Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-01-2016
- Ran by BeanieMachine (2016-01-25 09:39:53)
- Running from C:\Users\BeanieMachine\Downloads
- Windows 10 Home (X64) (2015-12-27 02:07:41)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-2730369312-1450373968-3997455688-500 - Administrator - Disabled)
- BeanieMachine (S-1-5-21-2730369312-1450373968-3997455688-1001 - Administrator - Enabled) => C:\Users\BeanieMachine
- DefaultAccount (S-1-5-21-2730369312-1450373968-3997455688-503 - Limited - Disabled)
- Guest (S-1-5-21-2730369312-1450373968-3997455688-501 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Out of date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
- AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Out of date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
- FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.3.189 - Adobe Systems Incorporated)
- Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.1 - Adobe Systems Incorporated)
- Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
- Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.244.0 - AVAST Software)
- Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
- Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
- Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
- Copay version 1.6.3 (HKLM-x32\...\{804636ee-b017-4cad-8719-e58ac97ffa5c}_is1) (Version: 1.6.3 - BitPay)
- CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
- CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.)
- CyberLink PhotoDirector (Version: 5.0.5.6713 - CyberLink Corp.) Hidden
- CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.5418 - CyberLink Corp.)
- CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4.4301 - CyberLink Corp.)
- CyberLink PowerDirector 12 (Version: 12.0.4.4301 - CyberLink Corp.) Hidden
- CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.)
- DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
- Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
- Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
- Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
- Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
- Gyazo 3.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
- herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
- HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
- HP CoolSense (HKLM-x32\...\{1504CF6F-8139-497F-86FC-46174B67CF7F}) (Version: 2.20.51 - Hewlett-Packard Company)
- HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
- HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
- HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard)
- HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.0.30.219 - Hewlett-Packard Company)
- HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
- HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
- HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
- Inst5675 (Version: 8.01.46 - Softex Inc.) Hidden
- Inst5676 (Version: 8.01.46 - Softex Inc.) Hidden
- Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
- Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
- Intel(R) PRO/Wireless Driver (HKLM\...\{9505cd8b-b062-4d1d-ae3e-600497735a5a}) (Version: 18.11.0000.2944 - Intel Corporation)
- Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
- Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
- Intel(R) WiDi (HKLM\...\{76FAF7E1-52D0-49F7-A627-E78303F9C7EF}) (Version: 6.0.39.0 - Intel Corporation)
- Intel(R) WiDi Software Asset Manager (x32 Version: 1.1.347 - Intel Corporation) Hidden
- Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
- Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
- Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
- Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation)
- Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
- McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.)
- McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.141 - McAfee, Inc.)
- Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4787.1002 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Mozilla Firefox 43.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 en-US)) (Version: 43.0.2 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2 - Mozilla)
- Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
- NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
- NVIDIA Graphics Driver 353.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.50 - NVIDIA Corporation)
- NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
- Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
- Office 15 Click-to-Run Licensing Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
- Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
- Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
- OpenVPN 2.3.10-I601 (HKLM\...\OpenVPN) (Version: 2.3.10-I601 - )
- Oracle VM VirtualBox 4.3.34 (HKLM\...\{F6D95A64-A1AB-4F03-A151-57AFC231450B}) (Version: 4.3.34 - Oracle Corporation)
- paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
- Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.91 - Realtek Semiconductor Corp.)
- Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
- Sandboxie 5.06 (64-bit) (HKLM\...\Sandboxie) (Version: 5.06 - Sandboxie Holdings, LLC)
- SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
- SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
- Skypeâ„¢ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
- swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
- Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
- Synaptics WBF DDK (HKLM\...\{963DDEF5-52CF-4313-81D9-B186B89C0A57}) (Version: 4.5.289.0 - Synaptics)
- TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
- Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
- VMware Workstation (HKLM\...\{0AD91785-F9BD-47FD-84F7-9E27B5A1853D}) (Version: 12.1.0 - VMware, Inc.)
- WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.18 - Ruiware)
- WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-2730369312-1450373968-3997455688-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-460489D093A0}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
- CustomCLSID: HKU\S-1-5-21-2730369312-1450373968-3997455688-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\BeanieMachine\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-2730369312-1450373968-3997455688-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0211FF80-1962-4209-916E-DD21DE270235} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-07-11] (Hewlett-Packard Company)
- Task: {03CF4DB2-6176-440F-B7AB-87ECAEB745E0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
- Task: {068511A4-CB9A-4642-8F1A-779551281DC4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-23] (Microsoft Corporation)
- Task: {08ABF8A8-1ACE-436D-B820-A3D04C7E8FA8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard)
- Task: {0F866192-D1D9-4E0D-B240-160007E99885} - System32\Tasks\McAfee\McAfee Idle Detection Task
- Task: {1982439A-15DA-413F-BCD1-CC58843B9FA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-01-21] (Microsoft Corporation)
- Task: {25746B5A-D39E-46D3-A3A0-28A2FFE1E761} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-H4I19AD-BeanieMachine => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
- Task: {280AD74D-53B3-46BF-954D-DFD7FFCEDD6D} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)
- Task: {44476D24-659E-44A4-A7EE-C6B34458E9DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
- Task: {470F7113-A415-41D4-A476-D7EE239A2219} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
- Task: {56D489E2-78C4-48D0-BD05-85692EC09CD5} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
- Task: {5CDE2501-CF71-4248-9965-F57CBC3CE398} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-01-19] ()
- Task: {600BC7A6-313A-47AA-BF80-25A9F4682F7C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
- Task: {690535BD-0BCE-487D-98B1-2AAB57362D36} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
- Task: {6FCF5056-6ADE-49CE-BBB4-1D0D7B0C1F75} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)
- Task: {792CAF00-5527-4520-865D-0F8099B5517D} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-07-01] (CyberLink Corp.)
- Task: {7C63AC16-C8BD-4ABF-ABF9-79EF1DD29194} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2015-05-21] (Hewlett-Packard Development Company, L.P.)
- Task: {7DFBA301-9269-442A-8CC9-8E02451820A2} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-19] ()
- Task: {858B00C8-1096-4CFC-819F-F9E4979BB73C} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2015-07-03] (Hewlett-Packard)
- Task: {865D2389-9C3B-49F5-A261-A1049A1F3EB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
- Task: {8ACCFEFE-EFD8-4455-9401-FBFC007C6871} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-08-04] (McAfee, Inc.)
- Task: {96CA6122-4DEB-4029-8888-F2F8715141AF} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
- Task: {99B3E2FF-3AC4-491C-9475-74E6C97E7247} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-01-21] (Microsoft Corporation)
- Task: {AEA45C20-BDB2-463E-962A-E64D34F52E8A} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2015-07-03] (Hewlett-Packard)
- Task: {B2B7D7DE-5B88-4885-A79B-900F744CA83E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
- Task: {BB0B6602-186B-46B6-B9E0-ED4F6923364A} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-08-04] (McAfee, Inc.)
- Task: {C14082A5-C16B-46CD-A6BF-7E7BE94D4E90} - System32\Tasks\{7876DE99-2E91-46E7-9F76-D6BF1FB4F4DC} => Chrome.exe hxxp://ui.skype.com/ui/0/7.17.0.105/en/abandoninstall?source=lightinstaller&page=tsBing
- Task: {C7D5CEBC-1DEE-4B9D-B9B9-356C655C7B2B} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2015-07-03] (Hewlett-Packard)
- Task: {D827D556-38CA-469D-B994-C59D9BFAC201} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-11-02] (McAfee, Inc.)
- Task: {DEDF0F27-3D63-49D3-AC6B-E806C04F2EC2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
- Task: {E6AA26CC-E534-481A-BBF7-C41C5D501FFE} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-01-19] ()
- Task: {E9502B52-21B1-430D-AFEC-ACC7DBF98C8E} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2015-05-12] (AVAST Software)
- Task: {F435C6F4-4E5C-4CA6-9DBE-370F45E5BDD7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
- Task: {FC9DDF9F-67AA-43DC-A7EA-8175BF61C04D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- ==================== Shortcuts =============================
- (The entries could be listed to be restored or removed.)
- ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square
- ==================== Loaded Modules (Whitelisted) ==============
- 2015-07-23 20:31 - 2015-07-23 20:31 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
- 2015-12-26 20:17 - 2015-07-22 20:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
- 2015-12-12 10:50 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
- 2015-11-30 20:43 - 2014-04-14 21:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
- 2016-01-21 12:06 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
- 2016-01-18 16:20 - 2015-05-12 16:11 - 00445240 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
- 2015-11-25 18:09 - 2015-11-25 18:09 - 12462784 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
- 2015-12-12 10:51 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
- 2015-12-12 10:51 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
- 2015-11-14 04:23 - 2015-11-14 04:23 - 00553120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
- 2016-01-21 14:49 - 2016-01-21 14:49 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
- 2015-12-12 10:50 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
- 2015-12-12 10:52 - 2015-11-24 23:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
- 2015-12-12 10:52 - 2015-11-24 23:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
- 2015-12-12 10:52 - 2015-11-24 23:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
- 2015-12-12 10:52 - 2015-09-17 00:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
- 2015-11-25 18:09 - 2015-11-25 18:09 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
- 2015-11-25 18:09 - 2015-11-25 18:09 - 00165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
- 2015-11-25 18:09 - 2015-11-25 18:09 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
- 2015-11-25 18:09 - 2015-11-25 18:09 - 00388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
- 2016-01-21 14:49 - 2016-01-21 14:49 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
- 2015-11-30 20:08 - 2015-07-13 23:59 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
- 2016-01-18 16:20 - 2015-05-12 16:11 - 38561984 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
- 2016-01-14 21:25 - 2016-01-12 11:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
- 2016-01-14 21:25 - 2016-01-12 11:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
- ==================== EXE Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Hosts content: ==========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2015-07-10 06:04 - 2016-01-19 12:01 - 00001905 ____A C:\WINDOWS\system32\Drivers\etc\hosts
- 127.0.0.1 thislineskipsanyemptylines
- 127.0.0.1 bandicam.com
- 127.0.0.1 ssl.bandisoft.com
- 127.0.0.1 thislineskipsanyemptylines
- 127.0.0.1 anchorfree.net
- 127.0.0.1 rss2search.com
- 127.0.0.1 techbrowsing.com
- 127.0.0.1 box.anchorfree.net
- 127.0.0.1 www.mefeedia.com
- 127.0.0.3 www.anchorfree.net
- 127.0.0.2 mefeedia.com
- 127.0.0.1 anchorfree.us
- 127.0.0.1 a433.com
- 127.0.0.1 rpt.anchorfree.net
- 127.0.0.1 delivery.anchorfree.us/land.php
- 127.0.0.1 hsselite.com
- 127.0.0.1 www.hsselite.com
- 127.0.0.1 lmlicenses.wip4.adobe.com
- 127.0.0.1 lm.licenses.adobe.com
- 127.0.0.1 na1r.services.adobe.com
- 127.0.0.1 hlrcv.stage.adobe.com
- 127.0.0.1 practivate.adobe.com
- 127.0.0.1 activate.adobe.com
- 127.0.0.2 mefeedia.com
- 127.0.0.1 hsselite.com
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-2730369312-1450373968-3997455688-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BeanieMachine\Pictures\Camera Roll\mountains_stars_blur_bokeh_Milky_Way_waiting_skies_2560x1440.jpg
- DNS Servers: 192.168.1.1
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
- HKU\S-1-5-21-2730369312-1450373968-3997455688-1001\...\StartupApproved\Run: => "Skype"
- HKU\S-1-5-21-2730369312-1450373968-3997455688-1001\...\StartupApproved\Run: => "CyberGhost"
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
- FirewallRules: [{56661A83-B528-4B93-8723-0059B7091401}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
- FirewallRules: [{01F38B5B-E879-460F-AB48-9530755C07CC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
- FirewallRules: [{67A2E65E-F659-4D04-86DD-D1032615BB8E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
- FirewallRules: [{583D0CA9-2085-4EBE-8039-4ADD2BC42002}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
- FirewallRules: [{D6B3AC8C-E980-4033-A099-A70908FA066E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
- FirewallRules: [{E5C359DD-87C4-4101-8956-A8F3EF1E51B7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
- FirewallRules: [{FD7B624E-78C4-4990-B710-36853945BDB2}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
- FirewallRules: [{96FB71CA-FAE9-439F-8161-0F6F841D7D64}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
- FirewallRules: [{8B2C8ACA-4B10-4EFE-9F75-4478B4386D6E}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
- FirewallRules: [{37881CA0-24E1-4046-8886-D173D4370EE2}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
- FirewallRules: [{0601ED1B-EC56-4D6E-839F-AE264EB7626C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
- FirewallRules: [{20CC4A59-5D05-4510-BCF1-284325671D93}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
- FirewallRules: [{740795C6-4974-46AF-B195-0821D9F273EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{0C91A747-CA13-4E9B-BA62-0F88D326FE33}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{22F278B1-1F04-401E-9D73-943D1A31CFEB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{A0641FBE-AC58-4F64-A431-FB7527A6498E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{00E0E5C8-6CD7-4480-95F7-7C61AD6CCA3E}] => (Allow) c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
- FirewallRules: [{1FA7574C-E1FC-40A8-AF07-96B022CE1E13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{349B5C9F-5BAD-4A70-B851-F9D55278F1EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{8C1B7246-936C-471E-89CB-0E4AE54E809F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
- FirewallRules: [{5F29BB3A-2C68-4798-9218-77407381905C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
- FirewallRules: [{0A3C321E-DDBE-4CEC-899C-8A0F19721411}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
- FirewallRules: [{8B16FA61-13C7-42B3-94C8-1873B76D777A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
- FirewallRules: [{3B14DDCC-748A-4411-89CD-042A58F894D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{A8725838-ECD0-45D0-9423-99B828639031}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{D399BD42-7131-4385-BCDF-C147A2979591}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [TCP Query User{5475AA0C-F2A3-409E-9CD9-D0E65A119963}C:\users\beaniemachine\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\beaniemachine\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
- FirewallRules: [UDP Query User{C7123DD9-FF44-425F-993A-76DBF89F4FF6}C:\users\beaniemachine\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\beaniemachine\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
- FirewallRules: [{C98BAFD6-E21F-4E29-A073-64B1F4C1AD06}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{30BE9BBE-D7CE-4F88-946F-C09FB19F1450}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{8116CC6F-7E1D-4680-9E4A-156B1B11B028}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{86EA4C6A-6E4F-44CE-9F6D-864DE5B82DEC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{1E9D6FC8-20F6-4C80-94AD-6B4F2B2DF8A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- FirewallRules: [{72DF6D88-C869-4D37-8581-94861889FBA8}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
- FirewallRules: [{C61F12B6-E3A9-4396-955A-2BB0DE854530}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
- FirewallRules: [{150BACE8-B746-4364-A331-8A3E58406521}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
- FirewallRules: [{9C2D5703-A182-4F5E-A383-5434A01E8A01}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
- FirewallRules: [{79C9078F-D18C-4B42-92D7-F6D41F2A7E28}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
- FirewallRules: [{D70764A9-DFAB-44E1-9BDE-7596633ABD9B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
- FirewallRules: [{05470FA9-B0BF-434A-9F96-E32F61273F18}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
- FirewallRules: [{105560CB-A0A8-4ED7-9E48-81408391BD61}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
- FirewallRules: [{D9A728EF-6B49-4C16-9A71-0C012753B1EF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
- FirewallRules: [{238C7357-8CBE-451E-8B05-2790870A51B7}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
- ==================== Restore Points =========================
- 28-12-2015 16:11:40 Installed inCloak VPN.
- 29-12-2015 16:29:43 paint.net 4.0.6
- 30-12-2015 20:30:53 herdProtect before 26 removals
- 05-01-2016 21:37:22 paint.net 4.0.9
- 06-01-2016 21:45:38 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
- 11-01-2016 20:16:04 Windows Update
- 17-01-2016 18:47:48 Installed DirectX
- 24-01-2016 22:29:17 Removed inCloak VPN.
- ==================== Faulty Device Manager Devices =============
- Name: Intel(R) Wireless Bluetooth(R)
- Description: Intel(R) Wireless Bluetooth(R)
- Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
- Manufacturer: Intel Corporation
- Service: BTHUSB
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (01/25/2016 09:38:07 AM) (Source: SideBySide) (EventID: 78) (User: )
- Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
- A component version required by the application conflicts with another component version already active.
- Conflicting components are:.
- Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
- Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
- Error: (01/25/2016 09:28:25 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
- Description: An error has occurred (NvVAD initialization failed [0]).
- Error: (01/25/2016 09:28:25 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
- Description: An error has occurred (Failed to open Audio Capture session [6]).
- Error: (01/25/2016 09:26:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-H4I19AD)
- Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (01/25/2016 09:26:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-H4I19AD)
- Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (01/24/2016 11:12:10 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10240.16384, time stamp: 0x559f38c5
- Faulting module name: twinapi.appcore.dll, version: 10.0.10240.16590, time stamp: 0x563ad512
- Exception code: 0xc000027b
- Fault offset: 0x000000000006646f
- Faulting process id: 0x2110
- Faulting application start time: 0xbackgroundTaskHost.exe0
- Faulting application path: backgroundTaskHost.exe1
- Faulting module path: backgroundTaskHost.exe2
- Report Id: backgroundTaskHost.exe3
- Faulting package full name: backgroundTaskHost.exe4
- Faulting package-relative application ID: backgroundTaskHost.exe5
- Error: (01/24/2016 10:31:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
- Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
- Details:
- AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
- System Error:
- Access is denied.
- .
- Error: (01/24/2016 10:12:31 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: herdProtectScan.exe, version: 1.0.3.9, time stamp: 0x549300f9
- Faulting module name: LSASRV.dll, version: 10.0.10240.16392, time stamp: 0x55a868f9
- Exception code: 0xc0000005
- Fault offset: 0x000000000004e20e
- Faulting process id: 0x670
- Faulting application start time: 0xherdProtectScan.exe0
- Faulting application path: herdProtectScan.exe1
- Faulting module path: herdProtectScan.exe2
- Report Id: herdProtectScan.exe3
- Faulting package full name: herdProtectScan.exe4
- Faulting package-relative application ID: herdProtectScan.exe5
- Error: (01/24/2016 09:03:37 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
- Description: An error has occurred (NvVAD initialization failed [0]).
- Error: (01/24/2016 09:03:37 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
- Description: An error has occurred (Failed to open Audio Capture session [6]).
- System errors:
- =============
- Error: (01/25/2016 09:28:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The CyberGhost 5 Client Service service failed to start due to the following error:
- %%1053
- Error: (01/25/2016 09:28:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the CyberGhost 5 Client Service service to connect.
- Error: (01/25/2016 09:26:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
- Error: (01/25/2016 09:26:30 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H4I19AD)
- Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider
- Error: (01/25/2016 09:26:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H4I19AD)
- Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
- Error: (01/25/2016 09:26:27 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H4I19AD)
- Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
- Error: (01/25/2016 09:26:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (01/24/2016 09:02:46 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 8:42:38 PM on ‎1/‎24/‎2016 was unexpected.
- Error: (01/24/2016 06:48:44 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
- Description: {209500FC-6B45-4693-8871-6296C4843751}
- Error: (01/24/2016 06:48:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
- Description: The McAfee Home Network service hung on starting.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
- Percentage of memory in use: 19%
- Total physical RAM: 16306.26 MB
- Available physical RAM: 13059 MB
- Total Virtual: 17330.26 MB
- Available Virtual: 13587.64 MB
- ==================== Drives ================================
- Drive c: (Windows) (Fixed) (Total:917.75 GB) (Free:751.8 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 931.5 GB) (Disk ID: 218E063C)
- Partition: GPT.
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement