Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
New Member
Whenever i boot my laptop up i see this message.
"The module 'C:\ProgramData\joxeyUxudu\QojkeTapog.nko' failed to load.
Make sure the binary is sorted at the specified path or debug it to check for problem with the binary or dependent.DLL files.
the specified module could not be found."
Any ideas?
Malware Expert
New Member
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Holly (administrator) on HOLLYS-LAPTOP (16-03-2017 21:43:27)
Running from C:\Users\Holly\Downloads
Loaded Profiles: Holly (Available Profiles: Holly)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Advent) C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(DSGi) C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADPrinterSDK.exe
(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Wistron Corp.) C:\Program Files\Launch Manager\HotkeyApp.exe
(DSGi) C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADStatusMonitor.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [{CDF13D74-E6AA-4006-818A-B360D6A3573C}] => C:\Program Files\Launch Manager\HotkeyApp.exe [415272 2012-03-01] (Wistron Corp.)
HKLM-x32\...\Run: [ADStatusMonitor] => C:\PROGRAM FILES (X86)\ADVENT\AIO\STATUSMONITOR\ADStatusMonitor.exe [2790816 2012-10-31] (DSGi)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [114480 2016-10-27] (Panda Security, S.L.)
HKLM-x32\...\Run: [DLLSuite2016] => C:\Program Files (x86)\DLL Suite\DLLSuite.exe
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\...\Run: [JoxeyUxudu] => regsvr32.exe "C:\ProgramData\JoxeyUxudu\QojxeTapog.nko"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts-x32: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-3491399957-4132394281-3865697256-1000] => http=127.0.0.1:12537
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8f060a73-d381-4daa-80ac-0643fe10e761}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9836a2a1-04cc-4bdc-b6cb-25062c807e97}: [DhcpNameServer] 172.168.130.2
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={7FD07789-7AFB-4ABF-9E98-9A09BA14FFED}&mid=734d7442b75847cd8c0fa5ac05bde478-f51cedec47cacf3a1db5cfbbf1c1f42c9b524c30&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-05-12 19:55:53&v=4.3.7.452&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7XXXX
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7XXXX
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3491399957-4132394281-3865697256-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-3491399957-4132394281-3865697256-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={7FD07789-7AFB-4ABF-9E98-9A09BA14FFED}&mid=734d7442b75847cd8c0fa5ac05bde478-f51cedec47cacf3a1db5cfbbf1c1f42c9b524c30&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-05-12 19:55:53&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2016-09-19] ()
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-10-28] (Atheros Commnucations)
BHO-x32: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2016-09-19] ()
Toolbar: HKLM - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2016-09-19] ()
Toolbar: HKLM-x32 - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2016-09-19] ()
Toolbar: HKU\S-1-5-21-3491399957-4132394281-3865697256-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2009-05-01] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-21] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default [2017-03-07]
CHR Extension: (Google Drive) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Google Docs Offline) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-22]
CHR Extension: (Gmail) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-27]
CHR Extension: (Chrome Media Router) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-01]
CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Advent AiO Network Discovery Service; C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe [395200 2012-10-31] (Advent)
R2 ADVENT AIO Status Monitor Service; C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADPrinterSDK.exe [722336 2012-10-31] (DSGi)
S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109816 2016-10-24] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-11-06] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48584 2016-10-27] (Panda Security, S.L.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [119848 2011-12-21] (Wistron Corp.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-10-28] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2014-12-11] (AVG Technologies)
S4 DamageGuard; C:\WINDOWS\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-11] (Lenovo)
S4 dgFltr; C:\WINDOWS\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-06-20] (Malwarebytes Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [106928 2016-07-05] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211376 2016-07-05] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [119728 2016-07-05] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [125872 2016-07-05] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [80152 2016-07-06] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [116656 2016-07-05] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [90032 2016-07-05] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135088 2016-07-05] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [335792 2016-07-05] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [197040 2016-07-05] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123312 2016-07-05] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [278960 2016-07-05] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125360 2016-07-05] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [179120 2016-10-24] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130992 2016-10-24] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207792 2016-10-24] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133552 2016-10-24] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [146864 2016-10-24] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117168 2016-10-24] (Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72112 2016-08-09] (Panda Security, S.L.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-16 21:41 - 2017-03-16 21:41 - 00000000 _____ C:\Users\Holly\Downloads\Shortcut.txt
2017-03-16 21:31 - 2017-03-16 21:33 - 00044141 _____ C:\Users\Holly\Downloads\Addition.txt
2017-03-16 21:29 - 2017-03-16 21:43 - 00018694 _____ C:\Users\Holly\Downloads\FRST.txt
2017-03-16 21:28 - 2017-03-16 21:43 - 00000000 ____D C:\FRST
2017-03-16 21:28 - 2017-03-16 21:28 - 02424832 _____ (Farbar) C:\Users\Holly\Downloads\FRST64.exe
2017-03-16 21:25 - 2017-03-16 21:25 - 01766912 _____ (Farbar) C:\Users\Holly\Downloads\FRST.exe
2017-03-15 23:17 - 2017-03-15 23:17 - 00028012 _____ C:\Users\Holly\Downloads\Contract Note (3).pdf
2017-03-15 23:17 - 2017-03-15 23:17 - 00027928 _____ C:\Users\Holly\Downloads\Contract Note (2).pdf
2017-03-15 23:16 - 2017-03-15 23:16 - 00027936 _____ C:\Users\Holly\Downloads\Contract Note (1).pdf
2017-03-15 22:59 - 2017-03-15 22:59 - 00027929 _____ C:\Users\Holly\Downloads\Contract Note.pdf
2017-03-08 23:13 - 2017-03-08 23:13 - 00602112 _____ (OldTimer Tools) C:\Users\Holly\Downloads\OTL (1).exe
2017-03-08 23:10 - 2017-03-16 20:55 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C03AE0F5-EF8F-44BD-8AB1-34DAC66F4A94}
2017-03-08 23:02 - 2017-03-08 23:02 - 00000000 ____D C:\_OTL
2017-03-08 22:42 - 2017-03-08 22:42 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-08 22:38 - 2017-03-08 23:18 - 00003988 _____ C:\Users\Holly\Downloads\OTL.Txt
2017-03-08 22:28 - 2017-03-08 22:28 - 00602112 _____ (OldTimer Tools) C:\Users\Holly\Downloads\OTL.exe
2017-03-08 02:33 - 2017-03-08 02:33 - 01101824 _____ C:\Users\Holly\Downloads\v3.3.90_Dll_Files_Fixer_License_Key_Crack_Free_Download (1).iso
2017-03-08 02:31 - 2017-03-08 02:31 - 01101824 _____ C:\Users\Holly\Downloads\v3.3.90_Dll_Files_Fixer_License_Key_Crack_Free_Download.iso
2017-03-08 02:31 - 2017-03-08 02:31 - 00000000 ____D C:\Users\Public\CyberLink
2017-03-08 02:31 - 2017-03-08 02:31 - 00000000 ____D C:\Users\Holly\AppData\Roaming\CyberLink
2017-03-08 02:17 - 2017-03-08 02:37 - 00000460 _____ C:\WINDOWS\Tasks\TechUtilities.job
2017-03-08 02:17 - 2017-03-08 02:17 - 00003316 _____ C:\WINDOWS\System32\Tasks\TechUtilities
2017-03-08 02:17 - 2017-03-08 02:17 - 00000924 _____ C:\Users\Public\Desktop\TechUtilities.lnk
2017-03-08 02:17 - 2017-03-08 02:17 - 00000000 ____D C:\ProgramData\TechUtilities64
2017-03-08 02:17 - 2017-03-08 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechUtilities
2017-03-08 02:16 - 2017-03-08 02:17 - 00000000 ____D C:\Program Files\TechUtilities
2017-03-08 02:15 - 2017-03-08 02:16 - 02282656 _____ (Seven Servos Software Pvt Ltd. ) C:\Users\Holly\Downloads\TechUtilities_setup_1.9.exe
2017-03-08 02:06 - 2017-03-08 23:10 - 00000000 ____D C:\Program Files (x86)\DLL Suite
2017-03-08 02:04 - 2017-03-08 02:05 - 21289424 _____ ( ) C:\Users\Holly\Downloads\DLLSuite.exe
2017-03-08 01:56 - 2017-03-08 01:56 - 00000000 ____D C:\Users\Holly\Documents\DLL-Files Fixer 3.3.90.3079 (FULL + Crack)
2017-03-08 01:04 - 2017-03-08 01:58 - 00000000 ____D C:\Program Files (x86)\DLL Care
2017-03-08 00:29 - 2017-03-08 00:35 - 00000000 ____D C:\Program Files (x86)\Safer Technologies
2017-03-07 23:51 - 2017-03-08 00:00 - 00000000 ____D C:\Users\Holly\Documents\depends22_x86
2017-03-01 21:26 - 2017-03-01 21:26 - 00000000 ____D C:\Users\Holly\AppData\Roaming\pandasecuritytb
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-16 21:33 - 2015-10-30 07:21 - 00000000 ____D C:\WINDOWS\INF
2017-03-16 21:17 - 2015-02-10 15:10 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-16 20:56 - 2016-06-19 18:15 - 00000000 ____D C:\ProgramData\Advent
2017-03-16 20:53 - 2012-07-06 08:28 - 00000828 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2017-03-15 23:08 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-15 23:07 - 2015-10-30 07:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 22:56 - 2017-01-21 12:30 - 00000000 ____D C:\ProgramData\panda_url_filtering
2017-03-15 22:09 - 2012-10-10 20:52 - 00000000 ____D C:\Users\Holly\AppData\Local\Adobe
2017-03-08 23:09 - 2016-06-19 18:19 - 01013760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-08 23:06 - 2012-07-06 08:45 - 01179761 _____ C:\WINDOWS\system32\fastboot.set
2017-03-08 23:03 - 2016-04-27 06:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-08 23:03 - 2015-10-30 06:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-03-08 22:42 - 2016-06-19 18:58 - 00002422 _____ C:\Users\Holly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-08 22:42 - 2016-06-19 18:58 - 00000000 ___RD C:\Users\Holly\OneDrive
2017-03-08 21:50 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\rescache
2017-03-08 21:16 - 2013-11-20 22:24 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-08 02:36 - 2016-04-27 06:29 - 00395936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-08 02:36 - 2013-04-19 00:18 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-08 02:36 - 2013-04-19 00:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-08 02:36 - 2012-07-06 08:38 - 00000000 ____D C:\Program Files\Google
2017-03-08 02:36 - 2012-07-06 08:37 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-08 01:41 - 2013-07-18 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-08 00:37 - 2012-10-10 21:01 - 00000000 ____D C:\Users\Holly\AppData\Local\Google
2017-03-07 23:54 - 2012-10-10 03:44 - 00000000 ____D C:\Users\Holly\AppData\Local\VirtualStore
2017-03-07 22:55 - 2017-01-21 12:29 - 00000000 ____D C:\Users\Holly\AppData\LocalLow\pandasecuritytb
2017-03-07 22:45 - 2016-10-29 14:32 - 00000000 ____D C:\Users\Holly\AppData\Local\Avg
2017-03-07 22:45 - 2014-12-11 15:26 - 00000000 ____D C:\ProgramData\MFAData
2017-03-07 22:44 - 2016-10-29 14:32 - 00000000 ____D C:\Users\Holly\AppData\Local\AvgSetupLog
2017-03-07 22:43 - 2015-10-30 07:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-03-07 22:27 - 2015-10-30 06:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
==================== Files in the root of some directories =======
2014-12-20 00:20 - 2014-12-20 00:20 - 0000034 _____ () C:\Users\Holly\AppData\Roaming\AdobeWLCMCache.dat
2015-01-30 12:51 - 2015-02-10 15:05 - 0000000 _____ () C:\Users\Holly\AppData\Local\nnryabvq.log
2015-01-27 20:14 - 2015-01-27 20:14 - 0000000 _____ () C:\Users\Holly\AppData\Local\ogfksojr.log
2015-01-27 20:15 - 2015-01-29 21:59 - 0000000 _____ () C:\Users\Holly\AppData\Local\quohpobk.log
2012-10-10 20:47 - 2012-10-10 20:47 - 0017408 _____ () C:\Users\Holly\AppData\Local\WebpageIcons.db
2015-01-27 20:08 - 2015-01-27 20:08 - 0000064 _____ () C:\ProgramData\ghkjcghv.log
Some files in TEMP:
====================
2016-10-29 14:32 - 2016-10-29 14:32 - 2892128 _____ (AVG Technologies) C:\Users\Holly\AppData\Local\Temp\avg-5c1bf30f-eaf5-4137-84c4-732e24298521.exe
2017-03-08 01:39 - 2017-03-08 01:39 - 2612600 _____ (Microsoft Corporation) C:\Users\Holly\AppData\Local\Temp\DefaultPack.EXE
2017-03-08 01:06 - 2017-03-08 02:35 - 0000000 _____ () C:\Users\Holly\AppData\Local\Temp\temp~.DLL
2017-03-08 01:06 - 2017-03-08 02:35 - 0000000 _____ () C:\Users\Holly\AppData\Local\Temp\temp~.EXE
2017-01-21 12:25 - 2017-01-21 12:27 - 57780944 _____ (Panda Security, S.L.) C:\Users\Holly\AppData\Local\Temp\{D7A1FC18-FD86-4A01-970B-8EF0F3FF24D9}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-15 22:20
==================== End of FRST.txt ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Holly (16-03-2017 21:45:11)
Running from C:\Users\Holly\Downloads
Windows 10 Home Version 1511 (X64) (2016-06-19 18:51:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3491399957-4132394281-3865697256-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3491399957-4132394281-3865697256-503 - Limited - Disabled)
Guest (S-1-5-21-3491399957-4132394281-3865697256-501 - Limited - Disabled)
Holly (S-1-5-21-3491399957-4132394281-3865697256-1000 - Administrator - Enabled) => C:\Users\Holly
HomeGroupUser$ (S-1-5-21-3491399957-4132394281-3865697256-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Protection (Enabled - Up to date) {46AEFD02-ACA3-E038-1FA5-4A15EFD361E0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Protection (Enabled - Up to date) {FDCF1CE6-8A99-EFB6-2515-716794542B5D}
FW: Panda Firewall (Disabled) {7E957C27-E6CC-E160-34FA-E3201100269B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
ADVENT AIO Printer (Version: 2.0.0.0 - DSGi) Hidden
Advent AIO Software (HKLM-x32\...\{27B5D9DE-D57D-48ee-A4F1-DC3D9DA0DF57}) (Version: 2.1.4.0 - Advent)
Advent Essentials (x32 Version: 1.0.0.0 - DSGi) Hidden
aioscnnr (x32 Version: 1.0.6.0 - DSGi) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.7.42.71192 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.7.42.71192 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.103 - Atheros)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.9.9 - Atheros Communications Inc.)
Atheros WLAN Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.01 - Canon Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.4.1 - Lenovo)
Energy Management (x32 Version: 7.0.4.1 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35132 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iscsicli (HKLM\...\{f48a0c57-7c48-461c-9957-ab255ddc986e}.sdb) (Version: - )
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\{CDF13D74-E6AA-4006-818A-B360D6A3573C}) (Version: 1.0.1 - Wistron Corp.)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.56007.2 - Sonix)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.0.3712 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
ocr (x32 Version: 6.0.0.0 - Eastman Kodak Company) Hidden
Panda Devices Agent (x32 Version: 1.03.08 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.08.00 - Panda Security) Hidden
Panda Protection (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.00.00.0000 - Panda Security)
Panda Protection (Version: 8.85.00 - Panda Security) Hidden
Panda Safe Web (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.21 - Panda Security and Visicom Media Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.1 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6549 - Realtek Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Strongvault Online Backup (x32 Version: 5.0.2.34 - Strongvault Online Backup) Hidden <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TechUtilities (HKLM\...\TechUtilities_is1) (Version: 1.1.3.8 - Seven Servos Software Pvt Ltd.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
UserGuide (x32 Version: 1.0.0.6 - Lenovo) Hidden
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.1230 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3491399957-4132394281-3865697256-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\rdpencom.dll => No File <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03AB2D45-BD42-499F-B197-0EAC35C702A0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {08B4701A-52BB-46ED-8020-C69D4E65D597} - \ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon -> No File <==== ATTENTION
Task: {09053192-97D6-472D-8807-2AA5E77CF4E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0A1DEF39-36BA-43A7-AAA1-AF74118FF18D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0CA14F60-87D0-4C32-805F-AEFEC13BC693} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1053E428-A3F9-4B4F-8410-067681FCCFD0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {14602A37-CBD2-43C1-A0FE-17D49F7472EF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {1E8E6C44-C693-4B0F-97C3-29D831D85293} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1EFB70EC-236E-4A48-BAB0-DA05176A8583} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {28E9D65F-28DB-408E-8ECB-6407A4D612D9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {30502153-A319-40F3-8107-B1BFE81437A0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {32C2E8CC-1E6C-4B45-B400-791C3AC2ECFC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {33915678-FB62-4DEA-857E-2FE03953B47A} - System32\Tasks\AdobeAAMUpdater-1.0-Hollys-Laptop-Holly => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {370547C1-4639-44B0-92D8-782A5D11F142} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {377CAF9A-D82A-4C53-8FF4-5F98298B890F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {38AF8E04-6A19-492E-94B3-8628ECF53A78} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3DC5FBBD-2276-4341-8179-BC2CDD874091} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {4448929B-213E-44CF-9193-6F05A7DEACB4} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {4C91DD99-4A30-43E5-A3B8-9F9F70A512CE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4CAF7290-0C81-4D17-AFD3-274AE33EDA09} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {4EA62D17-948A-4454-BEE4-5BF692E60212} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5BA0C3D7-6590-4C24-97D3-E0D903539E06} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {71C287B9-BE84-4C61-A990-39CA642C52A8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {72B17259-5E8B-4E06-8BFF-34C4247082B5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {769CFCFA-D598-4EE3-BC6B-AA25099D5A49} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {77242815-18B6-41F8-87E6-C6C18196139F} - \ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d -> No File <==== ATTENTION
Task: {797270F1-EB64-46EE-9046-3D55F0F6767C} - \MirageAgent -> No File <==== ATTENTION
Task: {79FBF79C-AC73-41EF-B482-DE1122ED77AC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {7FBF203A-77FE-4377-AB4C-47E1993AB8F7} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {8630F2A2-7597-4E9F-AEB8-554A592ABFF1} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {8E28FD27-9B94-4F77-BDB1-ABE4F150EFBC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {90C00DFC-D2B3-4FB6-8F74-F9E757E4C588} - System32\Tasks\TechUtilities => C:\Program Files\TechUtilities\TechUtilities.exe [2017-01-25] (Seven Servos Software, Pvt Ltd.)
Task: {91E02FDE-0C6D-41C8-BCDC-994149CD0AFB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {9200E954-5008-4289-888C-989FDF4CFE12} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {950BD223-2723-45E2-8946-023B16FD4FCA} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => %SystemRoot%\System32\GWX\GWXUXWorker.exe
Task: {96780DD9-B3F3-4D56-A9AF-E174D834754E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {9EC542EB-0353-4A4F-9FDB-AEDE82883F54} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {9F4802AB-08C1-4BD1-A0F7-5E778ABB731D} - \CreateChoiceProcessTask -> No File <==== ATTENTION
Task: {A68A07DA-D726-4F43-9C23-BECA15DCD170} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {AD5F8642-5E11-4545-A683-89792813F988} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B74B4BDB-BCC2-49B3-BC30-778E2A7398E6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C474A469-15FE-477D-A418-367D91347D3D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {C6BB450B-27D2-4C36-A258-5DEAACD4B129} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C8E1E41A-722B-48B9-85B2-632A5AAE4481} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D8F31D14-198C-4809-AC27-38B73711A2DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {DC8ECD79-5A38-4D31-9358-4F826C95CC78} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {DF886BEB-1784-467B-BC0F-75D6FAB3BF48} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E266D999-BF25-4F03-B588-5AC7164063C1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E9AB574A-E83E-41AD-8D9A-6FB6A47E3024} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EB36F7EC-F15D-4688-8A71-75091BBB3776} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {EB99F1DA-8069-4BE0-B79E-A17E2C5E362E} - System32\Tasks\4701 => Wscript.exe C:\Users\Holly\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {F73AD4DB-A9B1-4217-B176-F83FFF9A4C28} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\WINDOWS\Tasks\TechUtilities.job => C:\Program Files\TechUtilities\TechUtilities.exe -t C:\Program Files\TechUtilities\TechUtilities.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-07-06 08:27 - 2011-12-16 04:37 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2015-10-30 07:18 - 2015-10-30 07:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-22 08:53 - 2016-07-01 04:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-22 08:53 - 2016-07-01 04:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-04-27 06:10 - 2016-04-27 06:10 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-09-22 08:55 - 2016-07-01 03:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-09-22 08:53 - 2016-07-01 03:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-22 08:53 - 2016-07-01 03:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-22 08:53 - 2016-07-01 03:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-22 08:53 - 2016-07-01 03:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-06-19 19:29 - 2016-06-19 19:29 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-09-19 14:04 - 2016-09-19 14:04 - 00131064 _____ () C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-15 17:17 - 2015-12-15 17:17 - 00618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2012-07-06 08:17 - 2011-11-30 03:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-07-06 08:27 - 2011-12-16 02:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2016-06-19 19:29 - 2016-06-19 19:29 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-06-19 19:29 - 2016-06-19 19:29 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [290]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\...\trovi.com -> hxxp://www.trovi.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:34 - 2015-02-10 15:30 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Holly\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ADStatusMonitor => C:\Program Files (x86)\Advent\AiO\StatusMonitor\ADStatusMonitor.exe
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: Energy Management => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
MSCONFIG\startupreg: EnergyUtility => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: JoxeyUxudu => regsvr32.exe "C:\ProgramData\JoxeyUxudu\QojxeTapog.nko"
MSCONFIG\startupreg: Lenovo EE Boot Optimizer => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SynLenovoGestureMgr => %ProgramFiles%\Synaptics\SynTP\SynLenovoGestureMgr.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: UpdateP2GShortCut => "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
MSCONFIG\startupreg: YgwIjnwv => :\Users\Holly\AppData\Local\qafvynnf\ygwijnwv.ex
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{9C33170B-2BCE-408D-AC5A-2A564C8C258E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{C1A1668D-0D94-4A6B-A752-D1D5312F1A6D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{07B8719D-5E74-4BC3-97AF-EF5314568E7C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{92543B6D-BF64-4D88-B3DC-918E9F0332C9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{DFF2D37E-DA45-4AD1-BB4C-DB9342FA6A35}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{FFB7D1CD-31EE-4D43-BC70-68070EC6010D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{CBA80CBC-77D5-401B-95A9-AF0457297550}] => (Allow) C:\Windows\taskmgr.exe
FirewallRules: [{AA03C6E2-4FD7-4EDC-A7C0-CAF0837F156A}] => (Allow) C:\Windows\taskmgr.exe
FirewallRules: [{BFC3B8ED-1045-494C-B612-43D9988B0896}] => (Allow) C:\Windows\wauctla.exe
FirewallRules: [{38A20C78-2A43-4057-8AB3-5C6A64564861}] => (Allow) C:\Windows\wauctla.exe
FirewallRules: [{C574EAD3-5E5A-4730-A4E9-28E1D252C201}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{FA6B7DFB-0C3D-4A80-897D-EDDA7499138D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{5B0D56A7-4210-4984-BC77-FD6E51123527}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{FA3769CA-C753-477F-A7CC-6904CCB2CE87}] => (Allow) LPort=5353
FirewallRules: [{ED36D913-2C62-4ADD-B3D4-E15496CD879D}] => (Allow) LPort=9333
FirewallRules: [{7AAEFFF1-FDFE-40E2-A422-CD0B22C32380}] => (Allow) C:\ProgramData\Advent\Installer\Setup.exe
FirewallRules: [{D7555FCC-C864-4352-8F35-5B479CDF69A1}] => (Allow) C:\ProgramData\Advent\Installer\Setup.exe
FirewallRules: [{F880F847-4210-45E9-AF1D-CC5B2D3F3EE3}] => (Allow) C:\Program Files (x86)\Advent\AIO\Firmware\AdventAIOUpdater.exe
FirewallRules: [{E88832C7-7663-4ECE-8F49-9B442D36B0C6}] => (Allow) C:\Program Files (x86)\Advent\AIO\Firmware\AdventAIOUpdater.exe
FirewallRules: [{797EF541-662E-4ED3-AB97-7FCAB4EA130B}] => (Allow) C:\Program Files (x86)\Advent\AIO\Center\AdNetworkPrinterDiscovery.exe
FirewallRules: [{D09BA683-E3FC-4185-80C9-07953A915E7D}] => (Allow) C:\Program Files (x86)\Advent\AIO\Center\AdNetworkPrinterDiscovery.exe
FirewallRules: [{F417BD5C-787D-4418-9105-891E05E0736A}] => (Allow) C:\Program Files (x86)\Advent\AIO\Center\Advent.Statistics.exe
FirewallRules: [{C2E90CF5-22CD-47CC-8EB4-98734C460730}] => (Allow) C:\Program Files (x86)\Advent\AIO\Center\Advent.Statistics.exe
FirewallRules: [{9303FD26-8B59-45E6-913E-98777B7F1607}] => (Allow) LPort=5353
FirewallRules: [{CB085A80-E16F-4F39-A9B6-F8E44653854E}] => (Allow) LPort=9333
FirewallRules: [{39CD686F-DC21-49B8-9DE5-9E7BC229BBDC}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{B4DD64A4-BEC4-4249-A030-CBB8F5264732}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{4646A121-D772-476F-B616-A6C4DE055139}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{9F821BA3-4324-4A86-ADF2-2A22CF8A56D1}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{B50C924F-7174-4341-B67B-8F21F3184727}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{18025E02-06DD-48CC-88B2-BA0618FB1ECF}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{CD53AC72-0B06-48BB-8A90-D34D097486C0}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{A28128E4-3EE0-4116-90D1-0424B1E283A7}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{78BA94A2-D691-41B3-907D-E760B8C389F0}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{DC17A584-0D4D-42ED-91F5-A0D54E3FAE76}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{F1A7B450-18B9-4590-B704-8595CA6F05C4}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{0CD5F2E3-9BF9-42C3-A6CE-478D9B39CF78}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{31FDB769-8BA2-4BBB-9C6E-B9745089EA8F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C115D850-AE29-4838-85CA-7C7B54468553}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ECC65C0C-ADA1-4FD5-8842-2D664098AC55}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8B31B804-7224-422D-8530-75420D8D23EF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{79ACE6CA-4FF9-40BE-BA2F-87E109F9DF85}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{68D5B911-D0CF-44A4-9FEC-F2C838661E8F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B56234D1-A3F4-4B76-8C36-9F3A54A2FA56}] => (Allow) LPort=1900
FirewallRules: [{D2C140BB-9281-4F16-9D2E-DE2F2602E036}] => (Allow) LPort=2869
FirewallRules: [{46553C05-C6A0-4EBA-94A9-42A26594CA3C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E7999DC6-4816-4081-92FB-3A99F4087BD6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{9ABA1007-100B-4D6E-AB46-E0879F68709D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{14D26DA1-D7AD-4AD1-8666-1DA98E8F9D26}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{0A47DD90-96B6-412C-AB97-B5A3AF934713}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{3E9B962B-3C88-4BAE-957F-9245CB06CB6E}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{B684E1D5-CFBD-40AD-8915-17F68FCB5722}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{F774A420-4C1D-4E99-A5A1-B0571B113FEB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
08-03-2017 22:47:14 OTL Restore Point - 3/8/2017 10:47:14 PM
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/15/2017 10:42:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Hollys-Laptop)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/15/2017 10:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2375
Error: (03/15/2017 10:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2375
Error: (03/15/2017 10:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/15/2017 10:28:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156
Error: (03/15/2017 10:28:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156
Error: (03/15/2017 10:28:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/15/2017 08:46:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1363391
Error: (03/15/2017 08:46:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1363391
Error: (03/15/2017 08:46:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (03/15/2017 11:19:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_f23cf9 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (03/15/2017 11:19:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_f23cf9 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (03/15/2017 11:19:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_f23cf9 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (03/15/2017 11:19:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_f23cf9 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (03/15/2017 10:28:39 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (03/15/2017 09:03:55 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (03/15/2017 08:50:58 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (03/15/2017 08:50:38 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (03/15/2017 08:50:11 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (03/15/2017 08:47:02 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
CodeIntegrity:
===================================
Date: 2017-03-07 22:24:13.280
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-07 22:24:13.263
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-01 21:32:00.342
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-01 21:32:00.322
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-01 21:18:09.034
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-01 21:18:09.000
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-01 21:13:59.485
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-01 21:13:59.468
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-01 21:12:59.432
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-01 21:12:59.389
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Celeron® CPU B820 @ 1.70GHz
Percentage of memory in use: 49%
Total physical RAM: 5989.41 MB
Available physical RAM: 3032.18 MB
Total Virtual: 12133.41 MB
Available Virtual: 9152.95 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:653.44 GB) (Free:607.54 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:11.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 914BCE41)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=653.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)
==================== End of Addition.txt ============================
Malware Expert
New Member
Sent documents requested as attachments. Won't allow me to copy and paste for some reason.
Fixlog.txt 46.92KB
233 downloads
Addition.txt 27.71KB
150 downloads
FRST.txt 23.38KB
159 downloads
Malware Expert
Search for
services.msc
hit Enter
scroll down to
Net.Tcp Listener Adapter
and right click and select Properties. Change the Startup Type: to Disabled. OK
There are usually 4 services which start with Net. something. Make sure they are all set to Disabled. (If there is no . after net then leave them alone). These are sometimes turned on by mistake by the windows 10 upgrade. Don't really hurt anything just slow the boot a tad.
DISM /Online /Cleanup-Image /RestoreHealth
sfc /scannow
Which do you get? 1, 2 or 3?
How is it running now? Any more problems?
I'm going on a trip today. Got about a 10 hour drive so won't be on line again until late.
New Member
Shows up with error whenever I attempt to run 'DISM /Online /Cleanup-Image /RestoreHealth' on command prompt (error:740 Elevated permissions are required to run DISM. Use elevated command prompt to complete these tasks).
Thanks
New Member
Wait, I believe the magic is happening!
Malware Expert
Both logs are the same = system
You have two tasks that are broken. I can fix one.
Search for:Download the attached zip file.
Save it then right click and Extract All Exrtract. Note the location of the file.
task scheduler
hit Enter.
Click on the arror in front of Task Scheduler Library then on Lenovo. In the middle pane you should see three tasks. The top one is Lenovo Customer Feedback Program. Right click on it and Delete.
Right click on Lenovo and Import Task. Point it at the file you just unzipped. OK. That should recreate the task so that you again have three tasks.
The other task that is broken is One Drive and I don't have One Drive on my win 10. I would disable the task for now. In Task Scheduler, Click on the arrow in front of Microsoft and then on One Drive. I assume the task is called:
OneDrive Standalone Update Task v2 Right click on it and Disable. I expect that reinstalling OneDrive (if you use it would fix the task).
If it made it through DISM and SFC without complaints then things are looking pretty good. How is it running now?
New Member
Thanks.
Computer seems to be running okay (Not completed the latest task), not had any issues on boot up. I will do above task shortly. Appreciate all the assistance given!
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.
Sign In
Create Account
