Okay I re-enabled IPv6 and updated my wireless.
I started the PC and it crashed. I clicked repair and it finally booted up.
It's having problems opening both browsers. Chrome and IE still..
Thank you for all your help.
infection, PC is so slow, boot and Internet
Started by
vatch
, Jul 06 2017 06:59 PM
#32
Posted 09 July 2017 - 03:59 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Run VEW again so I can see what happened.
#33
Posted 09 July 2017 - 04:01 PM
vatch
- Topic Starter
-
- Member
-
- 55 posts
Member
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 09/07/2017 6:01:18 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/07/2017 9:08:09 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/07/2017 9:18:34 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 09/07/2017 9:17:51 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.
Log: 'System' Date/Time: 09/07/2017 5:13:53 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 09/07/2017 4:32:57 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 10:20:50 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:50:10 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:50:10 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:50:09 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:50:07 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The VSNService service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The IconMan_R service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Intel® Centrino® Wireless Bluetooth® + High Speed Security Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Intel® Centrino® Wireless Bluetooth® + High Speed Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:53 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Bluetooth OBEX Service service terminated unexpectedly. It has done this 1 time(s).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/07/2017 9:18:48 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/07/2017 9:18:42 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 09/07/2017 4:33:12 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/07/2017 4:32:59 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 09/07/2017 4:22:00 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/07/2017 4:21:13 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 11:44:22 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 08/07/2017 11:44:20 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 10:27:09 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name optimumwifi4.optimum.net timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:25:39 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:24:39 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:21:33 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:21:05 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:20:44 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Client Virtualization Handler service. The Service Control Manager launched process 3152 and process 2852 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.
Log: 'System' Date/Time: 08/07/2017 10:20:43 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Application Virtualization Client service. The Service Control Manager launched process 2852 and process 1428 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.
Log: 'System' Date/Time: 08/07/2017 10:18:38 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 10:18:27 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dnsproxy.ff.avast.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 8:50:16 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 8:50:11 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 08/07/2017 8:33:57 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
#34
Posted 09 July 2017 - 04:02 PM
vatch
- Topic Starter
-
- Member
-
- 55 posts
Member
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 09/07/2017 6:02:14 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/07/2017 9:19:52 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:19:52 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:19:52 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:18:19 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0x40000015 Fault offset: 0x000000000022af96 Faulting process id: 0xa80 Faulting application start time: 0x01d2f8f7ba23f21b Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: 2110507e-64ec-11e7-86ef-ebbcd7f99659
Log: 'Application' Date/Time: 09/07/2017 9:16:09 PM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Log: 'Application' Date/Time: 09/07/2017 9:16:09 PM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Log: 'Application' Date/Time: 09/07/2017 9:08:48 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:08:48 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:08:48 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 5:13:46 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0x40000015 Fault offset: 0x000000000022af96 Faulting process id: 0xa4c Faulting application start time: 0x01d2f86cd488a204 Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: 61d12f87-6465-11e7-b918-af56913b2327
Log: 'Application' Date/Time: 09/07/2017 4:34:32 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:34:32 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:34:32 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:32:48 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0x40000015 Fault offset: 0x000000000022af96 Faulting process id: 0xa44 Faulting application start time: 0x01d2f86aff0e59f0 Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: a8eb0b7f-645f-11e7-ba44-ec2dc3c73527
Log: 'Application' Date/Time: 09/07/2017 4:25:26 AM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Log: 'Application' Date/Time: 09/07/2017 4:25:26 AM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Log: 'Application' Date/Time: 09/07/2017 4:22:04 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:22:04 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:22:04 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 08/07/2017 10:20:49 PM
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. Failed to Start the CVH service 1063
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/07/2017 9:31:52 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 9:31:52 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 09/07/2017 9:31:52 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 9:21:57 PM
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=764}
Attempting Transport Connection URL: http://c2r.microsoft...0.7181.5002.sftError: 24600F0A-10000001
Log: 'Application' Date/Time: 09/07/2017 9:21:38 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C10}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/07/2017 9:21:19 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C10}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 09/07/2017 9:16:17 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 09/07/2017 9:10:45 PM
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=78C}
Attempting Transport Connection URL: http://c2r.microsoft...0.7181.5002.sftError: 24600F0A-10000001
Log: 'Application' Date/Time: 09/07/2017 9:10:32 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C80}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/07/2017 9:10:17 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C80}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 09/07/2017 4:46:04 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 4:46:04 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 09/07/2017 4:46:04 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 4:36:27 AM
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=F6C}
Attempting Transport Connection URL: http://c2r.microsoft...0.7181.5002.sftError: 24600F0A-10000001
Log: 'Application' Date/Time: 09/07/2017 4:36:15 AM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C40}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/07/2017 4:36:03 AM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C40}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 09/07/2017 4:32:37 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-1830509043-3057109524-1489324202-1001:
Process 5332 (\Device\HarddiskVolume5\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1830509043-3057109524-1489324202-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Log: 'Application' Date/Time: 09/07/2017 4:22:12 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, IntelWLANEventProvider, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 09/07/2017 4:22:12 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, IntelWLANEventProvider, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 09/07/2017 4:14:16 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
#35
Posted 09 July 2017 - 04:16 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Search for:
device manager
Find your Network Adapters
right click on each and Uninstall.
Reboot.
Copy the next two lines:
reg query "HKLM\System\CurentControlSet\Services\Eaphost\Methods\311" /s > \junk.txt
notepad \junk.txt
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply.
#36
Posted 09 July 2017 - 05:19 PM
vatch
- Topic Starter
-
- Member
-
- 55 posts
Member
It's says,
ERROR: The system was unable to find the specified registry key or value.
It did not go to notepad even after I hit enter. Notepad opened but is blank.
#37
Posted 09 July 2017 - 05:32 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
OK. Guess it's not a problem if it doesn't exist.
What does VEW say now?
#38
Posted 09 July 2017 - 05:40 PM
vatch
- Topic Starter
-
- Member
-
- 55 posts
Member
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 09/07/2017 7:39:50 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/07/2017 9:08:09 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/07/2017 9:18:34 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 09/07/2017 9:17:51 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.
Log: 'System' Date/Time: 09/07/2017 5:13:53 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 09/07/2017 4:32:57 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 10:20:50 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:50:10 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:50:10 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:50:09 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:50:07 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The VSNService service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The IconMan_R service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Intel® Centrino® Wireless Bluetooth® + High Speed Security Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Intel® Centrino® Wireless Bluetooth® + High Speed Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:53 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Bluetooth OBEX Service service terminated unexpectedly. It has done this 1 time(s).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/07/2017 11:10:48 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 09/07/2017 9:18:48 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/07/2017 9:18:42 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 09/07/2017 4:33:12 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/07/2017 4:32:59 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 09/07/2017 4:22:00 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/07/2017 4:21:13 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 11:44:22 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 08/07/2017 11:44:20 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 10:27:09 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name optimumwifi4.optimum.net timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:25:39 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:24:39 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:21:33 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:21:05 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:20:44 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Client Virtualization Handler service. The Service Control Manager launched process 3152 and process 2852 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.
Log: 'System' Date/Time: 08/07/2017 10:20:43 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Application Virtualization Client service. The Service Control Manager launched process 2852 and process 1428 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.
Log: 'System' Date/Time: 08/07/2017 10:18:38 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 10:18:27 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dnsproxy.ff.avast.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 8:50:16 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 8:50:11 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
#39
Posted 09 July 2017 - 05:41 PM
vatch
- Topic Starter
-
- Member
-
- 55 posts
Member
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 09/07/2017 7:40:30 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/07/2017 9:19:52 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:19:52 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:19:52 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:18:19 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0x40000015 Fault offset: 0x000000000022af96 Faulting process id: 0xa80 Faulting application start time: 0x01d2f8f7ba23f21b Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: 2110507e-64ec-11e7-86ef-ebbcd7f99659
Log: 'Application' Date/Time: 09/07/2017 9:16:09 PM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Log: 'Application' Date/Time: 09/07/2017 9:16:09 PM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Log: 'Application' Date/Time: 09/07/2017 9:08:48 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:08:48 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:08:48 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 5:13:46 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0x40000015 Fault offset: 0x000000000022af96 Faulting process id: 0xa4c Faulting application start time: 0x01d2f86cd488a204 Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: 61d12f87-6465-11e7-b918-af56913b2327
Log: 'Application' Date/Time: 09/07/2017 4:34:32 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:34:32 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:34:32 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:32:48 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0x40000015 Fault offset: 0x000000000022af96 Faulting process id: 0xa44 Faulting application start time: 0x01d2f86aff0e59f0 Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: a8eb0b7f-645f-11e7-ba44-ec2dc3c73527
Log: 'Application' Date/Time: 09/07/2017 4:25:26 AM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Log: 'Application' Date/Time: 09/07/2017 4:25:26 AM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Log: 'Application' Date/Time: 09/07/2017 4:22:04 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:22:04 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:22:04 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 08/07/2017 10:20:49 PM
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. Failed to Start the CVH service 1063
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/07/2017 10:30:19 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 09/07/2017 9:31:52 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 9:31:52 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 09/07/2017 9:31:52 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 9:21:57 PM
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=764}
Attempting Transport Connection URL: http://c2r.microsoft...0.7181.5002.sftError: 24600F0A-10000001
Log: 'Application' Date/Time: 09/07/2017 9:21:38 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C10}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/07/2017 9:21:19 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C10}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 09/07/2017 9:16:17 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 09/07/2017 9:10:45 PM
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=78C}
Attempting Transport Connection URL: http://c2r.microsoft...0.7181.5002.sftError: 24600F0A-10000001
Log: 'Application' Date/Time: 09/07/2017 9:10:32 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C80}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/07/2017 9:10:17 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C80}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 09/07/2017 4:46:04 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 4:46:04 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 09/07/2017 4:46:04 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 4:36:27 AM
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=F6C}
Attempting Transport Connection URL: http://c2r.microsoft...0.7181.5002.sftError: 24600F0A-10000001
Log: 'Application' Date/Time: 09/07/2017 4:36:15 AM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C40}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/07/2017 4:36:03 AM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C40}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 09/07/2017 4:32:37 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-1830509043-3057109524-1489324202-1001:
Process 5332 (\Device\HarddiskVolume5\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1830509043-3057109524-1489324202-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Log: 'Application' Date/Time: 09/07/2017 4:22:12 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, IntelWLANEventProvider, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Log: 'Application' Date/Time: 09/07/2017 4:22:12 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, IntelWLANEventProvider, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
#40
Posted 09 July 2017 - 05:49 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Did you uninstall the network adapters and reboot?
#41
Posted 09 July 2017 - 05:58 PM
vatch
- Topic Starter
-
- Member
-
- 55 posts
Member
okay rebooted.
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 09/07/2017 7:55:08 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/07/2017 9:08:09 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/07/2017 11:51:16 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 09/07/2017 9:18:34 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 09/07/2017 9:17:51 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.
Log: 'System' Date/Time: 09/07/2017 5:13:53 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 09/07/2017 4:32:57 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 10:20:50 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:50:10 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:50:10 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:50:09 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:50:07 PM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:55 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The VSNService service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The IconMan_R service terminated unexpectedly. It has done this 1 time(s).
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Intel® Centrino® Wireless Bluetooth® + High Speed Security Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Intel® Centrino® Wireless Bluetooth® + High Speed Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Log: 'System' Date/Time: 08/07/2017 8:49:54 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/07/2017 11:51:26 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/07/2017 11:51:17 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 09/07/2017 11:10:48 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 09/07/2017 9:18:48 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/07/2017 9:18:42 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 09/07/2017 4:33:12 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/07/2017 4:32:59 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 09/07/2017 4:22:00 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/07/2017 4:21:13 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 11:44:22 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 08/07/2017 11:44:20 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 10:27:09 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name optimumwifi4.optimum.net timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:25:39 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:24:39 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:21:33 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:21:05 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 08/07/2017 10:20:44 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Client Virtualization Handler service. The Service Control Manager launched process 3152 and process 2852 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.
Log: 'System' Date/Time: 08/07/2017 10:20:43 PM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Application Virtualization Client service. The Service Control Manager launched process 2852 and process 1428 connected instead. Note that if this service is configured to start under a debugger, this behavior is expected.
Log: 'System' Date/Time: 08/07/2017 10:18:38 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 08/07/2017 10:18:27 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dnsproxy.ff.avast.com timed out after none of the configured DNS servers responded.
****
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 09/07/2017 7:57:48 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/07/2017 11:52:45 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 11:52:45 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 11:52:45 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 11:51:06 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0x40000015 Fault offset: 0x000000000022af96 Faulting process id: 0xa64 Faulting application start time: 0x01d2f8f94594ea3e Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: 788dfcb4-6501-11e7-8d66-8a994a47995b
Log: 'Application' Date/Time: 09/07/2017 9:19:52 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:19:52 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:19:52 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:18:19 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0x40000015 Fault offset: 0x000000000022af96 Faulting process id: 0xa80 Faulting application start time: 0x01d2f8f7ba23f21b Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: 2110507e-64ec-11e7-86ef-ebbcd7f99659
Log: 'Application' Date/Time: 09/07/2017 9:16:09 PM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Log: 'Application' Date/Time: 09/07/2017 9:16:09 PM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Log: 'Application' Date/Time: 09/07/2017 9:08:48 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:08:48 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 9:08:48 PM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 5:13:46 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0x40000015 Fault offset: 0x000000000022af96 Faulting process id: 0xa4c Faulting application start time: 0x01d2f86cd488a204 Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: 61d12f87-6465-11e7-b918-af56913b2327
Log: 'Application' Date/Time: 09/07/2017 4:34:32 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:34:32 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:34:32 AM
Type: Error Category: 2
Event: 2002 Source: Microsoft-Windows-EapHost
Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Log: 'Application' Date/Time: 09/07/2017 4:32:48 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0x40000015 Fault offset: 0x000000000022af96 Faulting process id: 0xa44 Faulting application start time: 0x01d2f86aff0e59f0 Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: a8eb0b7f-645f-11e7-ba44-ec2dc3c73527
Log: 'Application' Date/Time: 09/07/2017 4:25:26 AM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Log: 'Application' Date/Time: 09/07/2017 4:25:26 AM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/07/2017 11:54:54 PM
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=5D0}
Attempting Transport Connection URL: http://c2r.microsoft...0.7181.5002.sftError: 2460420A-40002EE2
Log: 'Application' Date/Time: 09/07/2017 11:54:27 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C40}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/07/2017 11:54:14 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C40}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 09/07/2017 10:30:19 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 09/07/2017 9:31:52 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 9:31:52 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 09/07/2017 9:31:52 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 9:21:57 PM
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=764}
Attempting Transport Connection URL: http://c2r.microsoft...0.7181.5002.sftError: 24600F0A-10000001
Log: 'Application' Date/Time: 09/07/2017 9:21:38 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C10}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/07/2017 9:21:19 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C10}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 09/07/2017 9:16:17 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f6501013-edb9-11e1-b440-c48508243ded}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 09/07/2017 9:10:45 PM
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=78C}
Attempting Transport Connection URL: http://c2r.microsoft...0.7181.5002.sftError: 24600F0A-10000001
Log: 'Application' Date/Time: 09/07/2017 9:10:32 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C80}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/07/2017 9:10:17 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C80}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 09/07/2017 4:46:04 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 4:46:04 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 09/07/2017 4:46:04 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 09/07/2017 4:36:27 AM
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=F6C}
Attempting Transport Connection URL: http://c2r.microsoft...0.7181.5002.sftError: 24600F0A-10000001
Log: 'Application' Date/Time: 09/07/2017 4:36:15 AM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=C40}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: BOB-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/07/2017 4:36:03 AM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=C40}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
#42
Posted 09 July 2017 - 06:43 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Copy the next lines
We are getting an error from intel Wireless Zero Config Services and from EAP.
If we let windows control the wireless then we don't need intel Wireless Zero Config Service.
https://kb.netgear.c...ties-in-Windows
For the EAP error let's look at the registry:
Copy the next two lines:
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost" /s > \junk.txt
notepad \junk.txt
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply.
#43
Posted 09 July 2017 - 07:38 PM
vatch
- Topic Starter
-
- Member
-
- 55 posts
Member
I disabled wifi direct. I have a sony Viao. Is this correct? Can you help me please.
when I right click on wireless pro it gives me to buttons. Import or close.
Edited by vatch, 09 July 2017 - 07:50 PM.
#44
Posted 09 July 2017 - 07:51 PM
vatch
- Topic Starter
-
- Member
-
- 55 posts
Member
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost
DisplayName REG_SZ @%systemroot%\system32\eapsvc.dll,-1
ImagePath REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
Description REG_SZ @%systemroot%\system32\eapsvc.dll,-2
ObjectName REG_SZ localSystem
ErrorControl REG_DWORD 0x1
Start REG_DWORD 0x3
Type REG_DWORD 0x20
DependOnService REG_MULTI_SZ RPCSS\0KeyIso
ServiceSidType REG_DWORD 0x1
RequiredPrivileges REG_MULTI_SZ SeTcbPrivilege\0SeDebugPrivilege\0SeImpersonatePrivilege
FailureActions REG_BINARY 805101000000000000000000030000001400000001000000C0D4010001000000C0D401000000000000000000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Configuration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311
Name REG_SZ Microsoft
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\254
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\254\14122
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\311\254\14122\1
PeerFriendlyName REG_SZ Windows Connect Now EAP Peer
Properties REG_DWORD 0x848000
PeerInvokeUsernameDialog REG_DWORD 0x0
PeerInvokePasswordDialog REG_DWORD 0x0
PeerRequireConfigUI REG_DWORD 0x1
PeerDllPath REG_EXPAND_SZ %SystemRoot%\System32\WcnEapPeerProxy.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\8086
(Default) REG_SZ Intel
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\8086\18
(Default) REG_SZ
PeerInteractiveUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll
PeerConfigUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll
PeerRequireConfigUI REG_DWORD 0x0
Properties REG_DWORD 0x280000
PeerFriendlyName REG_SZ EAP-SIM
PeerInvokePasswordDialog REG_DWORD 0x0
PeerIdentityPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll
PeerInvokeUsernameDialog REG_DWORD 0x0
PeerDllPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eh_eap_sim.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\8086\21
(Default) REG_SZ
PeerIdentityPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll
PeerConfigUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll
Properties REG_DWORD 0x280000
PeerInvokePasswordDialog REG_DWORD 0x0
PeerRequireConfigUI REG_DWORD 0x0
PeerFriendlyName REG_SZ EAP-TTLS
PeerDllPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eh_eap_ttls.dll
PeerInteractiveUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll
PeerInvokeUsernameDialog REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\8086\23
(Default) REG_SZ
PeerRequireConfigUI REG_DWORD 0x0
PeerConfigUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll
PeerDllPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eh_eap_aka.dll
PeerInvokePasswordDialog REG_DWORD 0x0
Properties REG_DWORD 0x280000
PeerInvokeUsernameDialog REG_DWORD 0x0
PeerFriendlyName REG_SZ EAP-AKA
PeerInteractiveUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll
PeerIdentityPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9
(Default) REG_EXPAND_SZ Cisco
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9\17
PeerDllPath REG_EXPAND_SZ C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll
PeerFriendlyName REG_SZ @C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll,-117
Properties REG_DWORD 0x32c406e
PeerInvokeUsernameDialog REG_DWORD 0x0
PeerInvokePasswordDialog REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9\25
PeerDllPath REG_EXPAND_SZ C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll
PeerFriendlyName REG_SZ @C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll,-119
Properties REG_DWORD 0x173cd9ff
PeerInvokeUsernameDialog REG_DWORD 0x0
PeerInvokePasswordDialog REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9\43
PeerDllPath REG_EXPAND_SZ C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll
PeerFriendlyName REG_SZ @C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll,-30119
Properties REG_DWORD 0x173ef9ff
PeerInvokeUsernameDialog REG_DWORD 0x0
PeerInvokePasswordDialog REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9\43\UserData
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\eapsvc.dll
ServiceDllUnloadOnStop REG_DWORD 0x1
PeerInstalled REG_DWORD 0x1
#45
Posted 09 July 2017 - 08:16 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Copy the next line
reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost\Methods\9
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Right click and Paste (or Edit then Paste) and the copied line should appear.
Hit Enter
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
Reboot
Run VEW again.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
