Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

infection, PC is so slow, boot and Internet

Started by vatch , Jul 06 2017 06:59 PM

  • Please log in to reply

#16
RKinner
Posted 07 July 2017 - 02:20 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Not too bad for a notebook.  

 

 
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
sfc  /scannow
 
(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 
Also you need to turn off boot logging:
 
Search for 
msconfig
 
hit Enter
 
Under the Boot Tab uncheck Boot Log.  OK.  No need to reboot.
 
Let's look at your boot log since we have it:
 
It's at C:\windows\ntbtlog.txt
 
Looks like it might be a bit large so attach it like you did the speccy log.
 
IF you can't see it then follow the instructions here:  http://www.howtogeek...-windows-vista/

  • 0

Advertisements

#17
vatch
Posted 07 July 2017 - 07:31 PM

vatch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

The scan looks like it was good

Attached Files


  • 0

#18
vatch
Posted 07 July 2017 - 07:40 PM

vatch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 07/07/2017 9:39:11 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 07/07/2017 5:49:30 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.
 
Log: 'System' Date/Time: 07/07/2017 3:12:23 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Intel® System Behavior Tracker Collector Service service hung on starting.
 
Log: 'System' Date/Time: 07/07/2017 4:30:57 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Oasis2Service service terminated unexpectedly.  It has done this 1 time(s).
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/07/2017 12:08:26 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 07/07/2017 9:50:59 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 07/07/2017 5:54:49 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 
 
Log: 'System' Date/Time: 07/07/2017 5:54:42 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 07/07/2017 5:00:44 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 
 
Log: 'System' Date/Time: 07/07/2017 5:00:37 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dnsproxy.ff.avast.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 07/07/2017 5:00:32 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 07/07/2017 4:10:20 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 
 
Log: 'System' Date/Time: 07/07/2017 4:10:13 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 07/07/2017 4:10:13 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll 
 

  • 0

#19
vatch
Posted 07 July 2017 - 08:36 PM

vatch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 07/07/2017 10:36:07 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 07/07/2017 5:57:01 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 07/07/2017 3:05:31 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 07/07/2017 4:12:34 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 07/07/2017 1:30:54 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 05/07/2017 8:34:56 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 05/07/2017 4:37:57 AM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Log: 'Application' Date/Time: 05/07/2017 4:37:57 AM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Log: 'Application' Date/Time: 05/07/2017 4:33:25 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 05/07/2017 4:30:49 AM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.ImportCardinalityMismatchException
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExports(System.ComponentModel.Composition.Primitives.ImportDefinition, System.ComponentModel.Composition.Hosting.AtomicComposition)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
   at VCSystemTray.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
 
 
 
Log: 'Application' Date/Time: 05/07/2017 4:16:16 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 05/07/2017 3:49:11 AM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Log: 'Application' Date/Time: 05/07/2017 3:49:11 AM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Log: 'Application' Date/Time: 05/07/2017 3:43:25 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 04/07/2017 10:31:25 PM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Log: 'Application' Date/Time: 04/07/2017 10:31:25 PM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Log: 'Application' Date/Time: 04/07/2017 10:27:25 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 04/07/2017 6:12:02 PM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Log: 'Application' Date/Time: 04/07/2017 6:12:02 PM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Log: 'Application' Date/Time: 04/07/2017 6:07:17 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 04/07/2017 6:02:14 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: rundll32.exe, version: 6.1.7601.23755, time stamp: 0x58dd1d09 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x80000008 Faulting process id: 0xaac Faulting application start time: 0x01d2f48b151f80db Faulting application path: C:\Windows\SysWOW64\rundll32.exe Faulting module path: unknown Report Id: 52df16bd-607e-11e7-baa2-af749a9d873b
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/07/2017 12:38:04 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again. 
 
Operation:
   Removing auto-release shadow copies
   Loading provider
 
Context:
   Execution Context: System Provider
 
Log: 'Application' Date/Time: 07/07/2017 6:07:11 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 07/07/2017 6:07:11 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 07/07/2017 6:07:11 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
add_counter: Cannot find nativectr: Failed with error 0x20000008: Bad counter path
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Unable to add counter: \Network Interface(*)\Bytes Total/sec
 
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
add_counter: Cannot find nativectr: Failed with error 0x20000008: Bad counter path
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Unable to add counter: \PhysicalDisk(_Total)\Disk Bytes/sec
 
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
add_counter: Cannot find nativectr: Failed with error 0x20000008: Bad counter path
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Unable to add counter: \Processor(_Total)\% Processor Time
 
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Expand Counter: Cannot find native object name: Failed with error 0x20000008: Bad counter path
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Expand Counter: Cannot find native object name: Failed with error 0x20000008: Bad counter path
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Expand Counter: Cannot find native object name: Failed with error 0x20000008: Bad counter path
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Expand Counter: Cannot find native object name: Failed with error 0x20000008: Bad counter path
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Expand Counter: Cannot find native object name: Failed with error 0x20000008: Bad counter path
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Intel® System Behavior Tracker Collector Service.
Copyright © 2013, Intel Corporation. All rights reserved.
Version 3.2.0.1 usage:
SBTService [/help|/uninstall|/savecsv {files...} OR
SBTService /install /service {Args...} OR
SBTService /standalone] {Args...}]
Args =
/directory=name
/nsamples=number
/dllinterval=number
/procinterval=number
counter=ctrname[:interval]
verbose[=level]
/expandcounter=ctrname[:interval]
/sstates
/nosstates
 
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Unrecognized argument: 
 
 
Log: 'Application' Date/Time: 07/07/2017 6:00:30 PM
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Expand Counter: Cannot find native object name: Failed with error 0x20000008: Bad counter path
 
Log: 'Application' Date/Time: 07/07/2017 5:57:04 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C34}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command: 
 
Log: 'Application' Date/Time: 07/07/2017 5:56:56 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C34}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

  • 0

#20
RKinner
Posted 07 July 2017 - 08:59 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Log: 'System' Date/Time: 07/07/2017 5:49:30 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.
 
Log: 'System' Date/Time: 07/07/2017 3:12:23 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Intel® System Behavior Tracker Collector Service service hung on starting.

 

 

This is  Vaio Care.  Looks like you can uninstall it.  If you really use it you can probably download a new version from Sony support.

 

Log: 'System' Date/Time: 07/07/2017 4:30:57 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Oasis2Service service terminated unexpectedly.  It has done this 1 time(s).
 

 

 

 
This is a worthless service that  came with your PC.  It allows them to send you little messages and sales pitches.
 
Uninstall Oasis2Service 
and that should get rid of it.  If you really want it you can get a new version from Sony support.
 

 
Log: 'System' Date/Time: 08/07/2017 12:08:26 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 07/07/2017 9:50:59 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 

 

 

This is IPv6 stuff so it should go away if you disable IPv6

 
 

 
Log: 'Application' Date/Time: 05/07/2017 4:16:16 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 

 

 

 

I have a fix for this based on 

 
 
 
Download the attached fix10.zip file.  
 
 
 
Save it then right click on it and Extract All.  Extract.   Right click on fix10.vbs and Open with Command Prompt.
 
Log: 'Application' Date/Time: 08/07/2017 12:38:04 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again.

 

This is usually seen when you have Microsoft Office Click-to-Run and refers to the Q:\ drive used by Office CTR.  I think you can go in to Control Panel, System, 
System Protection and make sure it that Q:\  has Protection OFF.  You can also just uninstall Microsoft Office Click-to-Run 2010 if you don't use it.
 
 
 
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot
 
Run VEW again as before.  Let's see how we did.  Is it booting up any faster now?
 
 

  • 0

#21
vatch
Posted 08 July 2017 - 02:24 PM

vatch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Hi,

 

Okay I'm having trouble disabling the  IPv6 stuff 

I made the new key and when I try to type in the value it won't let me type 0xff.

I'm stuck here.

 

Type any of the following values in the Value data field to configure the IPv6 protocol to the intended state, and then click OK:

  1. Type to re-enable all IPv6 components (Windows default setting).
  2. Type 0xff to disable all IPv6 components except the IPv6 loopback interface. This value also configures Windows to prefer using IPv4 over IPv6 by changing entries in the prefix policy table. For more information, see Source and destination address selection.
 

  • 0

#22
vatch
Posted 08 July 2017 - 02:46 PM

vatch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

I just restarted and its slower!  

 

I tried to get on IE and Chrome and it took forever.


  • 0

#23
RKinner
Posted 08 July 2017 - 02:46 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Best to just let MS do it.  Click on the Download button below  Disable IPv6 and then double click on it.  It pretends to be a troubleshooter but it does make the change.


  • 0

#24
vatch
Posted 08 July 2017 - 04:16 PM

vatch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Where is the DL button below?

 

I don't see it.


  • 0

#25
RKinner
Posted 08 July 2017 - 04:25 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

https://support.micr...ents-in-windows

 

Do you not have a bunch of Download buttons on the above page.


  • 0

Advertisements

#26
vatch
Posted 08 July 2017 - 06:38 PM

vatch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 08/07/2017 8:38:01 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/07/2017 10:20:50 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Client Virtualization Handler service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 08/07/2017 8:50:10 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\Windows\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 08/07/2017 8:50:10 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\Windows\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 08/07/2017 8:50:09 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\Windows\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 08/07/2017 8:50:07 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\Windows\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intuit Update Service v4 service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Application Virtualization Client service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The VSNService service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The IconMan_R service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Intel® Centrino® Wireless Bluetooth® + High Speed Security Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Intel® Centrino® Wireless Bluetooth® + High Speed Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Client Virtualization Handler service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 08/07/2017 8:49:53 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Bluetooth OBEX Service service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 08/07/2017 8:49:53 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The VAIO Event Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 3000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 08/07/2017 8:49:53 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Application Virtualization Service Agent service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 08/07/2017 8:49:53 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Registry Service service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 08/07/2017 8:49:53 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Event Log service terminated unexpectedly.  It has done this 1 time(s).
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/07/2017 11:44:22 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 
 
Log: 'System' Date/Time: 08/07/2017 11:44:20 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 08/07/2017 10:27:09 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name optimumwifi4.optimum.net timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 08/07/2017 10:25:39 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 08/07/2017 10:24:39 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 08/07/2017 10:21:33 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 08/07/2017 10:21:05 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 08/07/2017 10:20:44 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Client Virtualization Handler service.  The Service Control Manager launched process 3152 and process 2852 connected instead.    Note that if this service is configured to start under a debugger, this behavior is expected.
 
Log: 'System' Date/Time: 08/07/2017 10:20:43 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Application Virtualization Client service.  The Service Control Manager launched process 2852 and process 1428 connected instead.    Note that if this service is configured to start under a debugger, this behavior is expected.
 
Log: 'System' Date/Time: 08/07/2017 10:18:38 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 08/07/2017 10:18:27 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dnsproxy.ff.avast.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 08/07/2017 8:50:16 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 08/07/2017 8:50:11 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 
 
Log: 'System' Date/Time: 08/07/2017 8:33:57 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll 

  • 0

#27
vatch
Posted 08 July 2017 - 06:39 PM

vatch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 08/07/2017 8:38:57 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/07/2017 10:20:49 PM
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. Failed to Start the CVH service 1063
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/07/2017 11:56:59 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 08/07/2017 11:56:59 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 08/07/2017 11:56:59 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 08/07/2017 11:46:49 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C20}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command: 
 
Log: 'Application' Date/Time: 08/07/2017 11:46:39 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C20}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
 
Log: 'Application' Date/Time: 08/07/2017 11:42:48 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again. 
 
Operation:
   Removing auto-release shadow copies
   Loading provider
 
Context:
   Execution Context: System Provider
 
Log: 'Application' Date/Time: 08/07/2017 11:29:31 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again. 
 
Operation:
   Removing auto-release shadow copies
   Loading provider
 
Context:
   Execution Context: System Provider
 
Log: 'Application' Date/Time: 08/07/2017 10:20:45 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=CC8}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
 
Log: 'Application' Date/Time: 08/07/2017 9:21:21 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again. 
 
Operation:
   Removing auto-release shadow copies
   Loading provider
 
Context:
   Execution Context: System Provider
 
Log: 'Application' Date/Time: 08/07/2017 9:02:35 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 08/07/2017 9:02:35 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 08/07/2017 9:02:35 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 08/07/2017 8:52:29 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C28}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command: 
 
Log: 'Application' Date/Time: 08/07/2017 8:52:20 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C28}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
 
Log: 'Application' Date/Time: 08/07/2017 8:47:47 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 08/07/2017 8:47:47 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 08/07/2017 8:47:47 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 08/07/2017 8:37:38 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=DF0}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command: 
 
Log: 'Application' Date/Time: 08/07/2017 8:37:27 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=DF0}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

  • 0

#28
RKinner
Posted 08 July 2017 - 06:49 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Try updating your Intel® PROSet/Wireless WiFi Software:

 

https://www.intel.co.../000005634.html


  • 0

#29
vatch
Posted 08 July 2017 - 10:40 PM

vatch

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

I just updated.  IE won't open and hangs and Chrome is very slow opening too.


  • 0

#30
RKinner
Posted 09 July 2017 - 05:33 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

OK.  Re-enable IPv6 using the Download on https://support.micr...ents-in-windows


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP