Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sluggish response times, computer hanging, multiple restarts required


  • Please log in to reply
18 replies to this topic

#1 SIPphotog

SIPphotog

  • Members
  • 16 posts
  • OFFLINE
  •  

Posted 04 December 2015 - 03:31 PM

I am at my wits end and need help! I am a photographer and need my laptop to run smooth in order to keep up with editing.

 

HP Envy laptop Running WIN10, NVidia GeForce graphics

 

I have been having issues for a few months, I uninstalled all my old virus/maintenane programs and installed AVG antivirus and PC Tune Up

 

Got things running smoothly for a couple weeks, then bam, slow computer again

 

Hard drive was nearly full, removed over 400G of files, ran defrag, little improvement

 

When running PS and LR will run smooth for a bit after restart, butt hen gets laggy and restart is again required which helos about half the time.

 

I KNOW there is something going on that I am missing and after exhausting my own resources I need help!

 

Had a warning come up 2 days ago about a trojan attached to a canon image browser program I NEVER use, quarantined as suggested. AVG is not picking up anything after multiple scans



BC AdBot (Login to Remove)

 


#2 SIPphotog

SIPphotog
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  

Posted 04 December 2015 - 03:52 PM

ALSO - I wanted to add after installing WIN10 I can only acheive a complete shutdown by holind down my power button. If I shut down from the wondows menu, the screen goes blank like its shutting down, but my power remains on indefinitely. Not sure if this is related but figured I would add it



#3 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 21 December 2015 - 01:42 PM

Hi SIPphotog :)

My name is Aura and I'll be assisting you with your issue. Follow the instructions below please.

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • Flush DNS;
    • Report IE Proxy Settings;
    • Reset IE Proxy Settings;
    • Report FF Proxy Settings;
    • Reset FF Proxy Settings;
    • List content of Hosts;
    • List IP Configuration;
    • List Winsock Entries;
    • List Last 10 Event Viewer Errors;
    • List Installed Programs;
    • List Devices - Only Problems;
    • List Users, Partitions and Memory size;
      OQmAcqS.png
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#4 SIPphotog

SIPphotog
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  

Posted 21 December 2015 - 01:48 PM

Thank you for your assistance. Here is the log as requested:

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Cassandra (administrator) on 21-12-2015 at 10:47:36
Running from "C:\Users\Cassandra\Desktop"
Microsoft Windows 10 Home  (X64)
Model: HP ENVY m7 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Intel® Dual Band Wireless-AC 7260 = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : SIPEnvy
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.wa.comcast.net

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 38-63-BB-99-C4-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : F8-16-54-D9-E5-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : hsd1.wa.comcast.net
   Description . . . . . . . . . . . : Intel® Dual Band Wireless-AC 7260
   Physical Address. . . . . . . . . : F8-16-54-D9-E5-54
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:603:0:5147::3df3(Preferred)
   Lease Obtained. . . . . . . . . . : Sunday, December 20, 2015 11:00:34 PM
   Lease Expires . . . . . . . . . . : Sunday, December 27, 2015 11:15:07 AM
   IPv6 Address. . . . . . . . . . . : 2601:603:0:5147:6da5:6198:734b:3a57(Preferred)
   Temporary IPv6 Address. . . . . . : 2601:603:0:5147:b104:4d13:f823:44bf(Preferred)
   Link-local IPv6 Address . . . . . : fe80::6da5:6198:734b:3a57%4(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.94(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, December 20, 2015 11:00:31 PM
   Lease Expires . . . . . . . . . . : Sunday, December 27, 2015 11:00:31 PM
   Default Gateway . . . . . . . . . : fe80::481d:70ff:fe1a:d572%4
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 66590292
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-8E-2C-31-38-63-BB-99-C4-38
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : F8-16-54-D9-E5-58
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Name:    google.com
Addresses:  2607:f8b0:400a:802::1005
      216.58.193.78


Pinging google.com [2607:f8b0:400a:802::1009] with 32 bytes of data:
Reply from 2607:f8b0:400a:802::1009: time=30ms
Reply from 2607:f8b0:400a:802::1009: time=29ms

Ping statistics for 2607:f8b0:400a:802::1009:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 29ms, Maximum = 30ms, Average = 29ms
Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      2001:4998:58:c02::a9
      98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
Reply from 2001:4998:58:c02::a9: time=104ms
Reply from 2001:4998:58:c02::a9: time=105ms

Ping statistics for 2001:4998:58:c02::a9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 104ms, Maximum = 105ms, Average = 104ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 18...38 63 bb 99 c4 38 ......Realtek PCIe GBE Family Controller
  2...f8 16 54 d9 e5 55 ......Microsoft Wi-Fi Direct Virtual Adapter
  4...f8 16 54 d9 e5 54 ......Intel® Dual Band Wireless-AC 7260
  8...f8 16 54 d9 e5 58 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.94     10
         10.0.0.0    255.255.255.0         On-link         10.0.0.94    266
        10.0.0.94  255.255.255.255         On-link         10.0.0.94    266
       10.0.0.255  255.255.255.255         On-link         10.0.0.94    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.94    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.94    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  4    266 ::/0                     fe80::481d:70ff:fe1a:d572
  1    306 ::1/128                  On-link
  4    266 2601:603:0:5147::/64     On-link
  4    266 2601:603:0:5147::3df3/128
                                    On-link
  4    266 2601:603:0:5147:6da5:6198:734b:3a57/128
                                    On-link
  4    266 2601:603:0:5147:b104:4d13:f823:44bf/128
                                    On-link
  4    266 fe80::/64                On-link
  4    266 fe80::6da5:6198:734b:3a57/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/21/2015 10:22:02 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/21/2015 10:21:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/21/2015 08:00:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x12b8
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5

Error: (12/21/2015 04:00:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x24b4
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5

Error: (12/21/2015 03:45:18 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x2304
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5

Error: (12/21/2015 03:45:16 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x230c
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5

Error: (12/21/2015 12:00:19 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x470
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5

Error: (12/20/2015 11:16:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x187c
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5

Error: (12/20/2015 11:14:26 PM) (Source: MsiInstaller) (User: SIPENVY)
Description: Product: Adobe Acrobat Reader DC MUI - Update '{AC76BA86-7AD7-FFFF-2550-AC0F094E6F00}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (12/20/2015 11:05:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x30c
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5


System errors:
=============
Error: (12/21/2015 10:25:10 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (12/21/2015 10:25:10 AM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CASSAN~1\AppData\Local\Temp\ehdrv.sys

Error: (12/21/2015 10:25:10 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (12/21/2015 10:25:10 AM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CASSAN~1\AppData\Local\Temp\ehdrv.sys

Error: (12/21/2015 10:25:10 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (12/21/2015 10:25:10 AM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CASSAN~1\AppData\Local\Temp\ehdrv.sys

Error: (12/21/2015 10:22:49 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (12/21/2015 10:22:49 AM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CASSAN~1\AppData\Local\Temp\ehdrv.sys

Error: (12/21/2015 10:22:48 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (12/21/2015 10:22:48 AM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CASSAN~1\AppData\Local\Temp\ehdrv.sys


Microsoft Office Sessions:
=========================
Error: (12/21/2015 10:22:02 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifestC:\Users\Cassandra\AppData\Local\Microsoft\Windows\INetCache\IE\S1BI44NP\esetsmartinstaller_enu.exe

Error: (12/21/2015 10:21:59 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifestc:\users\cassandra\appdata\local\microsoft\windows\inetcache\ie\s1bi44np\esetsmartinstaller_enu.exe

Error: (12/21/2015 08:00:11 AM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114b12b801d13c08ab8d0535C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllc46851ce-4e85-47c0-8d4b-c5f2dd854c05

Error: (12/21/2015 04:00:11 AM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114b24b401d13be724cca719C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllb50946d7-c6cb-4f0e-93ec-a24bb50f7ae2

Error: (12/21/2015 03:45:18 AM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114b230401d13be510a6efdaC:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllce2bf17d-2870-4379-818b-18c5884d9e0e

Error: (12/21/2015 03:45:16 AM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114b230c01d13be50f25184fC:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllb76ebb5d-8b82-40a7-a92e-86de7d341803

Error: (12/21/2015 12:00:19 AM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114b47001d13bc59e98ae90C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll3e4de7a6-0e0c-4fde-8d1d-15dda77c7629

Error: (12/20/2015 11:16:40 PM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114b187c01d13bbf6cb16051C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllea2d0adb-b3a3-42de-a354-737ed391838f

Error: (12/20/2015 11:14:26 PM) (Source: MsiInstaller)(User: SIPENVY)
Description: Adobe Acrobat Reader DC MUI{AC76BA86-7AD7-FFFF-2550-AC0F094E6F00}1625(NULL)(NULL)(NULL)

Error: (12/20/2015 11:05:39 PM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114b30c01d13bbdff595f6cC:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll00a84109-3b80-44cf-a41f-d768adf2d680


CodeIntegrity Errors:
===================================
  Date: 2015-12-20 12:08:23.348
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 12:08:23.337
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 11:31:43.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 11:31:43.799
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 11:20:38.069
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 11:20:38.063
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 11:20:37.764
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 11:20:37.756
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 11:20:37.449
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 11:20:37.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Amazon Cloud Drive (HKCU\...\Amazon Cloud Drive) (Version: 2.4.2.25 - Amazon Digital Services, LLC.)
AntiCryptoWall (HKLM\...\{BE40AB1F-558F-4434-B72F-461EF97E7796}_is1) (Version: 1.0.9.1 - Bitdefender)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Portrait+ 3 (HKLM-x32\...\{40BB5B1A-6008-4348-8C24-116B654C7ECD}) (Version: 3.0.0.402 - ArcSoft)
AVG (HKLM\...\{AB11E7BD-211E-4EBD-9EAE-0C11CE7B48AE}) (Version: 16.12.7294 - AVG Technologies) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.22.1.40089 - AVG Technologies)
AVG 2016 (HKLM\...\{2272D5BF-6158-4042-9E55-5D0E0793D32E}) (Version: 16.0.4489 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\{3F894650-88BC-44AE-8E44-84115B137822}) (Version: 16.13.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.13.1.47453 - AVG Technologies)
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7294 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies)
AVG Zen (HKLM\...\{4BB3F53A-125D-4CD0-8448-620E9898CF96}) (Version: 1.22.1 - AVG Technologies) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.50.1 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.30.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.1.7 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.30.0 - Canon Inc.)
Capture One 8.3 (HKLM\...\CaptureOne8_is1) (Version: 8.3.4.19 - Phase One A/S)
CrashPlan (HKLM-x32\...\{642ECA98-8B54-44BF-A4CD-9660A3A1D164}) (Version: 4.4.1 - Code 42 Software)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.2.5308 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3121 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3121 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dragon Assistant 3 (HKLM-x32\...\{4693847A-7139-4CF4-B274-916C046C9E50}) (Version: 3.2.40 - Nuance Communications, Inc.)
Dragon Assistant 3 Language Data Pack en_US (HKLM-x32\...\{532A5345-1A42-4C55-B56E-CE753D0BAA02}) (Version: 3.2.40 - Nuance Communications, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WorkForce 630 Series Printer Uninstall (HKLM\...\EPSON WorkForce 630 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.003 - Ezvid, inc.)
FMW 1 (HKLM\...\{BCA7CC8C-745B-4340-B3A8-BC79A8498107}) (Version: 1.32.2 - AVG Technologies) Hidden
Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
Ginger (HKLM-x32\...\{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.7.48 - Ginger Software) Hidden
Ginger (HKLM-x32\...\InstallShield_{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.7.48 - Ginger Software)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4BBA238C-9E5D-40F9-8AC6-FACB736752B9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
Imagenomic Noiseware 5.0.2 Plug-in (build 5020) (HKLM\...\ImagenomicNoisewarePlugin) (Version:  - )
Imagenomic Portraiture 2.3.3 Plug-in (build 2330) (HKLM\...\ImagenomicPortraiturePlugin) (Version:  - )
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Driver Update Utility 2.2 (HKLM-x32\...\{3EE9923D-3045-46AB-9CAA-E375993AEB4A}) (Version: 2.2.0.1 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® PRO/Wireless Driver (HKLM\...\{ac7ad2d7-04b3-460c-b370-07e3d3e3aa4e}) (Version: 17.01.0000.1697 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{C345A462-2044-47D6-81F6-A4416453A514}) (Version: 17.1.1529.1613 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KaraFun Player 2 (HKLM-x32\...\KaraFun Player 2_is1) (Version: 2.2.7.240 - Recisio)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
mpixpro ROES (HKLM-x32\...\{F0F35F38-ED6B-4BF1-BEE6-4F623A9E4E4A}) (Version: 2.1.0 - SoftWorks Systems, Inc.)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
PASS (HKLM-x32\...\{7B657982-6168-A199-BC6B-39915672C037}) (Version: 3.1.651 - Showitfast, Inc) Hidden
PASS (HKLM-x32\...\com.showitfast.pass.desktop.PASS) (Version: 3.1.651 - Showitfast, Inc)
Perfect Portrait 9 (HKLM-x32\...\Perfect Portrait 9 PE) (Version: 9.0.2 - onOne Software)
ProDPI ROES (HKLM-x32\...\{19AD1340-EFEB-4FD4-AC9E-97670DA66FD4}) (Version: 2.1.0 - SoftWorks Systems, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Simply Color Lab ROES (HKLM-x32\...\{54808B14-923A-44F9-9E88-336F4269FF13}) (Version: 2.1.0 - SoftWorks Systems, Inc.)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Spyder4Pro (HKLM-x32\...\Spyder4Pro) (Version:  - )
Startwrite, Inc. Startwrite60 6.0 b53 (HKLM-x32\...\Startwrite60) (Version: 6.0 b53 - Startwrite, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 4 (HKLM-x32\...\Topaz ReMask 4) (Version: 4.0.0 - Topaz Labs, LLC)
Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.0 - Topaz Labs, LLC)
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 10.3 - Huion Animation)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - Graphics Tablet (WinUsb) USBDevice  (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Windows Driver Package - Leaf Imaging Ltd. Image  (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.)
Windows Driver Package - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Windows Driver Package - Phase One A/S (WinUSB) USBDevice  (12/03/2014 1.13.0.0) (HKLM\...\7C6570ABBEB2F08EFBC23ED7925AE72DA6167BD8) (Version: 12/03/2014 1.13.0.0 - Phase One A/S)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 12218.15 MB
Available physical RAM: 9559.01 MB
Total Virtual: 16146.15 MB
Available Virtual: 13202.51 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:905.04 GB) (Free:271.66 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:24.61 GB) (Free:2.74 GB) NTFS

========================= Users: ========================================

User accounts for \\SIPENVY

Administrator            Cassandra                DefaultAccount           
Guest                    


**** End of log ****
 



#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 21 December 2015 - 02:20 PM

warning.gifPC Booster/Tune-Up Program Warning!
"PC Booster/Tune Up" programs are part of the worst programs you can install on a system. When it comes to messing up your system (Windows), these are as worst as malware. They are completely worthless and useless to use. The worst is that they'll often take action on your system without you knowing, nor authorizing it, which could lead to your system being altered in a way you don't want it to be or even worst, a "broke" system. Every feature they provide, you can either do it natively under Windows, do it via another standalone executable (which is way easier and safer to use) or they aren't providing something you need. Here's a few examples:
  • Cleaning temporary files: TFC (standalone executable), CCleaner (installed), Cleanmgr.exe (in-built);
  • Managing start-up entries: Autoruns (standalone executable), CCleaner (installed), Task Manager and Registry (in-built);
  • Driver Updater: Not needed, all you need is to go on your manufacturer website so you'll be sure to get the right, official, working drivers for your computer or hardware;
  • Registry Cleaner/Defragger: Completely useless and also dangerous;
  • Disk Defragging: Disk Defrag (in-built), O&O Disk Defrag (installed), Defraggler (installed);
  • Powerful uninstaller: Not needed, only needed when you have to make sure a program is completely uninstalled. Revo Uninstaller have a portable version you can use;
  • "Enhanced" Task Manager: Procexp (standalone executable), Process Hacker (portable or installed);
  • "Active security": Any Antivirus and Antimalware can beat that, easily. These programs aren't made to replace Antivirus or Antimalware products and shouldn't be seen as such;
  • Repair Hard Drive issues: Simple chkdsk /r command under Windows (in-built);
Having such program installing on your system will just bloat it down and you have more chances to have issues by using them than without. These products are advertised as a program that can solve all your issues, remove every malware, speed up your computer performance over 100%, etc. The truth is that there's not a single program that can do that. First of all, these programs aren't made to remove virus and malware, leave this in the hands of Antivirus and Antimalware, period. Secondly, there's so many kind of issues under Windows that there's not a single program that can address them all. If you think that BSOD (Blue Screen of Death) issues can be solved by opening a program and clicking on a "Fix" button, then I'm sorry to tell you but, you're wrong. Also, you cannot boost the performance of a hardware over it's hardware capabilities. Of course you can overclock some components, like your CPU, RAM and GPU, but these aren't done via these programs, but via your BIOS interface. I could recommend you a program for every feature these programs advertise, and also tell you exactly in detail why most of them are completely useless, such as Registry cleaner (dangerous to use), and driver updater (dangerous to use, and also completely useless, it'll not improve your system performance). In the end, buying such programs is the exact same as being scammed (because this is what it is, a pure scam) and using one of these programs will result you in having a system less performant than prior to using it.

Relevant articles if you want to read more about PC Boosters/Optimizers and why they are useless:Uninstall the following programs please:
  • AVG PC TuneUp;
  • AVG Web TuneUp;
  • Bonjour;
  • Java 8 Update 60 - Outdated and vulnerable, or at least, update it;
Also, were you using ESET prior to using AVG? If so, how did you uninstall it?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 SIPphotog

SIPphotog
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  

Posted 21 December 2015 - 02:28 PM

Ok that makes sense, ty, I am uninstalling these items now as instructed. I did run ESET online scan once and instructed it to remove the software after scan.

 

After these are removed, is there anything else I need to do?



#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 21 December 2015 - 02:32 PM

Yes, follow the instructions below please.
  • On Windows Vista & 7, click on the Windows Start Menu, then enter cmd in the search box, right-click on the cmd icon and select Spcusrh.pngRun as Administrator
  • On Windows 8, drag your cursor in the bottom-left corner, and right-click on the metro menu preview, then select Command Prompt (Admin);
  • On Windows 8.1, right click on the Windows logo in the bottom-left corner and select Command Prompt (Admin);
  • Enter the command below and press on Enter;
    sc delete eapihdrv
  • Let me know what message is being returned after;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 SIPphotog

SIPphotog
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  

Posted 21 December 2015 - 02:35 PM

Message: OPEN SERVICE FAILED 1060:

 

The specified service does not exist as an installed service



#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 21 December 2015 - 02:40 PM

Weird, follow the instructions below please.

3DPGbxe.pngTemp File Cleaner (TFC)
  • Download Temp File Cleaner (TFC) and move it to your Desktop;
  • Right-click on TFC.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Simply click on Start to launch the clean-up and wait until it completes;
    s5yB2E8.png
  • Depending on which processes are running, all your programs will be closed and explorer.exe (your Windows shell) will be killed, it will however be relaunched shortly after so do not panic;
  • There's no log to give for this tool;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 SIPphotog

SIPphotog
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  

Posted 21 December 2015 - 03:00 PM

Finished 😊 Ready for the next step!

#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 21 December 2015 - 03:06 PM

Can you run MiniToolBox again, but this time only check List Last 10 Event Viewer Errors and give me the log? :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 SIPphotog

SIPphotog
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  

Posted 21 December 2015 - 03:07 PM

Here you go!

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Cassandra (administrator) on 21-12-2015 at 12:06:54
Running from "C:\Users\Cassandra\Desktop"
Microsoft Windows 10 Home  (X64)
Model: HP ENVY m7 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/21/2015 12:06:53 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x27b8
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5

Error: (12/21/2015 12:06:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.10586.0, time stamp: 0x5632d7e0
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x0000000000025265
Faulting process id: 0x1a44
Faulting application start time: 0xRuntimeBroker.exe0
Faulting application path: RuntimeBroker.exe1
Faulting module path: RuntimeBroker.exe2
Report Id: RuntimeBroker.exe3
Faulting package full name: RuntimeBroker.exe4
Faulting package-relative application ID: RuntimeBroker.exe5

Error: (12/21/2015 12:06:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.0.2123, time stamp: 0x566f6bfe
Faulting module name: KERNELBASE.dll, version: 10.0.10586.0, time stamp: 0x5632da1c
Exception code: 0x000006be
Fault offset: 0x000bd8a8
Faulting process id: 0xa6c
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (12/21/2015 12:06:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x478
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5

Error: (12/21/2015 12:06:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.0.2123, time stamp: 0x566f6bfe
Faulting module name: KERNELBASE.dll, version: 10.0.10586.0, time stamp: 0x5632da1c
Exception code: 0x000006be
Fault offset: 0x000bd8a8
Faulting process id: 0x1a8c
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (12/21/2015 12:06:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0xe74
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5

Error: (12/21/2015 12:06:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.0.2123, time stamp: 0x566f6bfe
Faulting module name: KERNELBASE.dll, version: 10.0.10586.0, time stamp: 0x5632da1c
Exception code: 0x000006be
Fault offset: 0x000bd8a8
Faulting process id: 0x1d64
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (12/21/2015 12:06:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x658
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5

Error: (12/21/2015 12:06:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.0.2123, time stamp: 0x566f6bfe
Faulting module name: KERNELBASE.dll, version: 10.0.10586.0, time stamp: 0x5632da1c
Exception code: 0x000006be
Fault offset: 0x000bd8a8
Faulting process id: 0x7d8
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (12/21/2015 12:06:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc_8533b, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000409
Fault offset: 0x000000000002114b
Faulting process id: 0x1e9c
Faulting application start time: 0xsvchost.exe_UserDataSvc_8533b0
Faulting application path: svchost.exe_UserDataSvc_8533b1
Faulting module path: svchost.exe_UserDataSvc_8533b2
Report Id: svchost.exe_UserDataSvc_8533b3
Faulting package full name: svchost.exe_UserDataSvc_8533b4
Faulting package-relative application ID: svchost.exe_UserDataSvc_8533b5


System errors:
=============
Error: (12/21/2015 12:06:46 PM) (Source: Service Control Manager) (User: )
Description: The User Data Access_8533b service terminated unexpectedly.  It has done this 247 time(s).

Error: (12/21/2015 12:06:46 PM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_8533b service terminated unexpectedly.  It has done this 247 time(s).

Error: (12/21/2015 12:06:46 PM) (Source: Service Control Manager) (User: )
Description: The Contact Data_8533b service terminated unexpectedly.  It has done this 247 time(s).

Error: (12/21/2015 12:06:41 PM) (Source: Service Control Manager) (User: )
Description: The User Data Access_8533b service terminated unexpectedly.  It has done this 246 time(s).

Error: (12/21/2015 12:06:41 PM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_8533b service terminated unexpectedly.  It has done this 246 time(s).

Error: (12/21/2015 12:06:41 PM) (Source: Service Control Manager) (User: )
Description: The Contact Data_8533b service terminated unexpectedly.  It has done this 246 time(s).

Error: (12/21/2015 12:06:36 PM) (Source: Service Control Manager) (User: )
Description: The User Data Access_8533b service terminated unexpectedly.  It has done this 245 time(s).

Error: (12/21/2015 12:06:36 PM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_8533b service terminated unexpectedly.  It has done this 245 time(s).

Error: (12/21/2015 12:06:36 PM) (Source: Service Control Manager) (User: )
Description: The Contact Data_8533b service terminated unexpectedly.  It has done this 245 time(s).

Error: (12/21/2015 12:06:30 PM) (Source: Service Control Manager) (User: )
Description: The User Data Access_8533b service terminated unexpectedly.  It has done this 244 time(s).


Microsoft Office Sessions:
=========================
Error: (12/21/2015 12:06:55 PM) (Source: Application Error)(User: )
Description: SkypeHost.exe10.1.0.2123566f6bfeKERNELBASE.dll10.0.10586.05632da1c000006be000bd8a81aac01d13c2b20935105C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll0424b400-2737-402d-b8b9-91b1f83220f9Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (12/21/2015 12:06:53 PM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114b27b801d13c2b22c806c0C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllf2a92bb6-82f3-44e8-b108-cc71f0578047

Error: (12/21/2015 12:06:50 PM) (Source: Application Error)(User: )
Description: RuntimeBroker.exe10.0.10586.05632d7e0ntdll.dll10.0.10586.2056540c3bc000040900000000000252651a4401d13c2ac2f2ac1bC:\Windows\System32\RuntimeBroker.exeC:\WINDOWS\SYSTEM32\ntdll.dll4494fc56-52fe-4082-b154-ff3c6838dc46

Error: (12/21/2015 12:06:46 PM) (Source: Application Error)(User: )
Description: SkypeHost.exe10.1.0.2123566f6bfeKERNELBASE.dll10.0.10586.05632da1c000006be000bd8a8a6c01d13c2b1d5ea46fC:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dlla4574fbe-e672-46a5-a2a8-22509924b353Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (12/21/2015 12:06:45 PM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114b47801d13c2b1df4fe36C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllf16fcf27-5d5a-467e-b615-a0271cbd7986

Error: (12/21/2015 12:06:41 PM) (Source: Application Error)(User: )
Description: SkypeHost.exe10.1.0.2123566f6bfeKERNELBASE.dll10.0.10586.05632da1c000006be000bd8a81a8c01d13c2b1a315339C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll6d864344-67e5-4c88-bdfe-4fd7ca05dd82Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (12/21/2015 12:06:40 PM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114be7401d13c2b1ac3a2e0C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll3b7304d9-3c99-49c7-9219-f97a4d9c0437

Error: (12/21/2015 12:06:36 PM) (Source: Application Error)(User: )
Description: SkypeHost.exe10.1.0.2123566f6bfeKERNELBASE.dll10.0.10586.05632da1c000006be000bd8a81d6401d13c2b16f218a1C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll552819ca-7ee9-48de-b5ab-df1ed19e433cMicrosoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (12/21/2015 12:06:35 PM) (Source: Application Error)(User: )
Description: svchost.exe_UserDataSvc_8533b10.0.10586.05632d7bantdll.dll10.0.10586.2056540c3bc0000409000000000002114b65801d13c2b17856e89C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll1fcd96ea-a80f-47b6-b780-8e48eac071fb

Error: (12/21/2015 12:06:30 PM) (Source: Application Error)(User: )
Description: SkypeHost.exe10.1.0.2123566f6bfeKERNELBASE.dll10.0.10586.05632da1c000006be000bd8a87d801d13c2b134fd2d4C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dlle64b939b-162a-4fd1-967f-d7543031ed4aMicrosoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


CodeIntegrity Errors:
===================================
  Date: 2015-12-21 11:28:13.966
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-21 11:28:13.959
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-21 11:24:10.248
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-21 11:24:10.242
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-21 11:24:09.797
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-21 11:24:09.774
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 12:08:23.348
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 12:08:23.337
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 11:31:43.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 11:31:43.799
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


**** End of log ****
 



#13 SIPphotog

SIPphotog
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  

Posted 21 December 2015 - 04:30 PM

Anything else I need to do?



#14 SIPphotog

SIPphotog
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  

Posted 21 December 2015 - 06:31 PM

And now it's getting hung up on restart after trying to update my graphics driver, but the nvidia panel wasn't opening so I restarted its on the blue restarting screen for ten minutes now. Please help!

#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 22 December 2015 - 07:53 AM

Sorry, I wasn't home yesterday evening. Are you still stuck in a BSOD loop?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users