Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by customerservice (administrator) on LENOVO-PC (LENOVO F0AW0034US) (08-01-2022 19:18:39)
Running from C:\Users\customerservice\Downloads
Loaded Profiles: customerservice
Platform: Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\jmesoft\JME_LOAD.exe
() [File not signed] C:\Windows\jmesoft\Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Intel® pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\customerservice\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) [File not signed] C:\Windows\jmesoft\hotkey.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <34>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe
(Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Lenovo Motion\PG_Service_Launcher.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Lenovo Motion\PGService.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Lenovo Motion\WebcamSplitterServer.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo) [File not signed]
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-16] () [File not signed]
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2014-04-25] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168920 2014-04-25] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\RunLDBS.exe [1753432 2012-09-18] (Lenovo -> Lenovo)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\RunLEDS.exe [1752920 2012-09-18] (Lenovo -> Lenovo)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (No File)
HKLM\...\Windows x64\Print Processors\hpcpp140: C:\Windows\System32\spool\prtprocs\x64\hpcpp140.DLL [559616 2012-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\sxr2mPC: C:\Windows\System32\spool\prtprocs\x64\sxr2mpc.dll [37376 2012-11-06] (Windows ® Server 2003 DDK provider) [File not signed]
HKLM\...\Windows x64\Print Processors\xp3315pp: C:\Windows\System32\spool\prtprocs\x64\xp3315pp.dll [114688 2012-11-07] (Windows ® Codename Longhorn DDK provider) [File not signed]
HKLM\...\Print\Monitors\glocom3: C:\WINDOWS\system32\glocom3_fax.dll [6009856 2018-08-27] (Bicom Systems) [File not signed]
HKLM\...\Print\Monitors\HP D911 Status Monitor: C:\WINDOWS\system32\hpinkstsD911LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\WINDOWS\system32\nitrolocalmon9.dll [29704 2013-12-12] (Nitro PDF Software -> Nitro PDF Software)
HKLM\...\Print\Monitors\rica1Zlm: C:\WINDOWS\system32\rica1Zlm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\ricu0llm: C:\WINDOWS\system32\ricu0llm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\sxr2m Langmon: C:\WINDOWS\system32\sxr2mlm.dll [34304 2011-08-05] () [File not signed]
HKLM\...\Print\Monitors\sxr2x Langmon: C:\WINDOWS\system32\sxr2xlm.dll [34304 2011-08-05] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lenovo Motion.lnk [2014-07-31]
ShortcutTarget: Lenovo Motion.lnk -> C:\Program Files (x86)\Lenovo\Lenovo Motion\PG_Tray.exe (PointGrab Ltd -> PointGrab LTD)
Startup: C:\Users\customerservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-08-31]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk /k:C *
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {000D3822-5246-48C5-80A7-056475DCFEEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {03C56F68-AB18-4303-9099-499A310CFA10} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {05C420AC-D6E7-4960-8EAE-9D76F7BCBB39} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {05F69063-9E05-4AD0-BB3F-7432B6CC3469} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {09E4FB88-3387-4BB2-A758-87A8E22DCDF1} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Task: {0A17DC7E-8A47-4423-A39D-AA91FBDA12AF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2c83096e-78c4-4bd2-a179-86bbf78c1279 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {0F4EA361-145C-4B94-BF07-16ED3B70C1CE} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [263504 2016-06-02] (LENOVO -> )
Task: {1155BD0F-2583-435D-A981-DA5E2AA37436} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {184E9436-65FD-4C7F-91C4-0309E21F1491} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {185CD1E4-DD2D-4AAF-AB0D-E93D3642209F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {1CA63DCA-CA00-4FEF-AC41-69E27D8D11A2} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2014-04-25] (CyberLink -> CyberLink)
Task: {20A37501-0E20-4ED4-9967-07DAE3013F99} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {32350E40-71D7-45AE-A2FE-CBCDF9721DE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-06] (Google Inc -> Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3B63D030-AC55-4665-9001-84DD8D238E44} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe (No File)
Task: {3CD38725-41A2-458A-B1D9-771D566B1679} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1168067149-1418559455-1623139670-1001 => C:\Users\customerservice\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {4432FAEA-EB32-4C06-A656-EAD35869C8DA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {45A2D13D-7D6A-4FDD-BC29-0F6B82BC623C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-06] (Google Inc -> Google Inc.)
Task: {4B134E1B-F25F-42E2-B899-668935F1E630} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {4ED9668F-E7F0-46B7-B064-F45745B77154} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {69E71E3B-38E4-4044-8BB5-A945D59E72DF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {69FEED23-F89C-4941-8B08-86167CDD9A3E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6C9D8729-5D28-4B7F-B826-0992ED4E38E9} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {6D68C7E8-D4E6-47CF-A498-941A88DA2C46} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-01-08] (Lenovo -> )
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7819A85D-D55E-4005-B7AA-8315CD13267E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {79A4B4F3-135D-4A57-84B7-F2F2AB8F6A3F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A14EA68-2EEB-461D-9F90-045485227020} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A217303-1D1E-405F-80A2-F17A8D91F38F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8107C03D-2C7C-4129-A571-68EB5D71317E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82067E66-73B0-4F99-B015-A3B858AD8FC8} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3645192 2016-05-18] (McAfee, Inc. -> McAfee, Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8BB857B5-02C6-45D2-8E0E-F7754B96B087} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {8E8109CA-8A59-4147-8328-D680E5F24ACE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {94B1D677-D691-42F8-805A-208B065E631E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {95C746C1-1AB3-4033-9CAA-4D516433803C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-06-02] (LENOVO -> Lenovo)
Task: {991B6EBC-0923-4C82-AFF5-3CD5F8BBACB4} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {9CED8A54-F3A6-4AD6-9901-4147F292BBA5} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {9D794DC9-46C5-42BF-B90C-4CA106E36E43} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {AA1AF704-E393-47D2-8AA8-61A8235E604C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (No File)
Task: {AC3691EC-7F55-47B8-B663-25F2F1A68B97} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f1edce1a-0c7d-4bbd-8183-33de09074d9f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {AE9D377D-074C-495E-AC7D-960A3B522B72} - \WPD\SqmUpload_S-1-5-21-1168067149-1418559455-1623139670-1001 -> No File <==== ATTENTION
Task: {B47378CA-0DB0-4F99-9544-B40A3C5C1A6C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B48EB9AB-88CA-42FE-9C3D-1E577ABFC0A1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {B77FAA68-E9F4-435D-82DC-4C028ADEFB58} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BA5C84BB-707A-4B9A-B669-01E8C65793E4} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-01-08] (Lenovo -> )
Task: {C0B6EE2B-0C7B-4D38-8C02-135D6FA6BBE1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e89f8144-0b20-4bd6-b5e9-469a87297551 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {C2A2CE6B-EE81-4153-B214-B02C7B10C6CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C648CF77-CC56-4C22-89E4-F8E0DCB2B9AC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {C8F62D32-1E9B-4258-96A7-FA06C62768FD} - System32\Tasks\Pokki => C:\Users\customerservice\AppData\Local\Pokki\Engine\ServiceHostAppUpdater.exe /LOGON (No File)
Task: {C914F64F-A58E-4218-ABD3-DEB57B09CEB2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d8c5c5aa-38bb-4f2a-a498-828091d20d1e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {CD54645E-AF5A-4F97-BBB2-35F2603E97F6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CF46A063-1511-4D0E-8840-212603E34C9B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {D33ED754-908A-41A6-B2C6-76889A3C7685} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E4CD31FB-427D-41B4-852E-F3DA7BB0626F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {F11084D8-2EDE-4161-8ECC-23912273CADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F37CE2F0-9FC9-4AFB-BB19-8AA8B1D50EB0} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {F9FF23E2-CC5F-4D8E-9A6C-77246D458FDB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {FB50DE00-BFD4-4927-A6F4-5D3AA05F0B67} - System32\Tasks\CCleanerSkipUAC - customerservice => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 24.48.160.2 24.48.160.3
Tcpip\..\Interfaces\{b4be4a7d-48fa-4e16-9eda-4c942dd5d8f5}: [DhcpNameServer] 24.48.160.2 24.48.160.3
Tcpip\..\Interfaces\{fc864522-7d89-4bd9-a682-3386cfcf72b8}: [DhcpNameServer] 24.48.160.2 24.48.160.3
Edge:
=======
DownloadDir: C:\Users\customerservice\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\customerservice\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-08]
FireFox:
========
FF DefaultProfile: xkr65u9a.default
FF ProfilePath: C:\Users\customerservice\AppData\Roaming\Mozilla\Firefox\Profiles\xkr65u9a.default [2020-06-13]
FF ProfilePath: C:\Users\customerservice\AppData\Roaming\Mozilla\Firefox\Profiles\bfgmw39l.default-release [2022-01-08]
FF Notifications: Mozilla\Firefox\Profiles\bfgmw39l.default-release -> hxxps://www.wesh.com; hxxps://www.tvguide.com
FF HKLM-x32\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF Software -> Nitro PDF)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\customerservice\AppData\Local\Google\Chrome\User Data\Default [2022-01-08]
CHR Extension: (Adobe Acrobat) - C:\Users\customerservice\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-04-05]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\customerservice\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-04-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\customerservice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-05]
CHR HKU\S-1-5-21-1168067149-1418559455-1623139670-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [7680 2012-05-17] (Microsoft) [File not signed]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] () [File not signed]
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software -> Nitro PDF Software)
R2 nlsX86cc; C:\windows\SysWOW64\NLSSRV32.EXE [69640 2013-12-12] (Nitro PDF Software -> Nalpeiron Ltd.)
R2 PGService; C:\Program Files (x86)\Lenovo\Lenovo Motion\PGService.exe [142600 2014-03-06] (PointGrab Ltd -> PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Lenovo Motion\PG_Service_Launcher.exe [488200 2014-03-06] (PointGrab Ltd -> PointGrab LTD)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 atapi; C:\WINDOWS\System32\drivers\atapi.sys [30032 2021-10-18] () [File not signed]
S0 iaStorV; C:\WINDOWS\System32\drivers\iaStorV.sys [412176 2019-12-07] (Microsoft Windows -> Intel Corporation) [File not signed]
R3 MpKsleda7cf35; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C5160DEE-9ADA-4000-9A52-29D814055E0A}\MpKslDrv.sys [134376 2022-01-08] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R0 WinI2C-DDC; C:\WINDOWS\System32\drivers\DDCDrv.sys [20832 2008-04-08] (PC Micro Systems Inc. -> Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Lenovo (Beijing) Limited -> Nicomsoft Ltd.)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 AppleKmdfFilter; \SystemRoot\System32\drivers\AppleKmdfFilter.sys [X]
S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-08 19:18 - 2022-01-08 19:19 - 000030163 _____ C:\Users\customerservice\Downloads\FRST.txt
2022-01-08 19:17 - 2022-01-08 19:19 - 000000000 ____D C:\FRST
2022-01-08 19:16 - 2022-01-08 19:16 - 002311168 _____ (Farbar) C:\Users\customerservice\Downloads\FRST64.exe
2022-01-08 13:06 - 2022-01-08 13:06 - 000000000 ___HD C:\$Windows.~WS
2022-01-08 09:03 - 2022-01-08 13:10 - 000000000 ____D C:\ESD
2022-01-08 09:00 - 2022-01-08 09:00 - 000000000 ____D C:\$WINDOWS.~BT
2022-01-07 17:36 - 2022-01-07 17:54 - 000000000 ____D C:\WINDOWS\pss
2022-01-05 22:07 - 2022-01-06 08:09 - 000040080 _____ C:\Users\customerservice\Downloads\MTB.txt
2022-01-05 22:06 - 2022-01-05 22:06 - 000892416 _____ (Farbar) C:\Users\customerservice\Downloads\MiniToolBox.exe
2022-01-05 21:13 - 2022-01-08 12:02 - 000000000 _____ C:\Recovery.txt
2022-01-04 18:49 - 2022-01-04 18:49 - 000000112 ___SH C:\bootTel.dat
2022-01-04 18:49 - 2022-01-04 18:49 - 000000000 __SHD C:\found.001
2022-01-01 17:53 - 2022-01-01 17:53 - 000000000 __SHD C:\found.000
2022-01-01 16:17 - 2022-01-01 16:17 - 000153528 _____ (Intel) C:\Users\customerservice\Downloads\DSAUninstaller (1).exe
2022-01-01 15:35 - 2022-01-07 17:53 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-01-01 15:33 - 2022-01-01 16:10 - 000304780 _____ C:\WINDOWS\ntbtlog.txt
2022-01-01 11:39 - 2022-01-01 22:31 - 000000000 ____D C:\WINDOWS\Minidump
2022-01-01 09:20 - 2022-01-01 09:20 - 000001521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2022-01-01 09:16 - 2022-01-01 09:16 - 005934808 _____ (Intel) C:\Users\customerservice\Downloads\Intel-Driver-and-Support-Assistant-Installer (1).exe
2021-12-31 09:22 - 2021-12-31 09:22 - 000007634 _____ C:\Users\customerservice\AppData\Local\Resmon.ResmonCfg
2021-12-20 20:10 - 2022-01-01 09:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-18 09:48 - 2021-12-18 09:48 - 000000394 _____ C:\WINDOWS\storelibdebug.txt
2021-12-17 22:15 - 2021-12-17 22:15 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-17 17:17 - 2021-12-17 17:17 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-17 17:17 - 2021-12-17 17:17 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-17 17:16 - 2021-12-17 17:16 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-17 17:16 - 2021-12-17 17:16 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-16 19:53 - 2021-12-16 19:53 - 000000000 ___HD C:\$WinREAgent
2021-12-10 18:24 - 2021-12-10 18:24 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1168067149-1418559455-1623139670-1001
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-08 19:18 - 2020-06-19 16:09 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-08 19:18 - 2020-06-19 16:09 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-08 19:05 - 2015-03-06 10:05 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-08 19:02 - 2020-11-26 21:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-08 19:02 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-08 13:20 - 2015-03-06 23:19 - 000000000 ____D C:\Users\customerservice\AppData\Roaming\Nitro PDF
2022-01-08 13:10 - 2020-11-25 21:51 - 000000000 ___DC C:\WINDOWS\Panther
2022-01-08 13:06 - 2020-02-14 21:06 - 000000000 ____D C:\Program Files\CCleaner
2022-01-08 13:04 - 2020-11-26 21:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-08 13:04 - 2020-11-26 21:19 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-08 13:04 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-08 13:04 - 2017-07-13 07:16 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-01-08 13:04 - 2015-03-06 23:09 - 000000000 __SHD C:\Users\customerservice\IntelGraphicsProfiles
2022-01-08 12:54 - 2019-12-07 03:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-08 12:33 - 2020-02-14 20:51 - 000000000 ____D C:\Users\customerservice\AppData\LocalLow\Mozilla
2022-01-08 09:44 - 2020-11-26 16:02 - 000000000 ____D C:\Users\customerservice
2022-01-07 17:36 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-07 17:06 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-06 08:11 - 2020-11-26 21:40 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-05 21:59 - 2020-03-07 08:37 - 000000000 ____D C:\Users\customerservice\AppData\Local\LenovoServiceBridge
2022-01-05 17:57 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-05 17:49 - 2020-02-15 08:34 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-05 17:49 - 2020-02-15 08:34 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-04 16:38 - 2020-11-26 21:35 - 000842482 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-04 16:38 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-01 22:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-01 18:48 - 2014-07-31 09:28 - 000000000 ____D C:\ProgramData\Realtek
2022-01-01 16:18 - 2014-07-31 09:28 - 000000000 ____D C:\Program Files (x86)\Intel
2022-01-01 16:17 - 2018-06-15 08:08 - 000000000 ____D C:\Users\customerservice\AppData\Local\D3DSCache
2022-01-01 16:14 - 2020-03-07 15:12 - 000000000 ____D C:\Users\customerservice\AppData\Local\ElevatedDiagnostics
2022-01-01 09:23 - 2020-02-14 20:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-01 09:21 - 2014-07-31 09:28 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-01 09:20 - 2014-07-31 09:31 - 000000000 ____D C:\ProgramData\Intel
2021-12-21 17:08 - 2020-05-04 19:30 - 000007820 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-12-20 20:22 - 2021-10-10 14:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-20 20:22 - 2020-02-14 20:51 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-18 09:48 - 2014-07-31 09:47 - 000000000 ____D C:\ProgramData\Lenovo
2021-12-17 22:16 - 2020-11-26 21:19 - 000317984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-17 22:15 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-17 22:15 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-17 22:15 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-17 22:15 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-17 22:15 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-17 22:15 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-17 22:15 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-17 22:15 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-17 22:15 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-17 22:15 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-17 22:08 - 2020-11-26 21:40 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-16 19:49 - 2015-03-10 07:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-16 19:47 - 2015-03-10 07:26 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-15 20:54 - 2018-02-28 07:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories ========
2018-11-09 14:29 - 2018-11-09 14:29 - 000000272 _____ () C:\Users\customerservice\AppData\Roaming\.backup.dm
2018-05-25 08:43 - 2018-05-25 08:43 - 000827679 _____ () C:\Users\customerservice\AppData\Local\1000024480029810688.jpg
2018-05-29 15:05 - 2018-05-29 15:11 - 001021894 _____ () C:\Users\customerservice\AppData\Local\1001570250071666688.jpg
2018-05-30 14:13 - 2018-05-30 14:34 - 000098110 _____ () C:\Users\customerservice\AppData\Local\1001919543420833792.jpg
2018-06-04 06:53 - 2018-06-04 06:53 - 000101148 _____ () C:\Users\customerservice\AppData\Local\1003620364114120704.jpg
2018-06-04 09:07 - 2018-06-04 09:07 - 000854908 _____ () C:\Users\customerservice\AppData\Local\1003654478678642688.jpg
2018-06-04 11:52 - 2018-06-04 11:52 - 000566147 _____ () C:\Users\customerservice\AppData\Local\1003696025956724736.jpg
2018-06-08 07:21 - 2018-06-08 07:21 - 000893983 _____ () C:\Users\customerservice\AppData\Local\1005076181426302976.jpg
2018-06-12 15:34 - 2018-06-12 15:34 - 000148783 _____ () C:\Users\customerservice\AppData\Local\1006649039801733120.jpg
2018-06-15 14:04 - 2018-06-15 14:10 - 000735100 _____ () C:\Users\customerservice\AppData\Local\1007715012638072832.jpg
2018-06-18 09:19 - 2018-06-18 09:19 - 001009877 _____ () C:\Users\customerservice\AppData\Local\1008730532711682048.jpg
2018-06-29 12:33 - 2018-06-29 13:19 - 000481097 _____ () C:\Users\customerservice\AppData\Local\1012757966422700032.jpg
2018-06-29 12:04 - 2018-06-29 13:19 - 000809509 _____ () C:\Users\customerservice\AppData\Local\1012758336611950592.jpg
2018-07-06 11:08 - 2018-07-06 11:09 - 000259187 _____ () C:\Users\customerservice\AppData\Local\1015281193988550656.jpg
2018-07-10 13:28 - 2018-07-10 13:28 - 000484863 _____ () C:\Users\customerservice\AppData\Local\1016765937864351744.jpg
2018-07-16 10:45 - 2018-07-16 10:45 - 000939887 _____ () C:\Users\customerservice\AppData\Local\1018899040913268736.jpg
2018-07-17 08:01 - 2018-07-17 08:04 - 000284306 _____ () C:\Users\customerservice\AppData\Local\1019220073688014848.jpg
2018-07-17 11:20 - 2018-07-17 12:34 - 000315467 _____ () C:\Users\customerservice\AppData\Local\1019270421328064512.jpg
2018-07-25 08:36 - 2018-07-25 10:59 - 000917115 _____ () C:\Users\customerservice\AppData\Local\1022127876180008960.jpg
2018-07-25 08:36 - 2018-07-25 08:36 - 000489913 _____ () C:\Users\customerservice\AppData\Local\1022127878130360320.jpg
2018-07-25 10:28 - 2018-07-25 10:59 - 000914684 _____ () C:\Users\customerservice\AppData\Local\1022156692537462784.jpg
2018-07-26 08:15 - 2018-07-26 08:15 - 000972436 _____ () C:\Users\customerservice\AppData\Local\1022484934016409600.jpg
2018-07-30 11:34 - 2018-07-30 11:34 - 000478524 _____ () C:\Users\customerservice\AppData\Local\1023985069560700928.jpg
2018-07-30 12:35 - 2018-07-30 12:35 - 000332986 _____ () C:\Users\customerservice\AppData\Local\1023999136283217920.jpg
2018-08-17 07:06 - 2018-08-17 07:06 - 000408700 _____ () C:\Users\customerservice\AppData\Local\1030440552736067584.jpg
2018-08-17 09:52 - 2018-08-17 09:52 - 000757218 _____ () C:\Users\customerservice\AppData\Local\1030482338254700544.jpg
2018-08-23 13:51 - 2018-08-23 13:52 - 000212556 _____ () C:\Users\customerservice\AppData\Local\1032716529410637824.jpg
2018-08-24 12:28 - 2018-08-24 12:31 - 000770392 _____ () C:\Users\customerservice\AppData\Local\1033058283888529408.jpg
2018-08-27 07:16 - 2018-08-27 07:16 - 001008578 _____ () C:\Users\customerservice\AppData\Local\1034067015938240512.jpg
2018-08-31 06:57 - 2018-08-31 06:57 - 000807220 _____ () C:\Users\customerservice\AppData\Local\1035511703337590784.jpg
2018-09-04 07:14 - 2018-09-04 07:29 - 000286407 _____ () C:\Users\customerservice\AppData\Local\1035968532194734080.jpg
2018-09-04 07:16 - 2018-09-04 07:17 - 000450657 _____ () C:\Users\customerservice\AppData\Local\1036966064248942592.jpg
2018-09-05 11:41 - 2018-09-05 11:41 - 001028431 _____ () C:\Users\customerservice\AppData\Local\1037394966972899328.jpg
2018-09-05 11:47 - 2018-09-05 12:01 - 001017676 _____ () C:\Users\customerservice\AppData\Local\1037396606547402752.jpg
2018-09-05 12:20 - 2018-09-05 12:22 - 001031510 _____ () C:\Users\customerservice\AppData\Local\1037405180199694336.jpg
2018-09-05 13:42 - 2018-09-05 13:42 - 000994547 _____ () C:\Users\customerservice\AppData\Local\1037421996036919296.jpg
2018-09-07 10:20 - 2018-09-07 10:20 - 000106468 _____ () C:\Users\customerservice\AppData\Local\1038099609277313024.jpg
2018-09-11 07:30 - 2018-09-11 07:30 - 001011636 _____ () C:\Users\customerservice\AppData\Local\1039506452285407232.jpg
2018-09-11 07:32 - 2018-09-11 07:32 - 000993918 _____ () C:\Users\customerservice\AppData\Local\1039507021729435648.jpg
2018-09-11 07:38 - 2018-09-11 07:38 - 000971008 _____ () C:\Users\customerservice\AppData\Local\1039508104497278976.jpg
2018-09-11 13:26 - 2018-09-11 13:26 - 000132198 _____ () C:\Users\customerservice\AppData\Local\1039585705081446400.jpg
2018-09-11 14:58 - 2018-09-11 14:58 - 000820384 _____ () C:\Users\customerservice\AppData\Local\1039619260968869888.jpg
2018-09-12 08:55 - 2018-09-12 08:56 - 000251149 _____ () C:\Users\customerservice\AppData\Local\1039888735332798464.jpg
2018-09-13 07:00 - 2018-09-13 07:00 - 000136583 _____ () C:\Users\customerservice\AppData\Local\1040217707375681536.jpg
2018-09-17 08:05 - 2018-09-17 08:06 - 000109598 _____ () C:\Users\customerservice\AppData\Local\1041689402288640000.jpg
2018-09-17 09:29 - 2018-09-17 09:29 - 000645032 _____ () C:\Users\customerservice\AppData\Local\1041710601647235072.jpg
2018-09-18 11:39 - 2018-09-18 12:28 - 000860771 _____ () C:\Users\customerservice\AppData\Local\1042105611685339136.jpg
2018-09-21 06:53 - 2018-09-21 06:53 - 000859993 _____ () C:\Users\customerservice\AppData\Local\1042902333047312384.jpg
2018-09-27 09:03 - 2018-09-27 09:05 - 000202704 _____ () C:\Users\customerservice\AppData\Local\1045327863465811968.jpg
2018-09-28 08:47 - 2018-09-28 08:47 - 000994122 _____ () C:\Users\customerservice\AppData\Local\1045686390516408320.jpg
2018-09-28 12:22 - 2018-09-28 12:24 - 000427784 _____ () C:\Users\customerservice\AppData\Local\1045740152471805952.jpg
2018-10-05 08:42 - 2018-10-05 08:42 - 001024120 _____ () C:\Users\customerservice\AppData\Local\1046752947829071872.jpg
2018-10-01 13:51 - 2018-10-01 13:52 - 000998633 _____ () C:\Users\customerservice\AppData\Local\1046850033597661184.jpg
2018-10-03 09:35 - 2018-10-03 09:35 - 000965686 _____ () C:\Users\customerservice\AppData\Local\1047507359526608896.jpg
2018-10-08 10:43 - 2018-10-08 10:43 - 000835224 _____ () C:\Users\customerservice\AppData\Local\1049339379840090112.jpg
2018-10-08 10:43 - 2018-10-08 10:43 - 000923178 _____ () C:\Users\customerservice\AppData\Local\1049339393421242368.jpg
2018-10-09 12:20 - 2018-10-09 12:20 - 000092415 _____ () C:\Users\customerservice\AppData\Local\1049725690572759040.jpg
2018-10-11 13:06 - 2018-10-11 13:06 - 000760299 _____ () C:\Users\customerservice\AppData\Local\1050462540371468288.jpg
2018-10-12 06:38 - 2018-10-12 06:38 - 000111944 _____ () C:\Users\customerservice\AppData\Local\1050723826321727488.jpg
2018-10-12 07:19 - 2018-10-12 07:19 - 000930757 _____ () C:\Users\customerservice\AppData\Local\1050737782260088832.jpg
2018-10-15 09:54 - 2018-10-15 09:54 - 000641068 _____ () C:\Users\customerservice\AppData\Local\1051863633848528896.jpg
2018-10-15 13:32 - 2018-10-15 13:35 - 000098266 _____ () C:\Users\customerservice\AppData\Local\1051918633278701568.jpg
2018-10-15 13:34 - 2018-10-15 13:34 - 000947542 _____ () C:\Users\customerservice\AppData\Local\1051918941132263424.jpg
2018-10-17 15:18 - 2018-10-17 15:18 - 000110539 _____ () C:\Users\customerservice\AppData\Local\1052631757011120128.jpg
2018-10-18 09:18 - 2018-10-19 10:48 - 000970383 _____ () C:\Users\customerservice\AppData\Local\1052940442027565056.jpg
2018-10-19 10:49 - 2018-10-19 10:49 - 000898013 _____ () C:\Users\customerservice\AppData\Local\1053326809752526848.jpg
2018-10-22 07:07 - 2018-10-22 07:07 - 000517396 _____ () C:\Users\customerservice\AppData\Local\1054357985808183296.jpg
2018-10-22 08:20 - 2018-10-24 13:22 - 000774859 _____ () C:\Users\customerservice\AppData\Local\1054374515262496768.jpg
2018-10-24 08:23 - 2018-10-24 08:23 - 000846078 _____ () C:\Users\customerservice\AppData\Local\1055102323211304960.jpg
2018-10-24 11:13 - 2018-10-24 11:13 - 000969146 _____ () C:\Users\customerservice\AppData\Local\1055144271062167552.jpg
2018-10-24 12:42 - 2018-10-24 12:42 - 000210089 _____ () C:\Users\customerservice\AppData\Local\1055167361523625984.jpg
2018-10-24 13:21 - 2018-10-24 13:21 - 000842388 _____ () C:\Users\customerservice\AppData\Local\1055177492021886976.jpg
2018-10-25 07:20 - 2018-10-25 07:20 - 000451258 _____ () C:\Users\customerservice\AppData\Local\1055448743357378560.jpg
2018-10-25 07:21 - 2018-10-25 07:21 - 000976105 _____ () C:\Users\customerservice\AppData\Local\1055448783668883456.jpg
2018-10-29 13:40 - 2018-10-29 13:40 - 000436655 _____ () C:\Users\customerservice\AppData\Local\1056993878897561600.jpg
2018-10-30 08:34 - 2018-10-30 08:34 - 001031702 _____ () C:\Users\customerservice\AppData\Local\1057279469803524096.jpg
2018-10-30 13:12 - 2018-10-30 13:12 - 000397123 _____ () C:\Users\customerservice\AppData\Local\1057347563481657344.jpg
2018-10-30 13:31 - 2018-10-30 13:31 - 000869941 _____ () C:\Users\customerservice\AppData\Local\1057354392546828288.jpg
2018-10-30 13:45 - 2018-10-30 13:45 - 000869941 _____ () C:\Users\customerservice\AppData\Local\1057357674375778304.jpg
2018-10-30 15:46 - 2018-10-30 15:46 - 000872981 _____ () C:\Users\customerservice\AppData\Local\1057388208720154624.jpg
2018-10-31 11:55 - 2018-10-31 11:55 - 000699748 _____ () C:\Users\customerservice\AppData\Local\1057692370058067968.jpg
2018-11-05 10:14 - 2018-11-05 10:14 - 000480994 _____ () C:\Users\customerservice\AppData\Local\1059470561705693184.jpg
2018-11-05 10:17 - 2018-11-05 10:17 - 001153453 _____ () C:\Users\customerservice\AppData\Local\1059479655061630976.jpg
2018-11-07 10:15 - 2018-11-07 10:46 - 000129900 _____ () C:\Users\customerservice\AppData\Local\1060203564018950144.jpg
2018-11-12 10:08 - 2018-11-12 10:08 - 000416522 _____ () C:\Users\customerservice\AppData\Local\1062014228349833216.jpg
2018-11-12 11:47 - 2018-11-12 11:47 - 000115410 _____ () C:\Users\customerservice\AppData\Local\1062039051469832192.jpg
2018-11-13 15:49 - 2018-11-13 15:49 - 001018915 _____ () C:\Users\customerservice\AppData\Local\1062462277463240704.jpg
2018-11-13 16:18 - 2018-11-13 16:18 - 000683158 _____ () C:\Users\customerservice\AppData\Local\1062469673195626496.jpg
2018-11-15 15:28 - 2018-11-15 15:28 - 000870668 _____ () C:\Users\customerservice\AppData\Local\1063181957903589376.jpg
2018-11-21 12:45 - 2018-11-21 12:45 - 000867161 _____ () C:\Users\customerservice\AppData\Local\1065315034666864640.jpg
2018-11-27 09:35 - 2018-11-27 09:35 - 000495703 _____ () C:\Users\customerservice\AppData\Local\1067441705012342784.jpg
2018-11-28 07:55 - 2018-11-28 07:55 - 000105284 _____ () C:\Users\customerservice\AppData\Local\1067777001709027328.jpg
2018-11-28 09:16 - 2018-11-28 10:33 - 000982866 _____ () C:\Users\customerservice\AppData\Local\1067798784986255360.jpg
2018-11-28 09:44 - 2018-11-28 10:33 - 000910777 _____ () C:\Users\customerservice\AppData\Local\1067805883971530752.jpg
2018-11-28 12:32 - 2018-11-29 09:04 - 000865935 _____ () C:\Users\customerservice\AppData\Local\1067847430784073728.jpg
2018-11-29 11:40 - 2018-11-29 11:40 - 000528781 _____ () C:\Users\customerservice\AppData\Local\1068198052540583936.jpg
2018-12-03 08:23 - 2018-12-03 08:23 - 000918178 _____ () C:\Users\customerservice\AppData\Local\1069593898456961024.jpg
2018-12-11 09:12 - 2018-12-11 09:12 - 000599890 _____ () C:\Users\customerservice\AppData\Local\1072495780103770112.jpg
2017-10-10 13:41 - 2017-10-10 13:41 - 000352741 _____ () C:\Users\customerservice\AppData\Local\917837557592657920.jpg
2017-11-02 08:18 - 2017-11-02 08:18 - 000845206 _____ () C:\Users\customerservice\AppData\Local\926091002657501184.jpg
2017-11-08 13:59 - 2017-11-08 13:59 - 000881322 _____ () C:\Users\customerservice\AppData\Local\928351051572457472.jpg
2017-11-08 13:59 - 2017-11-08 13:59 - 000763676 _____ () C:\Users\customerservice\AppData\Local\928351183101636608.jpg
2017-11-15 08:43 - 2017-11-15 15:35 - 000762839 _____ () C:\Users\customerservice\AppData\Local\930808277025341440.jpg
2017-11-22 13:40 - 2017-11-22 13:57 - 000223354 _____ () C:\Users\customerservice\AppData\Local\933419769461850112.jpg
2017-12-07 12:13 - 2017-12-07 12:13 - 001015014 _____ () C:\Users\customerservice\AppData\Local\938033667661996032.jpg
2017-12-12 10:42 - 2017-12-12 10:42 - 000642090 _____ () C:\Users\customerservice\AppData\Local\940622550883168256.jpg
2018-01-04 11:48 - 2018-01-04 11:48 - 000898862 _____ () C:\Users\customerservice\AppData\Local\948974136655159296.jpg
2018-03-06 12:57 - 2018-03-06 12:57 - 000566722 _____ () C:\Users\customerservice\AppData\Local\971097283344015360.jpg
2018-03-09 10:05 - 2018-03-09 10:05 - 000343251 _____ () C:\Users\customerservice\AppData\Local\972141170334420992.jpg
2018-03-15 07:59 - 2018-03-15 07:59 - 000918370 _____ () C:\Users\customerservice\AppData\Local\974282547688415232.jpg
2018-03-15 08:52 - 2018-03-15 08:52 - 000619190 _____ () C:\Users\customerservice\AppData\Local\974297096324562944.jpg
2018-03-15 10:42 - 2018-03-15 10:42 - 001033101 _____ () C:\Users\customerservice\AppData\Local\974324777820798976.jpg
2018-03-20 12:21 - 2018-03-20 12:24 - 000355794 _____ () C:\Users\customerservice\AppData\Local\976161751166795776.jpg
2018-03-29 10:12 - 2018-03-29 10:12 - 000273257 _____ () C:\Users\customerservice\AppData\Local\979390073358340096.jpg
2018-04-04 07:34 - 2018-04-04 07:34 - 000926950 _____ () C:\Users\customerservice\AppData\Local\981524584246345728.jpg
2018-04-05 07:13 - 2018-04-05 07:13 - 000806676 _____ () C:\Users\customerservice\AppData\Local\981882255671635968.jpg
2018-04-05 07:14 - 2018-04-05 07:14 - 001028981 _____ () C:\Users\customerservice\AppData\Local\981882334562295808.jpg
2018-04-05 07:16 - 2018-04-05 07:16 - 000965176 _____ () C:\Users\customerservice\AppData\Local\981882400769388544.jpg
2018-04-05 07:19 - 2018-04-05 07:19 - 000791447 _____ () C:\Users\customerservice\AppData\Local\981882720782200832.jpg
2018-04-05 07:17 - 2018-04-05 07:17 - 000782193 _____ () C:\Users\customerservice\AppData\Local\981882750620467200.jpg
2018-04-05 07:20 - 2018-04-05 07:20 - 001038842 _____ () C:\Users\customerservice\AppData\Local\981882776558047232.jpg
2018-04-05 07:20 - 2018-04-05 07:20 - 000781398 _____ () C:\Users\customerservice\AppData\Local\981882941155119104.jpg
2018-04-05 07:21 - 2018-04-05 07:21 - 000949283 _____ () C:\Users\customerservice\AppData\Local\981883016157659136.jpg
2018-04-05 07:22 - 2018-04-05 07:36 - 000882563 _____ () C:\Users\customerservice\AppData\Local\981883179894906880.jpg
2018-04-05 07:22 - 2018-04-05 07:22 - 000884031 _____ () C:\Users\customerservice\AppData\Local\981883239982514176.jpg
2018-04-05 07:29 - 2018-04-05 07:29 - 000918805 _____ () C:\Users\customerservice\AppData\Local\981886159947890688.jpg
2018-04-05 07:30 - 2018-04-05 07:30 - 000990291 _____ () C:\Users\customerservice\AppData\Local\981886677231423488.jpg
2018-04-05 07:34 - 2018-04-05 07:34 - 000901445 _____ () C:\Users\customerservice\AppData\Local\981887324320239616.jpg
2018-04-09 11:49 - 2018-04-09 11:51 - 000508199 _____ () C:\Users\customerservice\AppData\Local\983401208470380544.jpg
2018-04-16 07:11 - 2018-04-16 07:11 - 000487549 _____ () C:\Users\customerservice\AppData\Local\985867787406053376.jpg
2018-04-25 09:26 - 2018-04-25 09:32 - 000823007 _____ () C:\Users\customerservice\AppData\Local\989163679685165056.jpg
2018-04-25 09:54 - 2018-04-25 10:03 - 000882770 _____ () C:\Users\customerservice\AppData\Local\989169692777852928.jpg
2018-04-27 08:34 - 2018-04-27 08:34 - 000494515 _____ () C:\Users\customerservice\AppData\Local\989875275998232576.jpg
2018-04-30 08:13 - 2018-04-30 08:14 - 001034107 _____ () C:\Users\customerservice\AppData\Local\990956724013056000.jpg
2018-04-30 08:13 - 2018-04-30 08:13 - 000773900 _____ () C:\Users\customerservice\AppData\Local\990956812764524544.jpg
2018-05-01 08:26 - 2018-05-01 08:26 - 000847948 _____ () C:\Users\customerservice\AppData\Local\991322607541862400.jpg
2018-05-02 09:06 - 2018-05-02 09:06 - 000996723 _____ () C:\Users\customerservice\AppData\Local\991695401488281600.jpg
2018-05-04 12:49 - 2018-05-04 13:22 - 000878147 _____ () C:\Users\customerservice\AppData\Local\992476023525888000.jpg
2018-05-04 12:53 - 2018-05-04 12:53 - 000812283 _____ () C:\Users\customerservice\AppData\Local\992477247918710784.jpg
2018-05-10 07:14 - 2018-05-10 07:14 - 000795547 _____ () C:\Users\customerservice\AppData\Local\994566170128199680.jpg
2018-05-10 15:54 - 2018-05-10 15:54 - 000817710 _____ () C:\Users\customerservice\AppData\Local\994697252060303360.jpg
2018-05-22 12:47 - 2018-05-22 12:47 - 001025972 _____ () C:\Users\customerservice\AppData\Local\998995902513217536.jpg
2018-05-24 07:09 - 2018-05-24 09:55 - 000241380 _____ () C:\Users\customerservice\AppData\Local\999415695494029312.jpg
2018-05-24 07:00 - 2018-05-24 07:02 - 000497559 _____ () C:\Users\customerservice\AppData\Local\999635597844742144.jpg
2015-03-06 23:09 - 2016-07-27 15:33 - 000841906 _____ () C:\Users\customerservice\AppData\Local\BTServer.log
2021-12-31 09:22 - 2021-12-31 09:22 - 000007634 _____ () C:\Users\customerservice\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by customerservice (08-01-2022 19:20:52)
Running from C:\Users\customerservice\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) (2020-11-27 03:40:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1168067149-1418559455-1623139670-500 - Administrator - Disabled)
customerservice (S-1-5-21-1168067149-1418559455-1623139670-1001 - Administrator - Enabled) => C:\Users\customerservice
DefaultAccount (S-1-5-21-1168067149-1418559455-1623139670-503 - Limited - Disabled)
Guest (S-1-5-21-1168067149-1418559455-1623139670-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1168067149-1418559455-1623139670-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1168067149-1418559455-1623139670-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{3138F992-045B-4F55-825C-53B231E647CA}) (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
BEACON (HKLM-x32\...\{259BF8E7-28DB-461F-8D7F-7B6E267D2502}_is1) (Version: 1.4.0516.0 - Lenovo Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
EducationPortal (HKLM-x32\...\{65487538-FF20-421B-91DB-F6634B8D264C}) (Version: 5.00.012.0903 - Lenovo)
Find the Differences (HKLM-x32\...\{65F9B587-24A7-466A-999A-9C5F9D452400}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
Find the Differences (HKLM-x32\...\InstallShield_{65F9B587-24A7-466A-999A-9C5F9D452400}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
Finding the Letters (HKLM-x32\...\{535FB733-FFCF-4460-8694-664A2F6C53B4}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
Finding the Letters (HKLM-x32\...\InstallShield_{535FB733-FFCF-4460-8694-664A2F6C53B4}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
Fruits (HKLM-x32\...\{AA39BFDE-71E5-46A6-A10B-44C2F45A341E}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden
Fruits (HKLM-x32\...\InstallShield_{AA39BFDE-71E5-46A6-A10B-44C2F45A341E}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC)
Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5107 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.01.60516 - Lenovo)
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.01.60516 - Lenovo)
Lenovo Motion (HKLM-x32\...\{27499255-BA4B-48ED-A32B-12D297B2EF25}) (Version: 04.07.00.05275 - PointGrab) Hidden
Lenovo Motion (HKLM-x32\...\InstallShield_{27499255-BA4B-48ED-A32B-12D297B2EF25}) (Version: 04.07.00.05275 - PointGrab)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.0.197 - Stoneware, Inc.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-1168067149-1418559455-1623139670-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0092 - Lenovo)
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10275 - Realtek Semiconductor Corp.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.5225 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.5225 - CyberLink Corp.)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.01.0429 - Lenovo)
Mammals (HKLM-x32\...\{33492EF5-7931-45B9-B74F-E4A99068B7C9}) (Version: 1.20.2014.0509 - Tong child Research & Planning Co.,Ltd)
Matching Roles (HKLM-x32\...\{92736E44-7608-4D80-9333-E40C82B7E8B3}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
Matching Roles (HKLM-x32\...\InstallShield_{92736E44-7608-4D80-9333-E40C82B7E8B3}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.5389.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1168067149-1418559455-1623139670-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 95.0.2 (x64 en-US)) (Version: 95.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0 - Mozilla)
Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5389.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5389.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5389.1000 - Microsoft Corporation) Hidden
Puzzle (HKLM-x32\...\{6EB7ECE3-E3BE-481D-821B-F1AFFA244D64}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden
Puzzle (HKLM-x32\...\InstallShield_{6EB7ECE3-E3BE-481D-821B-F1AFFA244D64}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.810.812.042214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29073 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek Wireless LAN Adapter Software (HKLM-x32\...\{E462B252-195B-47EA-98E2-BAC3C2DF7D37}) (Version: 11.00.0056.0 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.243 - REALTEK Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Speedtest by Ookla (HKLM\...\{2F376A46-C44C-4500-8CF3-1086F7000AF9}) (Version: 1.4.53.001 - Ookla)
sudoku (HKLM-x32\...\{8C4715DF-8AC9-4F0A-8E35-F9B4CF318FF1}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden
sudoku (HKLM-x32\...\InstallShield_{8C4715DF-8AC9-4F0A-8E35-F9B4CF318FF1}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1058 - SUPERAntiSpyware.com)
timer (HKLM-x32\...\{9CC4B8EE-A96B-4800-B674-0CF8B4560F45}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
timer (HKLM-x32\...\InstallShield_{9CC4B8EE-A96B-4800-B674-0CF8B4560F45}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WebPrint (HKLM-x32\...\WebPrint) (Version: - )
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-06-13] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.208.400.0_x86__kgqvnymyfvs32 [2021-12-08] (king.com)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2022-01-07] (eBay, Inc)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.27.5.0_x86__q4d96b2w5wcc2 [2021-12-14] (Evernote)
FishingJoy -> C:\Program Files\WindowsApps\E0469640.FishingJoy_1.0.1.0_x86__5grkq8ppsgwt4 [2020-06-13] (LENOVO INC)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-14] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-10-29] (Apple Inc.) [Startup Task]
Lanier Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.LanierDriverUtility_4.7.0.0_x86__fxme7667cy4q4 [2021-03-24] (Ricoh Company, Ltd.)
Lenovo Dress-up -> C:\Program Files\WindowsApps\E0469640.MagicDressup_1.0.1.39_x64__5grkq8ppsgwt4 [2020-06-13] (LENOVO INC)
Lenovo Forest Adventure -> C:\Program Files\WindowsApps\E0469640.JungleMobilization_1.0.1.84_x64__5grkq8ppsgwt4 [2020-06-13] (LENOVO INC)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2020-06-13] (Lenovo, INC.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-28] (LENOVO INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2020-06-13] (FilmOn TV Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-10] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-13] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-13] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-13] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-05] (Microsoft Corporation)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-10-01] (Ookla)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2021-10-01] (Matt Hafner)
YouCam for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.YouCamforLenovoIdea_1.0.3624.30505_x86__hgg5mn3xps74a [2020-06-13] (CYBERLINK COM CORPORATION)
YouSendIt for Lenovo -> C:\Program Files\WindowsApps\YouSendIt.YouSendItForLenovo_1.0.5.1412_neutral__069rkrpjefrbc [2020-06-13] (YouSendIt)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2020-06-13] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1168067149-1418559455-1623139670-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\9.0\NPShellExtension64.dll [2013-12-12] (Nitro PDF Software -> Nitro PDF)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\customerservice\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\cdf2bfb41418ba7\TickTick - Todo & Task List.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=diankknpkndanachmlckaikddgcehkod
==================== Loaded Modules (Whitelisted) =============
2014-07-31 09:31 - 2011-05-17 14:27 - 000028672 _____ () [File not signed] C:\Windows\jmesoft\hidhook.dll
2015-06-16 15:36 - 2011-08-05 18:11 - 000034304 _____ () [File not signed] C:\WINDOWS\System32\sxr2mlm.dll
2011-08-05 06:52 - 2011-08-05 06:52 - 000034304 _____ () [File not signed] C:\WINDOWS\System32\sxr2xlm.dll
2019-03-22 11:19 - 2018-08-27 06:39 - 006009856 _____ (Bicom Systems) [File not signed] C:\WINDOWS\System32\glocom3_fax.dll
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2021-12-14 19:52 - 2021-12-14 19:53 - 116802560 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6\HP.Smart.dll
2021-11-01 17:58 - 2021-11-01 17:58 - 007170048 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6\HPPageLift.UWP.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2021-07-08 17:04 - 2021-07-08 17:04 - 005172224 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\Speech_OneCore\Common\sapi_onecore.dll
2015-06-16 15:36 - 2012-11-07 18:58 - 000114688 _____ (Windows ® Codename Longhorn DDK provider) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\xp3315pp.dll
2015-06-16 15:36 - 2012-11-06 14:48 - 000037376 _____ (Windows ® Server 2003 DDK provider) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\sxr2mpc.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1168067149-1418559455-1623139670-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msn.com/
HKU\S-1-5-21-1168067149-1418559455-1623139670-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1168067149-1418559455-1623139670-1001\...\pestpac.com -> hxxps://classic.pestpac.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2018-12-03 07:50 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-1168067149-1418559455-1623139670-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\customerservice\Downloads\real-hot-mermaid.jpg
DNS Servers: 24.48.160.2 - 24.48.160.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Lenovo Motion.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "UpdateP2GoShortCut"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "DSCRun"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-1168067149-1418559455-1623139670-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1168067149-1418559455-1623139670-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1168067149-1418559455-1623139670-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BCC16A2D-D80A-4FC7-BBC2-566B59A6BDC0}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{F384D2E1-D271-4E19-9A45-11182B2D7993}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{5510F913-BEAC-4B7F-8C79-710D4B8F0B86}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{266C9D37-FA2A-4BA8-9902-6F740406C3C1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{09E900DD-36D8-436A-8703-3E953A1EEA1D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7D0321DD-FFEF-4C25-A58A-08D846345E8C}] => (Allow) C:\Users\customerservice\AppData\Local\Temp\7zS4845\HP.EasyStart.exe => No File
FirewallRules: [TCP Query User{1796E9B8-A0ED-453E-BAC4-5E5B8FCACB58}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A7FD3486-511B-43E4-8116-5EF64079D0C8}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BB5465F2-F838-4327-A3FB-8493B6AE0196}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CE71B3DB-5F23-4E85-963B-1B2A360FC785}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D6D5D3C6-BD71-4037-A997-BCBE76405BB2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{78039008-0D61-49D4-9211-73FA65AD365C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1EAE35DA-41CF-485E-8C4C-6779773ABCCB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3C0879A6-287E-4059-88AC-2AB6D0A8B664}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ABB50EAC-0F5D-4411-A128-2A61E64C6663}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7669D21-AE43-48A9-99CE-670BA951E63E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C8E7D641-0681-4004-A599-97B8D5241759}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{145B075D-13DB-4BC2-8634-2F91ABC9BC40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34599229-A89E-43BA-B27C-4FD15A2FA8EC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A1B53E6-8997-4EA7-BD54-279A23D3E0CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7F523E59-1589-4A47-93E8-365410D462AA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
02-01-2022 11:08:20 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/08/2022 07:56:35 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\upnp.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.
Program: Host Process for Windows Services
File: C:\Windows\System32\upnp.dll
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: C0000242
Disk type: 3
Error: (01/08/2022 07:56:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_BITS, version: 10.0.19041.546, time stamp: 0x058e175a
Faulting module name: ntdll.dll, version: 10.0.19041.1288, time stamp: 0xa280d1d6
Exception code: 0xc0000006
Fault offset: 0x0000000000030f64
Faulting process id: 0x18bc
Faulting application start time: 0x01d804fc21e46ddb
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 6fa220d2-2ce1-4806-816c-bc43b274b3d6
Faulting package full name:
Faulting package-relative application ID:
Error: (01/08/2022 07:54:35 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\upnp.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.
Program: Host Process for Windows Services
File: C:\Windows\System32\upnp.dll
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: C0000242
Disk type: 3
Error: (01/08/2022 07:54:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_BITS, version: 10.0.19041.546, time stamp: 0x058e175a
Faulting module name: ntdll.dll, version: 10.0.19041.1288, time stamp: 0xa280d1d6
Exception code: 0xc0000006
Fault offset: 0x0000000000030f64
Faulting process id: 0x2818
Faulting application start time: 0x01d804fbda55d3a0
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: bbcffce2-3b56-4382-9417-7d17d761e302
Faulting package full name:
Faulting package-relative application ID:
Error: (01/08/2022 07:52:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_BITS, version: 10.0.19041.546, time stamp: 0x058e175a
Faulting module name: ntdll.dll, version: 10.0.19041.1288, time stamp: 0xa280d1d6
Exception code: 0xc0000005
Fault offset: 0x00000000000a0bf9
Faulting process id: 0xe10
Faulting application start time: 0x01d804fb92c74c46
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: e44f79f4-9d61-460d-afb6-5516d3bdeeee
Faulting package full name:
Faulting package-relative application ID:
Error: (01/08/2022 07:50:35 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\upnp.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.
Program: Host Process for Windows Services
File: C:\Windows\System32\upnp.dll
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: C0000242
Disk type: 3
Error: (01/08/2022 07:50:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_BITS, version: 10.0.19041.546, time stamp: 0x058e175a
Faulting module name: ntdll.dll, version: 10.0.19041.1288, time stamp: 0xa280d1d6
Exception code: 0xc0000006
Fault offset: 0x0000000000030f64
Faulting process id: 0x11f0
Faulting application start time: 0x01d804fb4b365345
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: fab50758-44a5-49c5-ac87-e8cb5ac55789
Faulting package full name:
Faulting package-relative application ID:
Error: (01/08/2022 07:48:35 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\upnp.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.
Program: Host Process for Windows Services
File: C:\Windows\System32\upnp.dll
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: C0000242
Disk type: 3
System errors:
=============
Error: (01/08/2022 07:56:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 23 time(s).
Error: (01/08/2022 07:56:35 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.
Error: (01/08/2022 07:54:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 22 time(s).
Error: (01/08/2022 07:54:35 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {659CDEA7-489E-11D9-A9CD-000D56965251} did not register with DCOM within the required timeout.
Error: (01/08/2022 07:52:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 21 time(s).
Error: (01/08/2022 07:52:35 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {F087771F-D74F-4C1A-BB8A-E16ACA9124EA} did not register with DCOM within the required timeout.
Error: (01/08/2022 07:50:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 20 time(s).
Error: (01/08/2022 07:50:35 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {659CDEA7-489E-11D9-A9CD-000D56965251} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2022-01-08 13:25:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-08 13:16:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-08 12:53:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-08 12:40:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-08 09:27:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2022-01-07 17:53:14
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2022-01-07 17:39:26
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2022-01-01 16:10:32
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2022-01-01 15:34:41
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2021-11-23 17:20:20
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
==================== Memory info ===========================
BIOS: LENOVO O0CKT16AUS 05/13/2014
Motherboard: LENOVO HASWELLREFRESHDT
Processor: Intel® Core i3-4160T CPU @ 3.10GHz
Percentage of memory in use: 24%
Total physical RAM: 16301.2 MB
Available physical RAM: 12348.15 MB
Total Virtual: 17325.2 MB
Available Virtual: 13069.09 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:856.9 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{39b73aff-cf83-4572-a3d6-495acb04763d}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.62 GB) NTFS
\\?\Volume{334835b7-703b-4ca3-91e6-4f0ba1e43de0}\ (PBR_DRV) (Fixed) (Total:24.41 GB) (Free:11.73 GB) NTFS
\\?\Volume{0a52b5cb-b8f2-4e6b-89e6-9eae1ae23a04}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4103829F)
Partition: GPT.
==================== End of Addition.txt =======================