Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer Freezes


  • Please log in to reply

#1
DeborahT

DeborahT

    Member

  • Member
  • PipPip
  • 50 posts
Hello,
My computer freezes up constantly. I get just enough time to click on a page or write a couple words and it freezes. Sometimes I can do Ctrl-Alt-Delete and when that screen shows I can hit cancel and it will free the page. Please help me I depend on this computer for my online classes. Thank you so much for your time.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by David (administrator) on DAVID-HP (27-05-2016 12:13:13)
Running from C:\Users\David\Desktop\Geeks to go\Fix
Loaded Profiles: David (Available Profiles: David & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Radialpoint Inc.) C:\Program Files (x86)\Windstream\Tech Help Service\4.8.8.62412.1\WindstreamServiceAgentExtensionService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Radialpoint Inc.) C:\Program Files (x86)\Windstream\Security Advisor Service\3.6.3.62403.1\SasUpdaterService33.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia Backup\uBBMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Radialpoint SafeCare Inc.) C:\Program Files (x86)\Windstream\Service Agent\5.9.11.5736\WindstreamCommunications_ServicepointService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by David (2016-05-27 12:14:19)
Running from C:\Users\David\Desktop\Geeks to go\Fix
Windows 7 Home Premium Service Pack 1 (X64) (2013-10-28 22:11:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-585021316-1980500837-2966188906-500 - Administrator - Disabled)
David (S-1-5-21-585021316-1980500837-2966188906-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-585021316-1980500837-2966188906-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-585021316-1980500837-2966188906-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
6300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
6300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
6300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia Backup (HKLM-x32\...\{A8019072-B760-47E2-9BDD-DF94B4FBFFBB}) (Version:  - ArcSoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\HP Photo Creations) (Version: 1.0.0.18702 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Power Assistant (HKLM\...\{6888C635-E550-4FA4-958E-CE2880B0443B}) (Version: 1.1.1.6 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.4.18.7 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.6001.1078 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Wal-Mart Digital Photo Center (HKLM-x32\...\{DAF8B012-D559-4B8D-95C0-D98E1172E5C3}) (Version: 1.4.0.0 - Fujifilm e-Systems)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7137 - MyHeritage.com)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7330.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4527 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.4527 - CyberLink Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Should I Remove It (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SierraHome Print Artist 12.0 (HKLM-x32\...\Print Artist 12.0) (Version:  - )
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Walmart Photo Manager (HKLM-x32\...\{1D601240-1E3C-11DE-8C30-0800200C9A66}) (Version: 2.4.0.570 - Walmart Stores Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windstream Security Advisor Service 3.6.3 (x32 Version: 3.6.3 - Windstream) Hidden
Windstream Tech Help Service 4.8.8 (x32 Version: 4.8.8 - Windstream) Hidden
Zoom (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C9D7BDE-BE09-4507-86D5-C058E7F97800} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {0D43E5CC-EA2D-4DDC-BB8E-EB7F686CB975} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-01] (Microsoft Corporation)
Task: {1387EF8D-32BD-4F64-8F58-7690040EDCB8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {1F9FEF1E-C675-4463-9286-8A057FE37B23} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {2CCEF2E8-5908-403B-97C7-EB145172C547} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {2E9D0A66-76BE-493A-9FAD-8514AFBD77D6} - System32\Tasks\{431BE851-2D3F-425B-B54E-0F5118333F92} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {3558D48F-6FB1-4713-B2E3-33D224C80F37} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated)
Task: {43F41507-AFCA-463C-A58D-8E1D15792893} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {4641AC52-563E-4C99-9702-72D851E8E097} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.)
Task: {4EE22EC3-1037-4769-87FD-6E60EFD6A1F8} - System32\Tasks\Games\UpdateCheck_S-1-5-21-585021316-1980500837-2966188906-1000
Task: {4F1D03C4-C329-4FE9-9275-88DAEE0193E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {516791F8-BB58-4FE2-9A42-9425ADC5AFE9} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-24] (Microsoft Corporation)
Task: {53990411-AD4F-41E5-89D3-5CCE69DA587B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {689DE559-E857-4AD6-A75C-47BE1355BE23} - System32\Tasks\{CDD84103-6AEE-43C1-BBF7-880F71578FF4} => pcalua.exe -a C:\Users\David\Desktop\McPreInstall.exe -d C:\Users\David\Desktop
Task: {6D242ABF-728E-46FC-979B-CA0B8BAA01AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {948E580D-3BE9-43AB-9763-48856EF242D4} - System32\Tasks\{EDDB7748-A656-4694-B66F-5F2DCA531D8F} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {97477217-6013-4E20-AD7E-2709BBEAF6F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-01] (Microsoft Corporation)
Task: {9C0F34E3-D6B0-4540-8AF4-36329D4E938B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {A5A353FF-137A-4A0F-B3CE-46FF0FB5D3FA} - System32\Tasks\SafeZone scheduled Autoupdate 1458690190 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {ACF54955-1154-4C54-914A-1C1A06972E4C} - System32\Tasks\{66AED39D-C8F9-4D71-9FE3-48533CE8B638} => pcalua.exe -a "C:\Users\David\Desktop\PC SCANS\Set up for PC scans\Adaware_Installer.exe" -d "C:\Users\David\Desktop\PC SCANS\Set up for PC scans"
Task: {B8EF0B41-1D32-4BF6-A12F-0A5978BB9A9B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-13] (AVAST Software)
Task: {C2605A1E-388D-4193-9C3B-8AA341C3B20D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {C430CEE0-551C-4A0F-AB3E-15382B142632} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-01] (Microsoft Corporation)
Task: {C603EC81-625C-492D-B720-262722EAB4D9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-04] (AVAST Software)
Task: {D21C02DA-D847-4887-B831-4FF772540262} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {D8C6B346-054F-4D3A-B083-7AC4D2745FF0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-01] (Microsoft Corporation)
Task: {E02BF559-D99D-492D-A86A-CFD7207665E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.)
Task: {E6118FDA-F60A-4008-A18F-81468A425F66} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {E61B2C39-265A-4474-BBB1-C158EED29AB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {FA49BAE4-FDE2-49C3-9F1B-CC11AD5E2E9A} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ReasonSecurityScheduledScan.job => C:\Program Files\Reason\Security\rsUI.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\David\AppData\Local\54f4cca0\c87c0c2f.lnk -> C:\Users\David\AppData\Local\54f4cca0\dfd37963.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-12-05 04:05 - 2015-01-30 20:57 - 00086160 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-05-06 15:28 - 2016-05-01 04:52 - 00171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-05-18 08:38 - 2016-05-01 07:52 - 08911040 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-05-13 18:09 - 2016-05-13 18:09 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-13 18:09 - 2016-05-13 18:09 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-05-27 07:39 - 2016-05-27 07:39 - 02982040 _____ () C:\Program Files\AVAST Software\Avast\defs\16052700\algo.dll
2016-05-13 18:09 - 2016-05-13 18:09 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-13 18:09 - 2016-05-13 18:09 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-12 19:44 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-05-12 19:44 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-05-12 19:44 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-05-12 19:44 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-05-12 19:44 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-12-03 16:17 - 2015-11-12 14:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-16 19:19 - 2016-02-16 19:19 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-05-12 22:27 - 2016-05-11 07:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-12 22:27 - 2016-05-11 07:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [134]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService33 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SasUpdaterService33 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService33 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HsdService33 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SasUpdaterService33 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService33 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7902 more sites.
 
