Jump to content

Recommended Posts

Hello. 

 

I am not able to download anything... not even the first step of FARBAR RECOVERY SCAN TOOL.

 

I assume there is some malware going on... I just bought this computer and wanted to install malwarebytes on it, but it would not let me. I am suspicious...

 

Any help is much appreciated. 

 

Thank you in advance,

Andrea

Link to post
Share on other sites

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 


Can you download Farbar on other machine and then transfer it here?


Link to post
Share on other sites

Hello.  I downloaded Farbar and transfered it here.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
Ran by Andrea Lynn (administrator) on ANDREALYNN (26-10-2015 13:13:00)
Running from E:\
Loaded Profiles: Andrea Lynn (Available Profiles: Andrea Lynn)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Netflix, Inc.) C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.15.0.14_x64__mcm4njqhnhss8\Netflix.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby\DDP_F3\ddpf3.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
() C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe
(Lenovo) C:\ProgramData\Lenovo App Services\Engine\LenovoAppServices.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(Microsoft Corporation) C:\Windows\System32\mfpmp.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Media Player\setup_wm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1390808 2015-02-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1390808 2015-02-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1390808 2015-02-10] (Realtek Semiconductor)
HKLM\...\Run: [DDPF3] => C:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.)
HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2856616 2015-01-05] (Synaptics Incorporated)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-06-10] ()
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe [107776 2015-01-15] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-06-10] (Lenovo)
HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [559896 2014-11-18] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [HarmonyPicks] => C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe [5243160 2014-12-23] (Lenovo)
HKLM-x32\...\Run: [HarmonySetting] => C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe [2696448 2015-01-04] (Lenovo)
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2729643933-1624923372-1617711941-1001\...\Run: [GoogleChromeAutoLaunch_695A3E1951475D046D0DD0E743139DBB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-08] (Google Inc.)
HKU\S-1-5-21-2729643933-1624923372-1617711941-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55357464 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2729643933-1624923372-1617711941-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2729643933-1624923372-1617711941-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2729643933-1624923372-1617711941-1001\...\Policies\Explorer: [NoControlPanel] 0
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 0.0.0.0
Tcpip\..\Interfaces\{2809BA1D-B81D-4650-A745-4B937003A31A}: [DhcpNameServer] 192.168.1.254 0.0.0.0
Tcpip\..\Interfaces\{B5D325ED-11A2-47CF-B548-BCB2B832085F}: [DhcpNameServer] 101.1.1.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2729643933-1624923372-1617711941-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2729643933-1624923372-1617711941-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2729643933-1624923372-1617711941-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-2729643933-1624923372-1617711941-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2729643933-1624923372-1617711941-1001 -> DefaultScope {35BA401F-CA84-4D65-8939-517D44D38A83} URL = 
SearchScopes: HKU\S-1-5-21-2729643933-1624923372-1617711941-1001 -> {35BA401F-CA84-4D65-8939-517D44D38A83} URL = 
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-08-21] (McAfee, Inc.)
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-09-19] [not signed]
 
Chrome: 
=======
CHR Profile: C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-15]
CHR Extension: (Google Docs) - C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-15]
CHR Extension: (Google Drive) - C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-15]
CHR Extension: (YouTube) - C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-15]
CHR Extension: (Google Sheets) - C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-15]
CHR Extension: (Google Docs Offline) - C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-15]
CHR Extension: (Skype Click to Call) - C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-15]
CHR Extension: (Gmail) - C:\Users\Andrea Lynn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0189061445365135mcinstcleanup; C:\windows\TEMP\018906~1.EXE [882000 2015-06-18] (McAfee, Inc.)
R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [599024 2014-08-05] (Lenovo Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] ()
R2 DptfParticipantAcpiProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-09-17] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [150760 2013-09-17] (Intel Corporation)
R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191512 2014-11-20] (Lenovo) [File not signed]
R2 HarmonySettingService; C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe [17688 2014-12-23] (Lenovo) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [122984 2014-09-15] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-08] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-22] (Lenovo)
R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2544408 2014-11-18] (Lenovo(beijing) Limited)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2005320 2014-10-13] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [727536 2014-08-05] (Lenovo Corporation)
R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-06-10] ()
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo(beijing) Limited)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-15] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()
R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944 2014-11-17] (Lenovo(beijing) Limited)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-05-28] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [524552 2014-05-28] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-06-10] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-06-10] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2015-06-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [30464 2015-01-15] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-20] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R3 DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [198808 2013-09-17] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2013-09-17] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70168 2014-11-20] (Windows ® Win 7 DDK provider) [File not signed]
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [222664 2014-09-15] (Intel Corporation)
R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] ()
R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] ()
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3486488 2014-10-06] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [2984664 2015-02-11] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31400 2015-01-05] (Synaptics Incorporated)
R3 SpbAccelerometer; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-26 13:10 - 2015-10-26 13:13 - 00000000 ____D C:\FRST
2015-10-26 02:56 - 2015-10-26 00:45 - 06957446 _____ C:\Users\Andrea Lynn\Desktop\The Big Numbers Song.mp4
2015-10-26 01:49 - 2015-10-26 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-09-28 00:20 - 2015-09-28 00:20 - 00000000 ____D C:\Users\Andrea Lynn\AppData\Local\CyberLink
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-26 13:05 - 2015-09-15 20:00 - 00000930 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-26 13:04 - 2015-06-10 01:41 - 01245499 _____ C:\windows\WindowsUpdate.log
2015-10-26 13:01 - 2013-08-22 10:36 - 00000000 ____D C:\windows\system32\sru
2015-10-26 11:23 - 2015-09-15 21:43 - 00000518 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-10-26 02:57 - 2014-11-20 23:44 - 00863592 _____ C:\windows\system32\PerfStringBackup.INI
2015-10-26 02:55 - 2013-08-22 09:46 - 00026461 _____ C:\windows\setupact.log
2015-10-26 01:50 - 2015-09-13 11:43 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2729643933-1624923372-1617711941-1001
2015-10-26 01:50 - 2013-08-22 08:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2015-10-26 01:38 - 2015-09-15 22:08 - 00000000 ____D C:\Users\Andrea Lynn\AppData\Roaming\Skype
2015-10-24 22:02 - 2013-08-22 10:36 - 00000000 ____D C:\windows\AppReadiness
2015-10-24 18:05 - 2015-09-15 20:00 - 00000926 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-20 13:18 - 2015-06-10 02:39 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-10-19 22:37 - 2015-06-10 02:35 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2015-10-19 22:29 - 2015-09-15 19:54 - 00000000 ___DO C:\Users\Andrea Lynn\OneDrive
2015-10-19 22:29 - 2015-09-13 11:39 - 00002262 _____ C:\Users\Andrea Lynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Picks Introduction.lnk
2015-10-19 22:29 - 2015-09-13 11:39 - 00001366 _____ C:\Users\Andrea Lynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Settings Introduction.lnk
2015-10-19 22:27 - 2013-08-22 09:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-10-18 21:56 - 2015-09-15 22:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-17 01:11 - 2015-09-15 20:02 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-01 23:20 - 2015-09-13 11:37 - 00000000 ____D C:\Users\Andrea Lynn\AppData\Local\Packages
2015-09-28 00:20 - 2015-06-10 02:49 - 00000000 ____D C:\ProgramData\CyberLink
 
==================== Files in the root of some directories =======
 
2015-06-10 02:00 - 2015-06-10 02:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-15 23:32 - 2015-09-16 10:30 - 0000021 _____ () C:\ProgramData\settings.cfg
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-21 01:17
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by Andrea Lynn (2015-10-26 13:14:52)
Running from E:\
Windows 8.1 (X64) (2015-09-13 16:37:18)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2729643933-1624923372-1617711941-500 - Administrator - Disabled)
Andrea Lynn (S-1-5-21-2729643933-1624923372-1617711941-1001 - Administrator - Enabled) => C:\Users\Andrea Lynn
Guest (S-1-5-21-2729643933-1624923372-1617711941-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - Canon Inc.)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.1.0.7 - Lenovo)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
Dual Accelerometer Driver (HKLM-x32\...\InstallShield_{1D647C7D-5064-4E91-AC0C-9924E7AF9505}) (Version: 1.00.0001 - Lenovo)
Dual Accelerometer Driver (x32 Version: 1.00.0001 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Harmony (HKLM-x32\...\{D02D9427-507D-4912-9285-97FCD5417E72}) (Version: 1.0.1.0119 - Lenovo)
Harmony (x32 Version: 1.0.1.0119 - Lenovo) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2208 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® Wireless Bluetooth®(patch version 17.1.1434.2) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e63d3cb3-0b4d-44ca-aba0-ba433f2f37fd}) (Version: 17.13.0 - Intel Corporation)
Lenovo App Services (HKLM\...\Lenovo App Services) (Version: 0.200.7.619 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11085 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{D3F38500-4C99-4E4F-9786-B907224E13A1}) (Version: 2.6.0.0528 - PointGrab)
Lenovo Motion Control (x32 Version: 2.6.0.0528 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 2.0.0.19 - Lenovo) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.5.2126.02 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.5.2126.02 - CyberLink Corp.) Hidden
Lenovo Product Demo (HKLM-x32\...\{86EBB394-FE02-45D8-8797-E30713322B82}) (Version: 1.0.7 - Lenovo)
Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.7 - Stoneware, Inc.)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.5.0 - Lenovo Corporation)
Lenovo Settings (HKLM\...\{D14CCBF5-1A3A-4C08-955B-BE6D519835C4}_is1) (Version: 2.0.0.4 - Lenovo)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.33 - Lenovo Group Limited)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.0.20 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.6 - Lenovo Group Limited)
Lenovo Settings WiFi (HKLM\...\{86045A6C-C156-4349-A3E2-47A88A42F5C2}_is1) (Version: 2.0.0.2 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.6181 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.6 - Lenovo)
LenovoUtility (x32 Version: 2.0.0.6 - Lenovo) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4121 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.1.20.16 - Lenovo)
OneKey Optimizer (x32 Version: 1.1.20.16 - Lenovo) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39061 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7455 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.26.11 - Synaptics Incorporated)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.3.6 - Lenovo)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Windows Driver Package - Bitland Corporation (SpbAccelerometer) Sensor  (03/03/2015 12.0.0.3) (HKLM\...\EBF670AB54617E31F3C6D485E94882A83BF252F7) (Version: 03/03/2015 12.0.0.3 - Bitland Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2729643933-1624923372-1617711941-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points =========================
 
07-10-2015 15:17:41 Scheduled Checkpoint
17-10-2015 02:21:28 Scheduled Checkpoint
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2AB91ADB-12E3-4649-8D25-2FB935BA84B1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-02] (Lenovo)
Task: {2B5AC492-F348-4F03-88E9-2F084C459204} - System32\Tasks\Lenovo\Experience Improvement Logon => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-09-16] (Lenovo)
Task: {43680384-C585-4CE3-A913-D2F9431B37A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {5C59CCBF-5183-458A-A5E7-0B51455B2CDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {67701972-996F-4443-8806-82A4D4A9E82B} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {7A0FA114-A91F-43E3-82DE-CBD0D384E22A} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {7F0BF18A-ED97-4B51-8742-5B2C09F95BEB} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2015-07-21] (McAfee, Inc.)
Task: {A2712CC4-FD38-4846-BC5F-44883349EB58} - System32\Tasks\Lenovo App Services => %PROGRAMDATA%\Lenovo App Services\Engine\LenovoAppServices.exe
Task: {C0E0F54F-297A-46D8-A46C-FE04B1DCF51D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {CC58B26C-E8A2-499E-9984-0636B3A41E43} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-06-10 02:51 - 2014-11-20 12:43 - 00016920 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbServicePS.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 00632320 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Security\868e7f8952cd1461cfdf215970713731\Windows.Security.ni.dll
2015-06-10 02:41 - 2014-08-25 12:33 - 00017176 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\TouchScreenContronlDLL.dll
2015-06-10 02:46 - 2015-06-10 02:46 - 00133440 _____ () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
2015-06-10 02:45 - 2012-04-24 05:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-06-10 02:37 - 2015-06-10 02:37 - 00068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2015-06-10 02:37 - 2015-06-10 02:37 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2015-06-10 02:42 - 2015-01-15 12:06 - 00058624 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2015-06-10 02:50 - 2014-11-17 17:35 - 00036632 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Metric.dll
2015-06-10 02:50 - 2014-11-17 17:35 - 00166680 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Lenovo.MetricCollectionMFCx64.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 05185024 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\1d7635818f67a2470d85924c3fbfd253\Windows.UI.Xaml.ni.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 01782272 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\37e48040ef37e8516ada41fadd79c967\Windows.ApplicationModel.ni.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 00363520 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\9f91850f1de0938d2391835a74bb9247\Windows.Foundation.ni.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 00207872 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.System\5164a5c7b7177b053debeba9d145e313\Windows.System.ni.dll
2015-09-16 11:22 - 2015-09-16 11:22 - 01459712 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\574eaad2765ae1da8b21c3e9faba629b\Windows.UI.ni.dll
2015-09-16 11:22 - 2015-09-16 11:22 - 00467456 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\c13f0fdcaded8026f2df87845028c081\Windows.Graphics.ni.dll
2015-09-16 11:22 - 2015-09-16 11:22 - 01278464 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\6e58f09e1b47bb0854f46d6e0d9adaa1\Windows.Storage.ni.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 00347136 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\dee88bca06c6424140d80b867baaf53d\Windows.Globalization.ni.dll
2015-09-16 11:23 - 2015-09-16 11:23 - 02019840 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Devices\f9e1384efece812bec627b492736f6ea\Windows.Devices.ni.dll
2015-09-27 11:10 - 2015-09-27 11:10 - 00050688 _____ () C:\Users\Andrea Lynn\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\Netflix.Winebddf6ee#\f3bb2269dbd064fb25925e241d1380cc\Netflix.Windows.BridgeComponent.ni.dll
2015-09-27 11:10 - 2015-09-27 11:10 - 00017920 _____ () C:\Users\Andrea Lynn\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\Netflix.Win8062e102#\d266db432695c1078024c8650fe2214a\Netflix.Windows.Media.Audio.ni.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 01259520 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Networking\38a730cdc593f8ff1c719543b4a28857\Windows.Networking.ni.dll
2015-09-16 11:24 - 2015-09-16 11:24 - 01187328 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Media\54bf30f98f0305a6579269a90bdfa75c\Windows.Media.ni.dll
2015-09-16 11:23 - 2015-09-16 11:23 - 00521216 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\982de40209a9308e44f20dd6c2943ba6\Windows.Data.ni.dll
2015-09-27 11:10 - 2015-09-27 11:10 - 00030720 _____ () C:\Users\Andrea Lynn\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\Netflix.Win614f5b60#\dee1b94b87174cb09fda4303567c8d1a\Netflix.Windows.Media.SourcePlugin.ni.dll
2015-09-16 11:27 - 2015-09-16 11:27 - 00295936 _____ () C:\Users\Andrea Lynn\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.M4ba42f23#\05c5817ad00562a4d15a5126b61ebd1a\Microsoft.Media.PlayReadyClient.ni.dll
2015-06-10 02:37 - 2015-06-10 02:37 - 00791368 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-06-10 02:37 - 2015-06-10 02:37 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-06-10 02:41 - 2015-01-15 12:04 - 00107776 _____ () C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe
2015-06-10 02:50 - 2014-11-17 17:35 - 00040216 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\EnglishRes.dll
2015-06-10 02:50 - 2015-06-10 02:50 - 00019232 _____ () C:\windows\Microsoft.Net\assembly\GAC_MSIL\Lenovo.MetricCollectionSDK\v4.0_1.1.9.0__d43be3ee47b19ecb\Lenovo.MetricCollectionSDK.dll
2015-06-10 02:41 - 2014-08-25 12:27 - 00074520 _____ () C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.Harmonydll.dll
2015-06-10 02:46 - 2015-06-10 02:46 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-06-10 02:36 - 2014-10-22 12:15 - 00644080 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-06-10 02:36 - 2014-10-22 12:15 - 00410096 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2015-06-10 02:51 - 2014-11-20 12:43 - 00159256 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbApi.dll
2015-06-10 02:50 - 2014-11-17 17:35 - 00036120 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\zd.dll
2015-09-15 21:44 - 2015-09-15 21:44 - 00082432 _____ () C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_4.5.141.1_x64__bq6yxensn79aw\McCloudShim.dll
2015-09-15 21:44 - 2015-09-15 21:44 - 00229504 _____ () C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_4.5.141.1_x64__bq6yxensn79aw\McIHART.dll
2014-05-28 15:16 - 2014-05-28 15:16 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 00402432 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Security\99ab183bea1f4e1bd06cf59a81387548\Windows.Security.ni.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 00799232 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Networking\617dbf6a5f90978c281cd0f6443877de\Windows.Networking.ni.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 00228864 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\a706da0a4f29fe99fd59df0b5de71f38\Windows.Foundation.ni.dll
2015-09-16 11:21 - 2015-09-16 11:21 - 00133120 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.System\4fea1b5d40ead04f2800c3db9b4fe1c0\Windows.System.ni.dll
2015-06-10 02:41 - 2014-08-25 12:32 - 00168216 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\PG_SettingsLib.dll
2015-06-10 02:41 - 2014-08-25 12:30 - 00018200 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.Harmonydll.dll
2015-09-16 11:22 - 2015-09-16 11:22 - 00960000 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.UI\ae1cc9a78a6285f785f5246eb7185191\Windows.UI.ni.dll
2015-09-16 11:24 - 2015-09-16 11:24 - 00337920 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Data\c570c4595be14a7f775455fc43336320\Windows.Data.ni.dll
2014-05-28 15:17 - 2014-05-28 15:17 - 02402568 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
2015-10-17 01:11 - 2015-10-08 19:53 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libglesv2.dll
2015-10-17 01:11 - 2015-10-08 19:53 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libegl.dll
2015-06-10 02:14 - 2014-08-04 20:06 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-06-10 02:14 - 2014-08-04 20:06 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2729643933-1624923372-1617711941-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9A257195-CCF0-4134-AE0E-93FC660AE6ED}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{15808F56-FBA5-427B-8BBA-DD2649D1007D}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{5C869CC2-02A3-47AA-BFAE-96B00D97113E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{D237A92A-FAAD-40EF-93EB-113592A3B68E}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{C59138B9-B192-4267-B453-2ADB8FBC95A3}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7E40DAA2-D6D0-4D61-B12D-5ECA0DB02561}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
FirewallRules: [{0F82D341-C3CE-43C9-8EF4-4A6C9DC5E9D3}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
FirewallRules: [{E0CB62BC-EE20-489D-B4B7-68AD2039352B}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{7D4CD29C-A36F-45B1-8850-2B3ED8FA243A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{21B48484-8C7C-4F44-BC45-81043BFAA2BC}] => (Allow) LPort=55100
FirewallRules: [{74848406-0C14-4F66-A614-0BC99D0B2B19}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{3C2D8F84-D353-43D8-8372-EF34016DFFF7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/26/2015 01:01:02 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyLpmDll
DptfSetLpmMode:  DeviceIoControl() failed.
 
Error: (10/26/2015 01:01:02 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyConfigTDPDll
DptfSetConfigTdpLevel:  DeviceIoControl() failed.
 
Error: (10/26/2015 11:28:56 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyLpmDll
DptfSetLpmMode:  DeviceIoControl() failed.
 
Error: (10/26/2015 11:28:56 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyConfigTDPDll
DptfSetConfigTdpLevel:  DeviceIoControl() failed.
 
Error: (10/26/2015 11:20:33 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyLpmDll
DptfSetLpmMode:  DeviceIoControl() failed.
 
Error: (10/26/2015 11:20:33 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyConfigTDPDll
DptfSetConfigTdpLevel:  DeviceIoControl() failed.
 
Error: (10/26/2015 11:20:25 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (10/26/2015 11:20:18 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyLpmDll
DptfSetLpmMode:  DeviceIoControl() failed.
 
Error: (10/26/2015 11:20:18 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyConfigTDPDll
DptfSetConfigTdpLevel:  DeviceIoControl() failed.
 
Error: (10/26/2015 10:51:07 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyLpmDll
DptfSetLpmMode:  DeviceIoControl() failed.
 
 
System errors:
=============
Error: (10/19/2015 10:27:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:23:46 PM on ‎10/‎19/‎2015 was unexpected.
 
Error: (10/19/2015 01:38:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network Connection Broker service terminated with the following error: 
%%10022
 
Error: (10/19/2015 01:33:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network Connection Broker service terminated with the following error: 
%%10022
 
Error: (10/19/2015 01:28:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network Connection Broker service terminated with the following error: 
%%10022
 
Error: (10/19/2015 01:23:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network Connection Broker service terminated with the following error: 
%%10022
 
Error: (10/19/2015 01:18:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network Connection Broker service terminated with the following error: 
%%10022
 
Error: (10/19/2015 01:18:04 AM) (Source: DCOM) (EventID: 10001) (User: ANDREALYNN)
Description: "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.431Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.4UnavailableUnavailable
 
Error: (10/19/2015 01:18:04 AM) (Source: DCOM) (EventID: 10001) (User: ANDREALYNN)
Description: "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.431Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.4UnavailableUnavailable
 
Error: (10/19/2015 01:18:04 AM) (Source: DCOM) (EventID: 10001) (User: ANDREALYNN)
Description: "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.431Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.4UnavailableUnavailable
 
Error: (10/19/2015 01:13:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network Connection Broker service terminated with the following error: 
%%10022
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU N2840 @ 2.16GHz
Percentage of memory in use: 61%
Total physical RAM: 3979.2 MB
Available physical RAM: 1516.67 MB
Total Virtual: 5904.69 MB
Available Virtual: 1252.07 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:426.66 GB) (Free:398.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.93 GB) NTFS
Drive e: () (Removable) (Total:0.99 GB) (Free:0.48 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0F38CDAF)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 1013.3 MB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
 
==================== End of Addition.txt ============================
 
Thanks! Andrea
Link to post
Share on other sites

FarbarServiceScanner.png Scan with Farbar Service Scanner

Download Farbar Service Scanner by Farbar and save it to your desktop.

  • Right-click on FarbarServiceScanner.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Make sure all of the options are checked!
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
Please include that log in your next reply.
Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.