Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2017 Ran by PC (22-09-2017 19:02:46) Running from C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\IE\PRYX1RMT Windows 8.1 (Update) (X64) (2017-09-22 05:38:35) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3759523719-2122577075-1287637948-500 - Administrator - Disabled) Gjest (S-1-5-21-3759523719-2122577075-1287637948-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3759523719-2122577075-1287637948-1003 - Limited - Enabled) PC (S-1-5-21-3759523719-2122577075-1287637948-1001 - Administrator - Enabled) => C:\Users\PC ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Dropbox 15 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.) Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.23 - Lenovo) Hidden Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.23 - Lenovo) GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.91 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Host App Service (HKU\S-1-5-21-3759523719-2122577075-1287637948-1001\...\SweetLabs_AP) (Version: 0.269.8.133 - Pokki) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4029 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{B2913DAE-3EBC-4C88-8245-0AA34B2E461D}) (Version: 17.1.1450.0402 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation) Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.) Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.1.12.0 - Lenovo) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Lenovo Motion Control (HKLM-x32\...\{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab) Hidden Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab) Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.52 - Lenovo) Hidden Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.52 - Lenovo) Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo) Hidden Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo) Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.3211 - Lenovo) Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - ) Magic Transfer (HKLM-x32\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo) Hidden Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo) Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited) Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 55.0.3 (x64 nb-NO) (HKLM\...\Mozilla Firefox 55.0.3 (x64 nb-NO)) (Version: 55.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation) NVIDIA Graphics Driver 332.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.50 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.7.306 - NVIDIA Corporation) Hidden Start Menu (HKU\S-1-5-21-3759523719-2122577075-1287637948-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.133 - Pokki) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.81 - Synaptics Incorporated) UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo) User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo) Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-11-21] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2014-01-24] (NVIDIA Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {289A11C4-E3BB-4ED3-B7AD-7D6B84410DF9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {4972C237-8EC9-4680-8C79-78B3DB2127DF} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-07] (Synaptics Incorporated) Task: {4E2FCC8F-0AC7-4972-BBEC-0613FECF952F} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe Task: {50E6ED3E-FAD5-4258-B090-B0CC1BD46694} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-09-11] (Maxthon International ltd.) Task: {6685165D-3859-4257-8457-67D06448D963} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {777019E3-6538-4B16-8A39-344D968FD85D} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-12-13] () Task: {9EAD68DA-448C-4356-BB1B-ED0363BC52A2} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy Task: {A81B91D4-CB15-4BFB-A9A9-CC5E23FC361B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.) Task: {B5DCD864-F77B-4306-A2D1-A217E56DA5F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-22] (Google Inc.) Task: {C72A1BE6-64E0-4C5B-903C-02562D272D23} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {CA5FF8DA-A28A-41E4-81A6-9BD3162FFA41} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] () Task: {CDBCF840-D03C-4343-8E14-C4112C3EBC4C} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2017-09-22] (Lenovo) Task: {E135488B-DCCE-407A-BA70-894BAF60DA6A} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] () Task: {E5D6DB9E-6E63-4C58-AED0-81A6BDE8DCC4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-19] (Lenovo) Task: {E77F5954-A537-463A-86EA-70E1C2EA80CE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo) Task: {FF375A63-8C22-4DD1-9DB2-4F4D18169662} - System32\Tasks\SweetLabs App Platform => C:\Users\PC\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2017-08-10] (Pokki) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-03-02 17:30 - 2012-04-24 12:43 - 000390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2015-03-02 17:25 - 2015-03-02 17:25 - 000068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe 2015-03-02 17:25 - 2015-03-02 17:25 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll 2015-03-02 17:31 - 2015-03-02 17:30 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe 2015-03-02 17:23 - 2014-07-10 03:19 - 000592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe 2015-03-02 16:59 - 2014-01-24 08:27 - 000117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-03-01 23:46 - 2014-11-21 10:54 - 000456808 _____ () C:\windows\system32\igfxTray.exe 2015-03-02 17:08 - 2013-10-01 11:09 - 000078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2014-03-26 22:50 - 2015-03-02 17:37 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll 2017-09-22 08:40 - 2017-09-14 10:30 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.91\libglesv2.dll 2017-09-22 08:40 - 2017-09-14 10:30 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.91\libegl.dll 2015-03-01 23:46 - 2014-11-21 10:54 - 017170624 _____ () C:\windows\SYSTEM32\igd11dxva64.dll 2015-12-08 21:25 - 2015-12-08 21:25 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2015-12-14 15:28 - 2015-12-14 15:28 - 000078808 _____ () C:\Program Files\Lenovo\iMController\AutoUpdate.exe 2013-05-10 03:58 - 2013-05-10 03:58 - 000119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe 2014-02-26 02:42 - 2014-02-26 02:42 - 000013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll 2010-12-17 22:56 - 2010-12-17 22:56 - 002603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll 2010-01-13 02:55 - 2010-01-13 02:55 - 000322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll 2010-12-17 22:56 - 2010-12-17 22:56 - 000382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll 2010-12-16 22:16 - 2010-12-16 22:16 - 000195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll 2013-03-07 22:54 - 2013-03-07 22:54 - 000071680 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll 2010-01-18 09:34 - 2010-01-18 09:34 - 000062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll 2010-12-17 22:56 - 2010-12-17 22:56 - 001006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll 2013-03-07 22:53 - 2013-03-07 22:53 - 000015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll 2010-01-13 02:55 - 2010-01-13 02:55 - 000400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll 2013-03-07 22:55 - 2013-03-07 22:55 - 000472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll 2013-03-07 22:58 - 2013-03-07 22:58 - 000499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2013-03-07 22:54 - 2013-03-07 22:54 - 000013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll 2010-12-17 22:56 - 2010-12-17 22:56 - 014978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll 2010-12-17 22:56 - 2010-12-17 22:56 - 009224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll 2010-12-17 22:56 - 2010-12-17 22:56 - 000317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll ==================== Alternate Data Streams (Whitelisted) ========= ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3759523719-2122577075-1287637948-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{AC37477F-42E6-4169-830F-47F8A49A08DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{CB1727CB-79FB-49FE-9802-EC7A81344E50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{175048EF-7D2C-4FFA-A2ED-902B0AB9AD62}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{7AD36C09-F5E3-4F8D-A976-EFD8E0A69C62}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{8146ABCC-262F-441C-8D8E-EA6594AC7910}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{59B8C31E-2718-42B7-BEA2-BC8C4AE42614}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{932AB459-CAB8-40EF-AA08-9B47D31FEE6A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{9B6B6D58-BD52-453A-8015-FF3825F54F3C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{8842A635-944A-4A15-8108-167410014784}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{1165C082-D010-4F2B-8A32-4006D009D22F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{65697A93-F93A-40A1-98F7-49B918860836}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{8A24B86B-11D1-41CD-AA66-12FDA7C43F47}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{D3414470-8B60-408B-AF6A-AB9C7A5569A2}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{3D118420-E8B9-406F-85C4-4B5C29257B9D}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{5A8C0FC5-5D16-4C8B-83E1-F1AABC68185D}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe FirewallRules: [{D3CDDE0F-CAE0-45A2-B0C7-482338BD26BF}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe FirewallRules: [{BBAC5FDE-7D73-427E-ADF3-9BA1A2151B65}] => (Allow) LPort=55100 FirewallRules: [{E085D7AD-4F40-4C3A-89E5-8D8A9DC953AB}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe FirewallRules: [{7AFF495E-1EE5-4991-B805-D2EEC4B472B6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{196E2490-41BC-4D21-828E-E887AC4E333E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{D0DA221F-CF76-4BA8-BF90-97A4163861CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{1D1C4508-7378-4BB2-90C2-EF17B5FC5670}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/22/2017 08:09:26 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Lisensaktiveringen (slui.exe) mislyktes med følgende feilkode: hr=0x80072EE7 Kommandolinjeargumenter: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c7c00280-b24d-4e82-89ca-4f1288eb1d9e;NotificationInterval=1440;Trigger=NetworkAvailable Error: (09/22/2017 08:09:26 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Henting av sluttbrukerlisens mislyktes. hr=0x80072EE7 Sku-ID=c7c00280-b24d-4e82-89ca-4f1288eb1d9e Error: (09/22/2017 08:09:26 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Detaljer for mislykket lisenshenting. hr=0x80072EE7 Error: (09/22/2017 08:09:26 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Henting av sluttbrukerlisens mislyktes. hr=0x80072EE7 Sku-ID=c7c00280-b24d-4e82-89ca-4f1288eb1d9e Error: (09/22/2017 08:09:26 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Detaljer for mislykket lisenshenting. hr=0x80072EE7 Error: (09/22/2017 07:58:44 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Lisensaktiveringen (slui.exe) mislyktes med følgende feilkode: hr=0x80072EE7 Kommandolinjeargumenter: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c7c00280-b24d-4e82-89ca-4f1288eb1d9e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (09/22/2017 07:58:44 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Henting av sluttbrukerlisens mislyktes. hr=0x80072EE7 Sku-ID=c7c00280-b24d-4e82-89ca-4f1288eb1d9e Error: (09/22/2017 07:58:44 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Detaljer for mislykket lisenshenting. hr=0x80072EE7 Error: (09/22/2017 07:41:17 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Lisensaktiveringen (slui.exe) mislyktes med følgende feilkode: hr=0x80072EE7 Kommandolinjeargumenter: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c7c00280-b24d-4e82-89ca-4f1288eb1d9e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (09/22/2017 07:41:17 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Henting av sluttbrukerlisens mislyktes. hr=0x80072EE7 Sku-ID=c7c00280-b24d-4e82-89ca-4f1288eb1d9e System errors: ============= Error: (09/22/2017 06:56:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET) Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070057: Microsoft.ZuneMusic. Error: (09/22/2017 09:28:27 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-MYNDIGHET) Description: E:\Device\HarddiskVolume83 Error: (09/22/2017 09:27:47 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Tjenesten NPEService er merket som en interaktiv tjeneste. Men systemet er konfigurert for ikke å tillate interaktive tjenester. Denne tjenesten vil muligens ikke fungere som den skal. Error: (09/22/2017 09:17:49 AM) (Source: Schannel) (EventID: 4119) (User: NT-MYNDIGHET) Description: Et kritisk varsel er mottatt fra det eksterne endepunktet. Koden for det kritiske varselet er ifølge TLS-protokollen 40. Error: (09/22/2017 09:10:28 AM) (Source: Schannel) (EventID: 4119) (User: NT-MYNDIGHET) Description: Et kritisk varsel er mottatt fra det eksterne endepunktet. Koden for det kritiske varselet er ifølge TLS-protokollen 40. Error: (09/22/2017 08:52:55 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-MYNDIGHET) Description: E:\Device\HarddiskVolume83 Error: (09/22/2017 07:55:38 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC) Description: Serveren {209500FC-6B45-4693-8871-6296C4843751} ble ikke registrert hos DCOM innen fristen for tidsavbrudd. Error: (09/22/2017 07:55:08 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC) Description: Serveren {209500FC-6B45-4693-8871-6296C4843751} ble ikke registrert hos DCOM innen fristen for tidsavbrudd. Error: (09/22/2017 07:51:18 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-MYNDIGHET) Description: E:\Device\HarddiskVolume83 Error: (09/22/2017 07:43:22 AM) (Source: DCOM) (EventID: 10010) (User: NT-MYNDIGHET) Description: Serveren {209500FC-6B45-4693-8871-6296C4843751} ble ikke registrert hos DCOM innen fristen for tidsavbrudd. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz Percentage of memory in use: 29% Total physical RAM: 8104.27 MB Available physical RAM: 5730.06 MB Total Virtual: 10024.27 MB Available Virtual: 7206.56 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:888.16 GB) (Free:857.44 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.12 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: CB878A34) Partition: GPT. ==================== End of Addition.txt ============================