IE trusted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\1-2005-search.com -> www.1-2005-search.com
 
There are 12719 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2016-05-12 20:11 - 00451805 ____R C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15528 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{654AFCBC-5FEB-43B2-8C83-45256FF2B518}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{E34AD986-B2D4-4961-90A0-B8B9761CEB4D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{42F3D13D-2DE2-4CAF-864B-4F98FD3EB2E8}] => (Allow) C:\Program Files (x86)\Windstream\Service Agent\5.9.11.5736\WindstreamCommunications_ServicepointService.exe
FirewallRules: [{C6BD1BA3-F69B-4E6D-987F-BC9732E374FE}] => (Allow) C:\Program Files (x86)\Windstream\Service Agent\5.9.11.5736\WindstreamCommunications_ServicepointService.exe
FirewallRules: [{01C91510-0CEA-4B4A-AF4D-5E6D2BA74BD9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{D3296DBE-30D1-480F-B6E5-78ADD4E0EE9D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6DA12D1F-0F54-4D7E-9E06-10E599DCFD63}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{083FB19E-D6E6-4814-8498-3CFB2B0E6D6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D265F50C-EA50-4C3F-B19F-06B059651BCB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7A49C921-F90C-4CA0-A2FD-34A6D837FB56}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
30-03-2016 03:00:19 Windows Update
31-03-2016 03:00:11 Windows Update
01-04-2016 03:00:20 Windows Update
02-04-2016 03:00:19 Windows Update
03-04-2016 03:00:26 Windows Update
03-04-2016 20:19:05 Windows Backup
04-04-2016 03:00:10 Windows Update
05-04-2016 03:00:10 Windows Update
06-04-2016 03:00:10 Windows Update
07-04-2016 03:00:10 Windows Update
08-04-2016 03:00:10 Windows Update
09-04-2016 03:00:11 Windows Update
10-04-2016 03:00:10 Windows Update
11-04-2016 03:00:11 Windows Update
12-04-2016 03:00:10 Windows Update
13-04-2016 03:00:10 Windows Update
14-04-2016 03:00:15 Windows Update
14-04-2016 23:00:41 Windows Update
16-04-2016 03:00:29 Windows Update
17-04-2016 03:00:25 Windows Update
17-04-2016 19:00:08 Windows Backup
18-04-2016 03:00:12 Windows Update
18-04-2016 03:05:28 Windows Update
19-04-2016 03:00:21 Windows Update
20-04-2016 03:00:19 Windows Update
21-04-2016 03:00:19 Windows Update
21-04-2016 10:21:56 Installed TotalMedia Backup
25-04-2016 11:05:42 Windows Backup
01-05-2016 19:00:10 Windows Backup
05-05-2016 22:45:25 Windows Update
08-05-2016 19:00:32 Windows Backup
12-05-2016 03:00:34 Windows Update
14-05-2016 03:00:11 Windows Update
14-05-2016 09:52:39 Installed Adobe Acrobat Reader DC.
14-05-2016 09:57:09 Installed Adobe Acrobat Reader DC.
15-05-2016 00:22:39 Windows Update
15-05-2016 19:00:08 Windows Backup
22-05-2016 19:00:17 Windows Backup
 
==================== Faulty Device Manager Devices =============
 
Name: VBoxAsw Support Driver
Description: VBoxAsw Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VBoxAswDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/27/2016 11:56:36 AM) (Source: ESENT) (EventID: 439) (User: )
Description: taskhost (2832) WebCacheLocal: Unable to write a shadowed header for file C:\Users\David\AppData\Local\Microsoft\Windows\WebCache\V01.chk. Error -1032.
 
Error: (05/27/2016 11:56:36 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (2832) WebCacheLocal: An attempt to open the file "C:\Users\David\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (05/26/2016 07:41:03 AM) (Source: NVNetworkService) (EventID: 0) (User: )
Description: NVNetworkServiceService failed to run w/err The service process could not connect to the service controller. (1063)
 
Error: (05/25/2016 08:19:12 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (3992) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
 
Error: (05/25/2016 08:19:12 AM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (3992) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (05/25/2016 08:18:44 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (3992) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
 
Error: (05/25/2016 08:18:44 AM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (3992) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (05/25/2016 08:18:24 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (3992) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
 
Error: (05/25/2016 08:18:24 AM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (3992) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (05/25/2016 08:13:40 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (3992) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
 
 
System errors:
=============
Error: (05/27/2016 11:56:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
%%3
 
Error: (05/27/2016 11:55:50 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:52:54 AM on ‎5/‎27/‎2016 was unexpected.
 
Error: (05/27/2016 11:40:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
 
Error: (05/27/2016 11:28:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
%%3
 
Error: (05/27/2016 11:27:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (05/27/2016 11:27:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (05/27/2016 08:25:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
%%3
 
Error: (05/27/2016 08:25:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (05/27/2016 08:25:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (05/26/2016 06:20:35 PM) (Source: nvstor64) (EventID: 4) (User: )
Description: Command to device was aborted.
 
 
 
Device: \Device\RaidPort0
 
Model: Hitachi HDS721050CLA362
 
Firmware Version: JP2O
 
Serial Number:       JPB570HF2J79HD
 
Port: 0
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X2 220 Processor
Percentage of memory in use: 54%
Total physical RAM: 3839.3 MB
Available physical RAM: 1731.89 MB
Total Virtual: 7676.79 MB
Available Virtual: 5423.33 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:452.34 GB) (Free:249.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.32 GB) (Free:1.61 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CDDC5E9D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,010 posts
  • MVP
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post.
 
 
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
 
 
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
sfc  /scannow
 
(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 
 
 

  • 0

#3
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 84.29 0 K 24 K 0
regsvr32.exe 7.33 49,012 K 66,068 K 3244 Microsoft© Register Server Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 2.10 27,572 K 52,432 K 6504 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
audiodg.exe 0.90 23,544 K 23,164 K 5756 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
regsvr32.exe 0.83 17,316 K 24,084 K 6120 Microsoft© Register Server Microsoft Corporation (Verified) Microsoft Windows
Interrupts 0.72 0 K 0 K n/a Hardware Interrupts and DPCs
System 0.53 312 K 1,776 K 4
dwm.exe 0.51 34,112 K 50,392 K 2772 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
AvastSvc.exe 0.49 91,072 K 40,988 K 1416 avast! Service AVAST Software (Verified) AVAST Software a.s.
taskhost.exe 0.40 18,304 K 17,916 K 2616 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.34 26,668 K 23,184 K 960 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.28 131,208 K 139,212 K 412 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.14 98,472 K 151,932 K 3716 Google Chrome Google Inc. (Verified) Google Inc
SearchIndexer.exe 0.14 56,280 K 43,448 K 4532 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.13 98,964 K 161,552 K 6100 Google Chrome Google Inc. (Verified) Google Inc
SDWSCSvc.exe 0.13 5,632 K 10,496 K 1072 Windows Security Center integration. Safer-Networking Ltd. (Verified) Safer Networking Ltd.
svchost.exe 0.11 27,272 K 41,588 K 440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SDFSSvc.exe 0.11 34,772 K 32,368 K 2836 Spybot-S&D 2 Scanner Service Safer-Networking Ltd. (Verified) Safer Networking Ltd.
SDTray.exe 0.09 18,236 K 27,232 K 2444 Spybot - Search & Destroy tray access Safer-Networking Ltd. (Verified) Safer Networking Ltd.
explorer.exe 0.07 52,240 K 70,712 K 2812 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
services.exe 0.05 6,564 K 10,376 K 600 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.05 7,876 K 12,648 K 576 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.03 107,836 K 180,320 K 864 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 0.03 75,116 K 110,888 K 1868 Google Chrome Google Inc. (Verified) Google Inc
nvtray.exe 0.03 4,448 K 10,644 K 2556 NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
SDUpdSvc.exe 0.03 8,560 K 12,976 K 2212 Spybot-S&D 2 Background update service Safer-Networking Ltd. (Verified) Safer Networking Ltd.
lsm.exe 0.03 2,612 K 4,284 K 632 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
regsvr32.exe 0.02 36,660 K 54,992 K 2912 Microsoft© Register Server Microsoft Corporation (Verified) Microsoft Windows
regsvr32.exe 0.02 2,704 K 6,580 K 5236 Microsoft© Register Server Microsoft Corporation (Verified) Microsoft Windows
CCleaner64.exe 0.01 9,208 K 1,568 K 2116 CCleaner Piriform Ltd (Verified) Piriform Ltd
svchost.exe 0.01 4,676 K 8,312 K 892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WindstreamCommunications_ServicepointService.exe 0.01 8,892 K 18,300 K 3500 Radialpoint SafeCare Inc. (Verified) Radialpoint
svchost.exe 0.01 23,732 K 23,364 K 1332 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,352 K 4,876 K 488 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 86,480 K 84,836 K 3776 Google Chrome Google Inc. (Verified) Google Inc
NvBackend.exe < 0.01 7,208 K 13,372 K 3352 NVIDIA Backend NVIDIA Corporation (Verified) NVIDIA Corporation
unsecapp.exe < 0.01 1,872 K 5,884 K 1800 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 3,648 K 7,356 K 4836 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
AvastUI.exe < 0.01 21,704 K 25,740 K 4204 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
lsass.exe < 0.01 5,428 K 12,968 K 624 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
uBBMonitor.exe < 0.01 2,532 K 6,072 K 4264 BBMonitor ArcSoft, Inc. (No signature was present in the subject) ArcSoft, Inc.
WINWORD.EXE < 0.01 100,272 K 132,832 K 5344 Microsoft Word Microsoft Corporation (Verified) Microsoft Corporation
WindstreamServiceAgentExtensionService.exe < 0.01 2,892 K 7,752 K 2268 Radialpoint Inc. (Verified) Radialpoint
chrome.exe < 0.01 1,536 K 5,952 K 1260 Google Chrome Google Inc. (Verified) Google Inc
OfficeClickToRun.exe < 0.01 36,884 K 49,584 K 1752 Microsoft Office Click-to-Run Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 12,916 K 25,204 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
HPSupportSolutionsFrameworkService.exe < 0.01 43,612 K 50,612 K 3084 HP Support Solutions Framework Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
nvvsvc.exe < 0.01 5,316 K 11,268 K 1240 NVIDIA Driver Helper Service, Version 309.08 NVIDIA Corporation (Verified) NVIDIA Corporation
SasUpdaterService33.exe < 0.01 3,152 K 8,324 K 2060 Sas Updater Service 3.6.3 Radialpoint Inc. (Verified) Radialpoint
WmiPrvSE.exe < 0.01 19,120 K 24,556 K 6604 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
nvvsvc.exe < 0.01 2,408 K 6,648 K 856 NVIDIA Driver Helper Service, Version 309.08 NVIDIA Corporation (Verified) NVIDIA Corporation
WUDFHost.exe 1,964 K 6,152 K 5508 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 7,856 K 15,412 K 1356 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,864 K 7,108 K 720 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,524 K 4,296 K 540 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,756 K 5,292 K 1636 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,540 K 9,716 K 772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 10,320 K 12,816 K 1648 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,888 K 5,452 K 3860 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,208 K 3,600 K 2652 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,160 K 3,580 K 2996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,672 K 9,012 K 5160 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,540 K 8,388 K 2244 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,512 K 4,356 K 3236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,688 K 5,836 K 552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,884 K 10,920 K 5516 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,364 K 11,096 K 2200 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SSScheduler.exe 1,412 K 3,664 K 3400 McAfee Security Scanner Scheduler McAfee, Inc. (Verified) McAfee
spoolsv.exe 7,208 K 12,876 K 1608 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 468 K 1,128 K 316 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
sftvsa.exe 1,444 K 4,780 K 3836 Microsoft Application Virtualization Virtual Service Agent Microsoft Corporation (Verified) Microsoft Corporation
sftlist.exe 7,328 K 15,020 K 3908 Microsoft Application Virtualization Client Service Microsoft Corporation (Verified) Microsoft Corporation
RtkAudioService64.exe 1,748 K 5,060 K 1128 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RAVBg64.exe 14,632 K 9,668 K 1296 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,252 K 7,532 K 5808 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
ONENOTEM.EXE 2,264 K 1,700 K 3176 Send to OneNote Tool Microsoft Corporation (Verified) Microsoft Corporation
nvxdsync.exe 7,040 K 15,560 K 1232 NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
NvNetworkService.exe 2,948 K 5,800 K 2824 NVIDIA Network Service NVIDIA Corporation (Verified) NVIDIA Corporation
jusched.exe 2,188 K 5,268 K 3092 Java Update Scheduler Oracle Corporation (Verified) Oracle America
hpqwmiex.exe 1,756 K 6,152 K 5416 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
GWX.exe 3,688 K 828 K 2524 GWX Microsoft Corporation (Verified) Microsoft Windows
GoogleCrashHandler64.exe 1,484 K 528 K 2044 Google Crash Handler Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe 1,472 K 528 K 2280 Google Crash Handler Google Inc. (Verified) Google Inc
CVHSVC.EXE 6,740 K 14,236 K 4188 Microsoft Office Client Virtualization Service Microsoft Corporation (Verified) Microsoft Corporation
ctfmon.exe 2,028 K 4,552 K 2808 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 1,548 K 4,724 K 6044 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 37,812 K 67,000 K 4592 Google Chrome Google Inc. (Verified) Google Inc
armsvc.exe 1,204 K 3,996 K 1780 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems

  • 0

#4
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/05/2016 4:45:51 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/05/2016 8:20:12 PM
Type: Error Category: 0
Event: 4 Source: nvstor64
Command to device was aborted.    Device: \Device\RaidPort0  Model: Hitachi HDS721050CLA362  Firmware Version: JP2O  Serial Number:       JPB570HF2J79HD  Port: 0 
 
Log: 'System' Date/Time: 28/05/2016 8:10:21 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The VBoxAsw Support Driver service failed to start due to the following error:  The system cannot find the path specified.
 
Log: 'System' Date/Time: 28/05/2016 8:09:49 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Spybot-S&D 2 Scanner Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 28/05/2016 8:09:49 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/05/2016 8:19:30 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.
 
Log: 'System' Date/Time: 28/05/2016 8:18:25 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.
 
Log: 'System' Date/Time: 28/05/2016 8:17:20 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.
 
Log: 'System' Date/Time: 28/05/2016 8:16:15 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.
 
Log: 'System' Date/Time: 28/05/2016 8:10:42 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_MULTI&PROD_FLASH_READER&REV_1.00#058F63666471&00#.
 
Log: 'System' Date/Time: 28/05/2016 8:09:00 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

  • 0

#5
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/05/2016 4:46:40 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/05/2016 8:20:50 PM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 28/05/2016 8:20:50 PM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 28/05/2016 8:11:12 PM
Type: Error Category: 3
Event: 439 Source: ESENT
Windows (2472) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
 
Log: 'Application' Date/Time: 28/05/2016 8:11:12 PM
Type: Error Category: 1
Event: 490 Source: ESENT
Windows (2472) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/05/2016 8:20:34 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 28/05/2016 8:20:34 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 28/05/2016 8:19:51 PM
Type: Warning Category: 0
Event: 402 Source: HP Active Health
All attributes reported raw data as 0, ignoring this set
 
Log: 'Application' Date/Time: 28/05/2016 8:19:45 PM
Type: Warning Category: 0
Event: 1802 Source: HP Active Health
ServiceController is not running: System.InvalidOperationException: Service W32Time was not found on computer '.'. ---> System.ComponentModel.Win32Exception: The specified service does not exist as an installed service    --- End of inner exception stack trace ---    at System.ServiceProcess.ServiceController.GenerateNames()    at System.ServiceProcess.ServiceController.get_ServiceName()    at System.ServiceProcess.ServiceController.GenerateStatus()    at System.ServiceProcess.ServiceController.get_Status()    at HP.ActiveHealth.Agents.RealTimeClock.RealTimeClockAgent.TimeServiceRunning()
 
Log: 'Application' Date/Time: 28/05/2016 8:19:38 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
Error running a Casl EXECUTE Diags.ThermalDiagnostics command: Exception has been thrown by the target of an invocation.
 
Log: 'Application' Date/Time: 28/05/2016 8:19:38 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
Error running a Casl EXECUTE Diags.ThermalDiagnostics command: Exception has been thrown by the target of an invocation.
 
Log: 'Application' Date/Time: 28/05/2016 8:16:51 PM
Type: Warning Category: 3
Event: 10024 Source: Microsoft-Windows-Search
The filter host process 1280 did not respond and is being forcibly terminated. 
 
 
Log: 'Application' Date/Time: 28/05/2016 8:15:15 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
Error running a Casl EXECUTE Diags.ThermalDiagnostics command: Exception has been thrown by the target of an invocation.
 
Log: 'Application' Date/Time: 28/05/2016 8:15:15 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
Error running a Casl EXECUTE Diags.ThermalDiagnostics command: Exception has been thrown by the target of an invocation.
 
Log: 'Application' Date/Time: 28/05/2016 8:15:05 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
Error running a Casl GET EmbeddedController.AuditLog.JSON command: Exception has been thrown by the target of an invocation.
 
Log: 'Application' Date/Time: 28/05/2016 8:15:05 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
Error running a Casl GET Diags.PostCodeError command: Exception has been thrown by the target of an invocation.
 
Log: 'Application' Date/Time: 28/05/2016 8:14:44 PM
Type: Warning Category: 0
Event: 2903 Source: HP Active Health
Unable to get WindowsUpdate information in able time
 
Log: 'Application' Date/Time: 28/05/2016 8:13:30 PM
Type: Warning Category: 0
Event: 30 Source: HP Active Health
Using alternative method to task creation
 
Log: 'Application' Date/Time: 28/05/2016 8:10:31 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=1050}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: DAVID-HP Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command: 
 
Log: 'Application' Date/Time: 28/05/2016 8:10:23 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=1050}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
 
Log: 'Application' Date/Time: 28/05/2016 8:07:49 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-585021316-1980500837-2966188906-1000:
Process 1416 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-585021316-1980500837-2966188906-1000

  • 0

#6
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

How would you like me to post the text file from Speccy? It is too large to send on here and I don't see a way to post a file.


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,010 posts
  • MVP

Attach the speccy log:  More Reply Options, Choose Files, Point it at the log, Open.  Attach This File.  Add Reply.

 

See if this helps with these errors which I think are the cause of your freezes.

 

Log: 'System' Date/Time: 28/05/2016 8:19:30 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

 

 

 

1. Click Start button, choose Control Panel.
2.       Move to Control Panel\All Control Panel Items\Power Options. Click Change plan setting in your current power plan.
3.       Click “Change advanced power settings”, move to PCI Express-> Link State Power Management, turn off the option.
 

  • 0

#8
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

It tells me I am not allowed to send that type of file. When I try to send the Speccy file.

 

I did what you asked me to do for the errors.


Edited by DeborahT, 28 May 2016 - 06:50 PM.

  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,010 posts
  • MVP

Make sure you didn't try to send speccy.exe.  The log is usually named after your pc.

 

Let's see if the errors are gone.
 
 
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot
 
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 

  • 0

#10
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

[attachment=81257:Speccy .rtf

Attached Files


Edited by DeborahT, 28 May 2016 - 07:47 PM.

  • 0

Advertisements


#11
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/05/2016 10:02:45 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/05/2016 1:53:08 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The VBoxAsw Support Driver service failed to start due to the following error:  The system cannot find the path specified.
 
Log: 'System' Date/Time: 29/05/2016 1:52:40 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Spybot-S&D 2 Scanner Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 29/05/2016 1:52:40 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/05/2016 2:01:23 AM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.
 
Log: 'System' Date/Time: 29/05/2016 2:00:18 AM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.
 
Log: 'System' Date/Time: 29/05/2016 1:59:13 AM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.
 
Log: 'System' Date/Time: 29/05/2016 1:58:08 AM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.
 
Log: 'System' Date/Time: 29/05/2016 1:53:24 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_MULTI&PROD_FLASH_READER&REV_1.00#058F63666471&00#.
 
Log: 'System' Date/Time: 29/05/2016 1:52:04 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

  • 0

#12
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/05/2016 10:05:07 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 29/05/2016 1:53:57 AM
Type: Error Category: 3
Event: 439 Source: ESENT
Windows (5072) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
 
Log: 'Application' Date/Time: 29/05/2016 1:53:57 AM
Type: Error Category: 1
Event: 490 Source: ESENT
Windows (5072) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 29/05/2016 2:03:16 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 29/05/2016 2:03:16 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 29/05/2016 2:02:26 AM
Type: Warning Category: 0
Event: 402 Source: HP Active Health
All attributes reported raw data as 0, ignoring this set
 
Log: 'Application' Date/Time: 29/05/2016 2:01:55 AM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
Error running a Casl GET EmbeddedController.AuditLog.JSON command: Exception has been thrown by the target of an invocation.
 
Log: 'Application' Date/Time: 29/05/2016 2:01:54 AM
Type: Warning Category: 0
Event: 31 Source: HP Active Health
Agent ApplicationsInstalled took too long to finish
 
Log: 'Application' Date/Time: 29/05/2016 2:01:29 AM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (440) SUS20ClientDataStore: A request to write to the file "C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log" at offset 712192 (0x00000000000ade00) for 512 (0x00000200) bytes succeeded, but took an abnormally long time (65 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 29/05/2016 1:57:06 AM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
Error running a Casl GET Diags.PostCodeError command: Exception has been thrown by the target of an invocation.
 
Log: 'Application' Date/Time: 29/05/2016 1:56:38 AM
Type: Warning Category: 0
Event: 30 Source: HP Active Health
Using alternative method to task creation
 
Log: 'Application' Date/Time: 29/05/2016 1:53:13 AM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=B04}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: DAVID-HP Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command: 
 
Log: 'Application' Date/Time: 29/05/2016 1:53:10 AM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=B04}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
 
Log: 'Application' Date/Time: 29/05/2016 1:50:38 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-585021316-1980500837-2966188906-1000:
Process 1464 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-585021316-1980500837-2966188906-1000

  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,010 posts
  • MVP
Log: 'System' Date/Time: 29/05/2016 2:01:23 AM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

 

 

The fix didn't help.  I'm pretty sure these errors are the cause of your freezes.  See:  http://www.tomshardw...-computer-againfor a bunch of people with the same problem.

 

Appears this is an HP PC so go to their site and see if that have any newer chipset drivers or SATA drivers or BIOS for your PC.  Or give me the model number and I'll look.  


  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,010 posts
  • MVP

In Addition to the above make sure you have SLI disabled:

 

http://www.computerh...es/ch001167.htm


  • 0

#15
DeborahT

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

I don't have an option for SLI. 

 

My model number is s5703w.

 

Thank you


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP