Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2017 Ran by Sue (11-08-2017 21:25:06) Running from C:\Users\Sue\Desktop Windows 7 Professional Service Pack 1 (X64) (2012-08-16 12:11:27) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3253851711-2362259233-3746204868-500 - Administrator - Disabled) catzrule (S-1-5-21-3253851711-2362259233-3746204868-1008 - Limited - Enabled) => C:\Users\catzrule Colleen (S-1-5-21-3253851711-2362259233-3746204868-1009 - Limited - Enabled) => C:\Users\Colleen Guest (S-1-5-21-3253851711-2362259233-3746204868-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3253851711-2362259233-3746204868-1002 - Limited - Enabled) Sue (S-1-5-21-3253851711-2362259233-3746204868-1000 - Administrator - Enabled) => C:\Users\Sue ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20095 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated) Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated) Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.) Akamai NetSession Interface (HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Apache Tomcat 7.0 Tomcat7 (remove only) (HKLM\...\Apache Tomcat 7.0 Tomcat7) (Version: - ) Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Assessments on Client (HKLM-x32\...\{B17A9BCA-9E14-63E7-E29B-09895F312E63}) (Version: 8.100.9431 - Microsoft) Hidden Burn.Now 4.5 (HKLM-x32\...\{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation) Hidden CCB "E Safety" Internet Banking security components 1.0.8.7 (HKLM-x32\...\CCB "E Safety" Internet Banking security components Setup) (Version: 1.0.8.7 - China Construction Bank) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Cisco WebEx Meetings (HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation) Corel DVD MovieFactory 7 (HKLM-x32\...\{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation) Hidden Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation) Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.392 - Corel Inc.) Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Direct DiscRecorder (HKLM-x32\...\{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}) (Version: 1.00.0000 - Corel Corporation) Hidden Direct DiscRecorder (HKLM-x32\...\InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}) (Version: 1.00.0000 - Corel Corporation) Hidden Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - ) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.11 - Dolby Laboratories Inc) Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation) Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION) EPSON NX420 Series Printer Uninstall (HKLM\...\EPSON NX420 Series) (Version: - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION) EpsonNet Setup 3.2 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.2a - SEIKO EPSON CORPORATION) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FileZilla Client 3.6.0 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0 - FileZilla Project) FreeScreenSharing (HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\...\FreeScreenSharing) (Version: 0.58.75.0 - Free Conferencing Corporation) Git version 2.13.1 (HKLM\...\Git_is1) (Version: 2.13.1 - The Git Development Community) GitHub (HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.) GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) IntelliJ IDEA Community Edition 2016.3.5 (HKLM-x32\...\IntelliJ IDEA Community Edition 2016.3.5) (Version: 163.13906.18 - JetBrains s.r.o.) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kits Configuration Installer (HKLM-x32\...\{31D1666B-2A1D-88E7-242B-06D82FA467AB}) (Version: 8.100.9431 - Microsoft) Hidden Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - ) Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited) Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited) Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.11.08 - Lenovo) Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.) Lenovo SimpleTap (HKLM\...\{BF601122-9F0A-41A9-BA06-3158D9FB4B80}) (Version: 3.2.0004.00 - Lenovo Group Limited) Lenovo Solution Center (HKLM\...\{4041B18B-DE30-4D78-9D60-6ADC586C5E00}) (Version: 2.1.003.00 - Lenovo Group Limited) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.02.0018 - Lenovo) Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited) Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo) Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0020.00 - Lenovo Group Limited) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Message Center Plus (HKLM\...\{3849486C-FF09-4F5D-B491-3E179D58EE15}) (Version: 3.1.0004.00 - Lenovo Group Limited) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4953.1001 - Microsoft Corporation) Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft Silverlight 4 SDK (HKLM-x32\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Express 2012 for Web - ENU (HKLM-x32\...\{4bd1cdab-bf82-42c1-af37-e4918141913f}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation) Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation) Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation) Microsoft Web Publish - Visual Web Developer Express 2010 (HKLM-x32\...\{A6A4CD8C-B9E2-443E-82F2-1313AD3C9A16}) (Version: 1.0.30810.0 - Microsoft Corporation) MongoDB 3.4.4 2008R2Plus SSL (64 bit) (HKLM\...\{2A3C4764-C9B9-4687-89F2-2F69E09A850B}) (Version: 3.4.4 - MongoDB) Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org) Nitro Pro 7 (HKLM\...\{8E0790DA-185E-4DC1-8A88-750B2A6218FD}) (Version: 7.4.1.4 - Nitro PDF Software) Node.js (HKLM\...\{2F9DD870-93DA-48D2-BEA5-A58D7C673EA5}) (Version: 6.10.3 - Node.js Foundation) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4953.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4953.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4953.1001 - Microsoft Corporation) Hidden On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.72.00 - ) Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.32 - ) Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation) PuTTY release 0.69 (64-bit) (HKLM\...\{5FE84905-DAF1-4319-82B2-D60BCA095BCE}) (Version: 0.69.0.0 - Simon Tatham) Python 3.6.1 (32-bit) (HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\...\{e34f7ef5-06c3-4abe-8410-1e0e5389f730}) (Version: 3.6.1150.0 - Python Software Foundation) Python 3.6.1 Add to Path (32-bit) (HKLM-x32\...\{ED8BD450-5015-4CB3-95B5-2D93F23E111B}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden Python 3.6.1 Core Interpreter (32-bit) (HKLM-x32\...\{E63E60CA-437B-4894-8395-81F2F66483B0}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden Python 3.6.1 Development Libraries (32-bit) (HKLM-x32\...\{3029D656-0C32-4AC9-84FB-A15056F356CC}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden Python 3.6.1 Documentation (32-bit) (HKLM-x32\...\{D1198C40-C6F5-4FFB-B98C-79BF1FE706C1}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden Python 3.6.1 Executables (32-bit) (HKLM-x32\...\{A7036382-80F1-4FC1-B244-D31AA50337F4}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden Python 3.6.1 pip Bootstrap (32-bit) (HKLM-x32\...\{899F7F28-F6D3-4E5B-8FBE-F7929036172A}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden Python 3.6.1 Standard Library (32-bit) (HKLM-x32\...\{3BCCB89B-CD98-4F78-8436-78847FABFD68}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden Python 3.6.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F6ED0771-FE83-4A1C-BE65-A06CB65B46D5}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden Python 3.6.1 Test Suite (32-bit) (HKLM-x32\...\{F44EF183-905E-48BB-998E-53FC99B36FE3}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden Python 3.6.1 Utility Scripts (32-bit) (HKLM-x32\...\{2AA7DAB3-6778-42A7-9F33-22615234540E}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation) PythonScript plugin for Notepad++ (HKLM-x32\...\{236CEDB4-1B77-4751-A6C9-92EB4200AA3C}) (Version: 1.0.8.0 - Dave Brotherstone) RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 1.00.0802 - Lenovo) RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6617 - Realtek Semiconductor Corp.) Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - ) Screen Recorder Launcher (HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\...\ScreenRecorderLauncher) (Version: 1.7 - ) SecureW2 Enterprise Client 3.5.9 (HKLM-x32\...\SecureW2 Enterprise Client) (Version: - ) Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation) SQL Server 2012 Common Files (HKLM\...\{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Common Files (HKLM\...\{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (HKLM\...\{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (HKLM\...\{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (HKLM\...\{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (HKLM\...\{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Management Studio (HKLM\...\{26BFF1F1-5C03-4C55-9C7C-FD65889AFA70}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Management Studio (HKLM\...\{A7037EB2-F953-4B12-B843-195F4D988DA1}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden Sql Server Customer Experience Improvement Program (HKLM-x32\...\{C965F01C-76EA-4BD7-973E-46236AE312D7}) (Version: 10.0.1600.22 - Microsoft Corporation) Hidden SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.) TextPad 5 (HKLM-x32\...\{B6EC7388-E277-4A5B-8C8F-71067A41BA64}) (Version: 5.4.2 - Helios) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - ) ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0031.1 - REALTEK Semiconductor Corp.) ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.76 - Lenovo) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.34.0 - Lenovo) Toolkit Documentation (HKLM-x32\...\{D5D447F8-584B-A065-C9E0-868C318578D2}) (Version: 8.100.9431 - Microsoft) Hidden UnzipLite 0.2 (HKLM-x32\...\UnzipLite) (Version: 0.2 - Amnis Technology Ltd) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign) Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation) Visual Studio 2010 SP1 Tools for SQL Server Compact 4.0 ENU (HKLM-x32\...\{D25C502E-FF51-424C-8C38-8596FE47D0CD}) (Version: 4.0.8482.1 - Microsoft Corporation) WCF RIA Services V1.0 SP1 (HKLM-x32\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation) Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation) Windows Assessment and Deployment Kit for Windows 8.1 Preview (HKLM-x32\...\{e83a4859-7373-4aab-8dbe-dafccac24fe0}) (Version: 8.100.9431 - Microsoft Corporation) Windows Azure Authoring Tools - June 2012 Release (HKLM\...\{646A1C52-6194-4992-8D21-8D9E42AE820A}) (Version: 1.7.30602.1703 - Microsoft Corporation) Windows Azure Emulator - June 2012 Release (HKLM\...\Windows Azure Emulator - June 2012 Release) (Version: 1.7.30602.1703 - Microsoft Corporation) Windows Azure Libraries for .NET 1.7 – June 2012 (HKLM\...\{AED07B87-975F-4F60-B7C9-38B8596C6531}) (Version: 1.7 - Microsoft Corporation) Windows Azure PowerShell - August 2012 (HKLM-x32\...\{4D5B43AD-5AF4-4AF4-B90E-C90AC951A486}) (Version: 0.6.2 - Microsoft Corporation) Windows Azure Tools for Microsoft Visual Studio 2010 - June 2012 SP1 (HKLM-x32\...\{3dcba276-d593-49cc-9141-08b8a339c984}) (Version: 1.7.50716.1601 - Microsoft Corporation) Windows Azure Tools for Microsoft Visual Studio 2012 - June 2012 SP1 (HKLM-x32\...\{540cc2f4-4f11-47be-8ebb-e665ed4e9d01}) (Version: 1.7.50716.1601 - Microsoft Corporation) Windows Driver Package - Intel (e1cexpress) Net (01/11/2012 11.15.16.0) (HKLM\...\EC2A0F2B229770EC589265FCF2B4839A0C221993) (Version: 01/11/2012 11.15.16.0 - Intel) Windows Driver Package - Intel System (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel) Windows Driver Package - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel) Windows Driver Package - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel) Windows Driver Package - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel) Windows Driver Package - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo) Windows Driver Package - Synaptics (SynTP) Mouse (04/06/2012 16.1.1.0) (HKLM\...\64B3C27E4CF7B6AD920184EFFF6C488C55EF2892) (Version: 04/06/2012 16.1.1.0 - Synaptics) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) WinZip 21.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410F}) (Version: 21.5.12480 - WinZip Computing, S.L. ) WPT Redistributables (HKLM-x32\...\{25E6FCE9-93C2-9B1C-F10E-911FB1A128E8}) (Version: 8.100.9431 - Microsoft) Hidden WPTx64 (HKLM-x32\...\{D54C3330-AC2A-20E7-D54C-855A497FCD3F}) (Version: 8.100.9431 - Microsoft) Hidden Zoom (HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Sue\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Sue\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Sue\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Sue\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000_Classes\CLSID\{ABECE8A0-FF84-4efb-82AE-9B3181CE097D}\InprocServer32 -> C:\Program Files (x86)\TextPad 5\System\shellext64.dll (Helios Software Solutions) CustomCLSID: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () CustomCLSID: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Sue\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sue\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ContextMenuHandlers1: [NPShellExtension] -> {D7ECBD0E-B8E3-4a0c-9E84-514298EFA583} => C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll [2012-05-24] () ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ContextMenuHandlers1: [UnzipLite] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\UnzipLite\UnzipLitePlugin64.dll [2011-09-22] (Stuart Logan) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-22] (WinZip Computing, S.L.) ContextMenuHandlers3: [Lenovo SimpleTap] -> {34209C16-2106-4D1D-A89E-ABE2D488BDC9} => C:\Program Files\Lenovo\SimpleTap\shellext64.dll [2012-05-15] (Lenovo) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers4: [UnzipLite] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\UnzipLite\UnzipLitePlugin64.dll [2011-09-22] (Stuart Logan) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-22] (WinZip Computing, S.L.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-19] (Intel Corporation) ContextMenuHandlers5: [Lenovo SimpleTap] -> {34209C16-2106-4D1D-A89E-ABE2D488BDC9} => C:\Program Files\Lenovo\SimpleTap\shellext64.dll [2012-05-15] (Lenovo) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ContextMenuHandlers6: [UnzipLite] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\UnzipLite\UnzipLitePlugin64.dll [2011-09-22] (Stuart Logan) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-22] (WinZip Computing, S.L.) ContextMenuHandlers1_S-1-5-21-3253851711-2362259233-3746204868-1000: [TextPad] -> {ABECE8A0-FF84-4efb-82AE-9B3181CE097D} => C:\Program Files (x86)\TextPad 5\System\shellext64.dll [2007-03-27] (Helios Software Solutions) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0BAB54F7-ECE4-43A3-BCA0-870B455F7A95} - System32\Tasks\GoogleUpdateTaskMachineCore1d2eef4236de593 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-13] (Google Inc.) Task: {17D1D61A-05D1-4974-A5B9-770DFC903698} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-13] (Google Inc.) Task: {1DB31F7A-D1EA-4158-9383-E994AAAAF762} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-17] () Task: {1E32D6BA-1999-42DF-8E74-60D04D671799} - System32\Tasks\SecureW2 Task => C:\Program Files (x86)\SecureW2\sw2_tray.exe [2012-11-21] (SecureW2 B.V.) Task: {2041A3AF-D709-4939-BACE-F1A91AF8F551} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe Task: {253354C5-57B6-43F5-B309-0A94DBE23947} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-13] (Google Inc.) Task: {343471F6-E885-4CF3-8FDF-5190021EECDB} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2012-05-15] (Lenovo) Task: {3BAE8D6C-3273-417E-BFBD-48B71D55148C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation) Task: {461EF6B0-130A-4F5F-802A-A97EC32A6BB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3253851711-2362259233-3746204868-1000Core => C:\Users\Sue\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {499C9647-D3D1-4B63-AE64-A3BF99468FB7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3253851711-2362259233-3746204868-1000UA => C:\Users\Sue\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {4B6509D1-45D6-44C5-A7AB-A1369455294C} - System32\Tasks\{91A02A83-63A3-42F6-8901-38AA6208A58D} => C:\Windows\system32\pcalua.exe -a C:\glassfish4\uninstall.exe -d C:\glassfish4 -c "c:\java\jdk1.8.0_05" Task: {547DAF72-079E-4E5B-906A-2A001D396435} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-09] () Task: {55D36FB7-A70E-4BEA-8690-193833E127D2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation) Task: {6C6C79AE-CB00-4A46-A39D-F1B45A024B92} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation) Task: {78D2E44C-0342-4898-99A8-83FB31508A72} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo) Task: {7C693D95-BE5E-4DE3-B93E-2348AA206608} - System32\Tasks\{220D48E6-8D41-4273-831B-6D1D1F425703} => C:\Windows\system32\pcalua.exe -a "c:\Program Files (x86)\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" -c /X86 Task: {7DB16FEA-DCE1-4B7B-812E-72B039020D9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {92D1C0A3-5708-4FD9-BCB5-53F5103BF577} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-17] (Lenovo) Task: {96D94120-15B8-4115-8D86-AFABC2A409E2} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation) Task: {A406C534-2B02-4441-A6FF-9325BA9365C3} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for Boots.Sue => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo) Task: {A4B0465F-BE2E-49F9-B209-D4B638D342FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation) Task: {A701A4CA-64F1-4D9C-B931-A2B3EB88D1D3} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for Boots.catzrule => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo) Task: {B4F5273E-F368-448A-B26F-D96B2F06E669} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-06-26] () Task: {C95A5582-715E-4577-B861-8D1044724920} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation) Task: {D27583F5-32D9-415C-BE6D-D6E4B5F0EB9F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated) Task: {D6C2A5D7-790F-41C6-AA2C-3D390AE0AF80} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation) Task: {E2A78890-941D-4BCE-B171-2E318B2BD8D0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation) Task: {E84DBFC8-B20C-420E-8189-26645DD4933C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-08] (Microsoft) Task: {F09450AB-9FEE-49C9-985F-580BE6CEDB63} - System32\Tasks\GoogleUpdateTaskMachineUA1d2eef424761e51 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-13] (Google Inc.) Task: {F2118CD6-2F85-4A23-A789-3B7EC9D3C474} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {F498DF6C-D156-43F7-A481-51BC42E3065A} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-05-15] (Lenovo Group Limited) Task: {F95F524E-11E6-41DC-BA89-63E0E2D2DD6D} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-04-22] (WinZip) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3253851711-2362259233-3746204868-1000Core.job => C:\Users\Sue\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3253851711-2362259233-3746204868-1000UA.job => C:\Users\Sue\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Sue\Documents\Toshiba_Docs\Tools\MobaXterm Personal Edition\Visit MobaXterm Website.lnk -> hxxp://mobaxterm.mobatek.net Shortcut: C:\Users\Sue\Desktop\StartMSQ.lnk -> C:\ActiveMQ5\apache-activemq-5.14.5\bin\win64\activemq.bat () ShortcutWithArgument: C:\Users\Sue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop ==================== Loaded Modules (Whitelisted) ============== 2015-01-20 23:35 - 2015-01-20 23:35 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 001346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-03-21 04:53 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2017-04-11 10:08 - 2017-04-11 10:08 - 000495616 _____ () C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe 2016-07-27 13:15 - 2017-01-31 08:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2012-08-08 04:10 - 2012-05-15 17:32 - 000093696 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL 2010-01-02 10:42 - 2010-01-02 10:42 - 000098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-05-24 02:04 - 2012-05-24 02:04 - 000108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll 2017-08-07 21:08 - 2017-08-07 21:08 - 000349696 _____ () C:\Program Files\WinZip Smart Monitor\Plugins\7BC0E678-C2D8-43A4-B694-A458734AEF6D.2.1.0.10\7BC0E678-C2D8-43A4-B694-A458734AEF6D.2.1.0.10.dll 2017-08-07 20:45 - 2017-08-02 03:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll 2017-08-07 20:45 - 2017-08-02 03:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll 2012-08-08 04:11 - 2011-08-02 07:58 - 002201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll 2012-08-08 04:11 - 2011-08-02 07:58 - 002085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll 2012-08-08 04:05 - 2012-02-20 23:09 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences [386] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\customercouncil.net -> customercouncil.net IE restricted site: HKU\.DEFAULT\...\pycic.com -> pycic.com IE trusted site: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\...\ccb.cn -> hxxps://b2b.ccb.cn IE trusted site: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\...\ccb.com -> hxxps://*.ccb.com IE trusted site: HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\...\ccb.com.cn -> hxxps://*.ccb.com.cn ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2015-11-15 12:42 - 000000830 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3253851711-2362259233-3746204868-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 10.0.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: HZ_CommSrv => 2 MSCONFIG\Services: TermService => 3 MSCONFIG\Services: WDMonitorCCB => 2 MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui MSCONFIG\startupreg: CCBCertificate => C:\Program Files (x86)\CCBComponents\DMWZ\CCBCertificate.exe MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: Facebook Update => "C:\Users\Sue\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: Fastboot => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe MSCONFIG\startupreg: Google Update => C:\Users\Sue\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor MSCONFIG\startupreg: RotateImage => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: TpShocks => TpShocks.exe MSCONFIG\startupreg: USBKeyTools.exe => C:\Program Files (x86)\CCBComponents\HDZB\USBKeyTools.exe MSCONFIG\startupreg: wdcertm_ccb => C:\Windows\SysWOW64\WatchData\Watchdata CCB OCL CSP v3.2\WDCertM_CCB.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{35BEF5D6-05D4-49DA-94F7-8C1C9C4DA2B4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{DC05AE51-40B3-4E14-8E91-EEDA4D2269EA}] => (Allow) LPort=2869 FirewallRules: [{5FB12950-EF25-4663-B202-0C642C9041B4}] => (Allow) LPort=1900 FirewallRules: [{523CE888-5B5D-4744-A7D1-9D511E122591}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{CF66590A-0194-49BB-A2F4-9AD68F879C4C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{7051FC77-ADD2-466C-921A-E15534AEDF4D}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{022727FF-DED2-4210-809A-246DDEF34872}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{888FA3B4-E4BA-4559-ADCD-CDF84A315D8B}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe FirewallRules: [{C9CD562B-15CC-47E2-A658-CF3D18C06A81}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe FirewallRules: [TCP Query User{9FCBBFF0-13B1-4BFA-85C5-9F7DAFA5B49D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{DA22C75F-A92B-4FDE-B6FD-25A8616FBEC6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{EA3109C3-822D-4586-BECA-5FDEED42DFCF}] => (Allow) C:\Program Files (x86)\Enterasys Networks\NAC Agent\NacAgent.exe FirewallRules: [TCP Query User{457E6A94-57F3-4CDF-B5B5-B93FC778318D}C:\users\sue\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sue\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{1521C271-D839-486F-8136-0204EA612ADE}C:\users\sue\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sue\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{4B381672-F399-4702-BE8D-B8BCF15697B1}C:\users\sue\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sue\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{4F709366-E6C2-4DBA-9AC4-AA346E8A2C3A}C:\users\sue\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sue\appdata\roaming\spotify\spotify.exe FirewallRules: [{3B450B17-AD8D-4C93-9CA7-BEDEBEA9BB60}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [TCP Query User{78ECDB9E-9D69-435F-ABD6-A26C1FA7DEFB}C:\users\sue\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sue\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{FC5E8C34-F698-460A-AB71-E54ACDD5B1A7}C:\users\sue\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sue\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{4239EF37-8208-4EB9-821F-D9A2A0DF4003}C:\users\sue\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\sue\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{97DEF525-526D-46F2-9268-D6DF62025170}C:\users\sue\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\sue\appdata\local\akamai\netsession_win.exe FirewallRules: [{34A69B2F-AF76-40A2-A9F8-EBF62A543E9F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe FirewallRules: [{FB0C2985-4F2B-4744-9758-6C068B24695B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe FirewallRules: [TCP Query User{DEFCED8F-7ECA-4F05-AD8D-850C5C1F9CC5}C:\java\jdk1.8.0_05\jre\bin\javaw.exe] => (Allow) C:\java\jdk1.8.0_05\jre\bin\javaw.exe FirewallRules: [UDP Query User{66E30672-206D-41D4-A4A4-E75D4AC768C8}C:\java\jdk1.8.0_05\jre\bin\javaw.exe] => (Allow) C:\java\jdk1.8.0_05\jre\bin\javaw.exe FirewallRules: [TCP Query User{D7945155-C2BA-4119-A01D-0DEFA0198FB2}C:\java\jdk1.8.0_05\bin\java.exe] => (Allow) C:\java\jdk1.8.0_05\bin\java.exe FirewallRules: [UDP Query User{D8DEC1DF-BABC-4D4E-9882-F467354E4213}C:\java\jdk1.8.0_05\bin\java.exe] => (Allow) C:\java\jdk1.8.0_05\bin\java.exe FirewallRules: [TCP Query User{69820824-985D-4EE1-B353-7A4F8724708D}C:\java\jdk1.8.0_05\bin\javaw.exe] => (Allow) C:\java\jdk1.8.0_05\bin\javaw.exe FirewallRules: [UDP Query User{31BEF3BD-9D9A-422C-B202-7AF2DE21BAFC}C:\java\jdk1.8.0_05\bin\javaw.exe] => (Allow) C:\java\jdk1.8.0_05\bin\javaw.exe FirewallRules: [TCP Query User{8483E638-5BFF-484D-88A8-59295AB2ECAA}C:\users\sue\appdata\local\freescreensharing\freescreensharing.exe] => (Allow) C:\users\sue\appdata\local\freescreensharing\freescreensharing.exe FirewallRules: [UDP Query User{E1729DBF-5C02-4D6E-A267-C15DD939A93E}C:\users\sue\appdata\local\freescreensharing\freescreensharing.exe] => (Allow) C:\users\sue\appdata\local\freescreensharing\freescreensharing.exe FirewallRules: [{F01F980F-2248-49D8-9822-13A140E39F46}] => (Allow) C:\Users\Sue\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{F432BAAD-BEB3-411C-9812-3C2FCAB7F4B6}] => (Allow) C:\Users\Sue\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{852662E6-AF69-40AA-A3EA-486F439BD878}] => (Allow) C:\Users\Sue\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{A3CAAEB7-342E-43A6-B6F1-988DA7A570A2}C:\users\sue\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sue\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{0F4B50D6-965E-4DAA-B554-D86784BB1E3A}C:\users\sue\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sue\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{38AA8D4B-8F72-4ABA-9C0B-1A215A49CF8F}C:\users\catzrule\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\catzrule\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{4CEA47F9-5316-46DB-8C0F-32F569327D2D}C:\users\catzrule\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\catzrule\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{95CD2D42-7CAD-4E40-BBF3-30F16D1651E6}C:\users\catzrule\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\catzrule\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{8C9E526D-0538-4DA8-9C11-943D016A4A38}C:\users\catzrule\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\catzrule\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{011BD9A9-B85D-4DE3-A237-EF67EB350724}C:\program files (x86)\windows live\photo gallery\wlxphotogallery.exe] => (Allow) C:\program files (x86)\windows live\photo gallery\wlxphotogallery.exe FirewallRules: [UDP Query User{EA66BC49-65BD-48EE-AE45-8B434C75DFC3}C:\program files (x86)\windows live\photo gallery\wlxphotogallery.exe] => (Allow) C:\program files (x86)\windows live\photo gallery\wlxphotogallery.exe FirewallRules: [{2E0A1AC4-E4B7-4EC1-A145-CF526CF6F3CD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{9BD7A3D5-231D-4372-8D4D-8E681D5F1E06}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{6F104BFE-866C-485A-A677-1421B983C190}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{BB8A6C75-1053-4A96-B9FF-1AA3FA456B6D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{93C12842-6900-4A3A-80FF-5029D02228C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0322D7CA-4700-4462-B8FF-45AFD9434792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{1D324731-BBA2-4D82-A8FE-8D3492D93458}C:\users\sue\eclipse\jee-neon\eclipse\eclipse.exe] => (Allow) C:\users\sue\eclipse\jee-neon\eclipse\eclipse.exe FirewallRules: [UDP Query User{B88B3511-A0BA-49AA-8E29-8B2346039760}C:\users\sue\eclipse\jee-neon\eclipse\eclipse.exe] => (Allow) C:\users\sue\eclipse\jee-neon\eclipse\eclipse.exe FirewallRules: [TCP Query User{2DA70310-ADAA-45A4-AC37-8C900D7526FE}C:\program files (x86)\jetbrains\intellij idea community edition 2016.3.5\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.3.5\jre\jre\bin\java.exe FirewallRules: [UDP Query User{5F268ADD-82A5-427F-BC36-27C6E53361AA}C:\program files (x86)\jetbrains\intellij idea community edition 2016.3.5\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.3.5\jre\jre\bin\java.exe FirewallRules: [TCP Query User{C6877A6A-3E7B-42F9-A428-1C9C6BE431A3}C:\program files (x86)\jetbrains\intellij idea community edition 2016.3.5\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.3.5\bin\idea.exe FirewallRules: [UDP Query User{E02C09CA-895F-4A06-89FC-67817630257A}C:\program files (x86)\jetbrains\intellij idea community edition 2016.3.5\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.3.5\bin\idea.exe FirewallRules: [TCP Query User{2117CB54-C504-48E4-B809-15EC7E4377F2}C:\users\sue\eclipse\jee-neon3\eclipse\eclipse.exe] => (Block) C:\users\sue\eclipse\jee-neon3\eclipse\eclipse.exe FirewallRules: [UDP Query User{C2942B54-7DB8-40C4-AE31-A02F75447BD3}C:\users\sue\eclipse\jee-neon3\eclipse\eclipse.exe] => (Block) C:\users\sue\eclipse\jee-neon3\eclipse\eclipse.exe FirewallRules: [TCP Query User{7763D90E-B0B8-4A03-89E2-42F725E3B7FD}C:\java\jdk1.8.0_05\jre\bin\java.exe] => (Allow) C:\java\jdk1.8.0_05\jre\bin\java.exe FirewallRules: [UDP Query User{DA9F2583-960F-4B15-8525-D98B52ACEB73}C:\java\jdk1.8.0_05\jre\bin\java.exe] => (Allow) C:\java\jdk1.8.0_05\jre\bin\java.exe FirewallRules: [TCP Query User{D4E43699-912B-456E-9203-7580C6EBFC21}C:\program files\java\jdk1.8.0_131\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_131\bin\javaw.exe FirewallRules: [UDP Query User{0894CAF8-E866-4A30-8672-98EBE28741F8}C:\program files\java\jdk1.8.0_131\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_131\bin\javaw.exe FirewallRules: [TCP Query User{7C9ECCAC-4347-4854-B6DB-97523904A88B}C:\users\sue\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\sue\appdata\local\skypeplugin\pluginhost.exe FirewallRules: [UDP Query User{281D5369-9A72-4ED2-894D-0223EFA2E921}C:\users\sue\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\sue\appdata\local\skypeplugin\pluginhost.exe FirewallRules: [TCP Query User{E74553E0-6F21-4E0B-AF83-BF9CCD41B284}C:\program files\mongodb\server\3.4\bin\mongod.exe] => (Allow) C:\program files\mongodb\server\3.4\bin\mongod.exe FirewallRules: [UDP Query User{D143A97D-E0A8-47BE-BEDF-4999CCDB15F9}C:\program files\mongodb\server\3.4\bin\mongod.exe] => (Allow) C:\program files\mongodb\server\3.4\bin\mongod.exe FirewallRules: [TCP Query User{58F9785C-5DC5-461D-953E-4896C4984A43}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe FirewallRules: [UDP Query User{C4809B6B-99E9-4E47-A24D-0E54D71C8A71}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe FirewallRules: [{838D2F65-4475-4A20-BA11-B90F2F211707}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe FirewallRules: [{AFC471C6-5D86-4048-B3AE-EB84ACCF89D4}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe FirewallRules: [{87ECF118-F190-4064-BD9E-9CDAE4F35E0F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/11/2017 08:53:28 PM) (Source: MSSQL$SQLEXPRESS2) (EventID: 17120) (User: ) Description: SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems. Error: (08/11/2017 08:53:28 PM) (Source: MSSQL$SQLEXPRESS2) (EventID: 17826) (User: ) Description: Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log. Error: (08/11/2017 08:53:28 PM) (Source: MSSQL$SQLEXPRESS2) (EventID: 17182) (User: ) Description: TDSSNIClient initialization failed with error 0x2740, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. Only one usage of each socket address (protocol/network address/port) is normally permitted. Error: (08/11/2017 08:53:28 PM) (Source: MSSQL$SQLEXPRESS2) (EventID: 17182) (User: ) Description: TDSSNIClient initialization failed with error 0x2740, status code 0xa. Reason: Unable to initialize the TCP/IP listener. Only one usage of each socket address (protocol/network address/port) is normally permitted. Error: (08/11/2017 08:53:28 PM) (Source: MSSQL$SQLEXPRESS2) (EventID: 26023) (User: ) Description: Server TCP provider failed to listen on [ 'any' 1433]. Tcp port is already in use. Error: (08/11/2017 08:53:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/11/2017 08:53:07 PM) (Source: MSSQL$SQLEXPRESS2) (EventID: 8317) (User: ) Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SQLEXPRESS2\Performance'. SQL Server performance counters are disabled. Error: (08/11/2017 08:53:05 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 8317) (User: ) Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SQLEXPRESS\Performance'. SQL Server performance counters are disabled. Error: (08/11/2017 11:32:23 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/11/2017 11:31:58 AM) (Source: MSSQL$SQLEXPRESS2) (EventID: 17120) (User: ) Description: SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems. System errors: ============= Error: (08/11/2017 08:54:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (08/11/2017 08:53:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The SQL Server (SQLEXPRESS2) service terminated with service-specific error Only one usage of each socket address (protocol/network address/port) is normally permitted. . Error: (08/11/2017 08:52:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The ActiveMQ service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (08/11/2017 08:52:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the ActiveMQ service to connect. Error: (08/11/2017 08:52:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 Error: (08/11/2017 11:32:53 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (08/11/2017 11:31:58 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The SQL Server (SQLEXPRESS2) service terminated with service-specific error Only one usage of each socket address (protocol/network address/port) is normally permitted. . Error: (08/11/2017 11:31:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The ActiveMQ service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (08/11/2017 11:31:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the ActiveMQ service to connect. Error: (08/11/2017 11:31:17 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 CodeIntegrity: =================================== Date: 2017-06-28 08:14:35.125 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-23 13:51:23.571 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-23 11:27:37.447 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-21 13:55:30.670 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-21 13:55:30.286 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-21 13:54:31.700 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-21 13:54:30.951 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-21 09:45:55.977 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-20 21:38:58.245 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2017-06-20 10:57:13.067 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz Percentage of memory in use: 69% Total physical RAM: 3819.11 MB Available physical RAM: 1160.42 MB Total Virtual: 7636.39 MB Available Virtual: 4754.23 MB ==================== Drives ================================ Drive c: (Windows7_OS) (Fixed) (Total:282.95 GB) (Free:37.65 GB) NTFS ==>[system with boot components (obtained from drive)] Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:3.38 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 9BC55669) Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=283 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================