Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't recover to Win 7 In Win 10


  • Please log in to reply
34 replies to this topic

#1 Zer0gravity

Zer0gravity

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 09 June 2015 - 10:09 AM

So I went to roll back to windows 7 my computer crashed after going to it and trying to recover (Which wasn't a problem to do) until I crashed. Now it pops up with this 

 

IMG_20150608_181848251.jpg

 

 

I only have one account the admin account how exactly do I fix this? 



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:20 PM

Posted 09 June 2015 - 10:13 AM

Hi Zer0gravity :)

If you right-click on Computer and select Manage, then click Users and Groups in the left pane and finally Users, do you see a user called DefaultAppPool? This is a user created by IIS. You could always disable it in Turn on and off Windows features to get rid of it.

https://support.microsoft.com/en-us/kb/321141?wa=wsignin1.0

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Zer0gravity

Zer0gravity
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 09 June 2015 - 11:24 AM

Hi Zer0gravity :)

If you right-click on Computer and select Manage, then click Users and Groups in the left pane and finally Users, do you see a user called DefaultAppPool? This is a user created by IIS. You could always disable it in Turn on and off Windows features to get rid of it.

https://support.microsoft.com/en-us/kb/321141?wa=wsignin1.

 

no where to be found 0609151113_1.jpg


Edited by Zer0gravity, 09 June 2015 - 11:24 AM.


#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:20 PM

Posted 09 June 2015 - 11:27 AM

Alright, did you try to disable "IIS" in the "Turn on and off Windows features" like shown in the article?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 Zer0gravity

Zer0gravity
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 09 June 2015 - 12:07 PM

photo_0151601710vwfdnr.jpgAlright, did you try to disable "IIS" in the "Turn on and off Windows features" like shown in the article?

 

i already did that. I go to search for groups and users and it says "this snippet isn't available for this version of win 10"

 

 

thats when i manually type it in


Edited by Zer0gravity, 09 June 2015 - 12:13 PM.


#6 Zer0gravity

Zer0gravity
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 09 June 2015 - 01:35 PM

Anybody !? Help Please. 



#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:20 PM

Posted 09 June 2015 - 01:45 PM

Do you have Visual Studio and/or SQL Server installed?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 Zer0gravity

Zer0gravity
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 09 June 2015 - 02:16 PM

Do you have Visual Studio and/or SQL Server installed?

i have visual studio installed twice 2012 edition it says 86 and 64 bit


 

Do you have Visual Studio and/or SQL Server installed?

i have visual studio installed twice 2012 edition it says 86 and 64 bit

 

pretty sure i had sql installed at one point 



#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:20 PM

Posted 09 June 2015 - 02:18 PM

Apparently that user has been added by Visual Studio. Uninstalling it and all its related programs will remove it.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 Zer0gravity

Zer0gravity
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 09 June 2015 - 02:27 PM

Apparently that user has been added by Visual Studio. Uninstalling it and all its related programs will remove it.

I had both and it didnt work. 



#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:20 PM

Posted 09 June 2015 - 02:33 PM

Did you fully uninstall their instance? Follow the instructions below please.

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the executable file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator;
  • Check the following options:
    • List Installed Programs;
    • List Last 10 Event Viewer Errors;
      Yjt97o0.png
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 Zer0gravity

Zer0gravity
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 09 June 2015 - 02:40 PM

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by 1 (administrator) on 09-06-2015 at 14:38:58
Running from "C:\Users\1\Music\iTunes"
Microsoft Windows 10 Home Insider Preview  (X64)
Model: HPE-400y Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/09/2015 02:09:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Faulting module name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Exception code: 0xc0000005
Fault offset: 0x000000000001c076
Faulting process id: 0x9c4
Faulting application start time: 0xTuneUpUtilitiesService64.exe0
Faulting application path: TuneUpUtilitiesService64.exe1
Faulting module path: TuneUpUtilitiesService64.exe2
Report Id: TuneUpUtilitiesService64.exe3
Faulting package full name: TuneUpUtilitiesService64.exe4
Faulting package-relative application ID: TuneUpUtilitiesService64.exe5
 
Error: (06/09/2015 02:07:14 PM) (Source: EvntAgnt) (User: )
Description: 
 
Error: (06/09/2015 02:07:14 PM) (Source: EvntAgnt) (User: )
Description: 
 
Error: (06/09/2015 02:05:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Faulting module name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Exception code: 0xc0000005
Fault offset: 0x000000000001c076
Faulting process id: 0x9fc
Faulting application start time: 0xTuneUpUtilitiesService64.exe0
Faulting application path: TuneUpUtilitiesService64.exe1
Faulting module path: TuneUpUtilitiesService64.exe2
Report Id: TuneUpUtilitiesService64.exe3
Faulting package full name: TuneUpUtilitiesService64.exe4
Faulting package-relative application ID: TuneUpUtilitiesService64.exe5
 
Error: (06/09/2015 02:00:04 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (06/09/2015 01:46:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: 1-HP)
Description: Activation of app Microsoft.Cortana_8wekyb3d8bbwe!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/09/2015 01:46:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: SearchUI.exe, version: 0.0.0.0, time stamp: 0x553ad077
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10074.3, time stamp: 0x55441ae1
Exception code: 0xc000027b
Fault offset: 0x0000000000304f0d
Faulting process id: 0x124c
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5
 
Error: (06/09/2015 01:24:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Faulting module name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Exception code: 0xc0000005
Fault offset: 0x000000000001c076
Faulting process id: 0x9d0
Faulting application start time: 0xTuneUpUtilitiesService64.exe0
Faulting application path: TuneUpUtilitiesService64.exe1
Faulting module path: TuneUpUtilitiesService64.exe2
Report Id: TuneUpUtilitiesService64.exe3
Faulting package full name: TuneUpUtilitiesService64.exe4
Faulting package-relative application ID: TuneUpUtilitiesService64.exe5
 
Error: (06/08/2015 09:54:07 PM) (Source: Application Hang) (User: )
Description: The program searchui.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1e90
 
Start Time: 01d0a25f7ee89912
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\searchui.exe
 
Report Id: bfe2156a-0e52-11e5-8047-d4856411ac4b
 
Faulting package full name: Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: CortanaUI
 
Error: (06/08/2015 09:53:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: 1-HP)
Description: Activation of app Microsoft.Cortana_8wekyb3d8bbwe!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (06/09/2015 02:09:53 PM) (Source: Service Control Manager) (User: )
Description: The TuneUp Utilities Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/09/2015 02:09:41 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TuneUp.UtilitiesSvc service.
 
Error: (06/09/2015 02:09:27 PM) (Source: Service Control Manager) (User: )
Description: The Net.Tcp Port Sharing Service service failed to start due to the following error: 
%%1053
 
Error: (06/09/2015 02:09:27 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Net.Tcp Port Sharing Service service to connect.
 
Error: (06/09/2015 02:08:57 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error: 
%%2
 
Error: (06/09/2015 02:08:56 PM) (Source: NETLOGON) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (06/09/2015 02:08:50 PM) (Source: Service Control Manager) (User: )
Description: The TuneUp Theme Extension service failed to start due to the following error: 
%%1083
 
Error: (06/09/2015 02:08:50 PM) (Source: Service Control Manager) (User: )
Description: The DefragFS service failed to start due to the following error: 
%%1306
 
Error: (06/09/2015 02:07:54 PM) (Source: Service Control Manager) (User: )
Description: The Delivery Optimization service terminated with the following service-specific error: 
%%2147500053
 
Error: (06/09/2015 02:07:16 PM) (Source: SNMP) (User: )
Description: SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities
 
 
Microsoft Office Sessions:
=========================
Error: (06/09/2015 02:09:15 PM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService64.exe14.0.1000.88521f1d36TuneUpUtilitiesService64.exe14.0.1000.88521f1d36c0000005000000000001c0769c401d0a2e7bed05c56C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exeC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exed8ebe7ca-dadc-4adc-b109-a623398ae5b7
 
Error: (06/09/2015 02:07:14 PM) (Source: EvntAgnt)(User: )
Description: 
 
Error: (06/09/2015 02:07:14 PM) (Source: EvntAgnt)(User: )
Description: 
 
Error: (06/09/2015 02:05:27 PM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService64.exe14.0.1000.88521f1d36TuneUpUtilitiesService64.exe14.0.1000.88521f1d36c0000005000000000001c0769fc01d0a2e731b87acaC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exeC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe98e4c871-f10f-45f9-bcfa-d02813648394
 
Error: (06/09/2015 02:00:04 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (06/09/2015 01:46:05 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: 1-HP)
Description: Microsoft.Cortana_8wekyb3d8bbwe!CortanaUI-2147023170
 
Error: (06/09/2015 01:46:00 PM) (Source: Application Error)(User: )
Description: SearchUI.exe0.0.0.0553ad077Windows.UI.Xaml.dll10.0.10074.355441ae1c000027b0000000000304f0d124c01d0a2e48731dd89C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\SearchUI.exeC:\Windows\System32\Windows.UI.Xaml.dll187fecc2-6551-4363-b17a-a22a3cf0d7d2Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbweCortanaUI
 
Error: (06/09/2015 01:24:15 PM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService64.exe14.0.1000.88521f1d36TuneUpUtilitiesService64.exe14.0.1000.88521f1d36c0000005000000000001c0769d001d0a2e1770c4079C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exeC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe22194f24-2eee-4487-99d7-435247fcad48
 
Error: (06/08/2015 09:54:07 PM) (Source: Application Hang)(User: )
Description: searchui.exe0.0.0.01e9001d0a25f7ee899124294967295C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\searchui.exebfe2156a-0e52-11e5-8047-d4856411ac4bMicrosoft.Cortana_1.4.4.120_x64__8wekyb3d8bbweCortanaUI
 
Error: (06/08/2015 09:53:41 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: 1-HP)
Description: Microsoft.Cortana_8wekyb3d8bbwe!CortanaUI-2147023170
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-06-09 05:48:24.518
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:24.425
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:24.241
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:23.838
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:23.296
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:23.231
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:23.036
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:22.971
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:22.844
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:22.720
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
**** End of log ****


#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:20 PM

Posted 09 June 2015 - 02:41 PM

It looks like you didn't check the "List Installed Programs" option. Can you check it and do a new scan?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 Zer0gravity

Zer0gravity
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 09 June 2015 - 03:07 PM

It looks like you didn't check the "List Installed Programs" option. Can you check it and do a new scan?

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by 1 (administrator) on 09-06-2015 at 15:06:31
Running from "C:\Users\1\Music\iTunes"
Microsoft Windows 10 Home Insider Preview  (X64)
Model: HPE-400y Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/09/2015 02:09:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Faulting module name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Exception code: 0xc0000005
Fault offset: 0x000000000001c076
Faulting process id: 0x9c4
Faulting application start time: 0xTuneUpUtilitiesService64.exe0
Faulting application path: TuneUpUtilitiesService64.exe1
Faulting module path: TuneUpUtilitiesService64.exe2
Report Id: TuneUpUtilitiesService64.exe3
Faulting package full name: TuneUpUtilitiesService64.exe4
Faulting package-relative application ID: TuneUpUtilitiesService64.exe5
 
Error: (06/09/2015 02:07:14 PM) (Source: EvntAgnt) (User: )
Description: 
 
Error: (06/09/2015 02:07:14 PM) (Source: EvntAgnt) (User: )
Description: 
 
Error: (06/09/2015 02:05:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Faulting module name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Exception code: 0xc0000005
Fault offset: 0x000000000001c076
Faulting process id: 0x9fc
Faulting application start time: 0xTuneUpUtilitiesService64.exe0
Faulting application path: TuneUpUtilitiesService64.exe1
Faulting module path: TuneUpUtilitiesService64.exe2
Report Id: TuneUpUtilitiesService64.exe3
Faulting package full name: TuneUpUtilitiesService64.exe4
Faulting package-relative application ID: TuneUpUtilitiesService64.exe5
 
Error: (06/09/2015 02:00:04 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (06/09/2015 01:46:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: 1-HP)
Description: Activation of app Microsoft.Cortana_8wekyb3d8bbwe!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/09/2015 01:46:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: SearchUI.exe, version: 0.0.0.0, time stamp: 0x553ad077
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10074.3, time stamp: 0x55441ae1
Exception code: 0xc000027b
Fault offset: 0x0000000000304f0d
Faulting process id: 0x124c
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5
 
Error: (06/09/2015 01:24:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Faulting module name: TuneUpUtilitiesService64.exe, version: 14.0.1000.88, time stamp: 0x521f1d36
Exception code: 0xc0000005
Fault offset: 0x000000000001c076
Faulting process id: 0x9d0
Faulting application start time: 0xTuneUpUtilitiesService64.exe0
Faulting application path: TuneUpUtilitiesService64.exe1
Faulting module path: TuneUpUtilitiesService64.exe2
Report Id: TuneUpUtilitiesService64.exe3
Faulting package full name: TuneUpUtilitiesService64.exe4
Faulting package-relative application ID: TuneUpUtilitiesService64.exe5
 
Error: (06/08/2015 09:54:07 PM) (Source: Application Hang) (User: )
Description: The program searchui.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1e90
 
Start Time: 01d0a25f7ee89912
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\searchui.exe
 
Report Id: bfe2156a-0e52-11e5-8047-d4856411ac4b
 
Faulting package full name: Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: CortanaUI
 
Error: (06/08/2015 09:53:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: 1-HP)
Description: Activation of app Microsoft.Cortana_8wekyb3d8bbwe!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (06/09/2015 02:09:53 PM) (Source: Service Control Manager) (User: )
Description: The TuneUp Utilities Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/09/2015 02:09:41 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TuneUp.UtilitiesSvc service.
 
Error: (06/09/2015 02:09:27 PM) (Source: Service Control Manager) (User: )
Description: The Net.Tcp Port Sharing Service service failed to start due to the following error: 
%%1053
 
Error: (06/09/2015 02:09:27 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Net.Tcp Port Sharing Service service to connect.
 
Error: (06/09/2015 02:08:57 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error: 
%%2
 
Error: (06/09/2015 02:08:56 PM) (Source: NETLOGON) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (06/09/2015 02:08:50 PM) (Source: Service Control Manager) (User: )
Description: The TuneUp Theme Extension service failed to start due to the following error: 
%%1083
 
Error: (06/09/2015 02:08:50 PM) (Source: Service Control Manager) (User: )
Description: The DefragFS service failed to start due to the following error: 
%%1306
 
Error: (06/09/2015 02:07:54 PM) (Source: Service Control Manager) (User: )
Description: The Delivery Optimization service terminated with the following service-specific error: 
%%2147500053
 
Error: (06/09/2015 02:07:16 PM) (Source: SNMP) (User: )
Description: SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities
 
 
Microsoft Office Sessions:
=========================
Error: (06/09/2015 02:09:15 PM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService64.exe14.0.1000.88521f1d36TuneUpUtilitiesService64.exe14.0.1000.88521f1d36c0000005000000000001c0769c401d0a2e7bed05c56C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exeC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exed8ebe7ca-dadc-4adc-b109-a623398ae5b7
 
Error: (06/09/2015 02:07:14 PM) (Source: EvntAgnt)(User: )
Description: 
 
Error: (06/09/2015 02:07:14 PM) (Source: EvntAgnt)(User: )
Description: 
 
Error: (06/09/2015 02:05:27 PM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService64.exe14.0.1000.88521f1d36TuneUpUtilitiesService64.exe14.0.1000.88521f1d36c0000005000000000001c0769fc01d0a2e731b87acaC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exeC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe98e4c871-f10f-45f9-bcfa-d02813648394
 
Error: (06/09/2015 02:00:04 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (06/09/2015 01:46:05 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: 1-HP)
Description: Microsoft.Cortana_8wekyb3d8bbwe!CortanaUI-2147023170
 
Error: (06/09/2015 01:46:00 PM) (Source: Application Error)(User: )
Description: SearchUI.exe0.0.0.0553ad077Windows.UI.Xaml.dll10.0.10074.355441ae1c000027b0000000000304f0d124c01d0a2e48731dd89C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\SearchUI.exeC:\Windows\System32\Windows.UI.Xaml.dll187fecc2-6551-4363-b17a-a22a3cf0d7d2Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbweCortanaUI
 
Error: (06/09/2015 01:24:15 PM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService64.exe14.0.1000.88521f1d36TuneUpUtilitiesService64.exe14.0.1000.88521f1d36c0000005000000000001c0769d001d0a2e1770c4079C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exeC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe22194f24-2eee-4487-99d7-435247fcad48
 
Error: (06/08/2015 09:54:07 PM) (Source: Application Hang)(User: )
Description: searchui.exe0.0.0.01e9001d0a25f7ee899124294967295C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\searchui.exebfe2156a-0e52-11e5-8047-d4856411ac4bMicrosoft.Cortana_1.4.4.120_x64__8wekyb3d8bbweCortanaUI
 
Error: (06/08/2015 09:53:41 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: 1-HP)
Description: Microsoft.Cortana_8wekyb3d8bbwe!CortanaUI-2147023170
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-06-09 05:48:24.518
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:24.425
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:24.241
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:23.838
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:23.296
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:23.231
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:23.036
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:22.971
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:22.844
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-09 05:48:22.720
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\Steam App 228400) (Version:  - Namco)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.3.0 - IObit)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BSR Screen Recorder 5 (HKLM-x32\...\BSRScreenRecorder5) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn Of War - Winter Assault (HKLM-x32\...\{DD8408E9-9421-484F-979D-DB6361E3E828}) (Version: 1.4 - THQ)
DawnOfWar (HKLM-x32\...\{362D5167-9716-44BE-89FD-BF9EB6EF814B}) (Version: 1.00.00000 - THQ) Hidden
DawnOfWar (HKLM-x32\...\InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}) (Version: 1.00.00000 - THQ)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
Free Video To Audio Converter 2014 5.0.2 (HKLM-x32\...\Free Video To Audio Converter 2014_is1) (Version:  - FAEMedia Co., Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.18 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
Halo Spartan Assault (HKLM-x32\...\Halo Spartan Assault_is1) (Version:  - )
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
HydraVision (HKLM-x32\...\{C07FEFB3-D039-182C-8D27-AF2852C70015}) (Version: 4.2.166.0 - ATI Technologies Inc.) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
IZArc 4.1.9 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.9 - Ivan Zahariev)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MechWarrior Online (HKLM-x32\...\{1A14AC87-9585-4AC5-BA5D-0A3A4C6AF7D4}) (Version: 1.6.1.0 - Piranha Games Inc.) Hidden
MechWarrior Online (HKLM-x32\...\{9f17023b-d04f-432b-b08a-3bb4c3a7ed3c}) (Version: 1.6.0.0 - Piranha Games Inc.)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NavyFIELD 2 (HKLM-x32\...\{6D3D14EF-CEB5-4FA5-8647-65ABFD3421E3}) (Version: 1.00.0000 - SD EnterNET)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
ParetoLogic Data Recovery (HKLM-x32\...\{B1C2398C-6FAB-46D1-806C-5942F0829994}) (Version: 1.1.0 - ParetoLogic)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
PerfectDisk Professional Business (HKLM\...\{682B22AB-EAAA-4B1C-83AF-B26E7D4ED01E}) (Version: 13.0.783 - Raxco Software Inc.)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6132 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2926 - CyberLink Corp.) Hidden
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Sins of a Solar Empire Rebellion © Stardock version 1 (HKLM-x32\...\Sins of a Solar Empire Rebellion © Stardock_is1) (Version: 1 - )
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Sothink FLV Player (HKLM-x32\...\{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1) (Version: 2.3 - SourceTec Software Co., LTD)
Sothink Web Video Downloader (HKLM-x32\...\{8C52A46C-7961-4A81-AB4B-92CF65CB4772}_is1) (Version: 1.2 - SourceTec Software Co., LTD)
Sound Blaster Z-Series (HKLM-x32\...\{B2C527EF-4F7B-405A-ADB4-89B432891FF2}) (Version: 1.00.28 - Creative Technology Limited)
Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Supreme Commander - Forged Alliance (HKLM-x32\...\{31D95937-B237-405D-920C-A3EF4E482395}) (Version: 1.00.0000 - Gas Powered Games)
Tixati (HKLM-x32\...\tixati) (Version:  - )
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{B512F025-E992-44D0-B1F4-D6E1D3339C80}) (Version: 1.0.0 - TP-LINK)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities 2014) (Version: 14.0.1000.88 - TuneUp Software)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder Launcher 1.0.1.361 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Wargame Red Dragon (HKLM-x32\...\Wargame Red Dragon_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
World of Tanks (HKCU\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
YTD Video Downloader PRO v4.7.2.0.2 (HKLM-x32\...\YTD Video Downloader PRO v4.7.2.0.24.7.2.0.2) (Version: 4.7.2.0.2 - Friends in War)
ZD Soft Screen Recorder (HKLM-x32\...\{94F08B95-2BED-4610-B968-8E0A7907A62D}) (Version: 6.6.0 - ZD Soft)
 
**** End of log ****


#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:20 PM

Posted 09 June 2015 - 04:19 PM

warning.gifIObit Software Warning!
I noticed that you have programs from IObit installed on your system. IObit have been accused in the past from using shady techniques in order to promote and enhance their products, one of which was to steal Malwarebytes' definition database to include it in their "Antimalware", IObit Malware Fighter. On top of that, their main product, Advanced SystemCare, goes into the "PC Booster" category of program, which are useless programs since there's no proofs or facts that these actually boost the performance of a system, and are borderline "scamware". In fact, these programs have a tendency to cause a variety of issues under Windows, that can be solved by uninstalling the software, ironic isn't it? Most of their features can be replaced by using other programs, often, utilities that requires no installation or that are already "built-in" inside Windows. Therefore, I strongly suggest you to uninstall every IObit program you have installed on your system before we continue. You are free to reinstall them after I'm done assisting you if you wish to ignore my warning above.

Below are articles that relates the Malwarebytes VS IObit episode and also why IObit failed as a company and within it's products.warning.gifPC Booster/Tune-Up Program Warning!
"PC Booster/Tune Up" programs are part of the worst programs you can install on a system. When it comes to messing up your system (Windows), these are as worst as malware. They are completely worthless and useless to use. The worst is that they'll often take action on your system without you knowing, nor authorizing it, which could lead to your system being altered in a way you don't want it to be or even worst, a "broke" system. Every feature they provide, you can either do it natively under Windows, do it via another standalone executable (which is way easier and safer to use) or they aren't providing something you need. Here's a few examples:
  • Cleaning temporary files: TFC (standalone executable), CCleaner (installed), Cleanmgr.exe (in-built);
  • Managing start-up entries: Autoruns (standalone executable), CCleaner (installed), Task Manager and Registry (in-built);
  • Driver Updater: Not needed, all you need is to go on your manufacturer website so you'll be sure to get the right, official, working drivers for your computer or hardware;
  • Registry Cleaner/Defragger: Completely useless and also dangerous;
  • Disk Defragging: Disk Defrag (in-built), O&O Disk Defrag (installed), Defraggler (installed);
  • Powerful uninstaller: Not needed, only needed when you have to make sure a program is completely uninstalled. Revo Uninstaller have a portable version you can use;
  • "Enhanced" Task Manager: Procexp (standalone executable), Process Hacker (portable or installed);
  • "Active security": Any Antivirus and Antimalware can beat that, easily. These programs aren't made to replace Antivirus or Antimalware products and shouldn't be seen as such;
  • Repair Hard Drive issues: Simple chkdsk /r command under Windows (in-built);
Having such program installing on your system will just bloat it down and you have more chances to have issues by using them than without. These products are advertised as a program that can solve all your issues, remove every malware, speed up your computer performance over 100%, etc. The truth is that there's not a single program that can do that. First of all, these programs aren't made to remove virus and malware, leave this in the hands of Antivirus and Antimalware, period. Secondly, there's so many kind of issues under Windows that there's not a single program that can address them all. If you think that BSOD (Blue Screen of Death) issues can be solved by opening a program and clicking on a "Fix" button, then I'm sorry to tell you but, you're wrong. Also, you cannot boost the performance of a hardware over it's hardware capabilities. Of course you can overclock some components, like your CPU, RAM and GPU, but these aren't done via these programs, but via your BIOS interface. I could recommend you a program for every feature these programs advertise, and also tell you exactly in detail why most of them are completely useless, such as Registry cleaner (dangerous to use), and driver updater (dangerous to use, and also completely useless, it'll not improve your system performance). In the end, buying such programs is the exact same as being scammed (because this is what it is, a pure scam) and using one of these programs will result you in having a system less performant than prior to using it.

Relevant articles if you want to read more about PC Boosters/Optimizers and why they are useless:warning.gifDriver Updater Warning!
I see that you are using a "Driver Updater" program. I strongly advise you to uninstall it/them and to never use such programs again since they can damage your system at a point where a reinstallation of Windows might be needed.
  • Drivers are "middlemen" between your OS (Windows) and your hardware (computer). They control and facilitate the interaction between Windows and hardware components, to deliver a "message", nothing more;
  • Having all of your drivers up to date, all the time, will not improve the performance of your system, nor your computer. You cannot increase the hardware performance of a component over the current capabilities it have;
  • Driver updates are released to fix a bug or an issue with a previous release of that driver. Not everyone with the same drivers will experience the issue, so if you are having no problems with the drivers you are running, you don't need to update them. "If it's not broken, don't fix it";
  • You can download drivers for free from your computer/laptop manufacturers website, or from the hardware component manufacturers website. You don't need to pay for any of them, if you are being asked to pay for drivers it is likely a scam;
  • Only drivers from the computer/laptop manufacturers website, or the hardware component manufacturers website are considered official (legitimate and working). You should not download drivers from anywhere else;
  • Driver Updaters are a scam, they try to convince you that you need these programs in order to make your system perform well, which is false;
  • It has been tested and proven that these programs will detect outdated drivers on a system that have the most updated drivers from the manufacturer, which shows that they don't work and/or they try to make you install "newer" suspicious drivers;
  • The goal of the distributors of such programs is to make money by making you buy their useless product, or install additional software (PUPs) when you install their program. Your system will perform worse with these programs installed than without;
This being said, such programs could be seen as "pure scam" and should be avoided at all cost.

Here's some articles that talks about Driver Updater programs and why they shouldn't be used:Uninstall the following programs please.
  • Adobe AIR;
  • Adobe Flash Player 17 NPAPI;
  • Advanced SystemCare 7;
  • Driver Booster 2;
  • IObit Uninstaller;
  • TuneUp Utilities 2014;
Also you only need one archiving program, you can keep either WinRAR or WinZip and uninstall the other. I don't see any Visual Studio or SQL Server instance left.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users