Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows Indexing


  • Please log in to reply

#46
A1RotNBrat

A1RotNBrat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-01-2015
Ran by Amy Martin (2016-01-08 19:19:23)
Running from C:\Users\Amy Martin\Desktop
Windows 8.1 (X64) (2014-02-04 18:02:21)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3873701136-3596577701-2754614134-500 - Administrator - Disabled)
Amy Martin (S-1-5-21-3873701136-3596577701-2754614134-1001 - Administrator - Enabled) => C:\Users\Amy Martin
Guest (S-1-5-21-3873701136-3596577701-2754614134-501 - Limited - Disabled)
Kyle Martin (S-1-5-21-3873701136-3596577701-2754614134-1002 - Limited - Enabled) => C:\Users\Kyle Martin
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky PURE 3.0 (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Amazon Music (HKU\S-1-5-21-3873701136-3596577701-2754614134-1001\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AT&T Troubleshoot & Resolve Tool (HKLM-x32\...\ATT-SST) (Version:  - )
att.net Internet Mail (HKLM-x32\...\Yahoo! Mail) (Version:  - )
att.net Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - att.net)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.37 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.37 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
Elf Bowling 7 The Last Insult (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113849380}) (Version:  - Oberon Media)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.1.32.905 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Objection Series 3.4 (HKLM-x32\...\{DBE07A91-5BEF-4CB9-B7D1-A57961E65CE7}) (Version: 3.4.0 - TransMedia)
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Reader for PC (HKLM-x32\...\{25340F94-F74E-4CCF-ABDF-ECBCF03911BE}) (Version: 2.0.00.07121 - Sony Corporation)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28146 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Rhapsody (HKLM-x32\...\Rhapsody) (Version:  - )
Sharepod 4.0.3.0 (HKLM-x32\...\{085BCFB8-F6FB-4600-AFAB-1F6DBC7F5F99}_is1) (Version:  - Macroplant LLC)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-3873701136-3596577701-2754614134-1001\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.3.11280 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.3.0.09290 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Hardware Diagnostics Plugin for VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.7.0.11070 - Sony Corporation)
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.2.00.07040 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.2.00.07040 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VCCMMx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net  (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)
Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - att.net)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3873701136-3596577701-2754614134-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01BE3FF3-E1F4-4B84-81F9-752733962A9F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {1E1B7CFE-B198-4324-9CCE-BA72862C6A19} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3873701136-3596577701-2754614134-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {2C49786A-37A0-4C7E-BFD4-8813D5E3E245} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {2EAE0E57-8A9B-415D-81D0-A06CB6868ED3} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {3CBA4B05-A759-49C8-A4D6-DB7A899A9F63} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
Task: {48C0D2DD-031A-4910-A4CA-7AECA2687F4B} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {593EABAA-AF28-4262-9EFC-B60740828613} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-07] (Sony Corporation)
Task: {69527C9F-9E54-4F80-9E1F-067D2F55BA19} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {7080228C-0426-4FC0-8B2A-C049FFC1AEB6} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {7D5AA6FB-0CC4-4173-BA09-1D67A2E283E1} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2015-11-12] (AO Kaspersky Lab)
Task: {86CF5725-3D7C-4D8E-B1BE-6DA8D73617D6} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3873701136-3596577701-2754614134-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {8A688394-4AB6-4AE9-B63B-1E077B8F87F6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
Task: {93B447B7-7F37-4801-B340-A8B5A58D088B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {9ED294BD-07EB-42D1-91A1-CBEA04FE3B57} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-11-28] (Sony Corporation)
Task: {A0CF5243-7E55-48A5-9F8A-8BDF13A914A9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)
Task: {A79253CE-AB63-4568-B4D2-076B3A24B082} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C693B03A-F491-4D35-A856-B68263BE8BEC} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {CA55E6FE-0B64-49C9-AB4F-770093A8FBDD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {D2B93E8C-6DF5-4845-BBC3-6B7765144F82} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {D8E07147-9B4B-4F0B-8CFA-05830E506F6F} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {E0D90E6A-D6EA-4375-B2FB-F96537A28232} - System32\Tasks\Sony Corporation\VAIO Care\UpdateConfig => C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe [2015-03-03] (Sony Corporation)
Task: {E171BA50-E36B-42BF-A2F5-6289006372F8} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3873701136-3596577701-2754614134-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {E4107877-4046-4D1B-A5D6-B354A77C130D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {EC18943C-993B-4998-AA02-B658D15062BA} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {ED73927A-C1D9-40EB-81DD-6A1F78BD8D19} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-27] (Synaptics Incorporated)
Task: {EFA4E260-1E57-44BA-93C3-3233611EC698} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-01] (Adobe Systems Incorporated)
Task: {F097A5CB-21DD-428F-99F8-CE8D75D7DDE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2010-01-09 21:17 - 2010-01-09 21:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 02:40 - 2010-01-21 02:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-08-29 04:07 - 2015-08-29 04:07 - 00260608 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe\Microsoft.CXE.Logging.dll
2015-03-13 05:03 - 2015-03-13 05:03 - 01782272 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\f1407bb1d381cf5dee299c4e5f0fdf9d\Windows.ApplicationModel.ni.dll
2015-04-18 05:32 - 2015-04-18 05:32 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\5c9c0b89a558d0e589c254af6b1ca238\Windows.UI.ni.dll
2015-10-20 02:57 - 2015-10-20 02:57 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\b3972424579e18e6699549ecb948c4ef\Windows.Foundation.ni.dll
2015-10-20 02:57 - 2015-10-20 02:57 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\eea3e743a58cb4d556fe113d6336020b\Windows.Storage.ni.dll
2015-03-13 05:03 - 2015-03-13 05:03 - 00467456 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\f4031c5dbdde97cb4a0c7572cc0d1f29\Windows.Graphics.ni.dll
2015-03-13 05:03 - 2015-03-13 05:03 - 00632320 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\2333488328d673bea8d60a9f2e84759c\Windows.Security.ni.dll
2015-08-16 04:42 - 2015-08-16 04:42 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\5ab6059d1e922dc371685c5207f6f7a6\Windows.System.ni.dll
2015-08-16 04:45 - 2015-08-16 04:45 - 02019840 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Devices\271d406467b9db0758ea399495d00731\Windows.Devices.ni.dll
2015-03-13 05:03 - 2015-03-13 05:03 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\84819467f44d3da49aa14236af8fcc9a\Windows.Networking.ni.dll
2015-08-16 04:45 - 2015-08-16 04:45 - 05185024 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\5b635adafd557846d0d2e3a87d132130\Windows.UI.Xaml.ni.dll
2015-08-29 04:07 - 2015-08-29 04:07 - 00924672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_1.42.1701.1_x64__8wekyb3d8bbwe\Microsoft.CXE.Transport.Background.dll
2015-10-19 02:32 - 2015-10-19 02:32 - 00751104 _____ () C:\Users\Amy Martin\AppData\Local\Packages\Microsoft.WindowsPhone_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.C90bca870#\e8bda8142225560c37ea606ba4fab7af\Microsoft.CXE.UpdateEngine.ni.dll
2015-10-20 02:57 - 2015-10-20 02:57 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\e291aa8a59dc390d0cdf99d3c6d8b6e5\Windows.Data.ni.dll
2012-12-20 17:19 - 2012-12-20 17:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 17:19 - 2012-12-20 17:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-11-26 07:33 - 2014-11-26 07:33 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2013-01-10 07:47 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-12-16 17:50 - 2015-12-10 21:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 17:50 - 2015-12-10 21:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2010-01-09 21:18 - 2010-01-09 21:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-01-10 02:05 - 2010-01-10 02:05 - 01040736 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2010-01-10 19:37 - 2010-01-10 19:37 - 00058208 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\UmOutlookStrings.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Temp:A518B662
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3873701136-3596577701-2754614134-1001\...\$talisma_url$ -> hxxps://$talisma_url$
IE trusted site: HKU\S-1-5-21-3873701136-3596577701-2754614134-1001\...\rhapsody.com -> hxxps://rhap-app-4-0.rhapsody.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3873701136-3596577701-2754614134-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Amy Martin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\saint.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "RealPlayer Cloud Service UI.lnk"
HKLM\...\StartupApproved\Run: => "ATT-SST_McciTrayApp"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKLM\...\StartupApproved\Run32: => "RealDownloader"
HKU\S-1-5-21-3873701136-3596577701-2754614134-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-3873701136-3596577701-2754614134-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-3873701136-3596577701-2754614134-1001\...\StartupApproved\Run: => "HP Photosmart 7520 series (NET)"
HKU\S-1-5-21-3873701136-3596577701-2754614134-1001\...\StartupApproved\Run: => "Amazon Music"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E4C144B4-9D8E-422C-A68B-D482598DE7CD}] => (Allow) LPort=4482
FirewallRules: [{FD752D6B-9C69-4E9E-A026-4DC907A67CA2}] => (Allow) LPort=4482
FirewallRules: [{D62373A9-8940-471C-AB82-CC8254F8612B}] => (Allow) LPort=4481
FirewallRules: [{2EC4DDC1-48E7-4FCC-9A10-7DA306955FDD}] => (Allow) LPort=4481
FirewallRules: [{23104C1D-BFE0-464B-9AEF-995DBF82380B}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{9E4DD449-3AB6-4318-A16C-FE0B6D4771A2}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{490BB81F-DDAE-40ED-91A2-6FB802F97649}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{667ED34F-14BD-4921-8D39-C929C46A0A34}] => (Allow) C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe
FirewallRules: [{127BA26E-0B3D-4149-8ABD-EB84F99DA90A}] => (Allow) C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe
FirewallRules: [{92C42162-F0EF-4825-A3FE-7C4C2FDD3C7B}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{D6DCCE41-9292-436F-90CB-90E7BA6BE06E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8985E73D-7096-41FB-B9CE-A5B9DA233CB7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C9398973-01ED-4B02-90A0-5CDE93D0E509}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{956364F8-5BB5-4C3C-A950-65322225F711}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5373F3BF-4628-49A4-9E32-72FDC7C0AFDE}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DA3F3368-BF29-4E87-977F-B0DE08A06F6F}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{D7919E6E-65BF-404A-95C7-6215CB2E81CD}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{7B60E97B-29A0-4B37-BD9B-80E3879C3B9B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C05AAB70-F3BB-4A98-BDFB-9712DFA9939F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{217BA72F-0E43-4DA4-9DBF-168297A70A47}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{BF8D2358-1522-4CE6-A1C6-CC889EDD37CD}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{B272FAE9-4E56-4312-9A4A-9005880B6FC8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{0FB98EFF-0311-4E01-A1D2-56250808EF17}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{EA6ED418-99BC-49DF-AF10-D6C090B823B0}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{D9D579AB-BFA8-48D9-BAA6-98D5B14F98AA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{CA58340C-D31B-4E81-B979-4B28172453BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4FAEB51A-539F-486A-BD30-EED4AA762556}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{19CC285D-62AA-4563-A835-CC012195FC14}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E2C5C622-0BBB-4D19-852E-4556C47BE839}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{83D86F50-2581-44CA-9883-E09DCEC43120}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BED9EA66-CE9E-43B7-959C-927F89371797}] => (Allow) C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe
FirewallRules: [{289FC03D-8057-4431-B465-376F19C0247D}] => (Allow) C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe
 
==================== Restore Points =========================
 
30-12-2015 05:18:11 Windows Update
01-01-2016 14:31:37 Restore Operation
05-01-2016 05:27:55 Windows Update
08-01-2016 08:50:45 Windows Update
08-01-2016 17:25:36 Restore Operation
 
==================== Faulty Device Manager Devices =============
 
Name: Qualcomm Atheros AR3012 Bluetooth® Adapter
Description: Qualcomm Atheros AR3012 Bluetooth® Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
Name: Avnex Virtual Audio Device
Description: Avnex Virtual Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: AVNEX Ltd.
Service: VCSVADHWSer
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/08/2016 07:06:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1508
 
Start Time: 01d14a7946c6f9ee
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe
 
Report Id: 3a45f3e3-b66d-11e5-bf81-9fba3f9fba63
 
Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
 
Faulting package-relative application ID: App
 
Error: (01/08/2016 07:00:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/08/2016 07:00:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/08/2016 07:00:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/08/2016 05:32:13 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070570.
 
Error: (01/08/2016 05:31:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTIN)
Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!windowsphone.App failed with error: -2144927145 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/08/2016 05:28:28 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070570.
 
Error: (01/08/2016 05:28:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTIN)
Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!windowsphone.App failed with error: -2144927145 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/08/2016 05:23:15 PM) (Source: System Restore) (EventID: 8200) (User: )
Description: Failed to initiate System Restore (Windows Update).
 
Error: (01/08/2016 05:21:46 PM) (Source: System Restore) (EventID: 8200) (User: )
Description: Failed to initiate System Restore (Windows Update).
 
 
System errors:
=============
Error: (01/08/2016 07:02:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
Error: (01/08/2016 05:30:33 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: A corruption was discovered in the file system structure on volume ??.
 
A corruption was found in a file system index structure.  The file reference number is 0x500000003bfc3.  The name of the file is "\Windows\System32".  The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".
 
Error: (01/08/2016 05:26:47 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
 
A corruption was found in a file system index structure.  The file reference number is 0x500000003bfc3.  The name of the file is "\Windows\System32".  The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".
 
Error: (01/08/2016 05:23:15 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (01/08/2016 05:21:46 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
 
CodeIntegrity:
===================================
  Date: 2016-01-08 17:01:27.453
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-08 15:27:50.686
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-08 07:54:38.206
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-08 07:17:46.677
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-07 20:03:58.162
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-07 18:53:04.690
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-07 13:13:35.470
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-07 10:37:47.668
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 08:15:18.755
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 07:05:15.219
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU 2020M @ 2.40GHz
Percentage of memory in use: 43%
Total physical RAM: 3975.27 MB
Available physical RAM: 2234.29 MB
Total Virtual: 5767.27 MB
Available Virtual: 3331.18 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:440.74 GB) (Free:362.81 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 792C621F)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

Advertisements


#47
A1RotNBrat

A1RotNBrat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 08/01/2016 7:36:49 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/01/2016 1:02:39 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
Log: 'System' Date/Time: 08/01/2016 11:30:33 PM
Type: Error Category: 0
Event: 55 Source: Ntfs
A corruption was discovered in the file system structure on volume ??.  A corruption was found in a file system index structure.  The file reference number is 0x500000003bfc3.  The name of the file is "\Windows\System32".  The corrupted index attribute is ":$I30:$INDEX_ALLOCATION". 
 
Log: 'System' Date/Time: 08/01/2016 11:26:47 PM
Type: Error Category: 0
Event: 55 Source: Ntfs
A corruption was discovered in the file system structure on volume ??.  A corruption was found in a file system index structure.  The file reference number is 0x500000003bfc3.  The name of the file is "\Windows\System32".  The corrupted index attribute is ":$I30:$INDEX_ALLOCATION". 
 
Log: 'System' Date/Time: 08/01/2016 11:23:15 PM
Type: Error Category: 0
Event: 55 Source: Ntfs
A corruption was discovered in the file system structure on volume ??.  The exact nature of the corruption is unknown.  The file system structures need to be scanned online. 
 
Log: 'System' Date/Time: 08/01/2016 11:21:46 PM
Type: Error Category: 0
Event: 55 Source: Ntfs
A corruption was discovered in the file system structure on volume ??.  The exact nature of the corruption is unknown.  The file system structures need to be scanned online. 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/01/2016 1:26:33 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BtFilter failed to load for the device USB\VID_0489&PID_E036\Alaska_Day_2006.
 
Log: 'System' Date/Time: 09/01/2016 1:26:32 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device USB\VID_0BB4&PID_0BAD&MI_00\6&540db0c&0&0000.
 
Log: 'System' Date/Time: 09/01/2016 1:00:39 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BtFilter failed to load for the device USB\VID_0489&PID_E036\Alaska_Day_2006.
 
Log: 'System' Date/Time: 08/01/2016 11:31:05 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device USB\VID_0BB4&PID_0BAD&MI_00\6&540db0c&0&0000.
 
Log: 'System' Date/Time: 08/01/2016 11:27:19 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device USB\VID_0BB4&PID_0BAD&MI_00\6&540db0c&0&0000.
 
Log: 'System' Date/Time: 08/01/2016 11:12:56 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device USB\VID_0BB4&PID_0BAD&MI_00\6&540db0c&0&0000.

  • 0

#48
A1RotNBrat

A1RotNBrat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 08/01/2016 7:38:44 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/01/2016 1:06:36 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.  Process ID: 1508  Start Time: 01d14a7946c6f9ee  Termination Time: 4294967295  Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe  Report Id: 3a45f3e3-b66d-11e5-bf81-9fba3f9fba63  Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt  Faulting package-relative application ID: App 
 
Log: 'Application' Date/Time: 09/01/2016 1:00:19 AM
Type: Error Category: 0
Event: 33 Source: SideBySide
Activation context generation failed for "C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 09/01/2016 1:00:19 AM
Type: Error Category: 0
Event: 33 Source: SideBySide
Activation context generation failed for "C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 09/01/2016 1:00:19 AM
Type: Error Category: 0
Event: 33 Source: SideBySide
Activation context generation failed for "C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 08/01/2016 11:32:13 PM
Type: Error Category: 0
Event: 8210 Source: System Restore
An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070570.
 
Log: 'Application' Date/Time: 08/01/2016 11:31:50 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!windowsphone.App failed with error: The app manager is required to activate applications, but is not running. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 08/01/2016 11:28:28 PM
Type: Error Category: 0
Event: 8210 Source: System Restore
An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070570.
 
Log: 'Application' Date/Time: 08/01/2016 11:28:10 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!windowsphone.App failed with error: The app manager is required to activate applications, but is not running. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 08/01/2016 11:23:15 PM
Type: Error Category: 0
Event: 8200 Source: System Restore
Failed to initiate System Restore (Windows Update).
 
Log: 'Application' Date/Time: 08/01/2016 11:21:46 PM
Type: Error Category: 0
Event: 8200 Source: System Restore
Failed to initiate System Restore (Windows Update).
 
Log: 'Application' Date/Time: 08/01/2016 11:13:33 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!windowsphone.App failed with error: The app manager is required to activate applications, but is not running. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/01/2016 12:30:28 AM
Type: Warning Category: 3
Event: 472 Source: ESENT
LiveComm (3736) C:\Users\Amy Martin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\e4181f4d799caa52\120712-0049\: The shadow header page of file C:\Users\Amy Martin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\e4181f4d799caa52\120712-0049\DBStore\edb.chk was damaged. The primary header page (4096 bytes) was used instead.

  • 0

#49
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

I'm seeing corruption again.  Run the Memory test

 

http://support.rm.co...cref=TEC3222505

 

and see if that passes then do the disk check again.


  • 0

#50
A1RotNBrat

A1RotNBrat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Memory test was fine and so was disk check. checkdisk.png


Edited by A1RotNBrat, 08 January 2016 - 08:24 PM.

  • 0

#51
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Open Device manager 

 

http://clientportal....-device-manager

 

View, Show Hidden Devices then find 

 

 Qualcomm Atheros AR3012 Bluetooth® Adapter (Maybe under Network Adapters.  Should have a yellow flag)
 
&
 
 Avnex Virtual Audio Device (Probably under Sound, Video and Game Controller.
 
Right click and Disable
 
Are there any other yellow flagged items?
 
The other errors we see are from the new Metro page (all of the big squares when you first boot up).  You have two Apps which are not happy.  Facebook and Windows Phone.  See if you uninstall them.
 
  1. On the Start screen, press and hold or right-click the app tile.
  2. Tap or click Uninstall

Then clear the alarms, reboot and run vew for both System and Applications.

 

 
 

  • 0

#52
A1RotNBrat

A1RotNBrat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Got bluetooth and Avnex disabled.  The only one that had a yellow flag was Avnex.  It gave the option to uninstall it when it right clicked to disable it.  Should I uninstall it? I am going to the next steps now and will post the VEW logs shortly.


  • 0

#53
A1RotNBrat

A1RotNBrat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 09/01/2016 8:49:59 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/01/2016 2:48:25 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Windows Search service terminated unexpectedly.  It has done this 8 time(s).
 
Log: 'System' Date/Time: 09/01/2016 2:48:15 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 09/01/2016 2:46:15 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Windows Search service terminated unexpectedly.  It has done this 7 time(s).
 
Log: 'System' Date/Time: 09/01/2016 2:46:08 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 09/01/2016 2:44:08 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Windows Search service terminated unexpectedly.  It has done this 6 time(s).
 
Log: 'System' Date/Time: 09/01/2016 2:44:00 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 09/01/2016 2:42:00 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Windows Search service terminated unexpectedly.  It has done this 5 time(s).
 
Log: 'System' Date/Time: 09/01/2016 2:41:51 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Windows Search service terminated unexpectedly.  It has done this 4 time(s).
 
Log: 'System' Date/Time: 09/01/2016 2:39:32 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Windows Search service terminated unexpectedly.  It has done this 3 time(s).
 
Log: 'System' Date/Time: 09/01/2016 2:38:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Search service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 09/01/2016 2:38:15 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 09/01/2016 2:33:51 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 09/01/2016 2:33:51 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {4545DEA0-2DFC-4906-A728-6D986BA399A9} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 09/01/2016 2:33:51 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {4545DEA0-2DFC-4906-A728-6D986BA399A9} did not register with DCOM within the required timeout.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/01/2016 2:34:07 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
 
Log: 'System' Date/Time: 09/01/2016 2:34:06 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

  • 0

#54
A1RotNBrat

A1RotNBrat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 09/01/2016 8:51:24 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/01/2016 2:50:32 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SearchIndexer.exe, version: 7.0.9600.17787, time stamp: 0x551b6346 Faulting module name: msvcrt.dll, version: 7.0.9600.17415, time stamp: 0x545055fe Exception code: 0xc00000fd Fault offset: 0x00000000000022de Faulting process id: 0x16f0 Faulting application start time: 0x01d14aed12a86ece Faulting application path: C:\WINDOWS\system32\SearchIndexer.exe Faulting module path: C:\WINDOWS\system32\msvcrt.dll Report Id: 54c45229-b6e0-11e5-bf84-ea0eec033faf Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 09/01/2016 2:48:24 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SearchIndexer.exe, version: 7.0.9600.17787, time stamp: 0x551b6346 Faulting module name: msvcrt.dll, version: 7.0.9600.17415, time stamp: 0x545055fe Exception code: 0xc00000fd Fault offset: 0x00000000000022a3 Faulting process id: 0x13d8 Faulting application start time: 0x01d14aecc51b3b28 Faulting application path: C:\WINDOWS\system32\SearchIndexer.exe Faulting module path: C:\WINDOWS\system32\msvcrt.dll Report Id: 08b8aaf7-b6e0-11e5-bf84-ea0eec033faf Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 09/01/2016 2:46:14 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SearchIndexer.exe, version: 7.0.9600.17787, time stamp: 0x551b6346 Faulting module name: msvcrt.dll, version: 7.0.9600.17415, time stamp: 0x545055fe Exception code: 0xc00000fd Fault offset: 0x00000000000022a3 Faulting process id: 0xc9c Faulting application start time: 0x01d14aec79f111f4 Faulting application path: C:\WINDOWS\system32\SearchIndexer.exe Faulting module path: C:\WINDOWS\system32\msvcrt.dll Report Id: bb2e480b-b6df-11e5-bf84-ea0eec033faf Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 09/01/2016 2:44:08 PM
Type: Error Category: 0
Event: 35 Source: Outlook
Failed to determine if the store is in the crawl scope (error=0x800706be).
 
Log: 'Application' Date/Time: 09/01/2016 2:44:08 PM
Type: Error Category: 0
Event: 34 Source: Outlook
Failed to get the Crawl Scope Manager with error=0x800706be.
 
Log: 'Application' Date/Time: 09/01/2016 2:44:08 PM
Type: Error Category: 0
Event: 35 Source: Outlook
Failed to determine if the store is in the crawl scope (error=0x800706be).
 
Log: 'Application' Date/Time: 09/01/2016 2:44:08 PM
Type: Error Category: 0
Event: 34 Source: Outlook
Failed to get the Crawl Scope Manager with error=0x800706be.
 
Log: 'Application' Date/Time: 09/01/2016 2:44:08 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SearchIndexer.exe, version: 7.0.9600.17787, time stamp: 0x551b6346 Faulting module name: msvcrt.dll, version: 7.0.9600.17415, time stamp: 0x545055fe Exception code: 0xc00000fd Fault offset: 0x00000000000022b7 Faulting process id: 0x173c Faulting application start time: 0x01d14aec2d9256f0 Faulting application path: C:\WINDOWS\system32\SearchIndexer.exe Faulting module path: C:\WINDOWS\system32\msvcrt.dll Report Id: 7001c293-b6df-11e5-bf84-ea0eec033faf Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 09/01/2016 2:42:00 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SearchIndexer.exe, version: 7.0.9600.17787, time stamp: 0x551b6346 Faulting module name: msvcrt.dll, version: 7.0.9600.17415, time stamp: 0x545055fe Exception code: 0xc00000fd Fault offset: 0x00000000000022a3 Faulting process id: 0x1224 Faulting application start time: 0x01d14aebe0a2c95e Faulting application path: C:\WINDOWS\system32\SearchIndexer.exe Faulting module path: C:\WINDOWS\system32\msvcrt.dll Report Id: 236ed33d-b6df-11e5-bf84-ea0eec033faf Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 09/01/2016 2:41:51 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SearchIndexer.exe, version: 7.0.9600.17787, time stamp: 0x551b6346 Faulting module name: msvcrt.dll, version: 7.0.9600.17415, time stamp: 0x545055fe Exception code: 0xc00000fd Fault offset: 0x0000000000001f4a Faulting process id: 0x63c Faulting application start time: 0x01d14aebd694a828 Faulting application path: C:\WINDOWS\system32\SearchIndexer.exe Faulting module path: C:\WINDOWS\system32\msvcrt.dll Report Id: 1e35141c-b6df-11e5-bf84-ea0eec033faf Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 09/01/2016 2:39:32 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SearchIndexer.exe, version: 7.0.9600.17787, time stamp: 0x551b6346 Faulting module name: msvcrt.dll, version: 7.0.9600.17415, time stamp: 0x545055fe Exception code: 0xc00000fd Fault offset: 0x00000000000022de Faulting process id: 0xa78 Faulting application start time: 0x01d14aeb88cb58db Faulting application path: C:\WINDOWS\system32\SearchIndexer.exe Faulting module path: C:\WINDOWS\system32\msvcrt.dll Report Id: cb3a87b1-b6de-11e5-bf84-ea0eec033faf Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 09/01/2016 2:38:54 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SearchIndexer.exe, version: 7.0.9600.17787, time stamp: 0x551b6346 Faulting module name: ntdll.dll, version: 6.3.9600.18146, time stamp: 0x5650b9bb Exception code: 0xc00000fd Fault offset: 0x0000000000030c72 Faulting process id: 0xbe4 Faulting application start time: 0x01d14aeb719a9a3d Faulting application path: C:\WINDOWS\system32\SearchIndexer.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: b4859228-b6de-11e5-bf84-ea0eec033faf Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 09/01/2016 2:38:14 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SearchIndexer.exe, version: 7.0.9600.17787, time stamp: 0x551b6346 Faulting module name: msvcrt.dll, version: 7.0.9600.17415, time stamp: 0x545055fe Exception code: 0xc00000fd Fault offset: 0x00000000000022a3 Faulting process id: 0xa54 Faulting application start time: 0x01d14aeb567948ba Faulting application path: C:\WINDOWS\system32\SearchIndexer.exe Faulting module path: C:\WINDOWS\system32\msvcrt.dll Report Id: 9d08d4c9-b6de-11e5-bf84-ea0eec033faf Faulting package full name:  Faulting package-relative application ID: 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#55
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

You can try uninstalling Avnex but if it comes back after the reboot then just disable it.

 

Appears we are back to the start with Search again.  I wonder if one of the alternative search utilities would have better luck.

 

Try one of these then go into Service.msc and set the Startup Type to Disabled for Windows Search, clear the alarms, reboot.  then check VEW.


  • 0

Advertisements


#56
A1RotNBrat

A1RotNBrat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Was there supposed to be an attachment for me to try or where to do I get an alternative search?


  • 0

#57
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Oops.  Forgot the link:
 

  • 0

#58
A1RotNBrat

A1RotNBrat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 09/01/2016 10:09:47 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/01/2016 4:05:24 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} did not register with DCOM within the required timeout.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#59
A1RotNBrat

A1RotNBrat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 09/01/2016 10:11:08 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/01/2016 4:08:33 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Explorer.EXE, version: 6.3.9600.17667, time stamp: 0x54c6f7c2 Faulting module name: ntdll.dll, version: 6.3.9600.18146, time stamp: 0x5650b9bb Exception code: 0xc0000374 Fault offset: 0x00000000000f12e0 Faulting process id: 0xb04 Faulting application start time: 0x01d14af7b9bd78a8 Faulting application path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 3ad87ad6-b6eb-11e5-bf86-8aa8286c413f Faulting package full name:  Faulting package-relative application ID: 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#60
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

That took care of most of the errors anyway.  Was it any faster booting this time?

 

I think the Event: 10010  refers to Windows Search.  I found this error on line which refers to the same big long number :

 

DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:

{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
 
The odd thing is that on my Windows 8.1  the long number starts with 9E175B9C
 
In the Search box or an elevated cmd window type"
 
dcomcnfg.exe and hit Enter.
 
This should bring up a new Component Services window 
 
Expand Component Services by click on the arrow in front of it.
Expand Computer by click on the arrow in front of it.
Expand My Computer by click on the arrow in front of it.
Expand DCOM Config by click on the arrow in front of it.
Click on DCOM Config.  
On the toolbar above, hover over the icon one in from the right.  It should say Details.  Click on it.
 
In the right pane scroll down to Wsearch.  What number is to the right of it? 
 
Right click on it and select Properties.  Does it look like this:
 
 

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP