Page 1 of 7 123 ... LastLast
Results 1 to 10 of 64
  1. #1
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default Wireless adapter and firefox keep crashing

    My wifi connection keeps crashing and I have to reset it or reboot my laptop to get it working again. Also, firefox keeps hanging, I get messages saying that a script is running slow etc. Can somebody help please?

    I'm happy to run MBAB/SAS/HJT but you seem to be using other tools these days.

    Thanks in advance

  2. #2
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default

    I also have an SD card that I can't write to but can from another laptop

  3. #3
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi MickKnipfler,

    Have you tried connecting the laptop directly to the modem to rule out issues with the router?

    In reference to the SD card. Is it readable from that particular laptop?

    Go ahead and provide the following logs.

    Please download Farbar Recovery Scan Tool and save it to your desktop. <<< Very Important!

    Note: You will need to run the version compatible with your system. If you are not sure which version (32 or 64-bit) applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Make sure that FRST is on the desktop.
    • Right click and choose Run as administrator. When the tool opens click Yes to disclaimer.
    • Under Optional Scan place a checkmark in the box for Addition.txt to ensure it creates that 2nd log.
    • Press Scan button.
    • It will produce 2 logs that will be found in the same directory the tool is run from.
    • Please copy and paste those logs back here in your next reply
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  4. #4
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default

    I haven't tried that but I have tried it with a different router and it's the same. Also. other devices are fine.

    Yes, the SD card is readable.





    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
    Ran by Steve Povey (administrator) on LENOVO (28-04-2016 08:17:38)
    Running from C:\Users\Steve Povey\Desktop
    Loaded Profiles: Steve Povey (Available Profiles: Steve Povey & Guest)
    Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Edge)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware2\SASCore64.exe
    (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
    (Intel Corporation) C:\Windows\System32\DptfParticipantDisplayService.exe
    (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
    (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
    (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
    (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
    (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
    () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
    (Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
    (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    () C:\Windows\System32\igfxTray.exe
    (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek semiconductor) C:\Windows\RTFTrack.exe
    (Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
    () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
    () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
    (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
    () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware2\SUPERANTISPYWARE.EXE
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
    (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-15] (Intel Corporation)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
    HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
    HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [402344 2015-12-19] ()
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
    HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2013-12-29] (Lenovo)
    HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2013-12-29] ()
    HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [59925488 2013-12-29] (Lenovo(beijing) Limited)
    HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2013-12-29] (Lenovo(beijing) Limited)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
    HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-18] (Intel Corporation)
    HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [90640 2013-07-09] (Lenovo)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware2\SUPERAntiSpyware.exe [7943072 2016-04-21] (SUPERAntiSpyware)
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\RunOnce: [Uninstall C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\RunOnce: [Uninstall C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1"
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\RunOnce: [Uninstall C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\RunOnce: [Uninstall C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\RunOnce: [Uninstall C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [583680 2015-10-30] (Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-12]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
    Startup: C:\Users\Steve Povey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700 (Network).lnk [2016-04-27]
    ShortcutTarget: Monitor Ink Alerts - HP Officejet 6700 (Network).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: 0.0.0.1 mssplus.mcafee.com
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
    Tcpip\..\Interfaces\{9bab0152-83a6-4daf-84f4-eca9f79c57fa}: [DhcpNameServer] 192.168.1.1 192.168.1.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
    SearchScopes: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001 -> {1F8B7367-5EBB-4FCB-990F-487789BC2E7D} URL =
    DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2012-06-01] (Skype Technologies)

    Edge:
    ======
    Edge Session Restore: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001 -> is enabled.

    FireFox:
    ========
    FF ProfilePath: C:\Users\Steve Povey\AppData\Roaming\Mozilla\Firefox\Profiles\x7qfdjmi.default-1429798241763
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
    FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-06-29] (Nitro PDF)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin HKU\S-1-5-21-3014982265-1691719775-2840682121-1001: intel.com/AppUp -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll [2013-07-18] (Intel)
    FF Plugin HKU\S-1-5-21-3014982265-1691719775-2840682121-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll [2013-07-18] (Intel)
    FF Plugin ProgramFiles/Appdata: C:\Users\Steve Povey\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-02-07] (Cisco WebEx LLC)

