Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
Ran by Tristin (23-06-2017 09:49:48)
Running from C:\Users\Tristin\Desktop
Windows 10 Home Version 1703 (X64) (2017-06-17 03:33:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-588097529-93146055-1075288794-500 - Administrator - Disabled)
Chinito (S-1-5-21-588097529-93146055-1075288794-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-588097529-93146055-1075288794-503 - Limited - Disabled)
Guest (S-1-5-21-588097529-93146055-1075288794-501 - Limited - Disabled)
Tristin (S-1-5-21-588097529-93146055-1075288794-1001 - Administrator - Enabled) => C:\Users\Tristin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-588097529-93146055-1075288794-1001\...\uTorrent) (Version: 3.5.0.43784 - BitTorrent Inc.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
ActiveState Komodo Edit 10.2.0 (HKLM-x32\...\{80375DA2-CFB8-4DC3-9E01-9AC82443C88B}) (Version: 10.2.0 - ActiveState Software Inc.)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1611.251 - Alps Electric)
AMD Catalyst Install Manager (HKLM\...\{CE6A0ACC-D8A3-484C-1D68-00E9951B7FF3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
CodeBlocks (HKU\S-1-5-21-588097529-93146055-1075288794-1001\...\CodeBlocks) (Version: 16.01 - The Code::Blocks Team)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.5.2.32 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BB041B6A-FACB-4853-BEE9-814FE7F93BB2}) (Version: 17.1.1530.1669 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{55669453-883A-4F15-9D3B-BC990F5C9A32}) (Version: 6.0.6 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
InterStat (HKU\S-1-5-21-588097529-93146055-1075288794-1001\...\InterStat) (Version: 1.0 - InterStat) <==== ATTENTION
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 111 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0928 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4501 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4501 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3330.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo PowerDVD12 (x32 Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo Product Demo (HKLM-x32\...\{AF211959-175F-4052-8404-DD0FDBB3540B}) (Version: 1.0.5 - Lenovo)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{F925868A-2F2C-414B-A5A7-C613039CE9E4}) (Version: 3.1.001.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.062.00 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
LMMS 1.1.3 (HKLM-x32\...\LMMS) (Version: 1.1.3 - LMMS Developers)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-588097529-93146055-1075288794-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
MuseScore 2 (HKLM-x32\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others)
NetAdapter (HKLM-x32\...\{756F40A2-E40B-4827-AFF3-E12360168C9F}) (Version: 1.8.6 - devnull)
NetAdapterUpdate (HKLM-x32\...\{ECAC9BEA-AD3F-49AF-A964-4CBC81DCFEDD}) (Version: 2.7.1 - devnull)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.13 - Black Tree Gaming)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.002.10 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7624 - Realtek Semiconductor Corp.)
Resource Hacker Version 4.4.26 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
RPG Maker 2000 1.05 (HKLM-x32\...\RPG Maker 2000 1.05) (Version:  - )
RPG Maker MV (HKLM-x32\...\RPGMV_is1) (Version: 1.2.0.0 - KADOKAWA)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.104 - Skype Technologies S.A.)
Sublime Text 2.0.2 (HKLM-x32\...\Sublime Text 2_is1) (Version:  - )
Syncios 6.0.3 (HKLM-x32\...\Syncios) (Version: 6.0.3 - Anvsoft)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
The Elder Scrolls V Skyrim Legendary Edition version 1.9.32.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Legendary Edition_is1) (Version: 1.9.32.8 - Mr DJ)
Trend Micro Password Manager (HKLM\...\3A0FB4E3-2C0D-4572-A24D-67F1CAABDDP35_is1) (Version: 3.7.0.1179 - Trend Micro Inc.)
Trend Micro Troubleshooting Tool (HKLM\...\{4B83469E-CE4F-45D0-BC34-CCB7BF194477}) (Version: 6.0.1068 - Trend Micro Inc.)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
User Manuals (x32 Version: 4.0.0.1 - Lenovo) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2051E02A-CC53-417A-A1B7-716D725A4065} - System32\Tasks\AirSupport Update => C:\Program Files\Trend Micro\AirSupport\Update.exe [2016-08-16] (Trend Micro Inc.)
Task: {31F0D33C-E8ED-4C70-8E8B-CC4C1D201CBA} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-09-25] ()
Task: {5B8BF544-91C7-42E6-806E-20A67DB3335E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe control iMControllerService 128
Task: {60772FC2-CB6A-4F82-8F35-12482468A324} - System32\Tasks\{B45B3DA2-749C-44CC-BF46-295F19C4EEF1} => pcalua.exe -a C:\Users\Tristin\Downloads\RM2K_105E\RM2K_105E.exe -d C:\Users\Tristin\Downloads\RM2K_105E
Task: {6356ADBE-7952-46B4-95BE-240D143F44AD} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-09-25] ()
Task: {6D422AE4-9375-4EF4-9896-013106886BE4} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {73C1ABAE-5819-4061-8D16-66987D7F4B70} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-28] (CyberLink Corp.)
Task: {7AC10E69-FF54-4F23-9D8A-78A4CA0B252B} - System32\Tasks\{D3C9CEBA-0ACD-4B28-9D3E-489AA53B0199} => pcalua.exe -a C:\Users\Tristin\Downloads\RTPe\RTPe.exe -d C:\Users\Tristin\Downloads\RTPe
Task: {89D97397-0E09-49F1-BEEF-0201439EAF9A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-07] (Lenovo)
Task: {9617273C-2A25-4799-89CC-CCF28FA682EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-22] (Google Inc.)
Task: {9EE1D170-E4F0-4688-9ECC-CBC1E00E64C4} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2015-09-30] (CyberLink Corp.)
Task: {A4868CF1-4CA5-48E2-84EE-31D1B2E0BDD1} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {A9B6A2AF-52DF-46A8-866E-34FF76218107} - System32\Tasks\NetAdapterServicesTask => C:\Program Files (x86)\devnull\NetAdapter\NetAdapterServiceRunner.vbs [2017-04-26] ()
Task: {BA0AEBE4-A1A6-4445-BDF0-A72460D0A6FB} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-12-15] (Lenovo)
Task: {BC1D33F8-1280-4568-A0CC-E15C0C7483C8} - System32\Tasks\NoTask => C:\Program Files (x86)\devnull\NetAdapter\Nos.vbs [2017-05-15] ()
Task: {BD3FF115-CB74-4862-BE0B-B75DC7A8F3BA} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-07] ()
Task: {BF0AF971-0ABC-4926-92D4-BA873EA78A53} - System32\Tasks\{36E8EFCA-91CA-4FDE-8121-A299FC829FB2} => pcalua.exe -a "C:\Program Files (x86)\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe" -d "C:\Program Files (x86)\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition"
Task: {C24097B3-FEB1-4502-93B6-23739991B4DE} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-07] (Lenovo)
Task: {C517449F-903A-4233-8A3B-8DF848E725CB} - System32\Tasks\TitaniumInstaller => C:\ProgramData\Trend Micro Installer\TrendMicro_Download_1497750623\Setup.exe [2016-08-16] (Trend Micro Inc.)
Task: {DE555F74-A28E-4C46-89E3-C37E5AE32A4B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {DF87C43B-4276-4184-8D40-6A800E7D3D2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-22] (Google Inc.)
Task: {F0FBF46F-6220-47AA-BE86-340E32449071} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-09-15 01:58 - 2015-09-15 01:58 - 00176640 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2015-11-19 12:23 - 2015-11-19 12:23 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe
2017-01-05 17:36 - 2017-01-05 17:36 - 00077824 _____ () C:\Users\Tristin\AppData\Local\ntuserlitelist\dataup\dataup.exe
2015-11-19 12:23 - 2015-11-19 12:23 - 00024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
2017-03-18 13:58 - 2017-03-18 13:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-03 17:11 - 2017-05-03 17:11 - 00619008 ____N () C:\windows\system32\tprdpw64.exe
2017-03-18 13:59 - 2017-03-18 19:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-11-19 11:02 - 2015-11-19 11:02 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-11-19 11:02 - 2015-11-19 11:02 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-06-16 04:53 - 2015-06-16 04:53 - 00628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2017-06-05 22:38 - 2017-06-03 01:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.86\libglesv2.dll
2017-06-05 22:38 - 2017-06-03 01:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.86\libegl.dll
2016-12-13 00:03 - 2016-12-13 00:03 - 01583768 _____ () C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
2016-09-01 17:59 - 2016-09-01 17:59 - 00017024 _____ () C:\Program Files (x86)\Anvsoft\Syncios\androidnotifier.exe
2016-06-21 17:39 - 2016-06-21 17:39 - 01419776 _____ () C:\Program Files (x86)\Anvsoft\Syncios\adb.exe
2017-04-21 15:37 - 2017-04-21 15:37 - 00884224 _____ () C:\Users\Tristin\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
2017-04-21 16:28 - 2017-04-21 16:28 - 01080832 _____ () C:\Users\Tristin\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
2017-05-04 11:13 - 2017-05-04 11:13 - 00235520 _____ () C:\Users\Tristin\AppData\Local\ntuserlitelist\dataup\help_dll.dll
2015-11-19 11:03 - 2015-09-30 01:19 - 00875960 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\Kernel\Boomerang\UNO.dll
2015-11-19 11:03 - 2015-09-30 01:05 - 00081920 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2015-12-05 11:21 - 2015-12-05 11:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-11-19 11:07 - 2014-07-03 21:35 - 00627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-04 13:35 - 2014-07-04 13:35 - 00016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2016-12-07 20:33 - 2016-12-07 20:33 - 00074240 _____ () C:\Program Files (x86)\Anvsoft\Syncios\generalFunc_pdt.dll
2016-11-24 19:28 - 2016-11-24 19:28 - 00437760 _____ () C:\Program Files (x86)\Anvsoft\Syncios\DuiLib.dll
2016-12-07 20:33 - 2016-12-07 20:33 - 00177664 _____ () C:\Program Files (x86)\Anvsoft\Syncios\driverMgr4Transfer_pdm.dll
2016-12-07 20:33 - 2016-12-07 20:33 - 01001472 _____ () C:\Program Files (x86)\Anvsoft\Syncios\androidSyncCore_pdm.dll
2016-11-15 22:37 - 2016-11-15 22:37 - 00579584 _____ () C:\Program Files (x86)\Anvsoft\Syncios\libsscan.dll
2016-08-01 01:01 - 2016-08-01 01:01 - 01970688 _____ () C:\Program Files (x86)\Anvsoft\Syncios\libplist.dll
2016-08-01 01:01 - 2016-08-01 01:01 - 00571392 _____ () C:\Program Files (x86)\Anvsoft\Syncios\sqlite3.dll
2016-09-01 17:59 - 2016-09-01 17:59 - 01278080 _____ () C:\Program Files (x86)\Anvsoft\Syncios\libandroidnotifier.dll
2015-11-19 11:02 - 2015-02-12 17:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2017-01-14 19:40 - 2017-01-14 19:40 - 53460992 _____ () C:\Users\Tristin\AppData\Local\ntuserlitelist\svcvmx\libcef.dll
2016-05-31 11:43 - 2016-05-31 11:43 - 01976832 _____ () C:\Users\Tristin\AppData\Local\ntuserlitelist\svcvmx\libglesv2.dll
2016-05-31 11:44 - 2016-05-31 11:44 - 00075264 _____ () C:\Users\Tristin\AppData\Local\ntuserlitelist\svcvmx\libegl.dll
2016-06-15 17:15 - 2016-06-15 17:15 - 17599640 _____ () C:\Users\Tristin\AppData\Local\ntuserlitelist\svcvmx\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-588097529-93146055-1075288794-1001\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 04:04 - 2015-07-10 04:02 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-588097529-93146055-1075288794-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\lenovo\lenovowallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A5B45FFF-451A-4D4C-81B0-3900830FB5DE}] => (Allow) C:\Program Files (x86)\devnull\NetAdapter\service.exe
FirewallRules: [{FF6D38CD-75F0-4756-94D6-CBC431BDDA36}] => (Allow) C:\Program Files (x86)\devnull\NetAdapter\NetAdapter.exe
FirewallRules: [{2ADA09C5-0F64-43FD-A436-85847AEED94A}] => (Allow) C:\Users\Tristin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B24BE187-87C7-48AA-ADE0-4E695039E945}] => (Allow) C:\Users\Tristin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2A0FB274-61EA-4DCD-B24C-C03C053156A1}] => (Allow) C:\Users\Tristin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2F6D8251-DB0D-4C36-A927-FD3508DF496A}] => (Allow) C:\Users\Tristin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1356DE64-E82E-4EA4-A236-8EDB8A8347F1}] => (Allow) C:\Users\Tristin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C506EBE6-03F1-40C2-903B-1B18A4ABE849}] => (Allow) C:\Users\Tristin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A34242DC-008A-4085-8466-334B915569E6}] => (Allow) C:\Users\Tristin\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4C248A56-8753-4333-ACE5-BC2E8AF39E67}] => (Allow) C:\Users\Tristin\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E52BD394-BE92-41B4-BFC5-965878B201AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C40147FB-14F5-442C-AB3F-E7259426D79E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{7E9978BE-50C0-4AD4-8A67-95137A222BDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [UDP Query User{0563D40D-C8B5-4D53-998E-8ECB09586B41}C:\users\tristin\documents\my games\emily is away too\emilyisawaytoo.exe] => (Allow) C:\users\tristin\documents\my games\emily is away too\emilyisawaytoo.exe
FirewallRules: [TCP Query User{E0A32534-2EC9-437E-B151-F7C2680C9EF6}C:\users\tristin\documents\my games\emily is away too\emilyisawaytoo.exe] => (Allow) C:\users\tristin\documents\my games\emily is away too\emilyisawaytoo.exe
FirewallRules: [UDP Query User{48FE980A-D3BF-4C64-8D37-E1F96CC59366}C:\program files\android\android studio\jre\bin\java.exe] => (Block) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{261B6840-E499-4E63-B31E-DBB59D7ABABB}C:\program files\android\android studio\jre\bin\java.exe] => (Block) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [{96CB19E8-780C-4B0A-9DD4-F6307E470C5C}] => (Allow) C:\Program Files (x86)\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe
FirewallRules: [{E43ACC0D-08CB-4045-BECB-5F8AD46EE117}] => (Allow) C:\Program Files (x86)\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe
FirewallRules: [{35074986-9234-4917-A860-72DF8F5751E3}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe
FirewallRules: [{9F926B9F-AB89-43DF-B100-A64DD46C1904}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{035405E0-27CE-4257-B84F-8A008CE47016}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1CC8086E-CE4B-4AE6-922E-0EBC5538D850}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1E1B952F-B436-45DD-ADB4-44187F09BD4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{52D5763C-0211-46E9-8EF5-B33576CF1D94}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{169B2442-AF63-4983-899D-6F82B62D9622}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{40E8FFE4-F005-40D3-8326-2347A0A7A477}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F3A7105C-68CD-4A42-BEA2-26DFB0DA82F5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FCC7E277-2362-464D-846A-6439CDE0FEA7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{732ADFF4-7A71-4156-8E83-7AB6437BCD74}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe
FirewallRules: [{CFA953D8-C257-40F5-B0AE-B62179DD3530}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{9E9F74C2-36A6-476A-B826-2B22201D8E64}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{88FEA884-C5AF-4209-9534-B79BE71078AA}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{3CB95210-D5BD-4CE4-95BA-FBF67E1A000A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{2253601A-6C0C-479C-BAA3-49E356C2BB1F}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{51949BDD-954F-416F-99B0-1398273200B2}] => (Allow) C:\Program Files (x86)\devnull\NetAdapterUpdate\NetAdapterUpdate.exe
FirewallRules: [{8BE2DD28-60F1-47A2-93FA-ECC0659FC5E3}] => (Allow) C:\Program Files (x86)\devnull\NetAdapterUpdate\NetAdapterUpdate.exe

==================== Restore Points =========================

17-06-2017 17:01:53 Windows Update
22-06-2017 18:41:45 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/23/2017 09:35:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-LARFJOHF)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/23/2017 09:19:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-LARFJOHF)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/22/2017 09:24:24 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (06/22/2017 09:22:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RPGMV.exe, version: 1.3.0.0, time stamp: 0x57ad29fb
Faulting module name: OPENGL32.dll, version: 10.0.15063.0, time stamp: 0xd0083079
Exception code: 0xc0000005
Fault offset: 0x0000a48a
Faulting process id: 0x1dc
Faulting application start time: 0x01d2ebd85c2b0dd0
Faulting application path: C:\Program Files (x86)\KADOKAWA\RPGMV\RPGMV.exe
Faulting module path: C:\WINDOWS\SYSTEM32\OPENGL32.dll
Report Id: 2585138d-472b-4dc5-b521-b2d571b1e514
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/22/2017 08:12:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GDCAgent.exe, version: 1.0.1.6, time stamp: 0x55b8998c
Faulting module name: GDCAgent.exe, version: 1.0.1.6, time stamp: 0x55b8998c
Exception code: 0xc0000005
Fault offset: 0x00020fb8
Faulting process id: 0x1430
Faulting application start time: 0x01d2ebc947d38ece
Faulting application path: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Faulting module path: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Report Id: 3ebfcd17-f71c-41dd-83ed-154c01c5eb5d
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/22/2017 08:12:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-LARFJOHF)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/22/2017 08:07:48 PM) (Source: MsiInstaller) (EventID: 11730) (User: LAPTOP-LARFJOHF)
Description: Product: Advanced Archive Password Recovery -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.

Error: (06/22/2017 04:20:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-LARFJOHF)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/20/2017 05:20:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GDCAgent.exe, version: 1.0.1.6, time stamp: 0x55b8998c
Faulting module name: GDCAgent.exe, version: 1.0.1.6, time stamp: 0x55b8998c
Exception code: 0xc0000005
Fault offset: 0x00020fb8
Faulting process id: 0x15f8
Faulting application start time: 0x01d2e9fa32295806
Faulting application path: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Faulting module path: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Report Id: ba3c5f4e-a69c-4c98-a91b-217b21a22d96
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/20/2017 03:54:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-LARFJOHF)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (06/23/2017 09:22:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
The requested resource is in use.

Error: (06/23/2017 09:18:30 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff803252825c2, 0xffffa58090091f90, 0x0000000000000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: a100a225-2536-4c9e-b3a1-983c0ded114c.

Error: (06/23/2017 09:16:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/23/2017 09:16:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/23/2017 09:16:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PwmSvc service failed to start due to the following error: 
The requested resource is in use.

Error: (06/23/2017 09:16:15 AM) (Source: IntelHaxm) (EventID: 10) (User: )
Description: HAXM can't work on system with VT disabled

Error: (06/23/2017 09:16:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error: 
The request is not supported.

Error: (06/23/2017 09:16:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:44:19 AM on ‎6/‎23/‎2017 was unexpected.

Error: (06/23/2017 09:11:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/23/2017 09:11:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
  Date: 2017-06-22 19:47:40.071
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\WINDOWS\System32\UpgradeResultsUI.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-22 19:47:40.069
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\WINDOWS\System32\UpgradeResultsUI.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-22 19:47:40.067
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\WINDOWS\System32\UpgradeResultsUI.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-22 19:47:40.065
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\WINDOWS\System32\UpgradeResultsUI.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-22 19:47:40.063
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\WINDOWS\System32\UpgradeResultsUI.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-22 19:47:39.614
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\WINDOWS\System32\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-22 19:47:39.612
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\WINDOWS\System32\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-22 19:47:39.609
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\WINDOWS\System32\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-22 19:47:39.606
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\WINDOWS\System32\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-22 19:47:39.603
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\WINDOWS\System32\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 50%
Total physical RAM: 8074.63 MB
Available physical RAM: 3972.69 MB
Total Virtual: 9994.63 MB
Available Virtual: 5303.3 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:884.97 GB) (Free:735.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6B01CA4C)

Partition: GPT.

==================== End of Addition.txt ============================