Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

AVG has disappeared after running FRST cleanup


  • Please log in to reply

#1
JEISEN

JEISEN

    Member

  • Member
  • PipPipPip
  • 240 posts

http://www.geekstogo...me-page-solved/

 

 

This link is to the original problem a friend was having and my asking and getting help from this site.

When I ran the FRST cleanup to delete the quarantine folder with I noticed that her AVG had disappeared from her system tray. I restarted the PC, AVG did not auto start like I had it set up to do like before. I even tried a fresh AVG install.
 I clicked Fix (FRST). Then noticed AVG was not there.
I tried to go back to a restore point from last week. But AVG did not return.


  • 0

Advertisements


#2
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi JEISEN,

AVG is installed. Correct?

Click on the little up-arrow to the left of the clock area in the system tray then click on Customize. This should open the Notification Area Icons user interface. Look for the AVG icon and make sure it is set to Show icons and notifications.

Let me know the results.

Donna :)
  • 1

#3
JEISEN

JEISEN

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 240 posts

Hey Donna,

                   Thanks! Sorry for the late reply. I am out of town until sometime tomorrow and will check that and report back. I did forget about that hiding option. I believe I had her icons set to only show when action was needed. I will also post an update of a FRST scan.

Yes AVG is still installed the original installer still sits in the download folder.

I do have her AVG set up to run on restart. So when it didn't show or didn't see a scan notification I knew I better get some help-AGAIN!!


  • 0

#4
JEISEN

JEISEN

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 240 posts

Hi Donna,

                I looked, no AVG in notification area. So I'm going to post a FRST.


  • 0

#5
JEISEN

JEISEN

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 240 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-06-2017
Ran by Rose (administrator) on ROSE-PC (13-06-2017 14:38:41)
Running from C:\Users\Rose\Downloads
Loaded Profiles: Rose (Available Profiles: Rose)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchk.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIFCA.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(© 2015 Microsoft Corporation) C:\Users\Rose\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WNDA3100v3\WNDA3100v3.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [atchk] => C:\Program Files (x86)\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-05-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2010-06-14] (Analog Devices, Inc.)
HKLM-x32\...\Run: [jswtrayutil] => "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1687921294-1965150460-3559065622-1000\...\Run: [EPSON NX410 Series (Copy 1)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCA.EXE [223232 2008-10-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1687921294-1965150460-3559065622-1000\...\Run: [BingSvc] => C:\Users\Rose\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk [2015-11-07]
ShortcutTarget: NETGEAR WNA1100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v3 Genie.lnk [2016-04-11]
ShortcutTarget: NETGEAR WNDA3100v3 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v3\WNDA3100v3.EXE (NETGEAR)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 172.85.30.3 172.85.30.5
Tcpip\..\Interfaces\{2007EEF5-2412-42DC-8FDA-E5F04BAFD448}: [DhcpNameServer] 173.44.120.40 173.44.120.41
Tcpip\..\Interfaces\{5A365DA6-A0B7-4593-A2D8-97906C55A9CE}: [DhcpNameServer] 172.85.30.3 172.85.30.5

