                   0.995391
CPU 2 DPC count:                                      59992
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       5.796844
CPU 3 ISR highest execution time (µs):                152.402034
CPU 3 ISR total execution time (s):                   1.158310
CPU 3 ISR count:                                      78766
CPU 3 DPC highest execution time (µs):                740.884122
CPU 3 DPC total execution time (s):                   1.175036
CPU 3 DPC count:                                      61217
_________________________________________________________________________________________________________

  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

What is the model number of your laptop?

 

Latency Mon says you still have a problem and it points it at two drivers.  One is the i8042prt.sys which is used by your keyboard and touchpad so you might try updating the Synaptics Pointing Device Driver.  You might also check for a stuck key:  http://keyboardchecker.com/ See if you can turn all keys green.

 

It is also possible that your very old version of Teamviewer is sticking its fingers in the pie so either update it or if you don't use it uninstall it.

 

The other drive is ndis.sys which is part of the network driver.  This one is easy to test.  Simply disable the wireless driver.  Then run latency mon again and see if things look different.

 

Now that Process Explorer looks good you might be able to get Avast to do a boot time scan:

 

It takes like 6 hours so I usually let it run at night.


Click on the Avast ball.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Click on Run on Next PC Reboot.

  Reboot and let it run a scan.  It may take hours.
Once it finishes it should load windows.   Mute your speakers so it doesn't wake you up when Windows boots.

When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:

http://www.howtogeek...-windows-vista/

Copy and paste the text from the log to a Reply when done.
 


  • 0

#14
valleyboy

valleyboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 217 posts

Good evening

 

Ok. I tried to update the touchpad driver via device manager. I used the search for correct driver function, the result was a message stating that the most recent driver is already installed. I went to the Synaptics website only to find that they do not offer drivers for download from their site. The advice there was to go to the hardware manufacturers site to look for drivers, I haven't done this yet. Am I likely to find them there?

 

Keyboard checked out fine, no sticky keys.

 

I have removed Team Viewer.

 

I've just realised that you asked for the laptop model number in an earlier post. Apologies, I forgot to provide this before, here it is: DV6-3112sa.

 

I will test latency mon with wireless driver disabled right now and post results in a new post below this one.

 

 

Here's the boot scan info:

 

06/02/2018 10:22
Scan of C:
 
Scan of *STARTUP
 
File C:\EPC\IE5\TEMPFILE.EXE|>ole32.dll Error 42127 {CAB archive is corrupted.}
File C:\Users\User1\Desktop\SAAB WIS\9-3\ie5\TEMPFILE.EXE|>ole32.dll Error 42127 {CAB archive is corrupted.}
File C:\Users\User1\Desktop\SAAB WIS\9-5\ie5\TEMPFILE.EXE|>ole32.dll Error 42127 {CAB archive is corrupted.}
Number of searched folders: 60459
Number of tested files: 4494829
Number of infected files: 0

  • 0

#15
valleyboy

valleyboy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 217 posts

Thanks again for all the help. Latency monitor info for you, this was with wireless driver disabled:

 

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be having trouble handling real-time audio and other tasks. You are likely to experience buffer underruns appearing as drop outs, clicks or pops. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates. 
LatencyMon has been analyzing your system for  0:01:04  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        GARDNERHOME
OS version:                                           Windows 7 Service Pack 1, 6.1, build: 7601 (x64)
Hardware:                                             HP Pavilion dv6 Notebook PC, Hewlett-Packard, 144A
CPU:                                                  GenuineIntel Intel® Core™ i3 CPU M 350 @ 2.27GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  2933 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   2261 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   8844.279815
Average measured interrupt to process latency (µs):   6.941877
 
Highest measured interrupt to DPC latency (µs):       175.699174
Average measured interrupt to DPC latency (µs):       1.454998
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              126.207430
Driver with highest ISR routine execution time:       i8042prt.sys - i8042 Port Driver, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.054591
Driver with highest ISR total time:                   hal.dll - Hardware Abstraction Layer DLL, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.155978
 
ISR count (execution time <250 µs):                   81878
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                0
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              456.327731
Driver with highest DPC routine execution time:       ACPI.sys - ACPI Driver for NT, Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.153452
Driver with highest DPC total execution time:         rspLLL64.sys - Resplendence Latency Monitoring and Auxiliary Kernel Library, Resplendence Software Projects Sp.
 
Total time spent in DPCs (%)                          0.237536
 
DPC count (execution time <250 µs):                   342321
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                2
DPC count (execution time 1000-1999 µs):              0
DPC count (execution time 2000-3999 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 avastsvc.exe
 
Total number of hard pagefaults                       178
Hard pagefault count of hardest hit process:          139
Highest hard pagefault resolution time (µs):          71275.414418
Total time spent in hard pagefaults (%):              0.313984
Number of processes hit:                              6
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       1.443281
CPU 0 ISR highest execution time (µs):                126.207430
CPU 0 ISR total execution time (s):                   0.198325
CPU 0 ISR count:                                      69158
CPU 0 DPC highest execution time (µs):                141.671384
CPU 0 DPC total execution time (s):                   0.474467
CPU 0 DPC count:                                      328673
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       3.457911
CPU 1 ISR highest execution time (µs):                120.236621
CPU 1 ISR total execution time (s):                   0.059778
CPU 1 ISR count:                                      4175
CPU 1 DPC highest execution time (µs):                456.327731
CPU 1 DPC total execution time (s):                   0.043554
CPU 1 DPC count:                                      3135
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.708152
CPU 2 ISR highest execution time (µs):                82.011057
CPU 2 ISR total execution time (s):                   0.075844
CPU 2 ISR count:                                      4561
CPU 2 DPC highest execution time (µs):                370.355153
CPU 2 DPC total execution time (s):                   0.044006
CPU 2 DPC count:                                      5272
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       2.314129
CPU 3 ISR highest execution time (µs):                96.218487
CPU 3 ISR total execution time (s):                   0.071141
CPU 3 ISR count:                                      3984
CPU 3 DPC highest execution time (µs):                200.300752
CPU 3 DPC total execution time (s):                   0.054872
CPU 3 DPC count:                                      5243
_________________________________________________________________________________________________________

Edited by valleyboy, 04 June 2018 - 01:23 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP