Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2016 Ran by khanh (2016-08-09 14:37:55) Running from C:\Users\khanh\Desktop Windows 10 Home Version 1511 (X64) (2016-05-01 23:30:14) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3424548845-2453627193-2114329736-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3424548845-2453627193-2114329736-503 - Limited - Disabled) Guest (S-1-5-21-3424548845-2453627193-2114329736-501 - Limited - Disabled) khanh (S-1-5-21-3424548845-2453627193-2114329736-1002 - Administrator - Enabled) => C:\Users\khanh meerw (S-1-5-21-3424548845-2453627193-2114329736-1003 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Computer Security (Disabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Computer Security (Disabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.) 7-Zip 15.14 (HKLM-x32\...\7-Zip) (Version: 15.14 - Igor Pavlov) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{8D059D24-7348-366D-9B83-56820EF9BE91}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Apowersoft Phone Manager version 2.7.3 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.7.3 - APOWERSOFT LIMITED) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Apple-programunderstøttelse (32 bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.) Apple-programunderstøttelse (64 bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.) Betternet for Windows (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF4C70EB35}) (Version: 3.6.0.0 - Betternet Technologies Inc.) BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.41.6024 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Computer Security 14.106.105.0 (release) (x32 Version: 14.106.105.0 - F-Secure Corporation) Hidden CrunchTravel 1.0 (HKLM\...\{773E5219-B4A2-4CF1-83C9-CC095F034F1E}_is1) (Version: 1.0 - ) DirectX Version Checker (HKLM-x32\...\{6122970E-5575-4155-8408-FD624B3F7C4F}_is1) (Version: - directxupdate.com) Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc) Driver Talent (HKLM-x32\...\{29FE44D7-BC89-4188-8B0E-F6BA073C15A5}_is1) (Version: 6.4.44.140 - OSToto Co., Ltd.) F-Secure CCF Reputation (x32 Version: 1.1.25.2280 - F-Secure) Hidden F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden F-Secure Network CCF 1.02.136 (x32 Version: 1.02.136 - F-Secure Corporation) Hidden F-Secure SafeSearch 1.03.207.0 (release) (x32 Version: 1.03.207.0 - F-Secure Corporation) Hidden Fullrate Sikkerhedspakke (HKLM-x32\...\F-Secure ServiceEnabler 49094) (Version: 2.06.303.0 - F-Secure Corporation) Fullrate Sikkerhedspakke (x32 Version: 2.06.303.0 - F-Secure Corporation) Hidden GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.156.0 - International GeoGebra Institute) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Grammarly (HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\GrammarlyForWindows) (Version: 1.4.23 - Grammarly) Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\{b1eb8775-bc01-49f5-9885-9ff3c9b4a7a3}) (Version: 6.5.57 - Grammarly) Grammarly for Microsoft® Office Suite (Version: 6.5.57 - Grammarly) Hidden Graph 4.4.2 (HKLM-x32\...\Graph_is1) (Version: - Ivan Johansen) iFunbox (v3.0.3109.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3109.1352 - iFunbox DevTeam) iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0928 - Lenovo) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.716 - Broadcom Corporation) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.) Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4501 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.1.0.4501 - CyberLink Corp.) Hidden Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.5117.01 - CyberLink Corp.) Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo) Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.062.00 - Lenovo) Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 7.35.295.2 - Lenovo) LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo) LenovoUtility (x32 Version: 3.0.0.3 - Lenovo) Hidden Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft Office 365 - da-dk (HKLM\...\O365HomePremRetail - da-dk) (Version: 16.0.7070.2033 - Microsoft Corporation) Microsoft Office Professional 2016 - da-dk (HKLM\...\ProfessionalRetail - da-dk) (Version: 16.0.7070.2033 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) My.com Game Center (HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\MyComGames) (Version: 3.180 - My.com B.V.) Nitro Pro 10 (HKLM-x32\...\{34d271a4-0d4b-4b0a-8fb4-76c3ce02b8cd}) (Version: 10.5.8.44 - Nitro) Nitro Pro 10 (Version: 10.5.8.44 - Nitro) Hidden OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Dit firmanavn) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7030.1021 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7030.1021 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7030.1021 - Microsoft Corporation) Hidden Online Safety 2.107.2565.1702 (x32 Version: 2.107.2565.1702 - F-Secure Corporation) Hidden OpenVPN 2.3.6-I001 (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - ) Ordbogsprogrammet (HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\Ordbogsprogrammet) (Version: 3.0.3.30 - Ordbogen A/S) PS4 Remote Play (HKLM-x32\...\{0AEAA1CE-9815-42AD-AFF7-37555DEC86E4}) (Version: 1.0.0.15181 - Sony Interactive Entertainment Inc.) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.2.16.12597 - Razer Inc.) REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.3 - Lenovo, Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo) ShellShock Live (HKLM\...\Steam App 326460) (Version: - kChamp Games) Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.2.0 - Synaptics Incorporated) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) User Manuals (x32 Version: 4.0.0.1 - Lenovo) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) VMware Player (HKLM\...\{57AA4E8A-E2C9-4F1C-B3F1-762C36E34472}) (Version: 12.1.0 - VMware, Inc.) vShare Helper (HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\vShare Helper) (Version: 1.1.5.0 - vShare.com Co.,LTD) Windows Driver Package - Nuvoton Technology Corporation (EC_LPC_COMM_I2C_Driver) System (05/12/2015 8.1.121.5016) (HKLM\...\1CFCB8218796DF922EE512F9F552AAEF5517595B) (Version: 05/12/2015 8.1.121.5016 - Nuvoton Technology Corporation) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WordMat v. 1.10 (HKLM-x32\...\{301A8257-D5EF-48B4-AAC2-E86700DDA6FE}_is1) (Version: - Eduap) X-Mirage version 2.0.2 (HKLM-x32\...\{EE034220-E0F5-4AA3-82B5-DD1CC216A6F5}_is1) (Version: 2.0.2 - X-Mirage, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3424548845-2453627193-2114329736-1002_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\khanh\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.5.57\AF19DAE8393445FCA98D48537B6518C7\GrammarlyShim64.dll (CompanyName) CustomCLSID: HKU\S-1-5-21-3424548845-2453627193-2114329736-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\khanh\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {046A5CA0-A37E-437F-885A-34E3F0A0A76C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated) Task: {064FB7A3-3F88-48AA-BA40-590DC92BA848} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {13F5B9E4-DACC-4CFF-8F18-2A3C1141741B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-25] (Microsoft Corporation) Task: {2978C8ED-72EC-40DC-A310-498A4F1E750A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-07-30] (Microsoft Corporation) Task: {2E36A6CF-B974-47D5-AD23-08CE9D7312B4} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe control iMControllerService 128 Task: {3375756C-3808-4EEE-B26F-54F52B05A894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-01] (Google Inc.) Task: {38EF2E9F-885C-4A05-9FE2-D5BB49C0E4EF} - System32\Tasks\{1C2E6642-D4D0-4C61-A894-55162D75D3C5} => pcalua.exe -a "C:\Program Files (x86)\vShare Helper\vShare\uninstall.exe" Task: {4C024C11-CBF3-491C-BA25-EFF6D11DDD9B} - System32\Tasks\PPI Update => "hxxp://insightlk.com/download/index.php?mn=9995" <==== ATTENTION Task: {51CEEECD-745B-47A8-92A0-006B69491BB7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-25] (Microsoft Corporation) Task: {54A9196F-5536-456E-8B00-7138C31FDE96} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-05-01] (Lenovo) Task: {5618DFFC-B5F3-4273-98FC-BBD75B409D40} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {92A3DBE5-19B3-460F-AE3C-00BC650EAE1F} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2016-03-17] (CyberLink Corp.) Task: {C0F36553-31E1-4914-A6CC-0DAE662FB899} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-30] (@ByELDI) Task: {CE640A02-EA77-46AD-AB79-3B9F95645975} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo) Task: {D1144742-08FF-4BA7-82F2-213C5E9A48AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-01] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-28 02:08 - 2015-07-28 02:08 - 00049408 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll 2015-07-22 07:37 - 2015-07-22 07:37 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2015-12-15 21:55 - 2015-12-15 21:55 - 00024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe 2016-03-03 16:26 - 2016-03-03 16:26 - 00417944 _____ () C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe 2016-03-03 16:26 - 2016-03-03 16:26 - 02546840 _____ () C:\Program Files\Nitro\Pro 10\Nitro_KissMetrics.dll 2015-12-15 21:55 - 2015-12-15 21:55 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe 2015-12-15 21:12 - 2015-03-16 04:52 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll 2016-04-19 01:55 - 2016-04-19 01:55 - 00187824 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-21 11:36 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-07-21 11:36 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-02 07:17 - 2016-05-02 07:17 - 00959176 _____ () C:\Users\khanh\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll 2016-02-13 14:54 - 2016-02-13 14:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-21 11:40 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-07-21 11:37 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-07-21 11:37 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-07-21 11:37 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-07-21 11:37 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-12-15 21:13 - 2015-12-15 21:13 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe 2015-12-15 21:13 - 2015-12-15 21:13 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll 2016-05-02 13:36 - 2016-05-02 13:36 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2014-02-19 13:56 - 2014-02-19 13:56 - 00220200 _____ () C:\Program Files (x86)\Fullrate\daas2.dll 2016-05-03 19:24 - 2016-04-12 09:19 - 00147216 _____ () c:\program files (x86)\ostotosoft\drivertalent\ldrvsvc.dll 2016-05-03 19:24 - 2016-04-12 09:19 - 00186640 _____ () c:\program files (x86)\ostotosoft\drivertalent\CrashCatch.dll 2016-05-03 19:24 - 2016-04-12 09:19 - 00254824 _____ () c:\program files (x86)\ostotosoft\drivertalent\updater\checkupdate.dll 2016-05-03 19:24 - 2016-06-17 09:16 - 00173224 _____ () c:\program files (x86)\ostotosoft\drivertalent\substat.dll 2016-05-03 19:24 - 2016-04-12 09:19 - 00103776 _____ () c:\program files (x86)\ostotosoft\drivertalent\dstudp.dll 2016-05-03 19:24 - 2016-04-12 09:19 - 00117088 _____ () c:\program files (x86)\ostotosoft\drivertalent\udp.dll 2015-11-25 18:10 - 2015-11-25 18:10 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll 2016-05-01 17:58 - 2016-05-01 17:58 - 00093152 _____ () C:\Program Files (x86)\Fullrate\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll 2016-05-01 17:54 - 2016-05-01 17:58 - 00213984 _____ () C:\Program Files (x86)\Fullrate\apps\ComputerSecurity\Spam Control\fsas.dll 2016-05-01 17:53 - 2016-06-03 15:06 - 00932320 _____ () C:\Program Files (x86)\Fullrate\apps\ComputerSecurity\Anti-Virus\fm4av.dll 2016-07-24 20:05 - 2016-07-20 23:41 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll 2016-07-26 02:26 - 2016-03-09 08:28 - 03306496 _____ () C:\Program Files (x86)\Bluestacks\libGLESv2.dll 2016-05-02 01:24 - 2016-05-02 01:24 - 00592936 _____ () C:\WINDOWS\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll 2016-08-08 21:35 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll 2016-08-08 21:35 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\da_DK\acrotray.dan 2016-05-20 14:18 - 2016-05-20 14:18 - 00101888 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Management\252667907e1e3e32b11d87fba7af0023\Windows.Management.ni.dll 2016-05-20 14:19 - 2016-05-20 14:19 - 02921472 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\931208eb21bfb07f9a4995753d6b7f7b\Windows.ApplicationModel.ni.dll 2016-05-20 14:19 - 2016-05-20 14:19 - 00821248 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\70c31a6aefe21a1501d1b781a0217731\Windows.Storage.ni.dll 2016-05-20 14:18 - 2016-05-20 14:18 - 00335360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\cbafdb4e11c9fd06e0a2e5efa6253883\Windows.Foundation.ni.dll 2016-05-02 13:36 - 2016-05-02 13:36 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-05-02 13:36 - 2016-05-02 13:36 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-05-01 16:42 - 2016-08-04 19:36 - 52042352 _____ () C:\Users\khanh\AppData\Roaming\Spotify\libcef.dll 2016-05-01 16:42 - 2016-08-04 19:36 - 01741936 _____ () C:\Users\khanh\AppData\Roaming\Spotify\libglesv2.dll 2016-05-01 16:42 - 2016-08-04 19:36 - 00087664 _____ () C:\Users\khanh\AppData\Roaming\Spotify\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences [386] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\khanh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 208.67.222.222 - 208.67.220.220 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "RazerCortex" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\StartupApproved\Run: => "Ordbogsprogrammet" HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\StartupApproved\Run: => "iFunBox" HKU\S-1-5-21-3424548845-2453627193-2114329736-1002\...\StartupApproved\Run: => "BlueStacks Agent" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{4A5CA3E7-9CC9-4B44-9B59-A0C37DA538C9}C:\users\khanh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\khanh\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{45E71027-6F2F-48E7-A3D3-E3497610A6A6}C:\users\khanh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\khanh\appdata\roaming\spotify\spotify.exe FirewallRules: [{5BFCEAE7-7833-4964-9B81-3D23867E4F85}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{A9600C5B-076D-4161-86A5-D73738868B4E}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe FirewallRules: [{BE4AC517-C014-4C02-BE13-B36A5B5718D9}] => (Allow) C:\Users\khanh\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8030239B-CEE9-4AEF-AF11-E2CA6D602605}] => (Allow) C:\Users\khanh\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9563BBE5-FF56-4834-8C8A-25C3807ED76C}] => (Allow) C:\Users\khanh\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9F44FBA0-B454-410F-92F4-678B73A7DBB9}] => (Allow) C:\Users\khanh\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3D02B2B7-3E52-4436-B997-36840A1F83E1}] => (Allow) C:\Users\khanh\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{66723F04-AEC2-4631-A855-567FDC150BC1}] => (Allow) C:\Users\khanh\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{DB97090B-A8DF-4116-849B-A24614F31AEF}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe FirewallRules: [UDP Query User{E6558748-57CB-45C4-AFD9-F7FF07704580}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe FirewallRules: [{0467BB34-8AEA-4BE1-8C3B-958BAC4B7DC3}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe FirewallRules: [{06F938D8-1E9A-4509-9EEE-918AC6365F6A}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe FirewallRules: [{A6FF557F-23B9-4F29-B87C-0555AF7350D9}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe FirewallRules: [{FFFA7EFB-6B39-4265-802E-8BAFACAEB078}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{057119AA-C034-4B3B-8E23-8946CB400334}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{23F22ADF-BBAC-4E97-9CEA-479490866A26}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5AB9B09C-ECC8-4A21-8D55-27B02D783DFB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{7A6C2F2D-93F5-4EC8-9A4C-6E71529FEB9B}C:\users\khanh\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\khanh\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{C0D61F1A-8B09-44FB-B59A-74AEC6C4BDEC}C:\users\khanh\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\khanh\appdata\local\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{7BE9FA7A-0B07-4D97-9433-197A00D8E431}C:\users\khanh\desktop\hamed\games\counter-strike global offensive pc game mp+sp ^^nosteam^^\counter-strike global offensive\csgo.exe] => (Allow) C:\users\khanh\desktop\hamed\games\counter-strike global offensive pc game mp+sp ^^nosteam^^\counter-strike global offensive\csgo.exe FirewallRules: [UDP Query User{9F2FEE2C-CCBA-4A32-A325-4CAE45AA5091}C:\users\khanh\desktop\hamed\games\counter-strike global offensive pc game mp+sp ^^nosteam^^\counter-strike global offensive\csgo.exe] => (Allow) C:\users\khanh\desktop\hamed\games\counter-strike global offensive pc game mp+sp ^^nosteam^^\counter-strike global offensive\csgo.exe FirewallRules: [{98D59BF8-34D6-41AF-8CDE-79386FFC375C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{92220CE6-51D1-433B-A810-106AB8237241}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{3DE90618-118C-4729-A269-42BBCB3C7C59}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{AC968A22-85BD-4FA9-8B71-90E89C83228E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8CF7A604-BD3E-4031-B30B-F33C535BE956}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{2908EA4B-D85E-4E53-A1A3-413E1D0CCEED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShellShock Live\ShellShockLive.exe FirewallRules: [{56CDA5FB-1551-4431-90AB-80D0FEE84BA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShellShock Live\ShellShockLive.exe FirewallRules: [{393A9A68-4DED-4BFF-9442-915BB553816E}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe FirewallRules: [{224C3408-7718-4996-B6F1-2223DD466D62}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe FirewallRules: [{B72298AF-7EA5-47A3-8BD7-4225E33A3445}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{A8FA8E2B-3FAB-4E3E-A5EC-3454609124BD}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{7D3B425B-8BA6-4B2D-9FF5-AE83D9560AAC}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe FirewallRules: [{068C7D7A-C11C-4E59-AA88-D64FCADB4F0F}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe FirewallRules: [{91C711C4-A52E-4344-8A63-DE4703A42ED2}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{0AD262AF-0784-4185-B2CC-53CDFA10CD7A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{8ECA5E3F-0634-4F89-99B7-D38F5F324906}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe FirewallRules: [{379C5D97-FE1F-471C-8ABB-17514ABDFB77}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe FirewallRules: [{210FE78F-7F7D-4302-934D-C3A222676B96}] => (Allow) C:\Program Files (x86)\X-Mirage\x-mirage.exe FirewallRules: [{D450E8C7-76FB-4628-A3F5-FE3A01FA6A13}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{49C51FAE-F509-4F1D-846F-A36C8AC032A2}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe FirewallRules: [{05037606-DCDD-4EAC-B8FC-8B6CB78E19CD}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{45C542F9-9171-4F7C-B953-109C47065880}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{AA0B49BE-FA8F-46DB-B75B-1233BDD3E798}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5AA4DFED-894B-49CE-BDEF-7E1414EF0432}] => (Allow) LPort=1688 FirewallRules: [{985B0F04-CB88-47DC-A7C3-3C9993EC12A8}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{13D5C166-0660-413E-9D8E-49C1C46127D8}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe ==================== Restore Points ========================= 29-07-2016 15:29:40 Installed PS4 Remote Play 30-07-2016 19:23:01 Installed VMware Player ==================== Faulty Device Manager Devices ============= Name: VMware Virtual Ethernet Adapter for VMnet1 Description: VMware Virtual Ethernet Adapter for VMnet1 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VMware Virtual Ethernet Adapter for VMnet8 Description: VMware Virtual Ethernet Adapter for VMnet8 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (08/09/2016 02:25:40 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4 Error: (08/09/2016 02:25:40 PM) (Source: Perflib) (EventID: 1018) (User: ) Description: VMware Error: (08/09/2016 02:25:40 PM) (Source: Perflib) (EventID: 1022) (User: ) Description: VMware4 Error: (08/09/2016 02:25:40 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (08/09/2016 02:25:40 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Error: (08/09/2016 02:25:40 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4 Error: (08/09/2016 02:25:40 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: LsaC:\Windows\System32\Secur32.dll4 Error: (08/09/2016 02:25:40 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: ESENTC:\WINDOWS\system32\esentprf.dll4 Error: (08/09/2016 02:25:40 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (08/08/2016 11:59:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-H3V680G) Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (08/09/2016 02:37:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB2267602 (Definition 1.225.3519.0). Error: (08/08/2016 11:59:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H3V680G) Description: App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca Error: (08/08/2016 11:59:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_46fa1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/08/2016 11:59:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_46fa1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/08/2016 11:59:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_46fa1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/08/2016 11:59:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_46fa1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/08/2016 11:59:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (08/08/2016 10:37:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (08/08/2016 06:18:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (08/08/2016 02:18:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable CodeIntegrity: =================================== Date: 2016-08-08 23:59:16.387 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-08 00:40:14.638 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-08 00:30:10.309 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-07 05:08:12.576 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-07 04:58:08.480 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-06 13:50:50.575 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-06 13:40:51.715 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-06 13:40:45.042 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-05 23:59:30.742 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-05 20:19:09.317 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics Percentage of memory in use: 72% Total physical RAM: 3508.98 MB Available physical RAM: 951.88 MB Total Virtual: 7476.98 MB Available Virtual: 3171.64 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:191.38 GB) (Free:79.06 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.44 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: A088DBEF) Partition: GPT. ==================== End of Addition.txt ============================