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.com"
    CHR Profile: C:\Users\Steve Povey\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\Steve Povey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-04]
    CHR Extension: (Docs) - C:\Users\Steve Povey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-04]
    CHR Extension: (Google Drive) - C:\Users\Steve Povey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-04]
    CHR Extension: (YouTube) - C:\Users\Steve Povey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-04]
    CHR Extension: (Google Search) - C:\Users\Steve Povey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-04]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Steve Povey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-04]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Steve Povey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-04]
    CHR Extension: (Gmail) - C:\Users\Steve Povey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-04]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware2\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
    R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-05-02] (Nuance Communications, Inc.)
    R2 DptfParticipantDisplayService; C:\WINDOWS\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel Corporation)
    R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2014-09-15] (Intel Corporation)
    R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2014-09-15] (Intel Corporation)
    R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2014-09-15] (Intel Corporation)
    R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2014-09-15] (Intel Corporation)
    R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
    R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
    R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-08-30] (Intel Corporation)
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-26] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
    R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2013-12-29] (Lenovo)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
    R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-06-29] (Nitro PDF Software)
    R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [162600 2013-08-30] (PointGrab LTD)
    R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [249872 2013-12-29] (Lenovo)
    S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [328720 2013-12-29] (Lenovo)
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
    R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [32016 2013-12-29] (Lenovo)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel Corporation)
    S3 DptfDevDram; C:\Windows\System32\drivers\DptfDevDram.sys [145640 2014-09-15] (Intel Corporation)
    S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel Corporation)
    S3 DptfDevGen; C:\Windows\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel Corporation)
    R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2014-09-15] (Intel Corporation)
    S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel Corporation)
    R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [290256 2014-09-15] (Intel Corporation)
    R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [495320 2014-09-15] (Intel Corporation)
    R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-11-14] (Intel Corporation)
    R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-02] ()
    R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-02] ()
    R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-02] ()
    S3 L6PODHD5; C:\Windows\System32\Drivers\L6PODHD564.sys [772864 2013-07-11] (Line 6)
    S3 L6PODLV; C:\Windows\System32\Drivers\L6PODLV64.sys [777728 2015-08-21] (Line 6)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
    R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware2\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware2\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
    S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
    R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
    R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
    S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-04-28 08:16 - 2016-04-28 08:16 - 02376704 _____ (Farbar) C:\Users\Steve Povey\Desktop\FRST64.exe
    2016-04-27 20:47 - 2016-04-27 20:47 - 00385479 _____ C:\Users\Steve Povey\Downloads\Up_Date_Guitar_MultiAmp_PIC_V4.0.B__DSP_V1.86.zip
    2016-04-27 15:07 - 2016-04-27 15:07 - 00282460 _____ C:\WINDOWS\Minidump\042716-6687-01.dmp
    2016-04-24 19:07 - 2016-04-24 19:07 - 00357972 _____ C:\Users\Steve Povey\Desktop\Up_date_Guitar_multiamp_PIC_V2_1__DSP_V1_61.zip
    2016-04-24 09:30 - 2016-04-24 09:30 - 00000000 ____D C:\Users\Steve Povey\AppData\Local\Garmin_Ltd._or_its_subsid
    2016-04-24 09:30 - 2016-04-24 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
    2016-04-22 14:46 - 2016-04-22 14:46 - 00000115 ____H C:\Users\Steve Povey\Desktop\.~lock.Building.ods#
    2016-04-13 19:59 - 2016-03-29 08:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2016-04-13 19:59 - 2016-03-29 08:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
    2016-04-13 19:59 - 2016-03-29 06:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-04-13 19:58 - 2016-04-02 05:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2016-04-13 19:58 - 2016-04-02 04:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
    2016-04-13 19:58 - 2016-04-02 04:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2016-04-13 19:58 - 2016-04-02 04:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2016-04-13 19:58 - 2016-04-02 04:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2016-04-13 19:58 - 2016-04-02 04:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2016-04-13 19:58 - 2016-04-02 04:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-04-13 19:58 - 2016-04-02 04:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2016-04-13 19:58 - 2016-04-02 04:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-04-13 19:58 - 2016-04-02 04:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-04-13 19:58 - 2016-04-02 04:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-04-13 19:58 - 2016-03-29 11:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-04-13 19:58 - 2016-03-29 11:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-04-13 19:58 - 2016-03-29 11:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-04-13 19:58 - 2016-03-29 11:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2016-04-13 19:58 - 2016-03-29 11:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-04-13 19:58 - 2016-03-29 11:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-04-13 19:58 - 2016-03-29 11:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2016-04-13 19:58 - 2016-03-29 11:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2016-04-13 19:58 - 2016-03-29 10:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2016-04-13 19:58 - 2016-03-29 10:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2016-04-13 19:58 - 2016-03-29 10:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2016-04-13 19:58 - 2016-03-29 10:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-04-13 19:58 - 2016-03-29 10:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2016-04-13 19:58 - 2016-03-29 10:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-04-13 19:58 - 2016-03-29 09:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2016-04-13 19:58 - 2016-03-29 09:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2016-04-13 19:58 - 2016-03-29 09:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
    2016-04-13 19:58 - 2016-03-29 09:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2016-04-13 19:58 - 2016-03-29 09:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2016-04-13 19:58 - 2016-03-29 09:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2016-04-13 19:58 - 2016-03-29 08:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
    2016-04-13 19:58 - 2016-03-29 08:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2016-04-13 19:58 - 2016-03-29 08:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2016-04-13 19:58 - 2016-03-29 08:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-04-13 19:58 - 2016-03-29 08:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2016-04-13 19:58 - 2016-03-29 08:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2016-04-13 19:58 - 2016-03-29 08:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2016-04-13 19:58 - 2016-03-29 08:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-04-13 19:58 - 2016-03-29 08:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-04-13 19:58 - 2016-03-29 08:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2016-04-13 19:58 - 2016-03-29 08:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
    2016-04-13 19:58 - 2016-03-29 08:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
    2016-04-13 19:58 - 2016-03-29 08:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2016-04-13 19:58 - 2016-03-29 08:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-04-13 19:58 - 2016-03-29 08:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2016-04-13 19:58 - 2016-03-29 08:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2016-04-13 19:58 - 2016-03-29 08:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2016-04-13 19:58 - 2016-03-29 08:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2016-04-13 19:58 - 2016-03-29 08:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2016-04-13 19:58 - 2016-03-29 08:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2016-04-13 19:58 - 2016-03-29 08:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-04-13 19:58 - 2016-03-29 08:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
    2016-04-13 19:58 - 2016-03-29 08:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
    2016-04-13 19:58 - 2016-03-29 08:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-04-13 19:58 - 2016-03-29 08:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-04-13 19:58 - 2016-03-29 08:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-04-13 19:58 - 2016-03-29 08:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2016-04-13 19:58 - 2016-03-29 08:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2016-04-13 19:58 - 2016-03-29 08:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2016-04-13 19:58 - 2016-03-29 08:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2016-04-13 19:58 - 2016-03-29 08:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
    2016-04-13 19:58 - 2016-03-29 08:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2016-04-13 19:58 - 2016-03-29 08:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2016-04-13 19:58 - 2016-03-29 08:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
    2016-04-13 19:58 - 2016-03-29 07:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
    2016-04-13 19:58 - 2016-03-29 07:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2016-04-13 19:58 - 2016-03-29 07:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2016-04-13 19:58 - 2016-03-29 07:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
    2016-04-13 19:58 - 2016-03-29 07:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
    2016-04-13 19:58 - 2016-03-29 07:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-04-13 19:58 - 2016-03-29 07:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
    2016-04-13 19:58 - 2016-03-29 07:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
    2016-04-13 19:58 - 2016-03-29 07:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2016-04-13 19:58 - 2016-03-29 07:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2016-04-13 19:58 - 2016-03-29 07:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
    2016-04-13 19:58 - 2016-03-29 07:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
    2016-04-13 19:58 - 2016-03-29 07:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2016-04-13 19:58 - 2016-03-29 07:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-04-13 19:58 - 2016-03-29 07:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2016-04-13 19:58 - 2016-03-29 07:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-04-13 19:58 - 2016-03-29 07:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2016-04-13 19:58 - 2016-03-29 07:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
    2016-04-13 19:58 - 2016-03-29 07:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
    2016-04-13 19:58 - 2016-03-29 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2016-04-13 19:58 - 2016-03-29 07:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2016-04-13 19:58 - 2016-03-29 07:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-04-13 19:58 - 2016-03-29 07:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-04-13 19:58 - 2016-03-29 07:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2016-04-13 19:58 - 2016-03-29 07:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
    2016-04-13 19:58 - 2016-03-29 07:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-04-13 19:58 - 2016-03-29 07:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2016-04-13 19:58 - 2016-03-29 07:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-04-13 19:58 - 2016-03-29 07:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-04-13 19:58 - 2016-03-29 07:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-04-13 19:58 - 2016-03-29 07:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2016-04-13 19:58 - 2016-03-29 06:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2016-04-13 19:58 - 2016-03-29 06:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2016-04-13 19:58 - 2016-03-29 06:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-04-13 19:58 - 2016-03-29 06:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-04-13 19:58 - 2016-03-29 06:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2016-04-13 19:58 - 2016-03-29 06:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2016-04-13 19:58 - 2016-03-29 06:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
    2016-04-13 19:58 - 2016-03-29 06:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2016-04-13 19:58 - 2016-03-29 06:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-04-13 19:58 - 2016-03-29 06:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-04-13 19:58 - 2016-03-29 06:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-04-13 19:58 - 2016-03-29 06:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2016-04-13 19:58 - 2016-03-29 06:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-04-13 19:58 - 2016-03-29 06:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
    2016-04-13 19:58 - 2016-03-29 06:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-04-13 19:58 - 2016-03-29 06:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2016-04-13 19:58 - 2016-03-29 06:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
    2016-04-13 19:57 - 2016-04-02 05:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
    2016-04-13 19:57 - 2016-04-02 05:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2016-04-13 19:57 - 2016-04-02 05:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2016-04-13 19:57 - 2016-04-02 04:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
    2016-04-13 19:57 - 2016-04-02 04:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
    2016-04-13 19:57 - 2016-04-02 04:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
    2016-04-13 19:57 - 2016-04-02 04:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
    2016-04-13 19:57 - 2016-04-02 04:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
    2016-04-13 19:57 - 2016-04-02 04:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2016-04-13 19:57 - 2016-04-02 04:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2016-04-13 19:57 - 2016-04-02 04:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2016-04-13 19:57 - 2016-04-02 04:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2016-04-13 19:57 - 2016-03-29 11:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2016-04-13 19:57 - 2016-03-29 11:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
    2016-04-13 19:57 - 2016-03-29 11:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2016-04-13 19:57 - 2016-03-29 11:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2016-04-13 19:57 - 2016-03-29 11:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2016-04-13 19:57 - 2016-03-29 10:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2016-04-13 19:57 - 2016-03-29 10:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2016-04-13 19:57 - 2016-03-29 10:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
    2016-04-13 19:57 - 2016-03-29 10:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
    2016-04-13 19:57 - 2016-03-29 10:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2016-04-13 19:57 - 2016-03-29 10:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2016-04-13 19:57 - 2016-03-29 10:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
    2016-04-13 19:57 - 2016-03-29 10:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
    2016-04-13 19:57 - 2016-03-29 10:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
    2016-04-13 19:57 - 2016-03-29 10:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2016-04-13 19:57 - 2016-03-29 10:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
    2016-04-13 19:57 - 2016-03-29 10:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
    2016-04-13 19:57 - 2016-03-29 09:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
    2016-04-13 19:57 - 2016-03-29 09:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
    2016-04-13 19:57 - 2016-03-29 09:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
    2016-04-13 19:57 - 2016-03-29 09:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2016-04-13 19:57 - 2016-03-29 09:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
    2016-04-13 19:57 - 2016-03-29 09:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
    2016-04-13 19:57 - 2016-03-29 09:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2016-04-13 19:57 - 2016-03-29 09:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
    2016-04-13 19:57 - 2016-03-29 09:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2016-04-13 19:57 - 2016-03-29 09:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
    2016-04-13 19:57 - 2016-03-29 09:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
    2016-04-13 19:57 - 2016-03-29 09:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
    2016-04-13 19:57 - 2016-03-29 09:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
    2016-04-13 19:57 - 2016-03-29 09:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2016-04-13 19:57 - 2016-03-29 09:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
    2016-04-13 19:57 - 2016-03-29 09:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
    2016-04-13 19:57 - 2016-03-29 09:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
    2016-04-13 19:57 - 2016-03-29 09:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
    2016-04-13 19:57 - 2016-03-29 09:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
    2016-04-13 19:57 - 2016-03-29 09:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
    2016-04-13 19:57 - 2016-03-29 08:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
    2016-04-13 19:57 - 2016-03-29 08:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-04-13 19:57 - 2016-03-29 08:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
    2016-04-13 19:57 - 2016-03-29 08:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-04-13 19:57 - 2016-03-29 08:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
    2016-04-13 19:57 - 2016-03-29 08:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-04-13 19:57 - 2016-03-29 08:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
    2016-04-13 19:57 - 2016-03-29 08:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
    2016-04-13 19:57 - 2016-03-29 08:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
    2016-04-13 19:57 - 2016-03-29 08:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
    2016-04-13 19:57 - 2016-03-29 08:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
    2016-04-13 19:57 - 2016-03-29 08:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
    2016-04-13 19:57 - 2016-03-29 08:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
    2016-04-13 19:57 - 2016-03-29 08:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
    2016-04-13 19:57 - 2016-03-29 08:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
    2016-04-13 19:57 - 2016-03-29 08:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-04-13 19:57 - 2016-03-29 08:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
    2016-04-13 19:57 - 2016-03-29 08:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
    2016-04-13 19:57 - 2016-03-29 08:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-04-13 19:57 - 2016-03-29 08:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
    2016-04-13 19:57 - 2016-03-29 08:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-04-13 19:57 - 2016-03-29 08:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
    2016-04-13 19:57 - 2016-03-29 08:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
    2016-04-13 19:57 - 2016-03-29 08:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-04-13 19:57 - 2016-03-29 08:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2016-04-13 19:57 - 2016-03-29 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
    2016-04-13 19:57 - 2016-03-29 08:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
    2016-04-13 19:57 - 2016-03-29 08:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2016-04-13 19:57 - 2016-03-29 08:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
    2016-04-13 19:57 - 2016-03-29 08:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2016-04-13 19:57 - 2016-03-29 08:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
    2016-04-13 19:57 - 2016-03-29 08:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2016-04-13 19:57 - 2016-03-29 08:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-04-13 19:57 - 2016-03-29 08:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2016-04-13 19:57 - 2016-03-29 08:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
    2016-04-13 19:57 - 2016-03-29 08:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2016-04-13 19:57 - 2016-03-29 08:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2016-04-13 19:57 - 2016-03-29 08:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2016-04-13 19:57 - 2016-03-29 08:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-04-13 19:57 - 2016-03-29 08:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-04-13 19:57 - 2016-03-29 08:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
    2016-04-13 19:57 - 2016-03-29 08:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
    2016-04-13 19:57 - 2016-03-29 08:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
    2016-04-13 19:57 - 2016-03-29 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
    2016-04-13 19:57 - 2016-03-29 08:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
    2016-04-13 19:57 - 2016-03-29 08:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-04-13 19:57 - 2016-03-29 08:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2016-04-13 19:57 - 2016-03-29 08:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
    2016-04-13 19:57 - 2016-03-29 08:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
    2016-04-13 19:57 - 2016-03-29 08:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
    2016-04-13 19:57 - 2016-03-29 08:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2016-04-13 19:57 - 2016-03-29 08:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
    2016-04-13 19:57 - 2016-03-29 08:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
    2016-04-13 19:57 - 2016-03-29 08:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
    2016-04-13 19:57 - 2016-03-29 08:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
    2016-04-13 19:57 - 2016-03-29 08:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
    2016-04-13 19:57 - 2016-03-29 08:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
    2016-04-13 19:57 - 2016-03-29 08:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
    2016-04-13 19:57 - 2016-03-29 08:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2016-04-13 19:57 - 2016-03-29 08:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
    2016-04-13 19:57 - 2016-03-29 08:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2016-04-13 19:57 - 2016-03-29 08:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2016-04-13 19:57 - 2016-03-29 08:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
    2016-04-13 19:57 - 2016-03-29 08:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
    2016-04-13 19:57 - 2016-03-29 08:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
    2016-04-13 19:57 - 2016-03-29 08:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
    2016-04-13 19:57 - 2016-03-29 08:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
    2016-04-13 19:57 - 2016-03-29 08:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
    2016-04-13 19:57 - 2016-03-29 07:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2016-04-13 19:57 - 2016-03-29 07:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
    2016-04-13 19:57 - 2016-03-29 07:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2016-04-13 19:57 - 2016-03-29 07:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
    2016-04-13 19:57 - 2016-03-29 07:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
    2016-04-13 19:57 - 2016-03-29 07:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
    2016-04-13 19:57 - 2016-03-29 07:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2016-04-13 19:57 - 2016-03-29 07:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
    2016-04-13 19:57 - 2016-03-29 07:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
    2016-04-13 19:57 - 2016-03-29 07:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
    2016-04-13 19:57 - 2016-03-29 07:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-04-13 19:57 - 2016-03-29 07:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
    2016-04-13 19:57 - 2016-03-29 07:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
    2016-04-13 19:57 - 2016-03-29 07:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
    2016-04-13 19:57 - 2016-03-29 07:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2016-04-13 19:57 - 2016-03-29 07:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
    2016-04-13 19:57 - 2016-03-29 07:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2016-04-13 19:57 - 2016-03-29 07:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2016-04-13 19:57 - 2016-03-29 07:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
    2016-04-13 19:57 - 2016-03-29 07:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
    2016-04-13 19:57 - 2016-03-29 07:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2016-04-13 19:57 - 2016-03-29 07:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
    2016-04-13 19:57 - 2016-03-29 07:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
    2016-04-13 19:57 - 2016-03-29 07:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2016-04-13 19:57 - 2016-03-29 07:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2016-04-13 19:57 - 2016-03-29 07:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
    2016-04-13 19:57 - 2016-03-29 07:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2016-04-13 19:57 - 2016-03-29 07:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2016-04-13 19:57 - 2016-03-29 07:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
    2016-04-13 19:57 - 2016-03-29 07:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
    2016-04-13 19:57 - 2016-03-29 07:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
    2016-04-13 19:57 - 2016-03-29 07:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-04-13 19:57 - 2016-03-29 07:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
    2016-04-13 19:57 - 2016-03-29 07:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
    2016-04-13 19:57 - 2016-03-29 07:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
    2016-04-13 19:57 - 2016-03-29 07:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2016-04-13 19:57 - 2016-03-29 07:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
    2016-04-13 19:57 - 2016-03-29 07:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2016-04-13 19:57 - 2016-03-29 07:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2016-04-13 19:57 - 2016-03-29 07:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
    2016-04-13 19:57 - 2016-03-29 07:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
    2016-04-13 19:57 - 2016-03-29 07:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2016-04-13 19:57 - 2016-03-29 07:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
    2016-04-13 19:57 - 2016-03-29 07:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2016-04-13 19:57 - 2016-03-29 07:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2016-04-13 19:57 - 2016-03-29 06:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
    2016-04-13 19:57 - 2016-03-29 06:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
    2016-04-13 19:57 - 2016-03-29 06:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
    2016-04-13 19:57 - 2016-03-29 06:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
    2016-04-13 19:57 - 2016-03-29 06:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2016-04-13 19:57 - 2016-03-29 06:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
    2016-04-13 19:57 - 2016-03-29 06:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
    2016-04-13 19:57 - 2016-03-29 06:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
    2016-04-13 19:57 - 2016-03-29 06:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
    2016-04-12 10:11 - 2016-04-12 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2016-04-12 08:55 - 2016-04-14 23:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-04-28 08:17 - 2014-11-22 01:08 - 00023239 _____ C:\Users\Steve Povey\Desktop\FRST.txt
    2016-04-28 08:17 - 2014-11-22 01:07 - 00000000 ____D C:\FRST
    2016-04-28 08:07 - 2014-08-20 09:16 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AFDA89EB-C45C-46D1-AE92-7D48230FBB9A}
    2016-04-28 00:49 - 2015-08-04 20:12 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-04-28 00:34 - 2014-01-24 22:22 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-04-27 23:49 - 2015-08-04 20:12 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-04-27 21:03 - 2014-06-23 10:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-04-27 20:50 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
    2016-04-27 20:50 - 2015-07-30 08:45 - 00880230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-04-27 20:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-04-27 15:15 - 2015-11-14 19:41 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2016-04-27 15:15 - 2015-07-30 08:45 - 00000000 __SHD C:\Users\Steve Povey\IntelGraphicsProfiles
    2016-04-27 15:07 - 2016-01-29 00:49 - 956870400 _____ C:\WINDOWS\MEMORY.DMP
    2016-04-27 15:07 - 2015-12-09 17:40 - 00000000 ____D C:\WINDOWS\Minidump
    2016-04-27 15:07 - 2015-11-14 19:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-04-27 15:07 - 2015-08-04 20:12 - 00000000 ____D C:\Program Files\SUPERAntiSpyware2
    2016-04-27 08:10 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-04-27 08:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-04-26 19:29 - 2015-07-30 08:47 - 00002433 _____ C:\Users\Steve Povey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-04-26 19:29 - 2015-07-30 08:47 - 00000000 ___RD C:\Users\Steve Povey\OneDrive
    2016-04-24 09:30 - 2015-02-19 09:31 - 00001974 _____ C:\Users\Public\Desktop\Garmin Express.lnk
    2016-04-24 09:30 - 2014-04-06 18:33 - 00003624 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
    2016-04-24 09:30 - 2014-04-06 18:33 - 00000000 ____D C:\Program Files (x86)\Garmin
    2016-04-24 09:30 - 2013-12-29 05:52 - 00000000 ____D C:\ProgramData\Package Cache
    2016-04-22 08:57 - 2014-02-18 19:39 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2016-04-20 07:02 - 2015-11-14 19:43 - 00000000 ____D C:\Users\Steve Povey
    2016-04-20 07:01 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
    2016-04-15 21:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
    2016-04-14 23:16 - 2015-11-14 19:40 - 00228808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-04-14 23:16 - 2015-03-26 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-04-14 23:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2016-04-14 23:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-04-14 23:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
    2016-04-14 23:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
    2016-04-14 08:18 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-04-14 08:17 - 2014-01-20 20:05 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-04-14 08:14 - 2014-01-20 20:05 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-04-13 06:33 - 2014-01-18 11:03 - 00000000 ____D C:\Users\Steve Povey\AppData\Local\Packages
    2016-04-12 10:11 - 2015-11-24 01:03 - 00000000 ____D C:\Program Files\McAfee Security Scan
    2016-04-12 10:11 - 2015-04-15 14:39 - 00002020 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2016-04-11 23:50 - 2015-08-04 20:14 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-04-11 23:50 - 2015-08-04 20:14 - 00002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2016-04-09 09:35 - 2014-06-23 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-04-09 09:35 - 2014-06-23 10:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-04-09 09:35 - 2014-01-24 22:02 - 00001186 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-04-08 00:34 - 2014-01-24 22:22 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2016-04-06 19:32 - 2015-10-30 08:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-04-06 19:32 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

    ==================== Files in the root of some directories =======

    2014-01-18 11:04 - 2014-01-22 20:36 - 0001516 _____ () C:\Users\Steve Povey\AppData\Roaming\AbsoluteReminder.xml
    2014-10-28 17:16 - 2014-10-28 17:19 - 0000016 _____ () C:\Users\Steve Povey\AppData\Roaming\msregsvv.dll
    2015-01-06 13:09 - 2015-01-06 13:09 - 0000057 _____ () C:\ProgramData\Ament.ini
    2014-10-28 17:16 - 2014-10-28 17:19 - 0000016 _____ () C:\ProgramData\autobk.inc
    2015-11-14 19:42 - 2015-11-14 19:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-04-20 20:39

    ==================== End of FRST.txt ============================









    Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
    Ran by Steve Povey (2016-04-28 08:18:15)
    Running from C:\Users\Steve Povey\Desktop
    Windows 10 Home Version 1511 (X64) (2015-11-14 18:49:51)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3014982265-1691719775-2840682121-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3014982265-1691719775-2840682121-503 - Limited - Disabled)
    Guest (S-1-5-21-3014982265-1691719775-2840682121-501 - Limited - Disabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-3014982265-1691719775-2840682121-1003 - Limited - Enabled)
    Steve Povey (S-1-5-21-3014982265-1691719775-2840682121-1001 - Administrator - Enabled) => C:\Users\Steve Povey

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
    Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
    ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
    BD_3D Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.7510 - CyberLink Corp.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
    Cisco WebEx Meetings (HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
    Custom Shop version 1.5.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.5.0 - IK Multimedia)
    CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
    CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
    Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
    Dragon Assistant Application en-GB version 1.5.8 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.8 - Nuance Communications, Inc.)
    Dragon Assistant Core Recognition Service version 1.1.10 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.10 - Nuance Communications, Inc.)
    Dragon Assistant Installer version 1.5.8 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.8 - Nuance Communications, Inc.)
    Dragon Assistant Language Data en-GB version 1.1.3 (HKLM-x32\...\{CA54E6DD-70F8-4AE5-8427-522A52FC4408}_is1) (Version: 1.1.3 - Nuance Communications, Inc.)
    Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
    Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.38 - Lenovo)
    Energy Manager (x32 Version: 1.0.1.38 - Lenovo) Hidden
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
    HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
    HP Officejet 6700 Basic Device Software (HKLM\...\{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Officejet 6700 Help (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Officejet 6700 Product Improvement Study (HKLM\...\{988D55BB-08DE-43C9-8D16-3751361E2A79}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
    IK Multimedia Authorization Manager version 1.0.10 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.10 - IK Multimedia)
    Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
    Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
    Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) Smart Connect Technology (HKLM\...\{D6FBF816-ACB8-46CC-ACC6-C8BBA85F497D}) (Version: 4.2.40.2418 - Intel Corporation)
    Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{e1172fd4-a6d9-4cfa-8256-268f728fec31}) (Version: 16.5.3 - Intel Corporation)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
    Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo)
    Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
    Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
    Lenovo Motion Control (HKLM-x32\...\InstallShield_{A800D2BF-2F0D-4899-B265-C91C90981E8C}) (Version: 2.0.0.0829 - PointGrab)
    Lenovo Motion Control (x32 Version: 2.0.0.0829 - PointGrab) Hidden
    Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
    Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
    Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.0 - Lenovo)
    Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.8211 - Lenovo)
    Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.3 - Lenovo)
    Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.3 - Lenovo) Hidden
    Line 6 Driver2 SonicPortVX v1.52 Uninstaller (HKLM-x32\...\Line 6 Driver2 SonicPortVX Uninstaller) (Version: - Line 6)
    Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Mozilla Firefox 45.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-GB)) (Version: 45.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
    Nitro Pro 8 (HKLM\...\{2269F0D5-DE47-4313-9003-BB6357919314}) (Version: 8.5.5.7 - Nitro)
    OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    ReminderInstaller (HKLM-x32\...\InstallShield_{48B99BC9-CEB0-485E-96B1-4609BC86D2DE}) (Version: 1.00.0000 - Absolute Software.)
    ReminderInstaller (x32 Version: 1.00.0000 - Absolute Software.) Hidden
    Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
    SpywareBlaster 5.2 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
    UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
    UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
    Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
    Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.00.013.0731 - Lenovo)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
    CustomCLSID: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0A3B307C-BE79-446D-8A87-2B1E617CA506} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
    Task: {16E6D303-FEEA-4864-8B36-C4E3B4D6BCD3} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
    Task: {56BF2EFC-3E86-4CF1-BDBC-6BAB87E2D8B9} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03] (Synaptics Incorporated)
    Task: {674C2846-0AFC-4EEF-B3B0-27D0674A676E} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
    Task: {678F5C43-BDBC-4CAA-8246-7C217DC92F25} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2013-12-29] (Lenovo)
    Task: {8CF05457-7C36-4B56-A365-83E8E215CB3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {902E7FD0-CA47-42C3-B781-5DA29308694E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
    Task: {A7916EFD-CC1E-4D78-9B4E-2667BF18D4FD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
    Task: {B241023A-F5CD-4474-9DB9-760DC2BA750F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
    Task: {BCF7A417-A654-4886-9DD8-94FB73F83527} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
    Task: {C8E65427-2BF3-4611-A1CB-CE6278CE95C9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-14] (Microsoft Corporation)
    Task: {CB6AAB02-51FF-4B37-AF6B-EF0E7C248745} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
    Task: {EEBE10A8-D734-42E6-A5DD-85B0627C8899} - System32\Tasks\ScanToPCActivationApp.exe_{CCE07DED-D83D-41B4-8718-DF361963AD1A} => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.)
    Task: {F3715789-55EF-4409-ABF3-5A561E6B477B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2013-12-29 06:05 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    2013-12-29 06:06 - 2013-12-29 06:06 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
    2016-04-13 19:58 - 2016-03-29 11:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
    2016-04-13 19:58 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    2016-04-13 19:58 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2016-04-26 19:29 - 2016-04-26 19:29 - 00959176 _____ () C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
    2015-12-18 14:00 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
    2016-04-13 19:57 - 2016-04-02 04:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2016-04-13 19:58 - 2016-04-02 04:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-04-13 19:57 - 2016-04-02 03:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-04-13 19:58 - 2016-04-02 03:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-04-13 19:58 - 2016-04-02 04:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2015-07-18 00:35 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
    2013-12-29 06:06 - 2013-12-29 06:06 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
    2013-12-29 06:06 - 2013-12-29 06:06 - 00108304 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
    2014-04-12 21:01 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    2016-01-21 09:07 - 2016-01-21 09:09 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
    2015-12-15 04:13 - 2015-12-15 04:13 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
    2013-12-29 06:06 - 2013-12-29 06:06 - 00161792 _____ () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
    2013-12-29 06:06 - 2013-05-02 20:26 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
    2013-12-29 06:06 - 2013-05-02 20:26 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
    2013-12-29 06:06 - 2013-05-02 20:26 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
    2013-12-29 06:06 - 2013-05-02 20:26 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
    2013-12-29 06:06 - 2013-05-02 20:26 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
    2013-12-29 06:06 - 2013-05-02 20:26 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
    2013-12-29 06:06 - 2013-05-02 20:25 - 00027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
    2013-12-29 05:50 - 2013-08-08 21:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
    2013-12-29 06:06 - 2013-12-29 06:06 - 00102672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\3200\TransitionLib.dll
    2013-12-29 06:06 - 2013-12-29 06:06 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
    2014-04-12 21:01 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
    2014-04-12 21:01 - 2015-10-20 18:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
    2016-04-26 19:29 - 2016-04-26 19:29 - 00679624 _____ () C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
    2013-12-29 06:06 - 2013-12-29 06:06 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [127]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\008k.com -> 008k.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\00hq.com -> 00hq.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0411dd.com -> 0411dd.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0511zfhl.com -> 0511zfhl.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0632qyw.com -> 0632qyw.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\1001movie.com -> 1001movie.com

    There are 6091 more sites.


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 14:25 - 2016-04-12 10:11 - 00000865 ____A C:\WINDOWS\system32\Drivers\etc\hosts


    0.0.0.1 mssplus.mcafee.com

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Steve Povey\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{08338314-15AA-4EDC-AE91-7ADCD15D2D2D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{60A7179A-8D66-46FD-BA4C-576398251651}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{2039A09F-202B-49C0-9C93-B2FE0973FB43}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [{557D87D4-AADF-47D2-B380-6A1F85B6F843}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
    FirewallRules: [{17354F25-298B-41C1-AAFE-0C976D7E71A8}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe
    FirewallRules: [{A2AB7D9D-ACB4-4407-A0B9-F7083B208317}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismloader.exe
    FirewallRules: [{B9106E59-E93F-477C-A652-566039A45A2F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{E912A737-F928-4A84-AB6D-786D71B92574}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{87509BCE-F98E-407F-A60C-CAA3F8CA07FF}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
    FirewallRules: [{CF51E9B3-9B72-4B81-BBBC-28EC045BF023}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
    FirewallRules: [{3DD56DC1-5CF6-4FCD-8C5D-92E8C1BB6AFB}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
    FirewallRules: [{9F5EACB8-1B63-4AFF-B420-91FC7B13D5FD}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
    FirewallRules: [{F355AC0B-5905-4E9A-9B9D-988868A5072A}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{8453AC59-C2CC-405D-A1D8-013CE129BB39}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [{E3AD0A8C-C117-4C29-9C95-D4176EBEA98F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{469501FD-39C9-47C9-9B81-ADDCF64134A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{D4A4CB0F-1E62-4CC7-BBC6-595E498FC9A3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{BDC63B28-FAA4-46E8-9D01-E210A9520A24}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{A3817D58-CB4E-404F-94B7-E18B64A1D7BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================

    07-04-2016 20:45:38 Scheduled Checkpoint
    14-04-2016 08:14:24 Windows Update
    14-04-2016 08:14:33 Windows Update
    22-04-2016 20:10:52 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (04/28/2016 12:29:00 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
    Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cc16f5
    Exception code: 0xc0000017
    Fault offset: 0x000d0d26
    Faulting process id: 0xc8c
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (04/27/2016 10:36:12 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
    Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cc16f5
    Exception code: 0xc0000017
    Fault offset: 0x000d0d26
    Faulting process id: 0x1654
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (04/27/2016 03:07:50 PM) (Source: DptfEvent) (EventID: 1) (User: )
    Description: DptfParticipantDisplayService
    GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value.

    Error: (04/27/2016 03:07:50 PM) (Source: DptfEvent) (EventID: 1) (User: )
    Description: DptfParticipantDisplayService
    SetBrightnessSettingInDriver: p_handle is NULL.

    Error: (04/27/2016 03:07:50 PM) (Source: DptfEvent) (EventID: 1) (User: )
    Description: DptfParticipantDisplayService
    SetDisplayBrightnessViaPowerSettings: Could not obtain brightness value to set from driver.

    Error: (04/27/2016 03:07:50 PM) (Source: DptfEvent) (EventID: 1) (User: )
    Description: DptfParticipantDisplayService
    GetBrightnessSettingFromDriver: p_handle is NULL.

    Error: (04/27/2016 03:07:50 PM) (Source: DptfEvent) (EventID: 2) (User: )
    Description: DptfParticipantDisplayService
    ConnectToDptfDisplayDriver: SetupDiEnumDeviceInterfaces() failed.
    Last error = [0x00000103]

    Error: (04/27/2016 09:30:48 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
    Faulting module name: edgehtml.dll, version: 11.0.10586.212, time stamp: 0x56fa17da
    Exception code: 0xc0000602
    Fault offset: 0x00000000004a6091
    Faulting process id: 0xc978
    Faulting application start time: 0xmicrosoftedgecp.exe0
    Faulting application path: microsoftedgecp.exe1
    Faulting module path: microsoftedgecp.exe2
    Report Id: microsoftedgecp.exe3
    Faulting package full name: microsoftedgecp.exe4
    Faulting package-relative application ID: microsoftedgecp.exe5

    Error: (04/27/2016 08:06:56 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.218, time stamp: 0x56ff3b2e
    Faulting module name: eModel.dll, version: 11.0.10586.218, time stamp: 0x56ff3726
    Exception code: 0xc0000409
    Fault offset: 0x0000000000129c0f
    Faulting process id: 0x1f08
    Faulting application start time: 0xMicrosoftEdge.exe0
    Faulting application path: MicrosoftEdge.exe1
    Faulting module path: MicrosoftEdge.exe2
    Report Id: MicrosoftEdge.exe3
    Faulting package full name: MicrosoftEdge.exe4
    Faulting package-relative application ID: MicrosoftEdge.exe5

    Error: (04/24/2016 10:01:53 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
    Faulting module name: msvcrt.dll, version: 7.0.10586.0, time stamp: 0x5632d722
    Exception code: 0xc0000005
    Fault offset: 0x000884fa
    Faulting process id: 0x3dfc
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5


    System errors:
    =============
    Error: (04/27/2016 09:08:39 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:08:09 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:07:38 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:07:08 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:06:38 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:06:08 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:05:38 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:05:07 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 08:57:17 PM) (Source: Virtual Disk Service) (EventID: 9) (User: )
    Description: Unexpected provider failure. Restarting the service may fix the problem. Error code: 8007001F@02000014

    Error: (04/27/2016 03:18:24 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}


    CodeIntegrity:
    ===================================
    Date: 2016-04-28 08:16:39.056
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-28 08:16:39.040
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-28 08:16:39.023
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-28 08:16:39.002
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-28 08:16:38.987
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-28 08:16:38.971
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-27 20:50:09.450
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-27 20:50:09.434
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-27 20:50:09.285
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-27 20:50:09.251
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
    Percentage of memory in use: 79%
    Total physical RAM: 8104.27 MB
    Available physical RAM: 1644.72 MB
    Total Virtual: 19880.27 MB
    Available Virtual: 10347.35 MB

    ==================== Drives ================================

    Drive c: (Windows8_OS) (Fixed) (Total:437.92 GB) (Free:327.72 GB) NTFS
    Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:8.93 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 476.9 GB) (Disk ID: 6DC96336)

    Partition: GPT.

    ==================== End of Addition.txt ============================

  5. #5
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Is your Windows 10 an upgrade or OEM pre-installed? What OS's are installed on the other computers that the card is working on? I want to eliminate the possibility that this is an upgrade issue with W10, or not.

    I'll have a closer look after work today. I do apologize for the delay...
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  6. #6
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default

    It came with W8.1 and I upgraded it. We have another laptop which was upgraded the same but that writes to the SD card OK.

    I have tried using CMD to remove the readonly but that had no effect.

  7. #7
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
    Ran by Steve Povey (2016-04-28 08:18:15)
    Running from C:\Users\Steve Povey\Desktop
    Windows 10 Home Version 1511 (X64) (2015-11-14 18:49:51)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3014982265-1691719775-2840682121-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3014982265-1691719775-2840682121-503 - Limited - Disabled)
    Guest (S-1-5-21-3014982265-1691719775-2840682121-501 - Limited - Disabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-3014982265-1691719775-2840682121-1003 - Limited - Enabled)
    Steve Povey (S-1-5-21-3014982265-1691719775-2840682121-1001 - Administrator - Enabled) => C:\Users\Steve Povey

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
    Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
    ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
    BD_3D Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.7510 - CyberLink Corp.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
    Cisco WebEx Meetings (HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
    Custom Shop version 1.5.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.5.0 - IK Multimedia)
    CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
    CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
    Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
    Dragon Assistant Application en-GB version 1.5.8 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.8 - Nuance Communications, Inc.)
    Dragon Assistant Core Recognition Service version 1.1.10 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.10 - Nuance Communications, Inc.)
    Dragon Assistant Installer version 1.5.8 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.8 - Nuance Communications, Inc.)
    Dragon Assistant Language Data en-GB version 1.1.3 (HKLM-x32\...\{CA54E6DD-70F8-4AE5-8427-522A52FC4408}_is1) (Version: 1.1.3 - Nuance Communications, Inc.)
    Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
    Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.38 - Lenovo)
    Energy Manager (x32 Version: 1.0.1.38 - Lenovo) Hidden
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
    HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
    HP Officejet 6700 Basic Device Software (HKLM\...\{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Officejet 6700 Help (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Officejet 6700 Product Improvement Study (HKLM\...\{988D55BB-08DE-43C9-8D16-3751361E2A79}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
    IK Multimedia Authorization Manager version 1.0.10 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.10 - IK Multimedia)
    Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
    Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
    Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) Smart Connect Technology (HKLM\...\{D6FBF816-ACB8-46CC-ACC6-C8BBA85F497D}) (Version: 4.2.40.2418 - Intel Corporation)
    Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{e1172fd4-a6d9-4cfa-8256-268f728fec31}) (Version: 16.5.3 - Intel Corporation)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
    Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo)
    Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
    Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
    Lenovo Motion Control (HKLM-x32\...\InstallShield_{A800D2BF-2F0D-4899-B265-C91C90981E8C}) (Version: 2.0.0.0829 - PointGrab)
    Lenovo Motion Control (x32 Version: 2.0.0.0829 - PointGrab) Hidden
    Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
    Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
    Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.0 - Lenovo)
    Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.8211 - Lenovo)
    Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.3 - Lenovo)
    Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.3 - Lenovo) Hidden
    Line 6 Driver2 SonicPortVX v1.52 Uninstaller (HKLM-x32\...\Line 6 Driver2 SonicPortVX Uninstaller) (Version: - Line 6)
    Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Mozilla Firefox 45.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-GB)) (Version: 45.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
    Nitro Pro 8 (HKLM\...\{2269F0D5-DE47-4313-9003-BB6357919314}) (Version: 8.5.5.7 - Nitro)
    OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    ReminderInstaller (HKLM-x32\...\InstallShield_{48B99BC9-CEB0-485E-96B1-4609BC86D2DE}) (Version: 1.00.0000 - Absolute Software.)
    ReminderInstaller (x32 Version: 1.00.0000 - Absolute Software.) Hidden
    Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
    SpywareBlaster 5.2 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
    UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
    UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
    Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
    Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.00.013.0731 - Lenovo)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
    CustomCLSID: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0A3B307C-BE79-446D-8A87-2B1E617CA506} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
    Task: {16E6D303-FEEA-4864-8B36-C4E3B4D6BCD3} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
    Task: {56BF2EFC-3E86-4CF1-BDBC-6BAB87E2D8B9} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03] (Synaptics Incorporated)
    Task: {674C2846-0AFC-4EEF-B3B0-27D0674A676E} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
    Task: {678F5C43-BDBC-4CAA-8246-7C217DC92F25} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2013-12-29] (Lenovo)
    Task: {8CF05457-7C36-4B56-A365-83E8E215CB3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {902E7FD0-CA47-42C3-B781-5DA29308694E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
    Task: {A7916EFD-CC1E-4D78-9B4E-2667BF18D4FD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
    Task: {B241023A-F5CD-4474-9DB9-760DC2BA750F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
    Task: {BCF7A417-A654-4886-9DD8-94FB73F83527} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
    Task: {C8E65427-2BF3-4611-A1CB-CE6278CE95C9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-14] (Microsoft Corporation)
    Task: {CB6AAB02-51FF-4B37-AF6B-EF0E7C248745} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
    Task: {EEBE10A8-D734-42E6-A5DD-85B0627C8899} - System32\Tasks\ScanToPCActivationApp.exe_{CCE07DED-D83D-41B4-8718-DF361963AD1A} => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.)
    Task: {F3715789-55EF-4409-ABF3-5A561E6B477B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2013-12-29 06:05 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    2013-12-29 06:06 - 2013-12-29 06:06 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
    2016-04-13 19:58 - 2016-03-29 11:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
    2016-04-13 19:58 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    2016-04-13 19:58 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2016-04-26 19:29 - 2016-04-26 19:29 - 00959176 _____ () C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
    2015-12-18 14:00 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
    2016-04-13 19:57 - 2016-04-02 04:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2016-04-13 19:58 - 2016-04-02 04:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-04-13 19:57 - 2016-04-02 03:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-04-13 19:58 - 2016-04-02 03:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-04-13 19:58 - 2016-04-02 04:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2015-07-18 00:35 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
    2013-12-29 06:06 - 2013-12-29 06:06 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
    2013-12-29 06:06 - 2013-12-29 06:06 - 00108304 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
    2014-04-12 21:01 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    2016-01-21 09:07 - 2016-01-21 09:09 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
    2015-12-15 04:13 - 2015-12-15 04:13 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
    2013-12-29 06:06 - 2013-12-29 06:06 - 00161792 _____ () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
    2013-12-29 06:06 - 2013-05-02 20:26 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
    2013-12-29 06:06 - 2013-05-02 20:26 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
    2013-12-29 06:06 - 2013-05-02 20:26 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
    2013-12-29 06:06 - 2013-05-02 20:26 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
    2013-12-29 06:06 - 2013-05-02 20:26 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
    2013-12-29 06:06 - 2013-05-02 20:26 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
    2013-12-29 06:06 - 2013-05-02 20:25 - 00027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
    2013-12-29 05:50 - 2013-08-08 21:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
    2016-04-19 08:01 - 2016-04-19 08:01 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
    2013-12-29 06:06 - 2013-12-29 06:06 - 00102672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\3200\TransitionLib.dll
    2013-12-29 06:06 - 2013-12-29 06:06 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
    2014-04-12 21:01 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
    2014-04-12 21:01 - 2015-10-20 18:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
    2016-04-26 19:29 - 2016-04-26 19:29 - 00679624 _____ () C:\Users\Steve Povey\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
    2013-12-29 06:06 - 2013-12-29 06:06 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [127]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\008k.com -> 008k.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\00hq.com -> 00hq.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0411dd.com -> 0411dd.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0511zfhl.com -> 0511zfhl.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0632qyw.com -> 0632qyw.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\...\1001movie.com -> 1001movie.com

    There are 6091 more sites.


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 14:25 - 2016-04-12 10:11 - 00000865 ____A C:\WINDOWS\system32\Drivers\etc\hosts


    0.0.0.1 mssplus.mcafee.com

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3014982265-1691719775-2840682121-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Steve Povey\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{08338314-15AA-4EDC-AE91-7ADCD15D2D2D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{60A7179A-8D66-46FD-BA4C-576398251651}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{2039A09F-202B-49C0-9C93-B2FE0973FB43}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [{557D87D4-AADF-47D2-B380-6A1F85B6F843}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
    FirewallRules: [{17354F25-298B-41C1-AAFE-0C976D7E71A8}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe
    FirewallRules: [{A2AB7D9D-ACB4-4407-A0B9-F7083B208317}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismloader.exe
    FirewallRules: [{B9106E59-E93F-477C-A652-566039A45A2F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{E912A737-F928-4A84-AB6D-786D71B92574}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{87509BCE-F98E-407F-A60C-CAA3F8CA07FF}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
    FirewallRules: [{CF51E9B3-9B72-4B81-BBBC-28EC045BF023}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
    FirewallRules: [{3DD56DC1-5CF6-4FCD-8C5D-92E8C1BB6AFB}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
    FirewallRules: [{9F5EACB8-1B63-4AFF-B420-91FC7B13D5FD}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
    FirewallRules: [{F355AC0B-5905-4E9A-9B9D-988868A5072A}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{8453AC59-C2CC-405D-A1D8-013CE129BB39}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [{E3AD0A8C-C117-4C29-9C95-D4176EBEA98F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{469501FD-39C9-47C9-9B81-ADDCF64134A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{D4A4CB0F-1E62-4CC7-BBC6-595E498FC9A3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{BDC63B28-FAA4-46E8-9D01-E210A9520A24}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{A3817D58-CB4E-404F-94B7-E18B64A1D7BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================

    07-04-2016 20:45:38 Scheduled Checkpoint
    14-04-2016 08:14:24 Windows Update
    14-04-2016 08:14:33 Windows Update
    22-04-2016 20:10:52 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (04/28/2016 12:29:00 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
    Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cc16f5
    Exception code: 0xc0000017
    Fault offset: 0x000d0d26
    Faulting process id: 0xc8c
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (04/27/2016 10:36:12 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
    Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cc16f5
    Exception code: 0xc0000017
    Fault offset: 0x000d0d26
    Faulting process id: 0x1654
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (04/27/2016 03:07:50 PM) (Source: DptfEvent) (EventID: 1) (User: )
    Description: DptfParticipantDisplayService
    GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value.

    Error: (04/27/2016 03:07:50 PM) (Source: DptfEvent) (EventID: 1) (User: )
    Description: DptfParticipantDisplayService
    SetBrightnessSettingInDriver: p_handle is NULL.

    Error: (04/27/2016 03:07:50 PM) (Source: DptfEvent) (EventID: 1) (User: )
    Description: DptfParticipantDisplayService
    SetDisplayBrightnessViaPowerSettings: Could not obtain brightness value to set from driver.

    Error: (04/27/2016 03:07:50 PM) (Source: DptfEvent) (EventID: 1) (User: )
    Description: DptfParticipantDisplayService
    GetBrightnessSettingFromDriver: p_handle is NULL.

    Error: (04/27/2016 03:07:50 PM) (Source: DptfEvent) (EventID: 2) (User: )
    Description: DptfParticipantDisplayService
    ConnectToDptfDisplayDriver: SetupDiEnumDeviceInterfaces() failed.
    Last error = [0x00000103]

    Error: (04/27/2016 09:30:48 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
    Faulting module name: edgehtml.dll, version: 11.0.10586.212, time stamp: 0x56fa17da
    Exception code: 0xc0000602
    Fault offset: 0x00000000004a6091
    Faulting process id: 0xc978
    Faulting application start time: 0xmicrosoftedgecp.exe0
    Faulting application path: microsoftedgecp.exe1
    Faulting module path: microsoftedgecp.exe2
    Report Id: microsoftedgecp.exe3
    Faulting package full name: microsoftedgecp.exe4
    Faulting package-relative application ID: microsoftedgecp.exe5

    Error: (04/27/2016 08:06:56 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.218, time stamp: 0x56ff3b2e
    Faulting module name: eModel.dll, version: 11.0.10586.218, time stamp: 0x56ff3726
    Exception code: 0xc0000409
    Fault offset: 0x0000000000129c0f
    Faulting process id: 0x1f08
    Faulting application start time: 0xMicrosoftEdge.exe0
    Faulting application path: MicrosoftEdge.exe1
    Faulting module path: MicrosoftEdge.exe2
    Report Id: MicrosoftEdge.exe3
    Faulting package full name: MicrosoftEdge.exe4
    Faulting package-relative application ID: MicrosoftEdge.exe5

    Error: (04/24/2016 10:01:53 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
    Faulting module name: msvcrt.dll, version: 7.0.10586.0, time stamp: 0x5632d722
    Exception code: 0xc0000005
    Fault offset: 0x000884fa
    Faulting process id: 0x3dfc
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5


    System errors:
    =============
    Error: (04/27/2016 09:08:39 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:08:09 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:07:38 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:07:08 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:06:38 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:06:08 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:05:38 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 09:05:07 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
    Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

    Error: (04/27/2016 08:57:17 PM) (Source: Virtual Disk Service) (EventID: 9) (User: )
    Description: Unexpected provider failure. Restarting the service may fix the problem. Error code: 8007001F@02000014

    Error: (04/27/2016 03:18:24 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}


    CodeIntegrity:
    ===================================
    Date: 2016-04-28 08:16:39.056
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-28 08:16:39.040
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-28 08:16:39.023
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-28 08:16:39.002
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-28 08:16:38.987
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-28 08:16:38.971
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-27 20:50:09.450
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-27 20:50:09.434
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-27 20:50:09.285
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-04-27 20:50:09.251
    Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
    Percentage of memory in use: 79%
    Total physical RAM: 8104.27 MB
    Available physical RAM: 1644.72 MB
    Total Virtual: 19880.27 MB
    Available Virtual: 10347.35 MB

    ==================== Drives ================================

    Drive c: (Windows8_OS) (Fixed) (Total:437.92 GB) (Free:327.72 GB) NTFS
    Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:8.93 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 476.9 GB) (Disk ID: 6DC96336)

    Partition: GPT.

    ==================== End of Addition.txt ============================

  8. #8
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    When did you first notice this issue? I don't see anything in the logs that would cause this, though I did ask zep to have a look in case I overlooked something.

    I have tried using CMD to remove the readonly but that had no effect.
    Could you share exactly what you tried so we don't repeat what has already been done. If you have a link to what you tried, please share.

    I am thinking this might be due to the upgrade from 8 to 10. There has been so many issues with drivers due to this forced upgrade by MS...
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  9. #9
    Member
    Join Date
    Nov 2006
    Posts
    859
    Points
    1

    Default

    This was what I tried

    https://youtu.be/a1J5jGWM9ss?t=85

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    A few items to fix

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Open notepad (Start =>All Programs => Accessories => Notepad).
    Copy/Paste the contents of the code box below into Notepad.

    Code:
    start
    CloseProcesses:
    CreateRestorePoint:
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [127]
    CMD: bitsadmin /reset /allusers
    CMD: netsh winsock reset catalog
    CMD: ipconfig /flushdns
    Emptytemp:
    • Click Format and ensure Wordwrap is unchecked.
    • Save as Fixlist.txt to your Desktop (Must be in this location)
    • Run FRST/FRST64 and press the Fix button just once and wait.
    • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.


    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    Next

    Please download AdwCleaner by Xplode onto your Desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the logfile button and the log will open in Notepad.
    • Click on the Clean button follow the prompts.
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • The report will be saved in the C:\AdwCleaner folder.


    Next

    Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.


    In your next reply post;

    • Fixlog.txt
    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log

Page 1 of 7 123 ... LastLast