Vino's Event Viewer v01c run on Windows 2008 in English Report run at 29/01/2018 15:13:59 Note: All dates below are in the format dd/mm/yyyy ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 'Application' Log - Critical Type ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 'Application' Log - Error Type ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Log: 'Application' Date/Time: 29/01/2018 14:58:48 Type: Error Category: 0 Event: 10 Source: Microsoft-Windows-WMI Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Log: 'Application' Date/Time: 29/01/2018 14:41:55 Type: Error Category: 0 Event: 10 Source: Microsoft-Windows-WMI Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 'Application' Log - Warning Type ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Log: 'Application' Date/Time: 29/01/2018 14:57:09 Type: Warning Category: 0 Event: 1530 Source: Microsoft-Windows-User Profiles Service Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-3088101763-2072606618-2741787397-1000: Process 1284 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 1284 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 1284 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 584 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 1284 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome Log: 'Application' Date/Time: 29/01/2018 14:40:07 Type: Warning Category: 0 Event: 1530 Source: Microsoft-Windows-User Profiles Service Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 18 user registry handles leaked from \Registry\User\S-1-5-21-3088101763-2072606618-2741787397-1000: Process 1336 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 1336 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 1336 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 560 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000 Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Microsoft\SystemCertificates\Disallowed Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Microsoft\SystemCertificates\Root Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Microsoft\SystemCertificates\trust Process 1080 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Microsoft\SystemCertificates\My Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Microsoft\SystemCertificates\CA Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Policies\Microsoft\SystemCertificates Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Policies\Microsoft\SystemCertificates Process 2076 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Policies\Microsoft\SystemCertificates Process 1336 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3088101763-2072606618-2741787397-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome