Black Screen After Opening

N

niw

Active member
Joined
Oct 18, 2015
Posts
32
I have been experiencing black scree after logon to my desktop normally but don't experience it when I logon on safe mode.
I have ran McAfee anti virus on it without success.

Here are the information requested. Thank you for your help.

++++++++++++++++++++++++++++++++++
Results of screen317's Security Check version 1.010 --- 10/01/15
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
McAfee SiteAdvisor
Adobe Reader 10.1.14 Adobe Reader out of Date!
Mozilla Firefox (39.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````


========================================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-10-2015
Ran by Nas (administrator) on ALWAYS (20-10-2015 17:58:31)
Running from C:\Users\Nas\Desktop
Loaded Profiles: Nas (Available Profiles: Nas & Always)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser not detected!)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [562688 2015-02-11] (McAfee, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKU\S-1-5-21-3099303160-33164511-1782805088-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3099303160-33164511-1782805088-1000\...\Run: [Dropbox Update] => C:\Users\Nas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
HKU\S-1-5-21-3099303160-33164511-1782805088-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_194_ActiveX.exe [1155248 2015-06-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-3099303160-33164511-1782805088-1000\...\MountPoints2: {2f79972f-1937-11e3-b260-806e6f6e6963} - D:\Windows/TOEFL.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
Startup: C:\Users\Nas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{BF27FCA5-014B-47D3-B320-777515F45EDA}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3099303160-33164511-1782805088-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://google.com/
HKU\S-1-5-21-3099303160-33164511-1782805088-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3099303160-33164511-1782805088-1000 -> DefaultScope {9B45E13F-6902-46CA-9624-F777AE1F4063} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US550D20141223&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3099303160-33164511-1782805088-1000 -> {9B45E13F-6902-46CA-9624-F777AE1F4063} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US550D20141223&p={searchTerms}
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-18] (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-18] (McAfee, Inc.)
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-18] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-18] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll [2015-03-03] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Nas\AppData\Roaming\Mozilla\Firefox\Profiles\c857l5bp.default
FF Homepage: hxxps://google.com/
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-02-16]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2014-12-23] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-03-12] [not signed]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-23] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MFA9208BC-B715-4485-A19C-689DB6A293F7&SearchSource=55&CUI=&UM=5&UP=SP8F7EE4EB-F348-4FA4-AECA-751AE8169DD0&SSPV=TBannersC_sp_ch
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MFA9208BC-B715-4485-A19C-689DB6A293F7&SearchSource=58&CUI=&UM=5&UP=SP8F7EE4EB-F348-4FA4-AECA-751AE8169DD0&q={searchTerms}&SSPV=TBannersC_sp_ch
CHR DefaultSearchKeyword: Default -> trovi.search
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Nas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\Nas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-03-05]
CHR Extension: (Bookmark Manager) - C:\Users\Nas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Nas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2014-12-23]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [132160 2015-07-03] (McAfee, Inc.)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [690408 2015-03-03] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [476680 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [196600 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [334576 2015-03-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [238288 2015-02-17] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
S2 Update Yawtix; "C:\Program Files\Yawtix\updateYawtix.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61848 2015-02-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [304928 2015-02-17] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [260248 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [82800 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [371648 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [648552 2015-02-17] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [380496 2015-01-16] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80760 2015-01-16] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [217584 2015-02-17] (McAfee, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-20 17:58 - 2015-10-20 17:59 - 00013891 _____ C:\Users\Nas\Desktop\FRST.txt
2015-10-20 17:57 - 2015-10-20 17:58 - 00000000 ____D C:\FRST
2015-10-20 17:57 - 2015-10-20 17:57 - 01700864 _____ (Farbar) C:\Users\Nas\Desktop\FRST.exe
2015-10-20 17:57 - 2015-10-20 17:57 - 00000000 ____D C:\Users\Nas\Desktop\FRST-OlderVersion
2015-10-20 17:57 - 2006-12-12 10:01 - 00155648 _____ (Intel Corporation) C:\Windows\system32\igfxres.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-20 17:23 - 2006-11-02 09:01 - 00032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-20 17:23 - 2006-11-02 09:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-18 18:44 - 2006-11-02 09:00 - 00170944 _____ C:\Windows\PFRO.log
==================== Files in the root of some directories =======
2013-09-09 03:17 - 2015-07-18 19:05 - 0000680 _____ () C:\Users\Nas\AppData\Local\d3d9caps.dat
2014-12-23 21:47 - 2015-05-26 21:23 - 0009216 _____ () C:\Users\Nas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-16 21:45 - 2015-07-16 21:45 - 0000000 _____ () C:\Users\Nas\AppData\Local\{62966729-87EC-40C5-B6A9-6345427FBF4F}
2013-09-14 14:18 - 2013-09-14 14:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-02-06 20:05 - 2015-03-03 21:21 - 0000590 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Some files in TEMP:
====================
C:\Users\Nas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpd0vkhj.dll
C:\Users\Nas\AppData\Local\Temp\GUR6F74.exe

==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-20 17:39
==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x86) Version:18-10-2015
Ran by Nas (2015-10-20 18:00:30)
Running from C:\Users\Nas\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2013-09-09 10:10:22)
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Accounts: =============================
Always (S-1-5-21-3099303160-33164511-1782805088-1002 - Limited - Enabled) => C:\Users\Always
Nas (S-1-5-21-3099303160-33164511-1782805088-1000 - Administrator - Enabled) => C:\Users\Nas
XXAdministrator (S-1-5-21-3099303160-33164511-1782805088-500 - Administrator - Disabled)
XXGuest (S-1-5-21-3099303160-33164511-1782805088-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Dropbox (HKU\S-1-5-21-3099303160-33164511-1782805088-1000\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Google Drive (HKLM\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Basic Device Software (HKLM\...\{90BBACD9-526F-4AD5-8B92-80BB5F5E1A6D}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Help (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
LibreOffice 4.4.3.2 (HKLM\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
McAfee Internet Security (HKLM\...\MSC) (Version: 14.0.339 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.252 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Nas\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Nas\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Nas\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Nas\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Nas\AppData\Local\Dropbox\Update\1.3.27.29\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Nas\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099303160-33164511-1782805088-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Nas\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll (Dropbox, Inc.)
==================== Restore Points =========================
05-07-2015 15:50:03 Windows Update
07-07-2015 18:37:13 Scheduled Checkpoint
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {159A8032-513E-4FC3-8829-E5A2CC6567F8} - System32\Tasks\User_Feed_Synchronization-{C1CBC675-E8C5-4910-A515-D8AE5CC14484}
Task: {22C02660-04A5-42D1-AEA8-9B76AA1AC914} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3099303160-33164511-1782805088-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {3FF2079F-75F8-4C20-ABA9-D2C46313A2D1} - System32\Tasks\GoogleUpdateTaskMachineUA1cfeab424b2bc60 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-12] (Google Inc.)
Task: {4B2E45A2-D201-4496-96EB-2C07CF1B5B89} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3099303160-33164511-1782805088-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {52AF741A-5FE4-4CC2-94B4-BF75799CECEF} - System32\Tasks\{3D276E52-E319-4CBA-8A68-1116321D0B5E} => pcalua.exe -a C:\Users\Nas\Desktop\CM-143947-Symantec_Endpoint_Protection_12.1_RU1_Part1_Installation_EN.exe -d C:\Users\Nas\Desktop
Task: {5FFFEF34-687E-43C7-A7EE-0580CEB357F2} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6b22a922259d => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-12] (Google Inc.)
Task: {7078BC34-1839-4F63-A3A1-B594E18E46EC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3099303160-33164511-1782805088-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {74D716CF-B4ED-4761-A60E-6934383FD807} - System32\Tasks\GoogleUpdateTaskMachineUA1d0425e979b4933 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-12] (Google Inc.)
Task: {ABC0C195-F809-463A-A6B6-EF5D8300BE62} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8fe84c3aef8f => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-12] (Google Inc.)
Task: {CDE91807-6AC5-4BA2-AE5A-DE651873527D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3099303160-33164511-1782805088-1000Core => C:\Users\Nas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {DEC21B15-81C1-497D-AFED-ADC65FECB744} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3099303160-33164511-1782805088-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {F2BA0556-3ADB-4E1F-A609-4EEF3A003BE4} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3099303160-33164511-1782805088-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
Task: {F8EACBB0-6D6A-4B6E-BECF-35A9831AD383} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3099303160-33164511-1782805088-1000UA => C:\Users\Nas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {FBDA3557-CBE5-4B93-95B1-882D4BEF28FE} - System32\Tasks\GoogleUpdateTaskMachineUA1d092867eba0348 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-12] (Google Inc.)
Task: {FE69A494-B414-492B-AA95-E730AE9FA0D4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-27] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3099303160-33164511-1782805088-1000Core.job => C:\Users\Nas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3099303160-33164511-1782805088-1000UA.job => C:\Users\Nas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b22a922259d.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8fe84c3aef8f.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfeab424b2bc60.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0425e979b4933.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d092867eba0348.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2006-12-12 10:01 - 2006-12-12 10:01 - 00077824 _____ () C:\Windows\system32\hccutils.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3099303160-33164511-1782805088-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\Wallpaper\img22.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [{A10687AB-BE31-48F7-9827-9249C517AE9A}] => (Allow) LPort=80
FirewallRules: [{42845CB2-0595-46CD-AF36-E64F938F6764}] => (Allow) LPort=80
FirewallRules: [{62BF1F59-A219-4336-AE7A-0AFC62ECE813}] => (Allow) LPort=80
FirewallRules: [{14CD57D9-66B5-4078-826D-9ECF6EA3391D}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{A69C315E-69F7-4FB8-94D1-86EA3D58099D}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{502A1E60-FA0D-4A4B-B342-D555520F4C78}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0486CC0C-4A4E-48ED-AE00-7C7A09DDFBFD}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{4E0F9E05-27FF-43A0-86EC-19EC08D00CFE}] => (Allow) C:\Users\Nas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{09E8B974-59DE-4B30-BD04-5CDFD736FF78}] => (Allow) C:\Users\Nas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7681E334-F19C-4D5A-9ACC-BD00292E41DB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FAF0C659-4003-4572-B42C-37F273554F7C}] => (Allow) E:\Application\Firefox\firefox.exe
FirewallRules: [{B05F20BA-C85D-4ED4-8AFF-1AE08936483D}] => (Allow) E:\Application\Firefox\firefox.exe
FirewallRules: [TCP Query User{B9E66A9B-2CD1-4F35-A6E5-0DB704722F50}C:\users\nas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4ED75433-8623-457D-84C6-8ECC08BCD69D}C:\users\nas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nas\appdata\roaming\dropbox\bin\dropbox.exe
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (10/20/2015 05:27:08 PM) (Source: AVLogEvent) (EventID: 5010) (User: NT AUTHORITY)
Description: McShield failed to start because it is not trusted.
Error Code:a7f40905
Error: (10/20/2015 05:27:08 PM) (Source: AVLogEvent) (EventID: 5007) (User: NT AUTHORITY)
Description: Failed to load a dependant module.
Error Code:a7f42003
Error: (10/20/2015 05:26:01 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
Error: (10/20/2015 05:25:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/20/2015 05:22:08 PM) (Source: Software Licensing Service) (EventID: 1001) (User: )
Description: The Software Licensing service failed to start. hr=0x80070002, [2, 4]
Error: (10/18/2015 06:48:33 PM) (Source: AVLogEvent) (EventID: 5010) (User: NT AUTHORITY)
Description: McShield failed to start because it is not trusted.
Error Code:a7f40905
Error: (10/18/2015 06:48:33 PM) (Source: AVLogEvent) (EventID: 5007) (User: NT AUTHORITY)
Description: Failed to load a dependant module.
Error Code:a7f42003
Error: (10/18/2015 06:46:48 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
Error: (10/18/2015 06:46:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/30/2015 09:11:01 PM) (Source: Software Licensing Service) (EventID: 1001) (User: )
Description: The Software Licensing service failed to start. hr=0x80070002, [2, 4]

System errors:
=============
Error: (10/20/2015 05:29:51 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084McNaiAnn{C90134D2-4AE9-407A-919A-4A2EF09C6C51}
Error: (10/20/2015 05:29:51 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error: (10/20/2015 05:26:15 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (10/20/2015 05:26:13 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (10/20/2015 05:26:00 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (10/20/2015 05:25:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: cdrom
Wanarpv6
Error: (10/20/2015 05:25:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: McAfee Proxy ServiceMcAfee Firewall Core Service%%1068
Error: (10/20/2015 05:25:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: McAfee Personal Firewall ServiceMcAfee Firewall Core Service%%1068
Error: (10/20/2015 05:25:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: McAfee Anti-Spam ServiceMcAfee Validation Trust Protection Service%%1070
Error: (10/20/2015 05:25:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: McAfee Firewall Core ServiceMcAfee Validation Trust Protection Service%%1070

CodeIntegrity:
===================================
Date: 2014-03-04 21:10:08.743
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Nas\Documents\church_files\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-04 21:10:08.494
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Nas\Documents\church_files\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-04 21:10:08.229
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Nas\Documents\church_files\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-04 21:10:07.948
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Nas\Documents\church_files\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-12 23:26:48.687
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-12 23:26:48.531
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-12 23:26:48.375
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-12 23:26:48.203
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-12 23:26:48.016
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================
Processor: Intel(R) Pentium(R) D CPU 2.80GHz
Percentage of memory in use: 25%
Total physical RAM: 3060.7 MB
Available physical RAM: 2287.25 MB
Total Virtual: 6322.42 MB
Available Virtual: 5736.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.5 GB) (Free:7.82 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:894.26 GB) NTFS
Drive e: (E) (Fixed) (Total:232.88 GB) (Free:229.67 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 74.5 GB) (Disk ID: 37012A91)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 477FEEB0)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 03C9CDB6)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
 
Hi, Niw.

1. Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Open Notepad (Start =>All Programs => Accessories => Notepad).
  • Copy/Paste the entire contents of the code box below into Notepad.
Code: 
start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\pdf.dll => No File
CHR Plugin: (GS2 Update Yawtix; "C:\Program Files\Yawtix\updateYawtix.exe" [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
EmptyTemp:
end
  • Click Format and ensure Wordwrap is unchecked.
  • Important: Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post the log in your next reply.

Please advise of the status of your computer after running FRST.
 
The issue still persist.
Here is the log from FRST fix.

Fix result of Farbar Recovery Scan Tool (x86) Version:21-10-2015 01
Ran by Nas (2015-10-21 17:17:54) Run:1
Running from C:\Users\Nas\Desktop
Loaded Profiles: Nas (Available Profiles: Nas & Always)
Boot Mode: Safe Mode (with Networking)
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\pdf.dll => No File
CHR Plugin: (GS2 Update Yawtix; "C:\Program Files\Yawtix\updateYawtix.exe" [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
EmptyTemp:
end
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
C:\Program Files\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll => not found.
C:\Program Files\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files\Google\Chrome\Application\42.0.2311.152\pdf.dll => not found.
CHR Plugin: (GS2 Update Yawtix; "C:\Program Files\Yawtix\updateYawtix.exe" [X] => not found.
IpInIp => service removed successfully.
NwlnkFlt => service removed successfully.
NwlnkFwd => service removed successfully.
VBoxNetFlt => service removed successfully.
VMnetAdapter => service removed successfully.
EmptyTemp: => 29 GB temporary data Removed.

The system needed a reboot.
==== End of Fixlog 18:56:07 ====




Corrine said:
Hi, Niw.

1. Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Open Notepad (Start =>All Programs => Accessories => Notepad).
  • Copy/Paste the entire contents of the code box below into Notepad.
Code: 
start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\pdf.dll => No File
CHR Plugin: (GS2 Update Yawtix; "C:\Program Files\Yawtix\updateYawtix.exe" [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
EmptyTemp:
end
  • Click Format and ensure Wordwrap is unchecked.
  • Important: Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post the log in your next reply.

Please advise of the status of your computer after running FRST.
Click to expand...
 
Hi, niw.

I didn't anticipate that would fix the problem, rather it was a shot in the dark. Unlike BSODs, generally, the only fix I have seen as successful with the Black screen issue is a repair (see What are the system recovery options in Windows?). It does not appear as though any updates have been installed on this computer in some time with the last Windows Update July 5 and system restore point July 7. However, I note in your log that it appears that C:\Windows\system32\igfxres.dll was recently accessed. This provides access to the Intel video card. If you did a recent update, while in Safe Mode, access Control Panel > Device Manager > Display Adapter > Double-Click > Driver tab > click UPDATE driver > then Right-Click Device and UNINSTALL > REBOOT.
 
Thank you for the information you provided. I have not install updates because I have not been able to use the desktop since the issue started. I have uninstall one of the display adapter. The system is not showing the black screen yet however, I'm not able to install Microsoft updates... the error received indicate that the Software Licensing Service is not running. I tried to restart it but no success. It say the system could not find the file. I am able to see the file in the reference location (C:windows\system32\Slsvc.exe)
 
At least that is progress. You can try to automatically reset Windows Update components with the troubleshooter for Windows Vista here: How do I reset Windows Update components?. If unsuccessful, our Windows Update experts may be able to assist. To get their assistance, follow the instructions in this topic, Windows Update Forum Posting Instructions and post a new thread in the Windows Update forum.

When you get a chance, please also update Adobe Reader as it has had a number of critical security updates. Adobe Reader XI (11.0.13, Pro and Standard) for Windows is available here: Adobe - Acrobat : For Windows.

Please stop back here though and let me now how you make out. If you need to get help from the Windows Update experts, I'd like to follow along to see the results.
 
Thank you for the information. I followed the steps outline on the above link, the issue of Windows update still persist. I will create new thread in the "Windows Update" forum.
 
Thanks for letting me know. You may want to post a link back to this thread: [NO-PARSE]https://www.sysnative.com/forums/security-arena/17439-black-screen-after-opening.html#post135099 [/NO-PARSE]
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top