FRST Log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2016
Ran by Danielle (administrator) on LENOVO-PC (13-09-2016 22:18:04)
Running from C:\Users\Danielle\Downloads
Loaded Profiles: Danielle (Available Profiles: Danielle)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe
(Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
() C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Lenovo) C:\Windows\System32\LenovoUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\main.exe
(The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe
(Lenovo) C:\Users\Danielle\AppData\Local\Apps\2.0\63R6AO9B.LQW\Z0YVWBYK.TV6\lsb...tion_2d7b41b05b24775e_0001.0006_6c5982beb50abfca\LSB.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\cammute.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Users\Danielle\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Fork, Ltd.) C:\Windows\Prey\wpxsvc.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-25] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5166872 2016-06-29] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-08] (NVIDIA Corporation)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2015-04-18] ()
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-04-18] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-04-18] (Lenovo)
HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [604968 2015-06-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3935912 2015-06-19] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-10-28] (Razer Inc.)
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\Run: [HP Officejet 4630 Wireless] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\Run: [HP Officejet 4630 series (NET)] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\Run: [Spotify Web Helper] => C:\Users\Danielle\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-10] (Spotify Ltd)
HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\RunOnce: [Uninstall C:\Users\Danielle\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Danielle\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_Plugin.exe [1210560 2016-07-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-49138174-156455024-2110086174-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{035d297e-a58c-483b-bd64-a0c68290cde6}: [DhcpNameServer] 172.168.130.2
Tcpip\..\Interfaces\{9cc1df82-b544-4177-ac86-27602a821afb}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{ba039d94-119f-49d6-9ce6-64075177094d}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-49138174-156455024-2110086174-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-49138174-156455024-2110086174-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-49138174-156455024-2110086174-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iehome
HKU\S-1-5-21-49138174-156455024-2110086174-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-49138174-156455024-2110086174-1001 -> DefaultScope {C3ED4B8D-1BE3-4137-B9A4-8173D64E67EE} URL =
SearchScopes: HKU\S-1-5-21-49138174-156455024-2110086174-1001 -> {C3ED4B8D-1BE3-4137-B9A4-8173D64E67EE} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-28] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\e83yvltv.default
FF DefaultSearchEngine.US: Ecosia
FF Homepage: hxxps://www.ecosia.org/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-28] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Extension: (NoScript) - C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\e83yvltv.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-09]
FF Extension: (Firefox Hotfix) - C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\e83yvltv.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-08]
FF Extension: (Ecosia — The search engine that plants trees!) - C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\e83yvltv.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2016-08-15]
Chrome:
=======
CHR Profile: C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-08]
CHR Extension: (Google Docs) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-08]
CHR Extension: (Google Drive) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-08]
CHR Extension: (YouTube) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-08]
CHR Extension: (Google Search) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Google Sheets) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-08]
CHR Extension: (Google Docs Offline) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23]
CHR Extension: (Lone Tree) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2015-11-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-08]
CHR Extension: (Chrome Media Router) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-05]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [309376 2014-09-19] (Qualcomm Atheros) [File not signed]
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-03-23] (Lenovo Corporation)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] ()
R2 CronService; C:\Windows\Prey\wpxsvc.exe [611854 2016-01-10] (Fork, Ltd.) [File not signed]
R2 DAMSvc; C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe [4260112 2014-04-08] (Nuance Communications, Inc.)
R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [193640 2015-10-22] (Lenovo)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-08] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-08-30] (Hi-Rez Studios) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365032 2016-05-07] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [60752 2016-08-24] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-10-10] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2730280 2016-01-07] (Lenovo(beijing) Limited)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016040 2015-04-10] (Lenovo Group Limited)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [625608 2015-03-23] (Lenovo Corporation)
R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-04-18] ()
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited)
R3 LenovoUpdate; C:\Windows\System32\LenovoUpdate.exe [26608 2016-08-23] (Lenovo)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19438920 2014-09-08] (NVIDIA Corporation)
R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [369960 2016-01-07] (Lenovo(beijing) Limited)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-10] (Electronic Arts)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-05-28] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [524552 2014-05-28] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-04-18] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-04-18] (Lenovo)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-09-23] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-10-28] (Razer Inc.)
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28544 2016-07-07] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2015-04-18] (Lenovo)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2015-08-22] (Echobit, LLC)
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [72808 2015-10-22] (Windows (R) Win 7 DDK provider)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-17] (GenesysLogic)
R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] ()
R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 Qcamain10x64; C:\Windows\System32\drivers\Qcamain10x64.sys [2327040 2015-10-30] (Qualcomm Atheros, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3127576 2016-06-29] (Realtek Semiconductor Corp.)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-06-19] (Synaptics Incorporated)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [32024 2014-02-12] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-13 22:18 - 2016-09-13 22:19 - 00025556 _____ C:\Users\Danielle\Downloads\FRST.txt
2016-09-13 22:17 - 2016-09-13 22:18 - 00000000 ____D C:\FRST
2016-09-13 22:16 - 2016-09-13 22:17 - 02398720 _____ (Farbar) C:\Users\Danielle\Downloads\FRST64.exe
2016-09-13 15:33 - 2016-09-13 15:33 - 00000000 ____D C:\Users\Danielle\AppData\Local\ESET
2016-09-13 15:32 - 2016-09-13 15:33 - 06761600 _____ (ESET spol. s r.o.) C:\Users\Danielle\Downloads\esetonlinescanner_enu.exe
2016-09-03 20:41 - 2016-09-03 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-09-01 19:05 - 2016-09-01 19:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-29 18:54 - 2016-08-29 18:55 - 00000375 _____ C:\Users\Public\Documents\DisplayDebugLog.txt
2016-08-24 14:50 - 2016-08-24 14:50 - 00257872 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2016-08-23 15:30 - 2016-08-23 15:31 - 00331956 _____ C:\WINDOWS\Minidump\082316-88140-01.dmp
2016-08-23 13:21 - 2016-08-23 13:23 - 00335180 _____ C:\WINDOWS\Minidump\082316-32312-01.dmp
2016-08-15 13:12 - 2016-08-03 07:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-15 13:12 - 2016-08-03 07:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-15 13:12 - 2016-08-03 07:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-15 13:12 - 2016-08-03 06:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-15 13:12 - 2016-08-03 06:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-15 13:12 - 2016-08-03 06:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-15 13:12 - 2016-08-03 06:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-15 13:12 - 2016-08-03 06:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-15 13:12 - 2016-08-03 06:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-15 13:12 - 2016-08-03 06:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-15 13:12 - 2016-08-03 06:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-15 13:12 - 2016-08-03 06:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-15 13:12 - 2016-08-03 06:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-15 13:12 - 2016-08-03 06:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-15 13:12 - 2016-08-03 06:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-15 13:12 - 2016-08-03 06:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-15 13:12 - 2016-08-03 06:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-15 13:12 - 2016-08-03 06:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-15 13:12 - 2016-08-03 06:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-15 13:12 - 2016-08-03 06:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-15 13:12 - 2016-08-03 06:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-15 13:12 - 2016-08-03 06:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-15 13:12 - 2016-08-03 06:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-15 13:12 - 2016-08-03 06:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-15 13:12 - 2016-08-03 06:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-15 13:12 - 2016-08-03 06:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-15 13:12 - 2016-08-03 05:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-15 13:12 - 2016-08-03 05:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-15 13:12 - 2016-08-03 05:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-15 13:12 - 2016-08-03 05:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-15 13:12 - 2016-08-03 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-15 13:12 - 2016-08-03 05:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-15 13:12 - 2016-08-03 05:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-15 13:12 - 2016-08-03 05:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-15 13:12 - 2016-08-03 05:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-15 13:12 - 2016-08-03 05:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-15 13:12 - 2016-08-03 05:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-15 13:12 - 2016-08-03 05:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-15 13:12 - 2016-08-03 05:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-15 13:12 - 2016-08-03 05:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-15 13:12 - 2016-08-03 05:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-15 13:12 - 2016-08-03 05:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-15 13:12 - 2016-08-03 05:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-15 13:12 - 2016-08-03 05:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-15 13:12 - 2016-08-03 05:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-15 13:12 - 2016-08-03 05:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-15 13:12 - 2016-08-03 05:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-15 13:12 - 2016-08-03 05:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-15 13:12 - 2016-08-03 05:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-15 13:12 - 2016-08-03 05:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-15 13:12 - 2016-08-03 05:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-15 13:12 - 2016-08-03 05:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-15 13:12 - 2016-08-03 05:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-15 13:12 - 2016-08-03 05:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-15 13:12 - 2016-08-03 05:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-15 13:12 - 2016-08-03 05:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-15 13:12 - 2016-08-03 05:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-15 13:12 - 2016-08-03 05:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-15 13:12 - 2016-08-03 05:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-15 13:12 - 2016-08-03 05:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-15 13:12 - 2016-08-03 05:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-15 13:12 - 2016-08-03 05:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-15 13:12 - 2016-08-03 05:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-15 13:12 - 2016-08-03 05:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-15 13:12 - 2016-08-03 05:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-15 13:12 - 2016-08-03 05:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-15 13:12 - 2016-08-03 05:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-15 13:12 - 2016-08-03 05:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-15 13:12 - 2016-08-03 05:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-15 13:12 - 2016-08-03 05:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-15 13:12 - 2016-08-03 05:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-15 13:12 - 2016-08-03 05:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-15 13:12 - 2016-08-03 05:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-15 13:12 - 2016-08-03 05:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-15 13:12 - 2016-08-03 05:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-15 13:12 - 2016-08-03 05:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-15 13:12 - 2016-08-03 05:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-15 13:12 - 2016-08-03 05:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-15 13:12 - 2016-08-03 05:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-15 13:12 - 2016-08-03 05:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-15 13:12 - 2016-08-03 05:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-15 13:12 - 2016-08-03 05:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-15 13:12 - 2016-08-03 05:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-15 13:12 - 2016-08-03 05:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-15 13:12 - 2016-08-03 05:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-15 13:12 - 2016-08-03 05:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-15 13:12 - 2016-08-03 05:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-15 13:12 - 2016-08-03 05:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-15 13:12 - 2016-08-03 05:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-15 13:12 - 2016-08-03 05:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-15 13:12 - 2016-08-03 05:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-15 13:12 - 2016-08-03 01:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-15 13:12 - 2016-08-03 01:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-15 13:12 - 2016-08-03 01:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-15 13:12 - 2016-08-03 01:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-15 13:12 - 2016-08-03 01:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-15 13:12 - 2016-08-03 01:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-15 13:12 - 2016-08-03 01:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-15 13:12 - 2016-08-03 01:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-15 13:12 - 2016-08-03 01:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-15 13:12 - 2016-08-03 01:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-15 13:12 - 2016-08-03 00:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-15 13:12 - 2016-08-03 00:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-15 13:12 - 2016-08-03 00:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-15 13:12 - 2016-08-03 00:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-15 13:12 - 2016-08-03 00:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-15 13:12 - 2016-08-03 00:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-15 13:12 - 2016-08-03 00:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-15 13:12 - 2016-08-03 00:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-15 13:12 - 2016-08-03 00:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-15 13:12 - 2016-08-03 00:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-15 13:12 - 2016-08-03 00:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-15 13:12 - 2016-08-03 00:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-15 13:12 - 2016-08-03 00:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-15 13:12 - 2016-08-03 00:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-15 13:12 - 2016-08-03 00:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-15 13:12 - 2016-08-03 00:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-15 13:12 - 2016-08-03 00:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-15 13:12 - 2016-08-03 00:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-15 13:12 - 2016-08-03 00:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-15 13:12 - 2016-08-03 00:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-15 13:12 - 2016-08-03 00:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-15 13:12 - 2016-08-03 00:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-15 13:12 - 2016-08-03 00:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-15 13:12 - 2016-08-03 00:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-15 13:12 - 2016-08-03 00:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-15 13:12 - 2016-08-03 00:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-15 13:12 - 2016-08-03 00:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-15 13:12 - 2016-08-03 00:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-15 13:12 - 2016-08-03 00:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-15 13:12 - 2016-08-03 00:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-15 13:12 - 2016-08-03 00:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-15 13:12 - 2016-08-03 00:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-15 13:12 - 2016-08-03 00:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-13 22:18 - 2015-08-18 20:56 - 00000000 ____D C:\Users\Danielle\AppData\Roaming\Skype
2016-09-13 20:20 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-13 19:37 - 2015-11-08 18:12 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-13 19:32 - 2015-08-21 19:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-13 18:47 - 2015-08-18 20:01 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{30138CE5-22E9-4245-8917-6F4CCABB97C3}
2016-09-13 12:49 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-13 12:49 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-12 21:37 - 2015-11-08 18:12 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-10 11:47 - 2015-10-13 19:05 - 00000000 ____D C:\Users\Danielle\AppData\Local\Spotify
2016-09-10 11:04 - 2015-10-13 19:05 - 00000000 ____D C:\Users\Danielle\AppData\Roaming\Spotify
2016-09-07 13:27 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-07 13:27 - 2015-08-19 17:12 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-04 20:53 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 20:41 - 2015-08-19 21:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2016-09-03 20:41 - 2015-04-18 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-09-03 20:41 - 2015-04-18 09:25 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-09-03 20:40 - 2015-04-18 09:24 - 00000000 ____D C:\ProgramData\Lenovo
2016-09-02 17:28 - 2015-08-28 16:04 - 00000003 _____ C:\WINDOWS\SysWOW64\HRUPPROG.TXT
2016-09-02 17:28 - 2015-08-24 23:43 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-09-01 23:11 - 2015-11-19 22:58 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-01 23:11 - 2015-08-18 19:45 - 00000000 __SHD C:\Users\Danielle\IntelGraphicsProfiles
2016-09-01 17:51 - 2016-01-10 15:43 - 00000000 ____D C:\WINDOWS\Prey
2016-08-31 17:38 - 2016-08-03 08:45 - 00000000 ____D C:\Users\Danielle\AppData\LocalLow\Lenovo
2016-08-30 16:42 - 2015-08-18 19:45 - 00000000 ____D C:\Users\Danielle\AppData\Local\Packages
2016-08-29 18:31 - 2015-12-22 12:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-29 18:31 - 2015-08-18 20:55 - 00000000 ____D C:\ProgramData\Skype
2016-08-23 17:02 - 2015-08-18 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-23 16:33 - 2015-11-19 23:03 - 00000000 ____D C:\Users\Danielle
2016-08-23 15:30 - 2016-06-08 19:24 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-23 15:30 - 2015-11-19 23:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-23 15:30 - 2015-11-19 22:53 - 00153336 _____ C:\WINDOWS\system32\wpbbin.exe
2016-08-23 15:30 - 2015-11-19 22:53 - 00111088 _____ (Lenovo (Beijing) Limited) C:\WINDOWS\system32\LenovoCheck.exe
2016-08-23 15:30 - 2015-11-19 22:53 - 00026608 _____ (Lenovo) C:\WINDOWS\system32\LenovoUpdate.exe
2016-08-23 15:30 - 2015-11-18 17:46 - 706015799 _____ C:\WINDOWS\MEMORY.DMP
2016-08-23 12:02 - 2015-08-19 18:55 - 00000000 ___RD C:\Users\Danielle\Desktop\Everything
2016-08-16 15:23 - 2015-08-19 10:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-16 04:11 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-16 03:35 - 2015-10-30 02:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-08-16 03:32 - 2015-10-30 05:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-16 03:32 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-15 19:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-15 13:21 - 2015-08-18 20:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-15 13:15 - 2015-08-18 20:48 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2015-08-30 17:43 - 2015-08-30 17:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-11-19 22:59 - 2015-11-19 22:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Danielle\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Danielle\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Danielle\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Danielle\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-25 21:37
==================== End of FRST.txt ============================
Addition Log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2016
Ran by Danielle (13-09-2016 22:19:36)
Running from C:\Users\Danielle\Downloads
Windows 10 Home Version 1511 (X64) (2015-11-20 03:26:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-49138174-156455024-2110086174-500 - Administrator - Disabled)
Danielle (S-1-5-21-49138174-156455024-2110086174-1001 - Administrator - Enabled) => C:\Users\Danielle
DefaultAccount (S-1-5-21-49138174-156455024-2110086174-503 - Limited - Disabled)
Guest (S-1-5-21-49138174-156455024-2110086174-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-49138174-156455024-2110086174-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.1.0.7 - Lenovo)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dragon Assistant 3 (HKLM-x32\...\{4693847A-7139-4CF4-B274-916C046C9E50}) (Version: 3.1.30 - Nuance Communications, Inc.)
Dragon Assistant 3 Language Data Pack en_US (HKLM-x32\...\{532A5345-1A42-4C55-B56E-CE753D0BAA02}) (Version: 3.1.30 - Nuance Communications, Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Graphics Rules Maker (HKLM-x32\...\Graphics Rules Maker) (Version: 1.1.0 - SimsNetwork.com)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.9 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Officejet 4630 series Basic Device Software (HKLM\...\{38037A50-E9F1-41E4-9AA3-2E0A5A2FC4C5}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet 4630 series Help (HKLM-x32\...\{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4454 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.0.0.15 - Intel Corporation)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10285 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{D3F38500-4C99-4E4F-9786-B907224E13A1}) (Version: 2.6.0.0528 - PointGrab)
Lenovo Motion Control (x32 Version: 2.6.0.0528 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 2.0.0.19 - Lenovo) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.5.2126.02 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.5.2126.02 - CyberLink Corp.) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.7 - Stoneware, Inc.)
Lenovo Service Bridge (HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\dda9ca0b023f4c56) (Version: 1.6.3.5 - Lenovo)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.24.256 - Lenovo Corporation)
Lenovo Settings (HKLM\...\{D14CCBF5-1A3A-4C08-955B-BE6D519835C4}_is1) (Version: 2.0.0.5 - Lenovo)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.33 - Lenovo Group Limited)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.0.21 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Settings WiFi (HKLM\...\{86045A6C-C156-4349-A3E2-47A88A42F5C2}_is1) (Version: 2.0.0.4 - Lenovo)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.066.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0032 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.3 - Lenovo)
LenovoUtility (x32 Version: 2.0.0.3 - Lenovo) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 48.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.3.0.10 - Lenovo)
OneKey Optimizer (x32 Version: 1.3.0.10 - Lenovo) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Prey Anti-Theft (x32 Version: 1.5.0 - Prey, Inc.) Hidden
Product Improvement Study for HP Officejet 4630 series (HKLM\...\{EE629820-EACD-4AAE-966D-DF1560A0ED2D}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 3.0.0.400 - Qualcomm Atheros)
Qualcomm Atheros 61x4 Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.0.653A - Qualcomm Atheros)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.3.19.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.21 - NVIDIA Corporation) Hidden
SimPE 0.72 (alpha) (HKLM-x32\...\SimPE_is1) (Version: - )
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 3.17.3628.0 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\Spotify) (Version: 1.0.37.150.gad02a02e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.13.0 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{2AD13EE9-97A0-4ADA-B4A5-5F86F33B7C39}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Katy Perry's Sweet Treats (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-49138174-156455024-2110086174-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Danielle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03E36270-B809-4007-92AC-96FD8697C169} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D57A89A-9B08-4FDF-B083-9C348A8443B5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {156D3B08-F5AF-4309-AFB7-869BEC2F5363} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {1A9C6555-2214-4855-90DD-DBEFF60B5A54} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {2EAC8B62-E6FB-4E88-AD31-F6C78467B5FA} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-49138174-156455024-2110086174-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {3DDFECDD-6B8E-4EFA-985B-D79DF66C7230} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-07-07] ()
Task: {54FBCA2F-8B69-4AB4-80EB-65D01789324E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {5E4CC51E-E100-4FD8-97E3-D34B0E22FB13} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {6382DD7F-18B0-4AF2-9A2F-76BD724F3555} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {6874B768-74A1-4025-BCCA-C43068A97F4F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {82E6061A-A926-4E3C-B027-877793BF4258} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-08] (Google Inc.)
Task: {8A8A00DA-398F-4BB8-88D0-CBF0D18517A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-08] (Google Inc.)
Task: {9107F1CE-DFCE-452C-8152-99FFAF4FE24C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {93F407A6-75D4-4E31-940D-D1E0EAF3319B} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe [2014-02-25] ()
Task: {AC219E6C-A5EC-49F0-8EF9-BBEFE3297A83} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-15] (Microsoft Corporation)
Task: {B0691507-1BCA-46A2-B658-0F7994B81DD7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B12A752E-F152-4D71-8B1B-6078F9A4363B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B2DCF117-1CAA-40A4-A81C-582A025E474A} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {BB61B1FE-DD60-4C76-A816-7957B32F4DCA} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {C280BF1B-E554-4B2D-9821-27FA4071E268} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {CAE9300D-65D7-4895-B91A-C5D03DF1A66D} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-49138174-156455024-2110086174-1001
Task: {D3596E3B-9A8E-461E-A3D6-B913A8CC4638} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-07-07] ()
Task: {DDD5B923-B331-45FF-8BA5-FE90B5105D98} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {DE272A6F-9A83-4E4F-B472-A4F32ED9FE42} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E723FAD1-8B5D-48B2-B0B9-93E95CCBB63D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {F6EA4DD1-8472-4D10-AB4D-3BA37A2BB0F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F9F37ADA-82A6-4AA3-AEE8-679452E5EA16} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-18 09:48 - 2015-10-22 17:07 - 00019560 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbServicePS.dll
2015-04-18 09:45 - 2015-04-18 09:44 - 00133440 _____ () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
2015-04-18 09:44 - 2012-04-24 06:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-04-18 09:40 - 2015-04-18 09:40 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2015-09-23 17:41 - 2015-09-23 17:41 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-04-18 09:40 - 2014-10-22 13:15 - 00644080 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-04-18 09:45 - 2015-04-18 09:44 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-19 22:59 - 2015-10-14 23:46 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-13 15:13 - 2016-07-01 00:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 15:13 - 2016-07-01 00:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-04-18 09:48 - 2015-05-26 10:54 - 00037672 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Metric.dll
2015-04-18 09:48 - 2015-05-26 10:54 - 00166696 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Lenovo.MetricCollectionMFCx64.dll
2015-04-18 09:40 - 2014-10-22 13:15 - 00410096 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2015-11-18 18:00 - 2016-05-07 00:27 - 00393192 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-04-18 09:18 - 2014-02-25 23:13 - 00053248 _____ () C:\windows\SysWOW64\UMonit64.exe
2015-04-18 09:40 - 2015-04-18 09:40 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2015-04-18 09:40 - 2015-04-18 09:40 - 00791368 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-04-18 09:40 - 2015-04-18 09:40 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-04-18 09:40 - 2015-04-18 09:40 - 00109328 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2015-04-18 09:48 - 2015-05-26 10:54 - 00043304 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\EnglishRes.dll
2015-04-18 09:48 - 2015-10-22 17:07 - 00161896 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbApi.dll
2015-04-18 09:48 - 2015-05-26 10:55 - 00036136 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\zd.dll
2016-09-03 20:41 - 2016-07-07 15:21 - 00028544 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2015-12-18 18:47 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 15:15 - 2016-06-30 23:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-18 16:23 - 2016-04-18 16:23 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-13 15:13 - 2016-06-30 23:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 15:13 - 2016-06-30 23:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 15:13 - 2016-06-30 23:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-13 15:13 - 2016-06-30 23:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 15:13 - 2016-06-30 23:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-13 15:13 - 2016-06-30 23:21 - 00529408 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-10-30 03:18 - 2015-10-30 05:07 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-10-30 03:18 - 2015-10-30 05:06 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-10-30 03:18 - 2015-10-30 05:07 - 00961024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-10-30 03:18 - 2015-10-30 05:06 - 00206336 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-10-30 03:18 - 2015-10-30 05:06 - 00558592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-10-30 03:18 - 2015-10-30 05:07 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-10-30 03:18 - 2015-10-30 05:06 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-10-30 03:18 - 2015-10-30 05:06 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-10-30 03:18 - 2015-10-30 05:06 - 00200192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2014-10-10 12:37 - 2014-10-10 12:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-05-28 16:16 - 2014-05-28 16:16 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2015-08-26 17:33 - 2015-10-28 17:50 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Cortex\D3DX8Wrapper.dll
2015-04-18 09:40 - 2015-04-18 09:40 - 00105744 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\1366\TransitionLib.dll
2015-04-18 09:40 - 2015-04-18 09:40 - 00102160 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2015-08-26 17:32 - 2015-10-28 17:50 - 00724480 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.Core.dll
2015-08-26 17:32 - 2015-10-28 17:50 - 41289216 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libcef.dll
2015-08-26 17:32 - 2015-10-28 17:50 - 00544256 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll
2015-08-26 17:32 - 2015-10-28 17:50 - 01482240 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libglesv2.dll
2015-08-26 17:32 - 2015-10-28 17:50 - 00073728 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libegl.dll
2015-04-18 09:25 - 2015-01-22 19:18 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-04-18 09:25 - 2015-01-22 19:18 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2016-04-18 16:23 - 2016-04-18 16:23 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-18 16:23 - 2016-04-18 16:24 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-08-08 17:15 - 2016-07-20 23:41 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll
2014-05-28 16:17 - 2014-05-28 16:17 - 02402568 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
2016-08-15 19:22 - 2016-08-15 19:22 - 00101888 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Management\252667907e1e3e32b11d87fba7af0023\Windows.Management.ni.dll
2016-08-15 19:23 - 2016-08-15 19:23 - 02921472 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\931208eb21bfb07f9a4995753d6b7f7b\Windows.ApplicationModel.ni.dll
2016-08-15 19:23 - 2016-08-15 19:23 - 00821248 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\70c31a6aefe21a1501d1b781a0217731\Windows.Storage.ni.dll
2016-08-15 19:22 - 2016-08-15 19:22 - 00335360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\cbafdb4e11c9fd06e0a2e5efa6253883\Windows.Foundation.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-49138174-156455024-2110086174-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Danielle\Desktop\tumblr_o6137sISSh1uh5xqwo1_1280.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-49138174-156455024-2110086174-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A50195B4-7896-474C-8801-D85B87C4F066}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4080AC46-3899-46F7-BA23-16545949817A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{DDA575A2-616F-4A68-89EC-46B1B0D5240A}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{364F07AA-46CF-41E5-82F9-27ABF430A1E7}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{EFDE6EF1-B839-4CAF-8E4D-6FB069CC30CD}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{93467424-8003-4C63-B047-666EFC9ED544}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{55A9013F-FC72-41B3-8A22-761ED43B125E}C:\users\danielle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danielle\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0D829E9A-057F-443D-A86A-BEAE3225BB46}C:\users\danielle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danielle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4FC0AD98-0974-4F2F-B4DB-C41316E06E2D}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{AB65A869-6E01-4510-BCE7-B2B0C4B6C017}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{B9E5B449-D244-41C2-8A7F-BFDFEED110DC}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{5AB11EFA-CD5D-4BFF-A018-6ED3F262A097}] => (Allow) LPort=5357
FirewallRules: [{04FBDE26-BCF2-48B6-B5A4-E4E757ADCF3B}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe
FirewallRules: [{3ABC7975-28DC-4D9C-8D90-2D2F18C30CDE}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe
FirewallRules: [{0C7FF600-7F81-4733-BA1B-8D51152D27BE}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe
FirewallRules: [{78246416-023D-4ED5-95A9-C7DA7A5D0644}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe
FirewallRules: [UDP Query User{0B2441A0-E1D8-4479-8CCD-D6338A67E548}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{D142D890-06C2-4E87-A723-15CD3D435A68}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{C81BAB5D-C3A1-4778-BFAB-6B4273D1D9A2}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{AC74E429-E2F6-4975-9B3E-F6A5B61B25D4}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{EB53D64A-4184-4503-B351-DCD0441D0495}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A3BC6D17-C527-43C2-807D-FDD3277EB83B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{17646769-A01F-4CD0-8CDF-53BC3CF13F3A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{046140EF-233D-49FD-A8EA-6DF412F8354A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{94C8B424-9C1A-4E63-A918-EE033039B2D3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EB7BDFEF-E0C6-4031-9BBD-C222268A2EE1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0B84A76A-D648-4BAD-B277-AF9228C9B995}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{88192F8B-FBFD-4C5A-AAA5-9C50A6583B57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{46E76CE6-3B9D-4892-9DE7-90AEBACD03FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D6C4BA5-E0FD-4E1E-84FB-77FBD074313E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E4B5E6E-3994-4D19-B6C9-B5DF05FEFC44}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{354E5005-B189-405E-912C-65B9FBD613E8}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
FirewallRules: [{E1E2D00F-07AA-4E0A-97C6-D06F41E4FF6E}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
FirewallRules: [{88FCE3A8-E320-4DC8-B911-8C440CD908DC}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{9B7EAFE4-1D28-4937-BA82-9A9CFDEEEDDB}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{48678205-6F49-45AE-8012-F65575E8AC93}] => (Allow) LPort=55100
FirewallRules: [{9CFBDEF9-DC2E-4B5E-B468-A8C3BC7D7310}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{788D7801-E492-4C4C-AD85-D9D76D1C21E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{372E1AEB-04AA-4A14-91D3-533BD0A83D49}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1E07C791-B22D-4B57-B438-2F71191644A5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AA06032C-3E6A-4197-B6F1-84C8F4232BD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{9BCCC8EC-6A80-46E5-9113-9606FC6098B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{441D8576-3457-4A76-A48C-10C8DB012516}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{237C68FD-43B2-4226-9CF5-C15C2A20536B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41C548BA-5FFD-4FF6-85B3-987A9DB8FCA7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{096C656A-466C-4471-873D-00CCC1205409}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{621E257D-AC5F-4826-9CC1-9E27AE59DD46}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{67B4ED01-12A4-4294-8CF2-34EDBD82281A}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{9C5090D1-E3A5-4BB2-8260-9AE3E4F4D635}C:\users\danielle\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\danielle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A2C2379B-250D-4606-B161-0EFC3B6B6F43}C:\users\danielle\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\danielle\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D3E2B918-32C2-4AC6-8443-A43DE685A851}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{0D0FBBE2-16E5-41A5-B416-52778BC5F991}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{6579D9C1-390B-411B-B25B-5A3585D8ED44}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{82FD9EED-2837-4DD2-B74C-FFC0C389F2DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{51CB68ED-1799-48BC-8E79-44DDEBCBBA15}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6A1FAE2D-4CDE-47A5-B8A2-9B0339AE607D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2523583B-7C34-45DE-A0D6-253B12890E9A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7D7D09CA-F565-4321-B7FA-C5B4D6877887}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{024F0EC9-20E8-4930-ABF8-B5E9869F8D43}] => (Allow) C:\Windows\Prey\versions\1.6.2\bin\node.exe
FirewallRules: [{3D6914C5-4042-40BF-81BC-AFD003F1151E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{4D6AFA37-1910-47E7-9EAE-2D7A1681ACF5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
==================== Restore Points =========================
15-08-2016 13:15:18 Windows Update
18-08-2016 16:57:47 Windows Update
22-08-2016 13:27:20 Windows Update
25-08-2016 18:17:46 Windows Update
28-08-2016 19:16:27 Windows Update
01-09-2016 17:56:40 Windows Update
04-09-2016 20:52:41 Windows Update
08-09-2016 17:39:02 Windows Update
11-09-2016 22:09:10 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/13/2016 10:00:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wpxsvc.exe, version: 1.0.0.0, time stamp: 0x00000000
Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571afb7f
Exception code: 0xc0000005
Fault offset: 0x0004b6b8
Faulting process id: 0x8350
Faulting application start time: 0x01d20e1a8a079ea9
Faulting application path: C:\Windows\Prey\wpxsvc.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: d7bd9434-4d28-4718-bfc7-ce1c670e858e
Faulting package full name:
Faulting package-relative application ID:
Error: (09/13/2016 09:39:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (09/13/2016 08:21:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9125
Error: (09/13/2016 08:21:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9125
Error: (09/13/2016 08:21:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/13/2016 08:21:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8015
Error: (09/13/2016 08:21:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8015
Error: (09/13/2016 08:21:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/13/2016 08:21:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6906
Error: (09/13/2016 08:21:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6906
System errors:
=============
Error: (09/13/2016 10:00:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Cron Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (09/13/2016 07:56:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Cron Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (09/13/2016 07:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Cron Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (09/13/2016 06:31:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Cron Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (09/13/2016 05:47:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Cron Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (09/13/2016 05:20:10 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: The server microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Error: (09/13/2016 05:20:00 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: The server App.AppXrvx5vw3ftamg62prcf1xd7e4aena2tfj.mca did not register with DCOM within the required timeout.
Error: (09/13/2016 05:20:00 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: The server microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Error: (09/13/2016 05:02:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Cron Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (09/13/2016 04:18:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Cron Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2016-09-05 00:24:54.978
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-25 21:39:20.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-16 03:47:18.814
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-16 03:37:38.361
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-15 22:41:05.447
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-15 19:27:17.968
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-08 22:09:33.146
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-04 13:03:21.847
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-22 12:59:24.303
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-20 17:08:18.184
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 53%
Total physical RAM: 8097.92 MB
Available physical RAM: 3783.66 MB
Total Virtual: 12161.95 MB
Available Virtual: 5315.02 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:891.45 GB) (Free:738.63 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.72 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 35933FB4)
Partition: GPT.
==================== End of Addition.txt ============================