Ran by User at 2015-05-30 11:54:06
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1449054458-2187534261-164310294-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1449054458-2187534261-164310294-501 - Limited - Disabled)
User (S-1-5-21-1449054458-2187534261-164310294-1001 - Administrator - Enabled) => C:\Users\User
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
CNN (HKU\S-1-5-21-1449054458-2187534261-164310294-1001\...\Pokki_2cfdebb7887674bd04dd5349dc8a88e1ca584135) (Version: 1.0.2.45040 - Pokki)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
DC++ 0.851 (HKLM-x32\...\DC++) (Version: 0.851 - Jacek Sieka)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.6.4 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.19 - Dropbox, Inc.) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.7 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Host App Service (HKU\S-1-5-21-1449054458-2187534261-164310294-1001\...\Pokki) (Version: 0.269.7.660 - Pokki)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.5.1000 - Intel Corporation)
IP Messenger for Win (HKLM\...\IPMSG for Win32) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.531.1 - Vimicro)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.25.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.2.4000 - Maxthon International Limited)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1529 - McAfee, Inc.)
Microsoft Office 365 Home Premium - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1449054458-2187534261-164310294-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
Nitro Pro 8 (HKLM\...\{6E7DFD3E-2E89-4F35-B4F2-D3301A4AD190}) (Version: 8.5.6.5 - Nitro)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
Start Menu (HKU\S-1-5-21-1449054458-2187534261-164310294-1001\...\Pokki_Start_Menu) (Version: 0.269.7.660 - Pokki)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Zoomumba (HKU\S-1-5-21-1449054458-2187534261-164310294-1001\...\Pokki_fb143c84656e8d30faf9d30d8dc069921acf5bdc) (Version: 1.1.1.53290 - Pokki)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1449054458-2187534261-164310294-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1449054458-2187534261-164310294-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1449054458-2187534261-164310294-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1449054458-2187534261-164310294-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 18:55 - 2013-08-22 18:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02874CF4-FFE4-4C61-ADA1-F9D5BEB1F29D} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {072EA091-7EC1-4737-8ABA-2CF1A2444412} - System32\Tasks\{5165102C-E3AC-41CD-A9CC-06434CCD73ED} => pcalua.exe -a "G:\Xilinx WebPACK_SFD_92i [REDHAWK]\setup.exe" -d "G:\Xilinx WebPACK_SFD_92i [REDHAWK]"
Task: {0F229FDE-63D2-411E-B9FA-BB3532E77E56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.)
Task: {0FFB3E92-34C6-4D97-8F04-7A8C9317D742} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-27] (Microsoft Corporation)
Task: {3514F77F-BB25-4731-9E45-78C2FF26418D} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-08-01] (Maxthon International ltd.)
Task: {3CC0AE2C-A512-4D79-A383-9848497FB528} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.)
Task: {4C0F567D-1488-4570-A79A-0B69D7C4A49F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-05-28] (Dropbox, Inc.)
Task: {4D4090AF-EBC5-473A-B298-ED5351673FFA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-28] (Avast Software s.r.o.)
Task: {56BB8261-476C-4C0F-9F39-B09ACFD13946} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-12-07] (Microsoft Corporation)
Task: {6174C0C7-C36D-4228-8C33-F624511F9C68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {7DE13BDB-3B69-435F-9534-2585DE47B0A4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-30] (Microsoft Corporation)
Task: {8DF83ADD-CCDD-4A3A-A9F8-46EE42ECC139} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {B2589F43-CF14-44AD-922B-E116DF9F97E9} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {D405861B-D675-4AC4-8D22-F48705A52DC9} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe [2013-08-06] ()
Task: {F0E26D31-2C4A-48FB-BFB3-8599D3C2AC37} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-05-28] (Dropbox, Inc.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-27 22:33 - 2012-11-24 17:13 - 00373312 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2015-05-27 22:33 - 2012-12-07 07:04 - 00513616 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2015-05-27 22:33 - 2012-12-07 07:05 - 00607312 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-03-03 18:21 - 2014-03-03 18:21 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-03-03 18:21 - 2014-03-03 18:21 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2015-05-27 22:40 - 2015-05-27 22:40 - 06522944 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-07 15:18 - 2013-09-07 15:18 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 15:15 - 2013-09-07 15:15 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 15:22 - 2013-09-07 15:22 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-05-28 10:02 - 2015-05-28 10:02 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-28 10:02 - 2015-05-28 10:02 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-30 08:37 - 2015-05-30 08:37 - 02950656 _____ () C:\Program Files\AVAST Software\Avast\defs\15052901\algo.dll
2015-05-27 06:38 - 2015-05-23 01:52 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-27 06:38 - 2015-05-23 01:52 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-05-28 10:02 - 2015-05-28 10:02 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-03 17:51 - 2013-08-09 01:55 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-29 01:45 - 2015-04-29 01:45 - 00569856 _____ () C:\Users\User\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-04-29 01:45 - 2015-04-29 01:45 - 01400846 _____ () C:\Users\User\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-04-29 01:45 - 2015-04-29 01:45 - 00151054 _____ () C:\Users\User\AppData\Local\Pokki\Engine\avutil-51.dll
2015-04-29 01:45 - 2015-04-29 01:45 - 00222734 _____ () C:\Users\User\AppData\Local\Pokki\Engine\avformat-54.dll
2015-04-29 01:45 - 2015-04-29 01:45 - 00716288 _____ () C:\Users\User\AppData\Local\Pokki\Engine\libglesv2.dll
2015-04-29 01:45 - 2015-04-29 01:45 - 00130048 _____ () C:\Users\User\AppData\Local\Pokki\Engine\libegl.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 34089120 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 20722336 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00322208 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2015-05-27 22:33 - 2015-05-27 22:33 - 00312896 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2015-05-27 22:33 - 2015-05-27 22:33 - 00354368 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\c2r32.dll
2015-05-27 22:34 - 2015-05-27 22:39 - 01286256 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\PPRESOURCES.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\User\OneDrive:ms-properties
AlternateDataStreams: C:\Users\User\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1449054458-2187534261-164310294-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\1971_venkateswara-wallpaper-hd-13.jpg
DNS Servers: 172.22.2.2 - 8.8.8.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{27EAC5FA-1C7B-4032-9975-29FBA4835AB5}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{680C2BA5-0457-47C7-85D2-13EBE16D068D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{A704DDC5-7577-468D-B0BA-30DD4B8A4402}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{F31A830A-77E4-494A-8016-321B8D34AED2}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{ED338E4B-EB0F-478F-945B-16C038E9985F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{751964C8-8AAF-426D-A0AD-6A5BB8DBCBF5}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{A636A325-16F7-428A-9663-3F7972937E6D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{900F2932-9F32-4077-9E32-1DDF8B990CC5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{0E9B43A0-B759-45C9-A601-F0CE9990F1D4}] => (Allow) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{F76010EE-937D-44FA-BB9A-AFFA1DDFC8E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DBA6A3B3-6E7F-4735-80F4-AC03DF4C8BC7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E4936FA-4131-48F6-B65E-E93A7A773087}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{638C5FED-D444-46B4-B34F-DF84D0EC0E28}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{360C8F2F-CD78-4ABF-B051-D1FA4D1F7726}C:\program files\ipmsg\ipmsg.exe] => (Allow) C:\program files\ipmsg\ipmsg.exe
FirewallRules: [UDP Query User{FFB651A7-0E4F-412A-B00B-950AB1D0850D}C:\program files\ipmsg\ipmsg.exe] => (Allow) C:\program files\ipmsg\ipmsg.exe
FirewallRules: [{58B06A29-91B8-4867-A053-64A12B4B083A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/30/2015 11:44:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.16384, time stamp: 0x5215d806
Exception code: 0xc000027b
Fault offset: 0x0000000000056960
Faulting process id: 0x1d20
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
Error: (05/30/2015 11:14:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.16384, time stamp: 0x5215d806
Exception code: 0xc000027b
Fault offset: 0x0000000000056960
Faulting process id: 0x233c
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
Error: (05/30/2015 10:31:35 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 10:31:35 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 10:28:01 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 10:26:19 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 09:57:14 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 09:57:13 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 09:57:10 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 09:46:31 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
System errors:
=============
Error: (05/30/2015 10:16:47 AM) (Source: DCOM) (EventID: 10016) (User: KRISHNA-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}KRISHNA-PCUserS-1-5-21-1449054458-2187534261-164310294-1001LocalHost (Using LRPC)Farlex.581429F59E1D8_2.1.0.18_x64__wyegy4e46y996S-1-15-2-1267739591-1137297291-83386112-1979864472-959024908-3354412519-3889419757
Error: (05/30/2015 09:52:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
Error: (05/30/2015 09:47:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Boot Delay Start Service service failed to start due to the following error:
%%1053
Error: (05/30/2015 09:47:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Boot Delay Start Service service to connect.
Error: (05/30/2015 09:47:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
Error: (05/30/2015 09:47:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Anti-Spam Service service failed to start due to the following error:
%%1053
Error: (05/30/2015 09:47:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Anti-Spam Service service to connect.
Error: (05/30/2015 09:47:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Proxy Service service failed to start due to the following error:
%%1053
Error: (05/30/2015 09:47:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Proxy Service service to connect.
Error: (05/30/2015 09:47:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Personal Firewall Service service failed to start due to the following error:
%%1053
Microsoft Office:
=========================
Error: (05/30/2015 11:44:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.163845215d806c000027b00000000000569601d2001d09a9fc2813cdcC:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll1770a148-0693-11e5-8259-28e3476de9d9WAGmob.KeyboardShortcutsforMSOffice2013-simpleNeas_1.5.0.0_neutral__cjas0z9z8ytxmApp
Error: (05/30/2015 11:14:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.163845215d806c000027b0000000000056960233c01d09a9b21e422c1C:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dlldfd3bcbc-068e-11e5-8259-28e3476de9d9WAGmob.KeyboardShortcutsforMSOffice2013-simpleNeas_1.5.0.0_neutral__cjas0z9z8ytxmApp
Error: (05/30/2015 10:31:35 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 10:31:35 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 10:28:01 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 10:26:19 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 09:57:14 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 09:57:13 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 09:57:10 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (05/30/2015 09:46:31 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz
Percentage of memory in use: 74%
Total physical RAM: 3997.04 MB
Available physical RAM: 1032.87 MB
Total Pagefile: 5510.63 MB
Available Pagefile: 1491.02 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:214.69 GB) (Free:106.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (AntiTankHelicopt) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: (General) (Fixed) (Total:112.3 GB) (Free:33.82 GB) NTFS
Drive h: (Education) (Fixed) (Total:104.1 GB) (Free:46.01 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CF0A95A8)
Partition: GPT Partition Type.
==================== End of log ============================