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\czz45gaq.default-1483506533445 [2017-06-13]
FF Homepage: Mozilla\Firefox\Profiles\czz45gaq.default-1483506533445 -> hxxp://www.msn.com/?pfr=1
FF Extension: (QCLean - Remove Facebook Ads Suggested Pages and Posts) - C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\czz45gaq.default-1483506533445\Extensions\[email protected] [2017-03-22]
FF Extension: (New Tab Homepage) - C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\czz45gaq.default-1483506533445\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2017-01-13]
FF Extension: (Adblock Plus) - C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\czz45gaq.default-1483506533445\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/
CHR NewTab: Default ->  Not-active:"chrome-extension://dbcjmigpjccmgflkhihmjllndonbecaa/newtab/newtab.html"
CHR Profile: C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default [2017-06-13]
CHR Extension: (Google Slides) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-24]
CHR Extension: (Google Docs) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-24]
CHR Extension: (Google Drive) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-24]
CHR Extension: (YouTube) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-05-31]
CHR Extension: (Email Access Online Version 2.0) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbcjmigpjccmgflkhihmjllndonbecaa [2017-06-11]
CHR Extension: (Google Sheets) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-24]
CHR Extension: (Google Docs Offline) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-24]
CHR Extension: (Gmail) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-24]
CHR Extension: (Chrome Media Router) - C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atchksrv; C:\Program Files (x86)\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-05-15] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-05-15] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-05-31] (AVG Technologies CZ, s.r.o.)
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166624 2017-05-15] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [314128 2017-05-15] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192584 2017-05-15] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336896 2017-05-15] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [51336 2017-05-15] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39424 2017-05-15] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [129776 2017-05-15] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [102280 2017-05-15] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76832 2017-05-15] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [1008288 2017-05-15] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [570320 2017-05-15] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [160008 2017-05-15] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [340824 2017-05-15] (AVG Technologies CZ, s.r.o.)
R3 WNDA3100v3; C:\Windows\System32\DRIVERS\WNDA3100v3.sys [2225808 2014-12-08] (MediaTek Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-31 16:02 - 2017-05-15 12:42 - 00401584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-13 14:40 - 2016-06-23 14:17 - 00011187 _____ C:\Users\Rose\Downloads\FRST.txt
2017-06-13 14:38 - 2017-01-10 14:45 - 00000000 ____D C:\Users\Rose\Downloads\FRST-OlderVersion
2017-06-13 14:38 - 2016-06-23 14:16 - 00000000 ____D C:\FRST
2017-06-13 14:38 - 2016-06-23 14:15 - 02438656 _____ (Farbar) C:\Users\Rose\Downloads\FRST64.exe
2017-06-13 14:25 - 2016-11-18 22:01 - 00000000 ____D C:\Users\Rose\AppData\LocalLow\Mozilla
2017-06-13 12:26 - 2016-09-20 18:13 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-06-13 11:30 - 2017-03-18 15:29 - 00004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-13 11:30 - 2015-07-07 14:15 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-13 11:30 - 2015-07-07 14:15 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-13 11:30 - 2015-07-07 14:15 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-13 11:30 - 2015-07-07 14:15 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-13 09:22 - 2009-07-14 00:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-13 09:22 - 2009-07-14 00:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-13 09:13 - 2016-04-11 19:52 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-06-13 09:12 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-05 19:28 - 2017-03-24 16:33 - 00002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-05 19:28 - 2017-03-24 16:33 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-04 10:26 - 2017-03-26 19:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-04 10:26 - 2015-11-07 11:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-31 16:21 - 2015-07-07 11:06 - 00000000 ____D C:\Windows\system32\MRT
2017-05-31 16:20 - 2017-04-24 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-05-31 16:20 - 2015-11-18 11:00 - 00001008 _____ C:\Users\Public\Desktop\AVG.lnk
2017-05-31 16:12 - 2015-07-07 11:06 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-31 16:02 - 2017-04-04 12:33 - 00003920 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2017-05-31 15:56 - 2015-11-07 14:19 - 00000000 ____D C:\Users\Rose
2017-05-31 15:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2017-05-31 15:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2017-05-31 15:07 - 2015-11-07 11:59 - 00000000 ____D C:\Users\Rose\AppData\Local\AvgSetupLog
2017-05-31 14:11 - 2017-01-13 15:07 - 00000423 _____ C:\Users\Rose\Downloads\Fixlog.txt
2017-05-15 12:43 - 2017-04-04 12:33 - 00160008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2017-05-15 12:42 - 2017-04-04 12:33 - 01008288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-05-15 12:42 - 2017-04-04 12:33 - 00570320 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2017-05-15 12:42 - 2017-04-04 12:33 - 00340824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2017-05-15 12:42 - 2017-04-04 12:33 - 00159496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys.149486658865701
2017-05-15 12:42 - 2017-04-04 12:33 - 00129776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-05-15 12:42 - 2017-04-04 12:33 - 00102280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-05-15 12:42 - 2017-04-04 12:33 - 00076832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-05-15 12:42 - 2017-04-04 12:33 - 00039424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-05-15 12:41 - 2017-04-04 12:33 - 00336896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2017-05-15 12:41 - 2017-04-04 12:33 - 00314128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2017-05-15 12:41 - 2017-04-04 12:33 - 00192584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2017-05-15 12:41 - 2017-04-04 12:33 - 00166624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2017-05-15 12:41 - 2017-04-04 12:33 - 00051336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys

Some files in TEMP:
====================
2016-06-23 10:53 - 2016-05-18 13:03 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_081247668940.exe
2016-07-27 13:48 - 2016-06-21 18:49 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_081486885703.exe
2016-04-07 19:49 - 2016-02-18 16:09 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_081635537688.exe
2015-11-18 10:59 - 2015-10-16 17:30 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_082013740879.exe
2016-05-13 15:29 - 2016-04-14 20:29 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_082084462725.exe
2016-01-16 13:12 - 2015-12-08 11:23 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_08238857032.exe
2016-04-19 02:20 - 2016-03-23 19:57 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_08276474042.exe
2016-08-22 18:44 - 2016-07-20 14:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_0828183126.exe
2016-01-09 18:54 - 2015-11-12 20:54 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_08454881608.exe
2016-02-23 14:39 - 2016-01-12 20:23 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_08574558967.exe
2016-05-31 15:17 - 2016-04-22 13:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rose\AppData\Local\Temp\avguirn_0880885172.exe
2017-01-04 12:24 - 2017-01-04 12:24 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Rose\AppData\Local\Temp\BSvcProcessor.exe
2017-01-04 12:24 - 2017-01-04 12:24 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Rose\AppData\Local\Temp\BSvcUpdater.exe
2016-03-21 19:00 - 1999-06-25 13:55 - 0149504 _____ () C:\Users\Rose\AppData\Local\Temp\GLB1A2B.EXE
2016-08-08 13:58 - 2016-08-08 13:58 - 26370009 _____ (Acresso Software Inc.                                        ) C:\Users\Rose\AppData\Local\Temp\Setup.exe
2016-01-04 18:49 - 2015-12-17 11:04 - 3000208 _____ (AVG Technologies) C:\Users\Rose\AppData\Local\Temp\UNINSTALL.EXE
2006-10-30 20:10 - 2006-10-30 20:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Rose\AppData\Local\Temp\_is3180.exe
2007-08-31 08:12 - 2007-08-31 08:12 - 0460248 ____R (Macrovision Corporation) C:\Users\Rose\AppData\Local\Temp\_isCF0.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-12 11:53

==================== End of FRST.txt ============================


  • 0

#6
JEISEN

JEISEN

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 240 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2017
Ran by Rose (13-06-2017 14:40:36)
Running from C:\Users\Rose\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-11-07 18:19:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1687921294-1965150460-3559065622-500 - Administrator - Disabled)
Guest (S-1-5-21-1687921294-1965150460-3559065622-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1687921294-1965150460-3559065622-1002 - Limited - Enabled)
Rose (S-1-5-21-1687921294-1965150460-3559065622-1000 - Administrator - Enabled) => C:\Users\Rose

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
AVG (Version: 1.191.1 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
Bingo Master (HKLM-x32\...\Bingo Master) (Version:  - )
Collector's Edition 251 (HKLM-x32\...\Collector's Edition 251) (Version:  - )
Cook'n for PC (HKLM-x32\...\Cook'n for PC) (Version:  - )
EPSON NX410 Series Printer Uninstall (HKLM\...\EPSON NX410 Series) (Version:  - SEIKO EPSON Corporation)
FMW 1 (Version: 1.203.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version:  - UltimateOutsider)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Mozilla Firefox 52.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 en-US)) (Version: 52.0.1 - Mozilla)
Mozilla Firefox 53.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 53.0.3 (x64 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
NETGEAR WNDA3100v3 (x32 Version: 1.0.0.10 - NETGEAR) Hidden
NETGEAR WNDA3100v3 Genie (HKLM-x32\...\InstallShield_{60C50FCC-545B-4D5D-B0D1-4A773143BCE7}) (Version: 1.0.0.10 - NETGEAR)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16432 - Microsoft Corporation)
World's Best Board Games (HKLM-x32\...\{D990DBB3-510C-4EC6-8299-CEF4CE949E69}_is1) (Version:  - cerasus.media GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07CC30AC-7C95-4FDD-9D5D-5521B43282BB} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {26B768F1-AE6F-4941-9622-6A81E2FC39BE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {67EF6A6C-6788-422F-85E9-5988A50E7110} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-24] (Google Inc.)
Task: {699DEAA5-6457-4F78-A32B-1817E6EDF3FD} - System32\Tasks\{2FAA0E06-03D1-471D-BA17-1E3F052C92E1} => pcalua.exe -a C:\Users\Rose\Downloads\epson13422.exe -d C:\Users\Rose\Downloads
Task: {8BDAD17C-6FB8-4F4B-8271-778B434965AA} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-05-15] (AVG Technologies CZ, s.r.o.)
Task: {DADD4E70-B749-4F54-9C7C-22C73C9A5209} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-24] (Google Inc.)
Task: {FAACD51E-88C4-47C4-B618-F078E1F2DD01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-13] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-05-15 12:42 - 2017-05-15 12:42 - 00163152 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll
2017-05-15 12:42 - 2017-05-15 12:42 - 00827088 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll
2017-05-15 12:42 - 2017-05-15 12:42 - 00276904 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2017-05-15 12:42 - 2017-05-15 12:42 - 00171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-05-15 12:42 - 2017-05-15 12:42 - 00178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-05-15 12:42 - 2017-05-15 12:42 - 00224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-06-12 17:47 - 2017-06-12 17:47 - 05677568 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17061202\algo.dll
2017-05-15 12:42 - 2017-05-15 12:42 - 00685784 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2017-05-15 12:42 - 2017-05-15 12:42 - 00231760 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2016-11-28 17:28 - 2016-11-28 17:27 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-05-15 12:42 - 2017-05-15 12:42 - 00999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-05-15 12:42 - 2017-05-15 12:42 - 67717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2014-12-22 10:03 - 2014-12-22 13:03 - 00122880 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v3\Ralink.dll
2012-11-21 18:26 - 2012-11-21 21:26 - 01204224 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v3\RaWLAPI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\techinline.net -> hxxps://*.techinline.net
IE trusted site: HKU\S-1-5-21-1687921294-1965150460-3559065622-1000\...\fixme.it -> hxxps://fixme.it
IE trusted site: HKU\S-1-5-21-1687921294-1965150460-3559065622-1000\...\techinline.net -> hxxps://*.techinline.net

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1687921294-1965150460-3559065622-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.85.30.3 - 172.85.30.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{4F1E18F5-067F-494E-BB82-FC196A691F40}E:\snapy drivers'\sdi_r167.exe] => (Allow) E:\snapy drivers'\sdi_r167.exe
FirewallRules: [UDP Query User{77ED0BC5-A97D-4C49-8C3C-3106769608E0}E:\snapy drivers'\sdi_r167.exe] => (Allow) E:\snapy drivers'\sdi_r167.exe
FirewallRules: [{B6FEF0F3-971E-4FB2-B157-7609D9E59D08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F968AB03-AB6D-4D64-A7AD-F4A12587C8D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{246E0C6C-39A8-49BC-8EC8-EFA5967E4DE6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{FE340FBB-36C4-49F8-A52D-E38222A4BACE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{92FBD79C-4633-4548-845B-CD2944AC5D4E}C:\users\rose\appdata\local\dvo\cook'n10app\cook'n.exe] => (Allow) C:\users\rose\appdata\local\dvo\cook'n10app\cook'n.exe
FirewallRules: [UDP Query User{0A0B5702-1B1F-4E3F-B71B-14524957413F}C:\users\rose\appdata\local\dvo\cook'n10app\cook'n.exe] => (Allow) C:\users\rose\appdata\local\dvo\cook'n10app\cook'n.exe
FirewallRules: [{5F4FF82F-497D-4CAA-B618-D38A182B8666}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{97150B0C-E684-4D5F-9ABE-D8B8E9A218E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A19B2D93-C3D8-4326-8612-96793793A668}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{E4025C45-A020-418E-9B7C-817564568D1F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{046AE693-5F4D-4A5A-AD1D-32C0EF85603C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{048DB2EE-7636-4734-991B-91E2C2165FD2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{E099005A-573B-4B08-9FC0-F12849C03814}] => (Allow) C:\Users\Rose\AppData\Local\Temp\7zS12DC\HP.EasyStart.exe
FirewallRules: [{7CCDF885-77F4-49CA-B6EB-E5E4BFF072FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F06DB2F9-81CC-45B6-BD9A-2C7B976E86BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{20432A73-002E-4708-B977-0C933C8F1DCC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

31-05-2017 09:55:48 Scheduled Checkpoint
31-05-2017 15:23:02 Restore Operation
31-05-2017 16:09:00 Windows Update
08-06-2017 10:31:20 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/13/2017 09:15:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WNA1100.exe, version: 1.1.4.27, time stamp: 0x4e2fbdc9
Faulting module name: WifiSvcLib.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a979a47
Exception code: 0xc0000005
Fault offset: 0x10019faf
Faulting process id: 0xe2c
Faulting application start time: 0x01d2e446d0e56a27
Faulting application path: C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
Faulting module path: WifiSvcLib.dll
Report Id: 53c021ce-503a-11e7-8b85-001aa08692ce

Error: (06/13/2017 09:13:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/12/2017 09:56:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WNA1100.exe, version: 1.1.4.27, time stamp: 0x4e2fbdc9
Faulting module name: WifiSvcLib.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a979a47
Exception code: 0xc0000005
Fault offset: 0x10019faf
Faulting process id: 0xc04
Faulting application start time: 0x01d2e38233b738bd
Faulting application path: C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
Faulting module path: WifiSvcLib.dll
Report Id: e19c0805-4f76-11e7-af6f-001aa08692ce

Error: (06/12/2017 09:46:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/12/2017 12:16:59 AM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (06/11/2017 03:37:59 PM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver

Error: (06/11/2017 10:55:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WNA1100.exe, version: 1.1.4.27, time stamp: 0x4e2fbdc9
Faulting module name: WifiSvcLib.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a979a47
Exception code: 0xc0000005
Fault offset: 0x10019faf
Faulting process id: 0xf28
Faulting application start time: 0x01d2e2bb1a18ee9d
Faulting application path: C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
Faulting module path: WifiSvcLib.dll
Report Id: fa752c91-4eb5-11e7-8549-001aa08692ce

Error: (06/11/2017 10:00:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/10/2017 10:18:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WNA1100.exe, version: 1.1.4.27, time stamp: 0x4e2fbdc9
Faulting module name: WifiSvcLib.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a979a47
Exception code: 0xc0000005
Fault offset: 0x10019faf
Faulting process id: 0x45c
Faulting application start time: 0x01d2e1ec1e43525d
Faulting application path: C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
Faulting module path: WifiSvcLib.dll
Report Id: b734b6d7-4de7-11e7-8909-001aa08692ce

Error: (06/10/2017 09:19:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/13/2017 09:13:36 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (06/11/2017 10:00:59 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (06/11/2017 12:48:54 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} did not register with DCOM within the required timeout.

Error: (06/11/2017 12:48:52 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {C2BFE331-6739-4270-86C9-493D9A04CD38} did not register with DCOM within the required timeout.

Error: (06/09/2017 09:31:12 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (06/08/2017 09:17:21 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (06/07/2017 08:07:45 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (06/01/2017 09:10:09 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (05/31/2017 04:25:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avgbIDSAgent service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (05/31/2017 04:25:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the avgbIDSAgent service to connect.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 76%
Total physical RAM: 2004.61 MB
Available physical RAM: 476.14 MB
Total Virtual: 4009.23 MB
Available Virtual: 2311.09 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:142.28 GB) (Free:99.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 5F88294C)
Partition 1: (Active) - (Size=6.8 GB) - (Type=27)
Partition 2: (Not Active) - (Size=142.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

#7
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi Jeisen,

The disappearance of the AVG icon from the systray is not the result of deleting the quarantine folder during FRST cleanup. More than likely just a coincidence. Upon googling AVG icon missing in system tray there are issues that date back to 2009. One particular incident was fixed in this topic just by searching for the avgtray.exe file and running it. See if that helps resolve the problem. Otherwise I do believe this is an AVG problem and it seems here that AVG is aware of this and have been struggling for some time to fix it. If the link I provided above is of no help, I would contact AVG personally and report the problem to them to see if they ever found a work around.

In the meantime, there are quite a few AVG temp files that could be removed. I recommend the following program.

Download TFC by Old Timer from here:
  • First, save any files as TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete cleaning.
More info:
TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. It also cleans out the %systemroot%\temp folder and checks for .tmp files in the %systemdrive% root folder, %systemroot%, and the system32 folder (both 32bit and 64bit on 64bit OSs). It shows the amount removed for each location found (in bytes) and the total removed (in MB).

Before running, it will stop Explorer and all other running applications. When finished, if a reboot is required the user must reboot to finish clearing any in-use temp files.
-- TFC only cleans temp folders.
-- TFC will not clean URL history, prefetch, or cookies. Depending on how often someone cleans their temp folders, their system hardware, and how many accounts are present, it can take anywhere from a few seconds to a minute or more. TFC will completely clear all temp files where other temp file cleaners may fail.

TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.
  • 1

#8
JEISEN

JEISEN

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 240 posts

Hey Donna,

                   I ran the TFC  cleanup scan. Then I searched and didn't find any AVG.exe's. I will read the other links you provided tonight. This will be a slow process on my end. I can only make it over here one time a day. I'm going to use the TFC on mine. I always get popups from AVG about having junk files and they offer me a "one time fix".

Thanks-will update tomorrow.


  • 0

#9
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hey Jeisen,

Thanks for letting me know. Did you open the User Interface to the AVG software to see if there is a setting or option somewhere to display the icon in the systray? Please do keep me updated.
  • 1

#10
JEISEN

JEISEN

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 240 posts

Hey DonnaB,

                        Sorry for the late reply. Since I couldn't find the AVG.exe I decided to do a fresh install from their site. The AVG shortcut that was on her desktop led to nothing. When I went to the Add/Remove program section there was a Repair and Remove option on the AVG entry. I chose Repair. That fixed things and returned AVG to the system tray!!! I restarted then ran a full system scan and found no problems. Thanks for taking time to respond and help!! You can close this one.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP