HI Kinner,
I'm unable to download VEW tool. It's giving me unable to load the page.
I'm using the following URL:
http://images.malwar...om/vino/VEW.exe
-Abhi
my computer is dead slow. I think it's infected. Pls. help
Started by
abhi6512
, Jan 26 2016 04:12 AM
malware infection
#17
Posted 14 February 2016 - 09:21 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Can you run a new Process Explorer log? I want to see if anything has changed on it.
#18
Posted 14 February 2016 - 09:33 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
The vew link works for me. I downloaded it and zipped it up for you. Download and Save the attached file then right click on it and Extract All. Remember to run it by Right Click and Run As Admin.
Let's see if something is wrong with your connection:
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Go to http://www.speedtest.net/and click on Begin Test
When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v
#19
Posted 16 February 2016 - 08:36 AM
abhi6512
- Topic Starter
-
- Member
-
- 143 posts
Member
Hi Kinner,
Thanks for downloading the VEW tool for me.
Below are the logs for system and application options as suggested
VEW System log:
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 16/02/2016 19:54:12
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 14/02/2016 15:27:31
Type: Error Category: 0
Event: 2001 Source: Microsoft Antimalware
Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.213.6097.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.12400.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
Log: 'System' Date/Time: 14/02/2016 15:27:31
Type: Error Category: 0
Event: 2001 Source: Microsoft Antimalware
Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.213.6097.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.12400.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
Log: 'System' Date/Time: 14/02/2016 08:19:57
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {752073A1-23F2-4396-85F0-8FDB879ED0ED} did not register with DCOM within the required timeout.
Log: 'System' Date/Time: 14/02/2016 05:11:14
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 05:18:36 on 14-02-2016 was unexpected.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/02/2016 12:55:33
Type: Warning Category: 0
Event: 36 Source: Microsoft-Windows-Time-Service
The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization.
Log: 'System' Date/Time: 16/02/2016 12:55:28
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 16/02/2016 12:55:23
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 98144 seconds since the last report.
Log: 'System' Date/Time: 16/02/2016 12:55:23
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 98144 seconds since the last report.
Log: 'System' Date/Time: 15/02/2016 09:39:43
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 15/02/2016 09:39:39
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 100575 seconds since the last report.
Log: 'System' Date/Time: 15/02/2016 09:39:39
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 100575 seconds since the last report.
Log: 'System' Date/Time: 15/02/2016 03:09:38
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 14/02/2016 15:13:08
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 14/02/2016 05:43:24
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
Log: 'System' Date/Time: 14/02/2016 05:43:24
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
Log: 'System' Date/Time: 14/02/2016 05:10:46
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 13/02/2016 23:03:07
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
Log: 'System' Date/Time: 13/02/2016 23:03:07
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
Log: 'System' Date/Time: 13/02/2016 23:00:35
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 13/02/2016 22:59:35
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 13/02/2016 22:59:31
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv.dll
Log: 'System' Date/Time: 13/02/2016 22:42:37
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB3067505(Security Update) into Installed(Installed) state
Log: 'System' Date/Time: 13/02/2016 22:42:37
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB3067505(Security Update) into Installed(Installed) state
Log: 'System' Date/Time: 13/02/2016 22:42:37
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB3067505(Security Update) into Installed(Installed) state
*************************************************************************************************************************************************************************************************************
VEW Application log:
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 16/02/2016 19:56:51
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/02/2016 13:01:23
Type: Error Category: 0
Event: 1010 Source: Microsoft-Windows-Perflib
The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code.
Log: 'Application' Date/Time: 14/02/2016 15:20:41
Type: Error Category: 0
Event: 1010 Source: Microsoft-Windows-Perflib
The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code.
Log: 'Application' Date/Time: 13/02/2016 23:06:38
Type: Error Category: 0
Event: 1107 Source: .NET Runtime Optimization Service
.NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.SqlXml, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Working on other instructions. I shall revert soon.
PS: facing tough time executing all these scans - machine is [bleep] slow 
-Abhi
#20
Posted 16 February 2016 - 09:12 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Log: 'System' Date/Time: 15/02/2016 09:39:39Type: Warning Category: 0Event: 7 Source: Microsoft-Windows-Kernel-Processor-PowerThe speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 100575 seconds since the last report.
Go into Control Panel, Power Options, Change it from Balanced to High Performance. Don't know if that will help. Usually this is caused by heat as the CPU slows down to protect itself but speccy said it was running very cold.
Also your clock says it can't sync to the Internet time. First make sure you are on line. Right click on the clock and select Adjust Date/Time.
Make sure the current time and date are correct. Change them if not. Click on Internet Time then on Change Settings. Change the default time.windows.com to something else. I use time.nist.gov but you may have other options where you live. Then Update Now. You may get an error even if it worked. Hit OK. It should tell you that it successfully synced.
Let's get a second opinion on the temps:
Try speedfan
Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.
It will tell you your temps in real time.
Does it run faster in Safe Mode with Networking?
(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.)
#21
Posted 17 February 2016 - 07:35 AM
abhi6512
- Topic Starter
-
- Member
-
- 143 posts
Member
Hi Kinner,
Interrupts value has drastically improved (what did we do to achieve this). below is the snapshot of explorer log.
Also attached is the complete log for your reference.
I have not installed any drivers from dell support website. Pls. let me know in case I still need to do so.
MsMpEng.exe < 0.01 95,676 K 6,932 K 948 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
SearchIndexer.exe < 0.01 41,860 K 6,644 K 2160 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
WinPatrol.exe < 0.01 3,464 K 3,704 K 1104 WinPatrol Monitor Ruiware (Verified) Ruiware
spoolsv.exe < 0.01 6,064 K 1,580 K 1788 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
Interrupts < 0.01 0 K 0 K n/a Hardware Interrupts and DPCs
wmpnscfg.exe 1,740 K 472 K 2920 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation (Verified) Microsoft Windows
WLTRYSVC.EXE 688 K 160 K 1688 (No signature was present in the subject)
-Abhi
#22
Posted 17 February 2016 - 07:41 AM
abhi6512
- Topic Starter
-
- Member
-
- 143 posts
Member
Hi Kinner,
PFB the minitoolbar result. Also to share I generally use Chrome on this machine. I rarely use IE or FF.
MiniToolBox by Farbar Version: 07-02-2016 01
Ran by Abhishek (administrator) on 17-02-2016 at 19:07:26
Running from "C:\Users\Abhishek\Desktop\lappy servicing\pass 4"
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Model: Vostro 1500 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Dell Wireless 1390 WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Media disconnected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : Abhishek-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller
Physical Address. . . . . . . . . : 00-1D-09-B3-06-51
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1390 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-1E-8C-4F-ED-57
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1431:d9bf:255c:9b4f%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 14 February 2016 10:41:21
Lease Expires . . . . . . . . . . : 23 February 2016 18:25:36
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 268443276
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-06-69-14-00-1D-09-B3-06-51
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: dir-615
Address: 192.168.0.1
Name: google.com
Addresses: 2404:6800:4009:807::200e
216.58.199.174
Pinging google.com [216.58.199.174] with 32 bytes of data:
Reply from 216.58.199.174: bytes=32 time=14ms TTL=58
Reply from 216.58.199.174: bytes=32 time=15ms TTL=58
Ping statistics for 216.58.199.174:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 15ms, Average = 14ms
Server: dir-615
Address: 192.168.0.1
Name: yahoo.com
Addresses: 2001:4998:44:204::a7
2001:4998:58:c02::a9
2001:4998:c:a06::2:4008
206.190.36.45
98.139.183.24
98.138.253.109
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=274ms TTL=47
Reply from 206.190.36.45: bytes=32 time=273ms TTL=47
Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 273ms, Maximum = 274ms, Average = 273ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14 ...00 1d 09 b3 06 51 ...... Broadcom 440x 10/100 Integrated Controller
13 ...00 1e 8c 4f ed 57 ...... Dell Wireless 1390 WLAN Mini-Card
1 ........................... Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.102 281
192.168.0.102 255.255.255.255 On-link 192.168.0.102 281
192.168.0.255 255.255.255.255 On-link 192.168.0.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.102 281
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::1431:d9bf:255c:9b4f/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\system32\NLAapi.dll [48640] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (02/16/2016 06:31:23 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (02/14/2016 08:50:41 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (02/14/2016 04:36:38 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.SqlXml, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
System errors:
=============
Error: (02/17/2016 06:45:40 PM) (Source: Service Control Manager) (User: )
Description: 30000Netman
Error: (02/14/2016 08:57:31 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.6097.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (02/14/2016 08:57:31 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.6097.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (02/14/2016 01:49:57 PM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (02/14/2016 10:41:14 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 05:18:36 on 14-02-2016 was unexpected.
Microsoft Office Sessions:
=========================
Error: (02/16/2016 06:31:23 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (02/14/2016 08:50:41 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (02/14/2016 04:36:38 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.SqlXml, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
CodeIntegrity Errors:
===================================
Date: 2016-02-09 11:15:17.480
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-02-09 11:15:16.329
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-02-09 11:15:15.220
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-02-09 11:15:14.100
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-02-09 11:15:12.981
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-02-09 11:15:11.825
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-02-09 11:15:05.405
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-02-09 11:15:04.212
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-02-09 11:15:03.017
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-02-09 11:15:01.790
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
=========================== Installed Programs ============================
Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824166751}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.03 - Broadcom Corporation)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
Cisco EAP-FAST Module (HKLM\...\{6D3963B0-E13B-4FC3-B0FF-506A304BB043}) (Version: 2.1.3 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )
Dell Automated PC TuneUp (HKLM\...\{FE34691C-4298-4667-9758-D7F534DD0B94}) (Version: 1.0.3085 - Dell)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Network Assistant (HKLM\...\{0240BDFB-2995-4A3F-8C96-18D41282B716}) (Version: 3.0.0.0 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.0.07282 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 9.1.18.6 - Synaptics)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.18 - Dell Inc.)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileZilla Client 3.1.1.1 (HKLM\...\FileZilla Client) (Version: 3.1.1.1 - )
Free Download Manager 2.5 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Photos Backup (HKCU\...\Google Photos Backup) (Version: 1.1.1.276 - Google, Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.45.15 - Oracle Corporation) Hidden
Laptop Integrated Webcam Driver (1.03.02.0719) (HKLM\...\Creative OEM002) (Version: - )
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.5.3104.1 - Creative)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell)
MSVC80_x86 (HKLM\...\{212748BB-0DA5-46DE-82A1-403736DC9F27}) (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)
Ovi Desktop Sync Engine (HKLM\...\{28191B83-1D60-44B6-9B08-E854EF6632D5}) (Version: 1.5.161.0 - Nokia) Hidden
OviMPlatform (HKLM\...\{08600005-5228-4BF6-845E-E9A957AFDCB4}) (Version: 2.7.44.2 - Nokia) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Product Documentation Launcher (HKLM\...\{89CEAE14-DD0F-448E-9554-15781EC9DB24}) (Version: 1.00.0000 - Dell Inc.)
QuickSet (HKLM\...\{7F0C4457-8E64-491B-8D7B-991504365D1E}) (Version: 8.0.13 - Dell Inc.)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 2.0.06.13151 - Sony Corporation)
Sony USB Driver (HKLM\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.1 - Ruiware)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WPS Office (9.1.0.4746) (HKCU\...\WPS Office) (Version: 9.1.0.4746 - Kingsoft Corp.)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Internet Mail (HKLM\...\Yahoo! Internet Mail) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
========================= Devices: ================================
Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: ROOT\WPD\0002
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
========================= Memory info: ===================================
Percentage of memory in use: 85%
Total physical RAM: 2037.45 MB
Available physical RAM: 293.15 MB
Total Virtual: 4318.16 MB
Available Virtual: 1831.27 MB
========================= Partitions: =====================================
1 Drive c: (OS) (Fixed) (Total:138.97 GB) (Free:28.25 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:6.68 GB) NTFS
========================= Users: ========================================
User accounts for \\ABHISHEK-PC
Abhishek Administrator Guest
========================= Minidump Files ==================================
C:\Windows\Minidump\Mini020615-01.dmp
C:\Windows\Minidump\Mini030715-01.dmp
C:\Windows\Minidump\Mini030915-01.dmp
C:\Windows\Minidump\Mini033013-01.dmp
C:\Windows\Minidump\Mini060115-01.dmp
C:\Windows\Minidump\Mini081212-01.dmp
C:\Windows\Minidump\Mini092615-01.dmp
C:\Windows\Minidump\Mini102214-01.dmp
C:\Windows\Minidump\Mini112612-01.dmp
========================= Restore Points ==================================
05-02-2016 05:48:28 Scheduled Checkpoint
09-02-2016 09:53:57 Windows Update
10-02-2016 05:02:10 Scheduled Checkpoint
11-02-2016 10:51:55 Windows Update
13-02-2016 21:31:05 Windows Update
14-02-2016 05:38:47 Windows Update
14-02-2016 15:13:41 Windows Update
16-02-2016 15:02:49 Scheduled Checkpoint
**** End of log ****
-Abhi
#23
Posted 17 February 2016 - 07:42 AM
abhi6512
- Topic Starter
-
- Member
-
- 143 posts
Member
speedtest result:
#24
Posted 17 February 2016 - 07:55 AM
abhi6512
- Topic Starter
-
- Member
-
- 143 posts
Member
Hi Kinner,
1. I have changed server on Internet time tab and it synched without error.
2. Also I have installed speedfan on my system. clicked on exe and it's now running on my system, donno what to do next, pls. suggest 
3. Does it run faster in Safe Mode with Networking?
Trying this option now but again not sure what you want me to execute after logging into safe mode
-Abhi
#25
Posted 17 February 2016 - 07:57 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Are you in Safe Mode with Networking in that last process explorer log segment?
If so that's why Interrupts is so small.
Very few drivers get to run in Safe Mode.
I don't see any reason why it couldn't download vew.
#26
Posted 17 February 2016 - 08:01 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
When Speedfan runs it will show you the temperature of your CPU, HDD and sometimes the Graphics card. Leave it running and do something CPU intensive like run a scan or watch a video. Switch back to Speedfan to see if the temperature are climbing above 60 C.
In Save Mode do a new Process Explorer log. Also see if you can download VEW,
http://images.malwar...om/vino/VEW.exe
#27
Posted 18 February 2016 - 06:54 AM
abhi6512
- Topic Starter
-
- Member
-
- 143 posts
Member
No, I was in normal mode. Interrupts reading is from Normal mode.
I will now execute your instructions in safe mode with networking and share the results with you.
-Abhi
#28
Posted 20 February 2016 - 04:13 AM
abhi6512
- Topic Starter
-
- Member
-
- 143 posts
Member
Hi Kinner,
I executed vew scan with speedfan on, max temp noted for processors is 55 n that for HDD is 43.
Below are the VEW logs (I didn't installed the new one, I used the one you sent)
********************************************************************************************************************************************************
VEW system log:
********************************************************************************************************************************************************
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 20/02/2016 15:37:42
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: MpFilter spldr Wanarpv6
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
Log: 'System' Date/Time: 20/02/2016 09:38:43
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
Log: 'System' Date/Time: 20/02/2016 09:38:38
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Log: 'System' Date/Time: 20/02/2016 09:38:29
Type: Error Category: 0
Event: 10000 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv.dll Error Code: 21
Log: 'System' Date/Time: 20/02/2016 09:38:30
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
Log: 'System' Date/Time: 20/02/2016 09:38:02
Type: Error Category: 0
Event: 3002 Source: Microsoft Antimalware
Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Log: 'System' Date/Time: 17/02/2016 13:59:22
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: MpFilter spldr Wanarpv6
Log: 'System' Date/Time: 17/02/2016 13:59:22
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
Log: 'System' Date/Time: 17/02/2016 13:59:09
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
Log: 'System' Date/Time: 17/02/2016 13:59:03
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Log: 'System' Date/Time: 17/02/2016 13:58:58
Type: Error Category: 0
Event: 10000 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv.dll Error Code: 21
Log: 'System' Date/Time: 17/02/2016 13:58:55
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
Log: 'System' Date/Time: 17/02/2016 13:58:29
Type: Error Category: 0
Event: 3002 Source: Microsoft Antimalware
Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Log: 'System' Date/Time: 17/02/2016 13:15:40
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
Log: 'System' Date/Time: 14/02/2016 15:27:31
Type: Error Category: 0
Event: 2001 Source: Microsoft Antimalware
Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.213.6097.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.12400.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
Log: 'System' Date/Time: 14/02/2016 15:27:31
Type: Error Category: 0
Event: 2001 Source: Microsoft Antimalware
Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.213.6097.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.12400.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
Log: 'System' Date/Time: 14/02/2016 08:19:57
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {752073A1-23F2-4396-85F0-8FDB879ED0ED} did not register with DCOM within the required timeout.
Log: 'System' Date/Time: 14/02/2016 05:11:14
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 05:18:36 on 14-02-2016 was unexpected.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/02/2016 09:40:14
Type: Information Category: 0
Event: 537 Source: Microsoft-Windows-TBS
A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer. TBS could not be started.
Log: 'System' Date/Time: 20/02/2016 09:40:14
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The TPM Base Services service entered the stopped state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 1103 Source: Microsoft-Windows-Dhcp-Client
Your computer was successfully assigned an address from the network, and it can now connect to other computers.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Network Connections service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Network List Service service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The IKE and AuthIP IPsec Keying Modules service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Network Location Awareness service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Cryptographic Services service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The IPsec Policy Agent service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Windows Management Instrumentation service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Workstation service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Windows Firewall service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Base Filtering Engine service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The WLAN AutoConfig service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Extensible Authentication Protocol service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The DNS Client service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The DHCP Client service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The Network Store Interface Service service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The CNG Key Isolation service entered the running state.
Log: 'System' Date/Time: 20/02/2016 09:38:54
Type: Information Category: 0
Event: 7036 Source: Service Control Manager
The TCP/IP NetBIOS Helper service entered the running state.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/02/2016 09:38:42
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001E8C4FED57. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 20/02/2016 09:37:34
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 20/02/2016 09:38:01
Type: Warning Category: 0
Event: 263 Source: PlugPlayManager
The service 'TabletInputService' may not have unregistered for device event notifications before it was stopped.
Log: 'System' Date/Time: 20/02/2016 09:36:22
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 20/02/2016 09:36:20
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv.dll
Log: 'System' Date/Time: 20/02/2016 04:43:16
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
Log: 'System' Date/Time: 20/02/2016 04:43:16
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
Log: 'System' Date/Time: 19/02/2016 01:41:49
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 19/02/2016 01:41:44
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv.dll
Log: 'System' Date/Time: 19/02/2016 01:34:02
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 12 seconds since the last report.
Log: 'System' Date/Time: 19/02/2016 01:34:01
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 13 seconds since the last report.
Log: 'System' Date/Time: 19/02/2016 01:32:54
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 18/02/2016 12:38:28
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 18/02/2016 07:56:13
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 18/02/2016 05:08:35
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 17/02/2016 14:03:52
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 17/02/2016 14:03:25
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 17/02/2016 13:58:00
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 17/02/2016 13:58:29
Type: Warning Category: 0
Event: 263 Source: PlugPlayManager
The service 'TabletInputService' may not have unregistered for device event notifications before it was stopped.
Log: 'System' Date/Time: 17/02/2016 13:56:52
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
********************************************************************************************************************************************************
VEW Application log
********************************************************************************************************************************************************
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 20/02/2016 15:35:42
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/02/2016 09:38:38
Type: Error Category: 16
Event: 4609 Source: Microsoft-Windows-EventSystem
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043c from line 45 of d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Log: 'Application' Date/Time: 17/02/2016 13:59:03
Type: Error Category: 16
Event: 4609 Source: Microsoft-Windows-EventSystem
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043c from line 45 of d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Log: 'Application' Date/Time: 16/02/2016 13:01:23
Type: Error Category: 0
Event: 1010 Source: Microsoft-Windows-Perflib
The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code.
Log: 'Application' Date/Time: 14/02/2016 15:20:41
Type: Error Category: 0
Event: 1010 Source: Microsoft-Windows-Perflib
The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code.
Log: 'Application' Date/Time: 13/02/2016 23:06:38
Type: Error Category: 0
Event: 1107 Source: .NET Runtime Optimization Service
.NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.SqlXml, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/02/2016 09:38:28
Type: Information Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 20/02/2016 09:38:28
Type: Information Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <SessionEnv> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 20/02/2016 09:38:28
Type: Information Category: 0
Event: 4101 Source: Microsoft-Windows-Winlogon
Windows license validated.
Log: 'Application' Date/Time: 20/02/2016 09:38:16
Type: Information Category: 0
Event: 5617 Source: Microsoft-Windows-WMI
Windows Management Instrumentation Service subsystems initialized successfully
Log: 'Application' Date/Time: 20/02/2016 09:38:15
Type: Information Category: 0
Event: 8211 Source: VSS
Volume Shadow Copy Service error: Writer with name WMI Writer and ID {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} attempted to subscribe in safe mode.
Operation:
Initializing Writer
Context:
Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Writer Name: WMI Writer
Log: 'Application' Date/Time: 20/02/2016 09:38:12
Type: Information Category: 0
Event: 5615 Source: Microsoft-Windows-WMI
Windows Management Instrumentation Service started sucessfully
Log: 'Application' Date/Time: 20/02/2016 09:38:01
Type: Information Category: 0
Event: 1531 Source: Microsoft-Windows-User Profiles Service
The User Profile Service has started successfully.
Log: 'Application' Date/Time: 20/02/2016 09:36:19
Type: Information Category: 0
Event: 2 Source: Microsoft-Windows-CertificateServicesClient
Certificate Services Client has been stopped.
Log: 'Application' Date/Time: 20/02/2016 09:35:55
Type: Information Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <SessionEnv> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 20/02/2016 09:35:54
Type: Information Category: 0
Event: 9009 Source: Desktop Window Manager
The Desktop Window Manager has exited with code (0x40010004)
Log: 'Application' Date/Time: 20/02/2016 08:33:46
Type: Information Category: 0
Event: 0 Source: gupdate
The event description cannot be found.
Log: 'Application' Date/Time: 20/02/2016 04:18:21
Type: Information Category: 0
Event: 1 Source: Microsoft-Windows-CertificateServicesClient
Certificate Services Client has been started successfully.
Log: 'Application' Date/Time: 20/02/2016 04:18:21
Type: Information Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <SessionEnv> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 20/02/2016 04:18:21
Type: Information Category: 0
Event: 4101 Source: Microsoft-Windows-Winlogon
Windows license validated.
Log: 'Application' Date/Time: 20/02/2016 04:10:28
Type: Information Category: 0
Event: 8224 Source: VSS
The VSS service is shutting down due to idle timeout.
Log: 'Application' Date/Time: 20/02/2016 03:37:42
Type: Information Category: 0
Event: 0 Source: gupdate
The event description cannot be found.
Log: 'Application' Date/Time: 20/02/2016 03:24:40
Type: Information Category: 0
Event: 8194 Source: System Restore
Successfully created restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update).
Log: 'Application' Date/Time: 20/02/2016 03:24:30
Type: Information Category: 0
Event: 8224 Source: VSS
The VSS service is shutting down due to idle timeout.
Log: 'Application' Date/Time: 20/02/2016 03:20:40
Type: Information Category: 0
Event: 8194 Source: System Restore
Successfully created restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update).
Log: 'Application' Date/Time: 20/02/2016 03:09:11
Type: Information Category: 0
Event: 1 Source: WcesComm
Windows Mobile-2003-based device connectivity service started.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/02/2016 09:38:28
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 17/02/2016 14:03:24
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 17/02/2016 14:03:23
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 17/02/2016 13:58:53
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
-Abhi
#29
Posted 20 February 2016 - 07:07 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
I actually wanted to see a Process Explorer log taken in Safe Mode. Also wanted to know if you can download VEW not run it.
#30
Posted 20 February 2016 - 12:27 PM
abhi6512
- Topic Starter
-
- Member
-
- 143 posts
Member
Hi Kinner,
Sorry I missed to share the process explorer log (taken in safe mode) in my last communication. PFB the same.
Also, I was not able to download VEW though was able to run it (I executed the one you downloaded for me and shared in one of your previous response).
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
svchost.exe 46.97 2,832 K 5,804 K 732 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
System Idle Process 28.03 0 K 24 K 0
procexp.exe 14.39 18,596 K 24,832 K 2972 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
csrss.exe 3.03 2,484 K 12,228 K 476 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
Interrupts 2.27 0 K 0 K n/a Hardware Interrupts and DPCs
System 1.52 0 K 3,764 K 4
chrome.exe 1.52 1,22,092 K 1,74,256 K 1820 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe 0.76 13,044 K 17,608 K 1028 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 0.76 28,828 K 38,524 K 1696 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.76 61,356 K 85,360 K 1860 Google Chrome Google Inc. (Verified) Google Inc
speedfan.exe < 0.01 8,612 K 15,868 K 3848 Almico Software (almico.com) (Verified) SOKNO S.R.L.
chrome.exe < 0.01 49,248 K 74,900 K 644 Google Chrome Google Inc. (Verified) Google Inc
WmiPrvSE.exe < 0.01 3,092 K 5,688 K 780 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 16,980 K 12,068 K 2844 Google Chrome Google Inc. (Verified) Google Inc
services.exe < 0.01 2,340 K 5,180 K 556 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 3,808 K 6,264 K 1004 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 12,804 K 12,492 K 1112 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 2,624 K 5,444 K 788 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 1,512 K 4,992 K 440 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
MsMpEng.exe < 0.01 68,132 K 37,272 K 868 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
wmpnscfg.exe 1,512 K 4,600 K 1232 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 1,276 K 4,344 K 528 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,112 K 3,736 K 484 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 2,164 K 4,160 K 432 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 7,736 K 11,844 K 1068 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,184 K 5,168 K 1364 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,248 K 10,352 K 1264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,464 K 5,988 K 1128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
smss.exe 288 K 748 K 388 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 1,520 K 3,648 K 580 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 3,220 K 2,492 K 572 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
Cleanup.exe 2,740 K 6,956 K 2040 Removes temporary files. Frees disk space and helps protect privacy! :-) Steven R. Gould (No signature was present in the subject) Steven R. Gould
chrome.exe 29,792 K 28,032 K 1876 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 22,964 K 16,700 K 1708 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 26,236 K 26,256 K 936 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 24,228 K 22,132 K 864 Google Chrome Google Inc. (Verified) Google Inc
-Abhi.
Similar Topics
Also tagged with one or more of these keywords: malware infection
 
|
Security →
Virus, Spyware, Malware Removal →
Computer not connecting to the Internet! Possible Malware InfectioStarted by orwellian1984 , 11 Aug 2015  Malware infection, Malware and 1 more...
|
|
|
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
