nellie
2014-08-31, 18:39
Hi
laptop running very slow, high cpu activity, suspicious looking 'ads' appearing in chrome sessions. Would appreciate some assistance. Logs attached below
Thanks.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-08-2014
Ran by lenovo (administrator) on LENOVO-PC356334 on 31-08-2014 16:57:56
Running from C:\Users\lenovo\Downloads
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(Spotify Ltd) C:\Users\lenovo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
() C:\Users\lenovo\AppData\Roaming\ACEStream\.data\ace_engine3\backup\last\ace_engine.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
() C:\Users\lenovo\AppData\Roaming\ACEStream\updater\ace_update.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2321680 2011-12-23] (Synaptics Incorporated)
HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [33344 2011-10-20] (Lenovo)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [337256 2011-03-29] (Lenovo.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [55624 2011-07-14] (Authentec Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2013-12-02] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [Google Update] => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-18] (Google Inc.)
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [Spotify Web Helper] => C:\Users\lenovo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104280 2013-03-21] (Spotify Ltd)
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [Spotify] => C:\Users\lenovo\AppData\Roaming\Spotify\Spotify.exe [4480920 2013-03-21] (Spotify Ltd)
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [ACEStream] => C:\Users\lenovo\AppData\Roaming\ACEStream\engine\ace_engine.exe [27904 2014-08-22] ()
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x32A78A9CF36BCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.0.13.1 -> C:\Users\lenovo\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-02]
FF HKCU\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Users\lenovo\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org
FF Extension: TS Magic Player - C:\Users\lenovo\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org [2013-05-11]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "https://www.google.co.uk/?source=search_app"
CHR CustomProfile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-18]
CHR Extension: (Google Search) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-18]
CHR Extension: (RealDownloader) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-02]
CHR Extension: (AS Magic Player) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2014-07-13]
CHR Extension: (Google Wallet) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (TS Magic Player) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg [2013-05-11]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-18]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR StartMenuInternet: Google Chrome - C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [134208 2011-10-20] (Lenovo)
R2 AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [269376 2011-10-20] (Lenovo)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [101736 2011-07-12] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S3 PwmEWSvc; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [165440 2012-03-15] (Lenovo Group Limited)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [130920 2011-04-20] (Lenovo Group Limited)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [243712 2011-08-08] (Windows (R) Win 7 DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2010-10-07] (Intel Corporation) [File not signed]
R2 smihlp2; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [11976 2011-05-30] (Authentec Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-31 16:58 - 2014-08-31 16:58 - 05185536 _____ (AVAST Software) C:\Users\lenovo\Downloads\aswMBR.exe
2014-08-31 16:57 - 2014-08-31 16:58 - 00017455 _____ () C:\Users\lenovo\Downloads\FRST.txt
2014-08-31 16:56 - 2014-08-31 16:58 - 00000000 ____D () C:\FRST
2014-08-31 16:56 - 2014-08-31 16:56 - 01096192 _____ (Farbar) C:\Users\lenovo\Downloads\FRST.exe
2014-08-31 16:54 - 2014-08-31 16:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-LENOVO-PC356334-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2014-08-31 16:54 - 2014-08-31 16:54 - 00000000 ____D () C:\RegBackup
2014-08-31 16:53 - 2014-08-31 16:53 - 00002185 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-08-31 16:53 - 2014-08-31 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-31 16:53 - 2014-08-31 16:53 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-08-31 16:52 - 2014-08-31 16:52 - 04057608 _____ () C:\Users\lenovo\Downloads\tweaking.com_registry_backup_setup.exe
2014-08-17 11:59 - 2014-08-31 16:28 - 00000000 ____D () C:\Users\lenovo\AppData\Local\{E2EAC2DE-4F5F-4A33-955F-F6E1CA91A586}
2014-08-17 03:07 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 03:07 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 03:07 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 03:07 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 18:31 - 2014-08-01 00:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 18:31 - 2014-07-25 14:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 18:31 - 2014-07-25 14:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 18:31 - 2014-07-25 14:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 18:31 - 2014-07-25 13:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 18:31 - 2014-07-25 13:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 18:31 - 2014-07-25 13:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 18:31 - 2014-07-25 13:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 18:31 - 2014-07-25 13:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 18:31 - 2014-07-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 18:31 - 2014-07-25 13:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 18:31 - 2014-07-25 13:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 18:31 - 2014-07-25 13:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 18:31 - 2014-07-25 13:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 18:31 - 2014-07-25 13:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 18:31 - 2014-07-25 13:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 18:31 - 2014-07-25 12:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 18:31 - 2014-07-25 12:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 18:31 - 2014-07-25 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 18:31 - 2014-07-25 12:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 18:31 - 2014-07-25 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 18:31 - 2014-07-25 12:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 18:31 - 2014-07-25 12:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 18:31 - 2014-07-25 12:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 18:31 - 2014-07-25 12:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 18:31 - 2014-07-25 12:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 18:31 - 2014-07-25 12:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 18:31 - 2014-07-25 11:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 18:31 - 2014-07-25 11:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 18:31 - 2014-07-25 11:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 18:31 - 2014-07-14 02:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 18:31 - 2014-06-16 02:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 18:31 - 2014-06-16 02:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-14 18:31 - 2014-06-16 02:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 18:30 - 2014-07-16 03:47 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 18:30 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 18:30 - 2014-07-16 02:47 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 18:30 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 18:30 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 18:30 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 18:30 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 18:30 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 18:30 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 18:30 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 18:30 - 2014-06-03 10:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 18:30 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 18:30 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 18:30 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-12 21:19 - 2014-08-12 21:21 - 00047104 _____ () C:\Users\lenovo\Documents\Megan FFL Entry 2014 2015.xls
2014-08-12 21:16 - 2014-08-12 21:16 - 00047616 _____ () C:\Users\lenovo\Documents\Rick FFL Entry 2014 2015.xls
2014-08-12 21:06 - 2014-08-12 21:06 - 00047104 _____ () C:\Users\lenovo\Documents\Alfie FFL Entry 2014 2015.xls
2014-08-12 21:01 - 2014-08-12 13:00 - 00047104 ____N () C:\Users\lenovo\Desktop\FFL Entry 2014 2015.xls
2014-08-12 21:00 - 2014-08-12 21:00 - 00047248 _____ () C:\Users\lenovo\Downloads\FFL 20142015.zip
2014-08-12 09:17 - 2014-08-12 09:17 - 00001858 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-08-01 19:58 - 2014-05-14 17:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 19:58 - 2014-05-14 17:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 19:58 - 2014-05-14 17:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 19:58 - 2014-05-14 17:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 18:55 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 18:55 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-31 16:58 - 2014-08-31 16:58 - 05185536 _____ (AVAST Software) C:\Users\lenovo\Downloads\aswMBR.exe
2014-08-31 16:58 - 2014-08-31 16:57 - 00017455 _____ () C:\Users\lenovo\Downloads\FRST.txt
2014-08-31 16:58 - 2014-08-31 16:56 - 00000000 ____D () C:\FRST
2014-08-31 16:56 - 2014-08-31 16:56 - 01096192 _____ (Farbar) C:\Users\lenovo\Downloads\FRST.exe
2014-08-31 16:54 - 2014-08-31 16:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-LENOVO-PC356334-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2014-08-31 16:54 - 2014-08-31 16:54 - 00000000 ____D () C:\RegBackup
2014-08-31 16:53 - 2014-08-31 16:53 - 00002185 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-08-31 16:53 - 2014-08-31 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-31 16:53 - 2014-08-31 16:53 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-08-31 16:52 - 2014-08-31 16:52 - 04057608 _____ () C:\Users\lenovo\Downloads\tweaking.com_registry_backup_setup.exe
2014-08-31 16:49 - 2011-07-09 23:53 - 01963515 _____ () C:\Windows\WindowsUpdate.log
2014-08-31 16:40 - 2012-06-18 21:38 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000Core.job
2014-08-31 16:29 - 2012-06-18 21:38 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000UA.job
2014-08-31 16:29 - 2011-07-10 01:02 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-08-31 16:28 - 2014-08-17 11:59 - 00000000 ____D () C:\Users\lenovo\AppData\Local\{E2EAC2DE-4F5F-4A33-955F-F6E1CA91A586}
2014-08-31 16:27 - 2012-08-18 20:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-24 21:32 - 2012-02-25 12:11 - 00018827 _____ () C:\Windows\setupact.log
2014-08-24 12:17 - 2009-07-14 05:34 - 00014272 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-24 12:17 - 2009-07-14 05:34 - 00014272 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-22 18:52 - 2011-07-10 01:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-08-19 16:45 - 2011-07-10 01:06 - 00000000 ____D () C:\ProgramData\Lenovo
2014-08-18 13:55 - 2011-11-05 12:16 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\Spotify
2014-08-17 12:02 - 2011-07-10 00:01 - 00786514 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 11:58 - 2011-12-12 09:55 - 00000000 ____D () C:\Users\lenovo\Tracing
2014-08-17 04:15 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-08-17 03:49 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-17 03:37 - 2011-07-10 01:02 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-08-17 03:37 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-17 03:37 - 2009-07-14 05:33 - 00436920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-17 03:36 - 2011-12-12 09:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-17 03:19 - 2011-09-07 14:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-17 03:18 - 2013-08-25 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 03:12 - 2011-07-24 21:00 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 10:50 - 2014-07-23 20:34 - 00000000 ____D () C:\Users\lenovo\AppData\Local\{DA5C54E7-4A90-4E7F-B0CD-FD12825431DF}
2014-08-12 21:21 - 2014-08-12 21:19 - 00047104 _____ () C:\Users\lenovo\Documents\Megan FFL Entry 2014 2015.xls
2014-08-12 21:16 - 2014-08-12 21:16 - 00047616 _____ () C:\Users\lenovo\Documents\Rick FFL Entry 2014 2015.xls
2014-08-12 21:06 - 2014-08-12 21:06 - 00047104 _____ () C:\Users\lenovo\Documents\Alfie FFL Entry 2014 2015.xls
2014-08-12 21:00 - 2014-08-12 21:00 - 00047248 _____ () C:\Users\lenovo\Downloads\FFL 20142015.zip
2014-08-12 13:00 - 2014-08-12 21:01 - 00047104 ____N () C:\Users\lenovo\Desktop\FFL Entry 2014 2015.xls
2014-08-12 09:18 - 2014-03-02 10:57 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-12 09:17 - 2014-08-12 09:17 - 00001858 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-08-12 09:17 - 2014-03-02 10:58 - 00000000 ____D () C:\ProgramData\Garmin
2014-08-12 09:17 - 2012-06-28 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-08-12 09:16 - 2012-06-28 20:07 - 00000000 ____D () C:\Program Files\Garmin
2014-08-01 00:16 - 2014-08-14 18:31 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
Some content of TEMP:
====================
C:\Users\lenovo\AppData\Local\Temp\GURB0DE.exe
C:\Users\lenovo\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\lowproc.exe
C:\Users\lenovo\AppData\Local\Temp\oi_{42CB8FAB-F9D5-494B-89AC-909A012AB721}.exe
C:\Users\lenovo\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\lenovo\AppData\Local\Temp\stubhelper.dll
C:\Users\lenovo\AppData\Local\Temp\UNINSTALL.EXE
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 04:08
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-08-2014
Ran by lenovo at 2014-08-31 16:58:59
Running from C:\Users\lenovo\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACE Stream Media 2.0.13.1 (HKCU\...\ACEStream) (Version: 2.0.13.1 - ACE Stream Media)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
EditPad Lite 7.2.3 (HKLM\...\EditPad Lite) (Version: 7.2.3 - Just Great Software)
Elevated Installer (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Communicator Plugin (HKLM\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{F4DA4C73-026F-4D38-8C6B-85F0193E4B56}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM\...\{A7BB9BBD-DFE4-4276-820A-7CD141FC09E6}) (Version: 1.3.0.007 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.05.0009 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Money Plus (HKLM\...\Money2008b) (Version: 17 - Microsoft)
Microsoft Money Shared Libraries (Version: 17.0.0.3817 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server PowerPivot for Excel (32-bit) (HKLM\...\{399DFDF5-6CEF-4431-A6CD-1117CA09BD4C}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 121.20 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.60.03 - )
Paddy Power Poker (HKCU\...\Paddy Power Poker) (Version: - )
Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.07 - )
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.7255 - Analog Devices)
Spotify (HKCU\...\Spotify) (Version: 0.8.8.450.gd9413516 - Spotify AB)
System Migration Assistant (HKLM\...\{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}) (Version: 6.00.0009 - Lenovo Group Limited.)
System Requirements Lab for Intel (HKLM\...\{904CD0E4-4B72-4CF7-9828-267C6678A22E}) (Version: 4.5.2.0 - Husdawg, LLC)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.65.05.20 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.39.1 - )
ThinkPad UltraNav Utility (HKLM\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Access Connections (HKLM\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.85 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{C2938C94-239C-4156-B245-C5406A4F3E93}) (Version: 5.9.5.7038 - Authentec Inc.)
TVUPlayer 2.5.3.1 (HKLM\...\TVUPlayer) (Version: 2.5.3.1 - TVU networks)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPRO_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPRO_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PRJPRO_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{0F130AC8-CDF1-4DAA-AA9B-7B4083F49EA4}\InprocServer32 -> C:\Poker\Paddy Power Poker\widgetbar\WidgetbarContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{53D7E4EF-4DFB-45BE-B9CC-A0243AECB238}\InprocServer32 -> C:\Poker\Paddy Power Poker\widgetbar\WidgetbarContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{876FA801-2B5E-4201-9E6B-2EF2C05A5C6B}\InprocServer32 -> C:\Poker\Paddy Power Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{89425F5E-A2BD-44CD-9E4F-F1498522F0E5}\InprocServer32 -> C:\Poker\Paddy Power Poker\widgetbar\WidgetbarManagerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{b2b568c8-3712-4a75-b806-4b3c2fdb06d5}\localserver32 -> C:\Users\lenovo\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{F6F8856F-374D-4397-BB1C-80AB57E60529}\InprocServer32 -> C:\Poker\Paddy Power Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
==================== Restore Points =========================
30-07-2014 20:31:23 Windows Update
01-08-2014 17:54:29 Windows Update
09-08-2014 06:30:24 Windows Update
12-08-2014 08:14:33 Garmin Express
12-08-2014 08:15:36 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
12-08-2014 08:17:45 Garmin Express
12-08-2014 20:11:36 Windows Update
17-08-2014 02:00:25 Windows Update
18-08-2014 02:00:30 Windows Update
21-08-2014 11:13:20 Windows Update
24-08-2014 11:20:37 Windows Update
28-08-2014 20:56:37 Windows Update
31-08-2014 15:28:20 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02CB5455-25EF-4A90-9E2E-3DC79D60307A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000UA => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.)
Task: {16D59652-267F-477A-BD26-4E436701385D} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1757914162-3120314003-2300331095-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2DD5DECE-52EB-453D-BB42-F609153159D2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757914162-3120314003-2300331095-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5047C352-9901-4F7C-9A07-9F7CB55ECE22} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1757914162-3120314003-2300331095-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {567404C2-2BE1-481B-9F80-D6A6DD25EC8F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {5C4DD02F-AAF2-4845-89D5-82D80A5D60BB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {64F232B0-26FD-4F1F-A61A-27EDC1D65F62} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {8088458B-D99C-4AC6-B358-A5A5AE366E89} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {922E51F9-CB8D-45FB-9905-10A7D34575EB} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: {94A1758E-4373-43D7-9C35-559A85C6C44F} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-01-21] (Microsoft)
Task: {952F8D15-343F-4E83-B16E-442E6C4C9607} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000Core => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.)
Task: {9A080500-7169-4A11-9368-3858857722E7} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe
Task: {A2846340-9182-40DB-AA51-80347CA50D56} - System32\Tasks\PMTask => C:\Program Files\ThinkPad\Utilities\PWMIDTSV.EXE [2012-03-15] (Lenovo Group Limited)
Task: {A9716F76-923D-4883-BFFC-90645182007D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1757914162-3120314003-2300331095-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {AEDB634F-8945-4748-838F-413E85A7FFB8} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {C53BEE29-FFD1-492A-A23C-0E6526A9310B} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2014-02-21] ()
Task: {E2B3F2E8-E262-4C1C-A712-C9856AE76D3B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000Core.job => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000UA.job => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2014-01-30 23:12 - 2013-10-23 16:23 - 00089136 _____ () C:\Windows\System32\cpwmon2k.dll
2011-10-20 10:12 - 2011-10-20 10:12 - 00086016 _____ () C:\Program Files\Lenovo\Access Connections\AcWrpc.dll
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-07-10 00:57 - 2012-03-15 06:07 - 00083968 ____N () C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
2011-09-07 14:19 - 2011-05-28 22:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2013-04-03 07:44 - 2014-08-22 19:01 - 00027904 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\ace_engine.exe
2013-08-05 07:56 - 2014-08-22 19:01 - 00219136 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00038400 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_socket.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00720896 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd
2013-08-05 07:56 - 2013-07-31 13:42 - 00018944 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00287232 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd
2014-01-28 22:21 - 2014-08-22 19:01 - 01167872 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd
2014-01-28 22:21 - 2014-01-28 12:57 - 00036352 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd
2014-01-28 22:21 - 2014-01-28 12:57 - 00053248 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_blist.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00106496 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd
2014-01-28 22:21 - 2014-01-28 12:57 - 00040448 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00011776 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\select.pyd
2011-01-18 22:56 - 2011-01-18 22:56 - 00334336 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00152576 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd
2011-02-13 16:02 - 2011-02-13 16:02 - 00031232 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd
2013-08-05 07:56 - 2014-08-22 19:01 - 03010560 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd
2012-02-07 17:37 - 2012-02-07 17:37 - 00098816 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\win32api.pyd
2012-02-07 17:35 - 2012-02-07 17:35 - 00110080 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll
2012-02-07 17:38 - 2012-02-07 17:38 - 00358912 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll
2012-02-07 17:36 - 2012-02-07 17:36 - 00111616 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\win32file.pyd
2012-02-07 17:36 - 2012-02-07 17:36 - 00024064 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd
2010-10-10 23:23 - 2010-10-10 23:23 - 00723968 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\apsw.pyd
2013-01-29 17:20 - 2013-01-29 17:20 - 00082944 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd
2011-07-15 20:37 - 2011-07-15 20:37 - 00981504 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00746496 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00670720 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00966144 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00674816 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00688128 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd
2014-01-28 22:21 - 2014-01-28 12:57 - 00061952 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd
2013-01-29 17:20 - 2013-01-29 17:20 - 00066048 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd
2013-03-27 11:05 - 2013-10-14 19:20 - 00026744 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\ace_update.exe
2011-06-12 14:09 - 2011-06-12 14:09 - 00038400 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00720896 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
2011-07-15 20:37 - 2011-07-15 20:37 - 00981504 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00746496 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00670720 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00966144 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00674816 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00287232 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
2011-01-18 22:56 - 2011-01-18 22:56 - 00334336 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00011776 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\select.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00152576 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
2012-02-07 17:37 - 2012-02-07 17:37 - 00098816 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
2012-02-07 17:35 - 2012-02-07 17:35 - 00110080 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
2012-02-07 17:38 - 2012-02-07 17:38 - 00358912 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
2012-02-07 17:36 - 2012-02-07 17:36 - 00111616 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
2012-02-07 17:36 - 2012-02-07 17:36 - 00024064 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00688128 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\unicodedata.pyd
2014-08-13 16:57 - 2014-08-07 04:20 - 00718152 _____ () C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-13 16:57 - 2014-08-07 04:20 - 00126280 _____ () C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-13 16:57 - 2014-08-07 04:20 - 08537928 _____ () C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-13 16:57 - 2014-08-07 04:20 - 00353096 _____ () C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-13 16:57 - 2014-08-07 04:20 - 01732936 _____ () C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\lenovo\Downloads\noname.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/19/2014 07:07:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/19/2014 07:04:31 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (08/18/2014 08:48:52 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (08/18/2014 07:22:35 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (08/17/2014 04:11:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/17/2014 04:08:53 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (08/12/2014 09:12:55 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5980) Asapi: (21:12:55:7730)(5980) S3LogPusherPlugin.Helper - Error -- 334 Unable to storage the test log to medium
Error: (08/11/2014 09:19:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/11/2014 09:17:12 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (08/01/2014 09:40:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (08/31/2014 04:27:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Garmin Core Update Service service.
Error: (08/29/2014 00:59:47 AM) (Source: TPM) (EventID: 12) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered an error in the TPM hardware, which might prevent some applications using TPM services from operating correctly. Please restart your computer to reset the TPM hardware. For further assistance on this hardware issue, please contact the computer manufacturer for more information.
Error: (08/29/2014 00:59:25 AM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.
Error: (08/29/2014 00:59:25 AM) (Source: TPM) (EventID: 2) (User: )
Description: The TPM self test command failed.
Error: (08/25/2014 08:15:12 PM) (Source: TPM) (EventID: 12) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered an error in the TPM hardware, which might prevent some applications using TPM services from operating correctly. Please restart your computer to reset the TPM hardware. For further assistance on this hardware issue, please contact the computer manufacturer for more information.
Error: (08/25/2014 08:14:30 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.
Error: (08/25/2014 08:14:30 PM) (Source: TPM) (EventID: 2) (User: )
Description: The TPM self test command failed.
Error: (08/25/2014 04:05:06 PM) (Source: TPM) (EventID: 12) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered an error in the TPM hardware, which might prevent some applications using TPM services from operating correctly. Please restart your computer to reset the TPM hardware. For further assistance on this hardware issue, please contact the computer manufacturer for more information.
Error: (08/25/2014 03:49:19 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.
Error: (08/25/2014 03:49:19 PM) (Source: TPM) (EventID: 2) (User: )
Description: The TPM self test command failed.
Microsoft Office Sessions:
=========================
Error: (08/19/2014 07:07:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (08/19/2014 07:04:31 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0
Error: (08/18/2014 08:48:52 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0
Error: (08/18/2014 07:22:35 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0
Error: (08/17/2014 04:11:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (08/17/2014 04:08:53 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0
Error: (08/12/2014 09:12:55 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5980) Asapi: (21:12:55:7730)(5980) S3LogPusherPlugin.Helper - Error -- 334 Unable to storage the test log to medium
Error: (08/11/2014 09:19:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (08/11/2014 09:17:12 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0
Error: (08/01/2014 09:40:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
Percentage of memory in use: 43%
Total physical RAM: 3054.3 MB
Available physical RAM: 1710.83 MB
Total Pagefile: 6106.88 MB
Available Pagefile: 4230.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.57 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:248.47 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1A353423)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-08-31 17:00:49
-----------------------------
17:00:49.601 OS Version: Windows 6.1.7601 Service Pack 1
17:00:49.601 Number of processors: 2 586 0xF0D
17:00:49.602 ComputerName: LENOVO-PC356334 UserName: lenovo
17:00:52.896 Initialize success
17:00:52.949 VM: initialized successfully
17:00:52.984 VM: Intel CPU BiosDisabled
17:01:03.806 VM: disk I/O iaStor.sys
17:02:47.558 AVAST engine defs: 14083100
17:03:09.583 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
17:03:09.587 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 305245MB BusType: 3
17:03:09.770 Disk 0 MBR read successfully
17:03:09.774 Disk 0 MBR scan
17:03:09.842 Disk 0 Windows 7 default MBR code
17:03:09.869 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:03:09.875 Disk 0 default boot code
17:03:09.943 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
17:03:10.002 Disk 0 scanning sectors +625139712
17:03:10.170 Disk 0 scanning C:\Windows\system32\drivers
17:03:30.565 Service scanning
17:03:48.540 Service MpKslc4fd153f c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BFBB435B-551C-424C-8AA0-CC58C2B40DC4}\MpKslc4fd153f.sys **LOCKED** 32
17:04:16.076 Modules scanning
17:04:26.529 Disk 0 trace - called modules:
17:04:26.553 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys VSTCNXT3.SYS
17:04:26.560 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86cdf180]
17:04:26.568 3 CLASSPNP.SYS[8b7c659e] -> nt!IofCallDriver -> [0x86299888]
17:04:26.581 5 ACPI.sys[8b0b83d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85e88028]
17:04:27.501 AVAST engine scan C:\Windows
17:04:30.405 AVAST engine scan C:\Windows\system32
17:10:52.410 AVAST engine scan C:\Windows\system32\drivers
17:11:33.292 AVAST engine scan C:\Users\lenovo
17:24:25.167 AVAST engine scan C:\ProgramData
17:28:57.585 Scan finished successfully
17:33:08.147 Disk 0 MBR has been saved successfully to "C:\Users\lenovo\Downloads\MBR.dat"
17:33:08.273 The log file has been saved successfully to "C:\Users\lenovo\Downloads\aswMBR.txt"
laptop running very slow, high cpu activity, suspicious looking 'ads' appearing in chrome sessions. Would appreciate some assistance. Logs attached below
Thanks.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-08-2014
Ran by lenovo (administrator) on LENOVO-PC356334 on 31-08-2014 16:57:56
Running from C:\Users\lenovo\Downloads
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(Spotify Ltd) C:\Users\lenovo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
() C:\Users\lenovo\AppData\Roaming\ACEStream\.data\ace_engine3\backup\last\ace_engine.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
() C:\Users\lenovo\AppData\Roaming\ACEStream\updater\ace_update.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2321680 2011-12-23] (Synaptics Incorporated)
HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [33344 2011-10-20] (Lenovo)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [337256 2011-03-29] (Lenovo.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [55624 2011-07-14] (Authentec Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2013-12-02] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [Google Update] => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-18] (Google Inc.)
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [Spotify Web Helper] => C:\Users\lenovo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104280 2013-03-21] (Spotify Ltd)
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [Spotify] => C:\Users\lenovo\AppData\Roaming\Spotify\Spotify.exe [4480920 2013-03-21] (Spotify Ltd)
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [ACEStream] => C:\Users\lenovo\AppData\Roaming\ACEStream\engine\ace_engine.exe [27904 2014-08-22] ()
HKU\S-1-5-21-1757914162-3120314003-2300331095-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x32A78A9CF36BCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.0.13.1 -> C:\Users\lenovo\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-02]
FF HKCU\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Users\lenovo\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org
FF Extension: TS Magic Player - C:\Users\lenovo\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org [2013-05-11]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "https://www.google.co.uk/?source=search_app"
CHR CustomProfile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-18]
CHR Extension: (Google Search) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-18]
CHR Extension: (RealDownloader) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-02]
CHR Extension: (AS Magic Player) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2014-07-13]
CHR Extension: (Google Wallet) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (TS Magic Player) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg [2013-05-11]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-18]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR StartMenuInternet: Google Chrome - C:\Users\lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [134208 2011-10-20] (Lenovo)
R2 AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [269376 2011-10-20] (Lenovo)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [101736 2011-07-12] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S3 PwmEWSvc; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [165440 2012-03-15] (Lenovo Group Limited)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [130920 2011-04-20] (Lenovo Group Limited)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [243712 2011-08-08] (Windows (R) Win 7 DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2010-10-07] (Intel Corporation) [File not signed]
R2 smihlp2; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [11976 2011-05-30] (Authentec Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-31 16:58 - 2014-08-31 16:58 - 05185536 _____ (AVAST Software) C:\Users\lenovo\Downloads\aswMBR.exe
2014-08-31 16:57 - 2014-08-31 16:58 - 00017455 _____ () C:\Users\lenovo\Downloads\FRST.txt
2014-08-31 16:56 - 2014-08-31 16:58 - 00000000 ____D () C:\FRST
2014-08-31 16:56 - 2014-08-31 16:56 - 01096192 _____ (Farbar) C:\Users\lenovo\Downloads\FRST.exe
2014-08-31 16:54 - 2014-08-31 16:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-LENOVO-PC356334-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2014-08-31 16:54 - 2014-08-31 16:54 - 00000000 ____D () C:\RegBackup
2014-08-31 16:53 - 2014-08-31 16:53 - 00002185 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-08-31 16:53 - 2014-08-31 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-31 16:53 - 2014-08-31 16:53 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-08-31 16:52 - 2014-08-31 16:52 - 04057608 _____ () C:\Users\lenovo\Downloads\tweaking.com_registry_backup_setup.exe
2014-08-17 11:59 - 2014-08-31 16:28 - 00000000 ____D () C:\Users\lenovo\AppData\Local\{E2EAC2DE-4F5F-4A33-955F-F6E1CA91A586}
2014-08-17 03:07 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 03:07 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 03:07 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 03:07 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 18:31 - 2014-08-01 00:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 18:31 - 2014-07-25 14:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 18:31 - 2014-07-25 14:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 18:31 - 2014-07-25 14:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 18:31 - 2014-07-25 13:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 18:31 - 2014-07-25 13:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 18:31 - 2014-07-25 13:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 18:31 - 2014-07-25 13:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 18:31 - 2014-07-25 13:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 18:31 - 2014-07-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 18:31 - 2014-07-25 13:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 18:31 - 2014-07-25 13:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 18:31 - 2014-07-25 13:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 18:31 - 2014-07-25 13:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 18:31 - 2014-07-25 13:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 18:31 - 2014-07-25 13:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 18:31 - 2014-07-25 12:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 18:31 - 2014-07-25 12:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 18:31 - 2014-07-25 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 18:31 - 2014-07-25 12:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 18:31 - 2014-07-25 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 18:31 - 2014-07-25 12:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 18:31 - 2014-07-25 12:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 18:31 - 2014-07-25 12:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 18:31 - 2014-07-25 12:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 18:31 - 2014-07-25 12:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 18:31 - 2014-07-25 12:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 18:31 - 2014-07-25 11:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 18:31 - 2014-07-25 11:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 18:31 - 2014-07-25 11:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 18:31 - 2014-07-14 02:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 18:31 - 2014-06-16 02:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 18:31 - 2014-06-16 02:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-14 18:31 - 2014-06-16 02:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 18:30 - 2014-07-16 03:47 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 18:30 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 18:30 - 2014-07-16 02:47 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 18:30 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 18:30 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 18:30 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 18:30 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 18:30 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 18:30 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 18:30 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 18:30 - 2014-06-03 10:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 18:30 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 18:30 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 18:30 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-12 21:19 - 2014-08-12 21:21 - 00047104 _____ () C:\Users\lenovo\Documents\Megan FFL Entry 2014 2015.xls
2014-08-12 21:16 - 2014-08-12 21:16 - 00047616 _____ () C:\Users\lenovo\Documents\Rick FFL Entry 2014 2015.xls
2014-08-12 21:06 - 2014-08-12 21:06 - 00047104 _____ () C:\Users\lenovo\Documents\Alfie FFL Entry 2014 2015.xls
2014-08-12 21:01 - 2014-08-12 13:00 - 00047104 ____N () C:\Users\lenovo\Desktop\FFL Entry 2014 2015.xls
2014-08-12 21:00 - 2014-08-12 21:00 - 00047248 _____ () C:\Users\lenovo\Downloads\FFL 20142015.zip
2014-08-12 09:17 - 2014-08-12 09:17 - 00001858 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-08-01 19:58 - 2014-05-14 17:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 19:58 - 2014-05-14 17:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 19:58 - 2014-05-14 17:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 19:58 - 2014-05-14 17:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 18:55 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 18:55 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-31 16:58 - 2014-08-31 16:58 - 05185536 _____ (AVAST Software) C:\Users\lenovo\Downloads\aswMBR.exe
2014-08-31 16:58 - 2014-08-31 16:57 - 00017455 _____ () C:\Users\lenovo\Downloads\FRST.txt
2014-08-31 16:58 - 2014-08-31 16:56 - 00000000 ____D () C:\FRST
2014-08-31 16:56 - 2014-08-31 16:56 - 01096192 _____ (Farbar) C:\Users\lenovo\Downloads\FRST.exe
2014-08-31 16:54 - 2014-08-31 16:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-LENOVO-PC356334-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2014-08-31 16:54 - 2014-08-31 16:54 - 00000000 ____D () C:\RegBackup
2014-08-31 16:53 - 2014-08-31 16:53 - 00002185 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-08-31 16:53 - 2014-08-31 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-31 16:53 - 2014-08-31 16:53 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-08-31 16:52 - 2014-08-31 16:52 - 04057608 _____ () C:\Users\lenovo\Downloads\tweaking.com_registry_backup_setup.exe
2014-08-31 16:49 - 2011-07-09 23:53 - 01963515 _____ () C:\Windows\WindowsUpdate.log
2014-08-31 16:40 - 2012-06-18 21:38 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000Core.job
2014-08-31 16:29 - 2012-06-18 21:38 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000UA.job
2014-08-31 16:29 - 2011-07-10 01:02 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-08-31 16:28 - 2014-08-17 11:59 - 00000000 ____D () C:\Users\lenovo\AppData\Local\{E2EAC2DE-4F5F-4A33-955F-F6E1CA91A586}
2014-08-31 16:27 - 2012-08-18 20:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-24 21:32 - 2012-02-25 12:11 - 00018827 _____ () C:\Windows\setupact.log
2014-08-24 12:17 - 2009-07-14 05:34 - 00014272 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-24 12:17 - 2009-07-14 05:34 - 00014272 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-22 18:52 - 2011-07-10 01:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-08-19 16:45 - 2011-07-10 01:06 - 00000000 ____D () C:\ProgramData\Lenovo
2014-08-18 13:55 - 2011-11-05 12:16 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\Spotify
2014-08-17 12:02 - 2011-07-10 00:01 - 00786514 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 11:58 - 2011-12-12 09:55 - 00000000 ____D () C:\Users\lenovo\Tracing
2014-08-17 04:15 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-08-17 03:49 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-17 03:37 - 2011-07-10 01:02 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-08-17 03:37 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-17 03:37 - 2009-07-14 05:33 - 00436920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-17 03:36 - 2011-12-12 09:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-17 03:19 - 2011-09-07 14:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-17 03:18 - 2013-08-25 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 03:12 - 2011-07-24 21:00 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 10:50 - 2014-07-23 20:34 - 00000000 ____D () C:\Users\lenovo\AppData\Local\{DA5C54E7-4A90-4E7F-B0CD-FD12825431DF}
2014-08-12 21:21 - 2014-08-12 21:19 - 00047104 _____ () C:\Users\lenovo\Documents\Megan FFL Entry 2014 2015.xls
2014-08-12 21:16 - 2014-08-12 21:16 - 00047616 _____ () C:\Users\lenovo\Documents\Rick FFL Entry 2014 2015.xls
2014-08-12 21:06 - 2014-08-12 21:06 - 00047104 _____ () C:\Users\lenovo\Documents\Alfie FFL Entry 2014 2015.xls
2014-08-12 21:00 - 2014-08-12 21:00 - 00047248 _____ () C:\Users\lenovo\Downloads\FFL 20142015.zip
2014-08-12 13:00 - 2014-08-12 21:01 - 00047104 ____N () C:\Users\lenovo\Desktop\FFL Entry 2014 2015.xls
2014-08-12 09:18 - 2014-03-02 10:57 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-12 09:17 - 2014-08-12 09:17 - 00001858 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-08-12 09:17 - 2014-03-02 10:58 - 00000000 ____D () C:\ProgramData\Garmin
2014-08-12 09:17 - 2012-06-28 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-08-12 09:16 - 2012-06-28 20:07 - 00000000 ____D () C:\Program Files\Garmin
2014-08-01 00:16 - 2014-08-14 18:31 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
Some content of TEMP:
====================
C:\Users\lenovo\AppData\Local\Temp\GURB0DE.exe
C:\Users\lenovo\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\lenovo\AppData\Local\Temp\lowproc.exe
C:\Users\lenovo\AppData\Local\Temp\oi_{42CB8FAB-F9D5-494B-89AC-909A012AB721}.exe
C:\Users\lenovo\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\lenovo\AppData\Local\Temp\stubhelper.dll
C:\Users\lenovo\AppData\Local\Temp\UNINSTALL.EXE
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 04:08
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-08-2014
Ran by lenovo at 2014-08-31 16:58:59
Running from C:\Users\lenovo\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACE Stream Media 2.0.13.1 (HKCU\...\ACEStream) (Version: 2.0.13.1 - ACE Stream Media)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
EditPad Lite 7.2.3 (HKLM\...\EditPad Lite) (Version: 7.2.3 - Just Great Software)
Elevated Installer (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Communicator Plugin (HKLM\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{F4DA4C73-026F-4D38-8C6B-85F0193E4B56}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM\...\{A7BB9BBD-DFE4-4276-820A-7CD141FC09E6}) (Version: 1.3.0.007 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.05.0009 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Money Plus (HKLM\...\Money2008b) (Version: 17 - Microsoft)
Microsoft Money Shared Libraries (Version: 17.0.0.3817 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server PowerPivot for Excel (32-bit) (HKLM\...\{399DFDF5-6CEF-4431-A6CD-1117CA09BD4C}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 121.20 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.60.03 - )
Paddy Power Poker (HKCU\...\Paddy Power Poker) (Version: - )
Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.07 - )
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.7255 - Analog Devices)
Spotify (HKCU\...\Spotify) (Version: 0.8.8.450.gd9413516 - Spotify AB)
System Migration Assistant (HKLM\...\{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}) (Version: 6.00.0009 - Lenovo Group Limited.)
System Requirements Lab for Intel (HKLM\...\{904CD0E4-4B72-4CF7-9828-267C6678A22E}) (Version: 4.5.2.0 - Husdawg, LLC)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.65.05.20 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.39.1 - )
ThinkPad UltraNav Utility (HKLM\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Access Connections (HKLM\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.85 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{C2938C94-239C-4156-B245-C5406A4F3E93}) (Version: 5.9.5.7038 - Authentec Inc.)
TVUPlayer 2.5.3.1 (HKLM\...\TVUPlayer) (Version: 2.5.3.1 - TVU networks)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPRO_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPRO_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PRJPRO_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{0F130AC8-CDF1-4DAA-AA9B-7B4083F49EA4}\InprocServer32 -> C:\Poker\Paddy Power Poker\widgetbar\WidgetbarContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{53D7E4EF-4DFB-45BE-B9CC-A0243AECB238}\InprocServer32 -> C:\Poker\Paddy Power Poker\widgetbar\WidgetbarContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}\InprocServer32 -> C:\Users\lenovo\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{876FA801-2B5E-4201-9E6B-2EF2C05A5C6B}\InprocServer32 -> C:\Poker\Paddy Power Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{89425F5E-A2BD-44CD-9E4F-F1498522F0E5}\InprocServer32 -> C:\Poker\Paddy Power Poker\widgetbar\WidgetbarManagerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{b2b568c8-3712-4a75-b806-4b3c2fdb06d5}\localserver32 -> C:\Users\lenovo\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{F6F8856F-374D-4397-BB1C-80AB57E60529}\InprocServer32 -> C:\Poker\Paddy Power Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1757914162-3120314003-2300331095-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
==================== Restore Points =========================
30-07-2014 20:31:23 Windows Update
01-08-2014 17:54:29 Windows Update
09-08-2014 06:30:24 Windows Update
12-08-2014 08:14:33 Garmin Express
12-08-2014 08:15:36 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
12-08-2014 08:17:45 Garmin Express
12-08-2014 20:11:36 Windows Update
17-08-2014 02:00:25 Windows Update
18-08-2014 02:00:30 Windows Update
21-08-2014 11:13:20 Windows Update
24-08-2014 11:20:37 Windows Update
28-08-2014 20:56:37 Windows Update
31-08-2014 15:28:20 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02CB5455-25EF-4A90-9E2E-3DC79D60307A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000UA => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.)
Task: {16D59652-267F-477A-BD26-4E436701385D} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1757914162-3120314003-2300331095-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2DD5DECE-52EB-453D-BB42-F609153159D2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757914162-3120314003-2300331095-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5047C352-9901-4F7C-9A07-9F7CB55ECE22} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1757914162-3120314003-2300331095-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {567404C2-2BE1-481B-9F80-D6A6DD25EC8F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {5C4DD02F-AAF2-4845-89D5-82D80A5D60BB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {64F232B0-26FD-4F1F-A61A-27EDC1D65F62} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {8088458B-D99C-4AC6-B358-A5A5AE366E89} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {922E51F9-CB8D-45FB-9905-10A7D34575EB} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: {94A1758E-4373-43D7-9C35-559A85C6C44F} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-01-21] (Microsoft)
Task: {952F8D15-343F-4E83-B16E-442E6C4C9607} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000Core => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.)
Task: {9A080500-7169-4A11-9368-3858857722E7} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe
Task: {A2846340-9182-40DB-AA51-80347CA50D56} - System32\Tasks\PMTask => C:\Program Files\ThinkPad\Utilities\PWMIDTSV.EXE [2012-03-15] (Lenovo Group Limited)
Task: {A9716F76-923D-4883-BFFC-90645182007D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1757914162-3120314003-2300331095-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {AEDB634F-8945-4748-838F-413E85A7FFB8} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {C53BEE29-FFD1-492A-A23C-0E6526A9310B} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2014-02-21] ()
Task: {E2B3F2E8-E262-4C1C-A712-C9856AE76D3B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000Core.job => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757914162-3120314003-2300331095-1000UA.job => C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2014-01-30 23:12 - 2013-10-23 16:23 - 00089136 _____ () C:\Windows\System32\cpwmon2k.dll
2011-10-20 10:12 - 2011-10-20 10:12 - 00086016 _____ () C:\Program Files\Lenovo\Access Connections\AcWrpc.dll
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-07-10 00:57 - 2012-03-15 06:07 - 00083968 ____N () C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
2011-09-07 14:19 - 2011-05-28 22:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2013-04-03 07:44 - 2014-08-22 19:01 - 00027904 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\ace_engine.exe
2013-08-05 07:56 - 2014-08-22 19:01 - 00219136 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00038400 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_socket.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00720896 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd
2013-08-05 07:56 - 2013-07-31 13:42 - 00018944 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00287232 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd
2014-01-28 22:21 - 2014-08-22 19:01 - 01167872 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd
2014-01-28 22:21 - 2014-01-28 12:57 - 00036352 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd
2014-01-28 22:21 - 2014-01-28 12:57 - 00053248 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_blist.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00106496 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd
2014-01-28 22:21 - 2014-01-28 12:57 - 00040448 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00011776 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\select.pyd
2011-01-18 22:56 - 2011-01-18 22:56 - 00334336 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00152576 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd
2011-02-13 16:02 - 2011-02-13 16:02 - 00031232 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd
2013-08-05 07:56 - 2014-08-22 19:01 - 03010560 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd
2012-02-07 17:37 - 2012-02-07 17:37 - 00098816 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\win32api.pyd
2012-02-07 17:35 - 2012-02-07 17:35 - 00110080 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll
2012-02-07 17:38 - 2012-02-07 17:38 - 00358912 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll
2012-02-07 17:36 - 2012-02-07 17:36 - 00111616 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\win32file.pyd
2012-02-07 17:36 - 2012-02-07 17:36 - 00024064 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd
2010-10-10 23:23 - 2010-10-10 23:23 - 00723968 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\apsw.pyd
2013-01-29 17:20 - 2013-01-29 17:20 - 00082944 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd
2011-07-15 20:37 - 2011-07-15 20:37 - 00981504 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00746496 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00670720 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00966144 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00674816 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00688128 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd
2014-01-28 22:21 - 2014-01-28 12:57 - 00061952 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd
2013-01-29 17:20 - 2013-01-29 17:20 - 00066048 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd
2013-03-27 11:05 - 2013-10-14 19:20 - 00026744 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\ace_update.exe
2011-06-12 14:09 - 2011-06-12 14:09 - 00038400 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00720896 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
2011-07-15 20:37 - 2011-07-15 20:37 - 00981504 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00746496 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00670720 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00966144 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00674816 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00287232 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
2011-01-18 22:56 - 2011-01-18 22:56 - 00334336 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00011776 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\select.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00152576 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
2012-02-07 17:37 - 2012-02-07 17:37 - 00098816 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
2012-02-07 17:35 - 2012-02-07 17:35 - 00110080 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
2012-02-07 17:38 - 2012-02-07 17:38 - 00358912 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
2012-02-07 17:36 - 2012-02-07 17:36 - 00111616 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
2012-02-07 17:36 - 2012-02-07 17:36 - 00024064 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00688128 _____ () C:\Users\lenovo\AppData\Roaming\ACEStream\updater\lib\unicodedata.pyd
2014-08-13 16:57 - 2014-08-07 04:20 - 00718152 _____ () C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-13 16:57 - 2014-08-07 04:20 - 00126280 _____ () C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-13 16:57 - 2014-08-07 04:20 - 08537928 _____ () C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-13 16:57 - 2014-08-07 04:20 - 00353096 _____ () C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-13 16:57 - 2014-08-07 04:20 - 01732936 _____ () C:\Users\lenovo\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\lenovo\Downloads\noname.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/19/2014 07:07:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/19/2014 07:04:31 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (08/18/2014 08:48:52 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (08/18/2014 07:22:35 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (08/17/2014 04:11:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/17/2014 04:08:53 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (08/12/2014 09:12:55 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5980) Asapi: (21:12:55:7730)(5980) S3LogPusherPlugin.Helper - Error -- 334 Unable to storage the test log to medium
Error: (08/11/2014 09:19:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/11/2014 09:17:12 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (08/01/2014 09:40:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (08/31/2014 04:27:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Garmin Core Update Service service.
Error: (08/29/2014 00:59:47 AM) (Source: TPM) (EventID: 12) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered an error in the TPM hardware, which might prevent some applications using TPM services from operating correctly. Please restart your computer to reset the TPM hardware. For further assistance on this hardware issue, please contact the computer manufacturer for more information.
Error: (08/29/2014 00:59:25 AM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.
Error: (08/29/2014 00:59:25 AM) (Source: TPM) (EventID: 2) (User: )
Description: The TPM self test command failed.
Error: (08/25/2014 08:15:12 PM) (Source: TPM) (EventID: 12) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered an error in the TPM hardware, which might prevent some applications using TPM services from operating correctly. Please restart your computer to reset the TPM hardware. For further assistance on this hardware issue, please contact the computer manufacturer for more information.
Error: (08/25/2014 08:14:30 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.
Error: (08/25/2014 08:14:30 PM) (Source: TPM) (EventID: 2) (User: )
Description: The TPM self test command failed.
Error: (08/25/2014 04:05:06 PM) (Source: TPM) (EventID: 12) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered an error in the TPM hardware, which might prevent some applications using TPM services from operating correctly. Please restart your computer to reset the TPM hardware. For further assistance on this hardware issue, please contact the computer manufacturer for more information.
Error: (08/25/2014 03:49:19 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.
Error: (08/25/2014 03:49:19 PM) (Source: TPM) (EventID: 2) (User: )
Description: The TPM self test command failed.
Microsoft Office Sessions:
=========================
Error: (08/19/2014 07:07:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (08/19/2014 07:04:31 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0
Error: (08/18/2014 08:48:52 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0
Error: (08/18/2014 07:22:35 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0
Error: (08/17/2014 04:11:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (08/17/2014 04:08:53 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0
Error: (08/12/2014 09:12:55 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5980) Asapi: (21:12:55:7730)(5980) S3LogPusherPlugin.Helper - Error -- 334 Unable to storage the test log to medium
Error: (08/11/2014 09:19:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (08/11/2014 09:17:12 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files\Lenovo\Access Connections\AcCryptHlpr.dll0
Error: (08/01/2014 09:40:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
Percentage of memory in use: 43%
Total physical RAM: 3054.3 MB
Available physical RAM: 1710.83 MB
Total Pagefile: 6106.88 MB
Available Pagefile: 4230.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.57 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:248.47 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1A353423)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-08-31 17:00:49
-----------------------------
17:00:49.601 OS Version: Windows 6.1.7601 Service Pack 1
17:00:49.601 Number of processors: 2 586 0xF0D
17:00:49.602 ComputerName: LENOVO-PC356334 UserName: lenovo
17:00:52.896 Initialize success
17:00:52.949 VM: initialized successfully
17:00:52.984 VM: Intel CPU BiosDisabled
17:01:03.806 VM: disk I/O iaStor.sys
17:02:47.558 AVAST engine defs: 14083100
17:03:09.583 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
17:03:09.587 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 305245MB BusType: 3
17:03:09.770 Disk 0 MBR read successfully
17:03:09.774 Disk 0 MBR scan
17:03:09.842 Disk 0 Windows 7 default MBR code
17:03:09.869 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:03:09.875 Disk 0 default boot code
17:03:09.943 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
17:03:10.002 Disk 0 scanning sectors +625139712
17:03:10.170 Disk 0 scanning C:\Windows\system32\drivers
17:03:30.565 Service scanning
17:03:48.540 Service MpKslc4fd153f c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BFBB435B-551C-424C-8AA0-CC58C2B40DC4}\MpKslc4fd153f.sys **LOCKED** 32
17:04:16.076 Modules scanning
17:04:26.529 Disk 0 trace - called modules:
17:04:26.553 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys VSTCNXT3.SYS
17:04:26.560 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86cdf180]
17:04:26.568 3 CLASSPNP.SYS[8b7c659e] -> nt!IofCallDriver -> [0x86299888]
17:04:26.581 5 ACPI.sys[8b0b83d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85e88028]
17:04:27.501 AVAST engine scan C:\Windows
17:04:30.405 AVAST engine scan C:\Windows\system32
17:10:52.410 AVAST engine scan C:\Windows\system32\drivers
17:11:33.292 AVAST engine scan C:\Users\lenovo
17:24:25.167 AVAST engine scan C:\ProgramData
17:28:57.585 Scan finished successfully
17:33:08.147 Disk 0 MBR has been saved successfully to "C:\Users\lenovo\Downloads\MBR.dat"
17:33:08.273 The log file has been saved successfully to "C:\Users\lenovo\Downloads\aswMBR.txt"