Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Virus turning off safety tools (Malwarebytes Real-Time Protection)!


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Also see if there is a new nvidia driver for your graphics.


  • 0

Advertisements


#17
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

We have a wi-fi range extender device that was turned off. That explains the weak signal.

 

I will try to find the two drivers. I believe I already looked around for the nvidia one a few years ago.

 

One more thing. Earlier this afternoon when I rebooted the pc I got a black screen saying something like "HitmanPRO 3.7 something", windows took a while to start(longer than usual) then startted normaly. Now my Malwarebytes Real Time Protection is on and obeys my commands to switch on&off. It no longer turns off on its own like it did before. Did HitmanPRO fix something? Should I delete it...some say you should not use HitmanPRO??


  • 0

#18
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Also here is the Full Event Log minus the information

 

==================================================
Event Time        : 19.11.2017 1:58:57.136
Record ID         : 827
Event ID          : 3001
Level             : Warning
Channel           : Microsoft-Windows-CodeIntegrity/Operational
Provider          : Microsoft-Windows-CodeIntegrity
Description       : Code Integrity determined an unsigned kernel module \Device\HarddiskVolume2\Windows\System32\giveio.sys is loaded into the system. Check with the publisher to see if a signed version of the kernel module is available.
Opcode            : 101
Task              : 1
Keywords          : 0x8000000000000000
Process ID        : 4
Thread ID         : 68
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 19.11.2017 2:00:34.750
Record ID         : 5909
Event ID          : 1001
Level             : Error
Channel           : Microsoft-Windows-Dhcp-Client/Admin
Provider          : Microsoft-Windows-Dhcp-Client
Description       : Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0x22224352B408.  The following error occurred: 0x79. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Opcode            : IpAddressNotAssigned (75)
Task              : Address Configuration State Event (3)
Keywords          : 0x4000000000000000
Process ID        : 1052
Thread ID         : 1760
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 2:01:20.582
Record ID         : 48723
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 2548
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 2:01:20.583
Record ID         : 48725
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 2548
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 2:01:30.950
Record ID         : 48726
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 804
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 2:01:30.951
Record ID         : 48727
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 804
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 2:01:30.984
Record ID         : 48728
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 804
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 2:01:30.985
Record ID         : 48729
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 804
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 2:28:07.533
Record ID         : 48730
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 516
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 2:28:07.533
Record ID         : 48731
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 516
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 2:29:51.659
Record ID         : 828
Event ID          : 3001
Level             : Warning
Channel           : Microsoft-Windows-CodeIntegrity/Operational
Provider          : Microsoft-Windows-CodeIntegrity
Description       : Code Integrity determined an unsigned kernel module \Device\HarddiskVolume2\Windows\System32\giveio.sys is loaded into the system. Check with the publisher to see if a signed version of the kernel module is available.
Opcode            : 101
Task              : 1
Keywords          : 0x8000000000000000
Process ID        : 4
Thread ID         : 92
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 19.11.2017 2:30:04.857
Record ID         : 95
Event ID          : 315
Level             : Error
Channel           : Microsoft-Windows-PrintService/Admin
Provider          : Microsoft-Windows-PrintService
Description       : The print spooler failed to share printer hp deskjet 960c with shared resource name hp deskjet 960c. Error 2114. The printer cannot be used by others on the network.
Opcode            : Spooler Operation Failed (12)
Task              : Sharing a printer (30)
Keywords          : Printer
Process ID        : 1852
Thread ID         : 3620
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 19.11.2017 2:30:32.999
Record ID         : 2606
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1712
Thread ID         : 2492
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 19.11.2017 2:30:32.999
Record ID         : 2607
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1712
Thread ID         : 2492
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 19.11.2017 2:31:15.831
Record ID         : 5911
Event ID          : 1001
Level             : Error
Channel           : Microsoft-Windows-Dhcp-Client/Admin
Provider          : Microsoft-Windows-Dhcp-Client
Description       : Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0x22224352B408.  The following error occurred: 0x79. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Opcode            : IpAddressNotAssigned (75)
Task              : Address Configuration State Event (3)
Keywords          : 0x4000000000000000
Process ID        : 1052
Thread ID         : 1736
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 2:41:11.453
Record ID         : 2608
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1712
Thread ID         : 5472
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 19.11.2017 2:41:11.454
Record ID         : 2609
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1712
Thread ID         : 5472
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 19.11.2017 15:04:07.712
Record ID         : 48734
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 4268
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 15:04:19.180
Record ID         : 48736
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 4268
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 15:04:24.302
Record ID         : 48737
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 5404
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 15:04:24.309
Record ID         : 48738
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 5404
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 15:04:24.498
Record ID         : 48739
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 5120
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 15:04:24.499
Record ID         : 48740
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 5120
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 19.11.2017 15:28:04.404
Record ID         : 2610
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 4940
Thread ID         : 4932
Computer          : Mathew-PC
User              : Mathew-PC\Mathew
==================================================

==================================================
Event Time        : 19.11.2017 15:28:04.404
Record ID         : 2611
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 4940
Thread ID         : 4932
Computer          : Mathew-PC
User              : Mathew-PC\Mathew
==================================================

==================================================
Event Time        : 19.11.2017 15:33:38.911
Record ID         : 9768
Event ID          : 310
Level             : Warning
Channel           : Microsoft-Windows-Bits-Client/Operational
Provider          : Microsoft-Windows-Bits-Client
Description       : The initialization of the peer helper modules failed with the following error:  0x80070032.
Opcode            :
Task              :
Keywords          : 0x4000000000000000
Process ID        : 1216
Thread ID         : 4816
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 19.11.2017 18:32:04.065
Record ID         : 34
Event ID          : 1
Level             : Error
Channel           : Microsoft-Windows-UAC/Operational
Provider          : Microsoft-Windows-UAC
Description       : The process failed to handle ERROR_ELEVATION_REQUIRED during the creation of a child process.
Opcode            :
Task              : 1
Keywords          : 0x8000000000000000
Process ID        : 4836
Thread ID         : 4988
Computer          : Mathew-PC
User              : Mathew-PC\Mathew
==================================================

==================================================
Event Time        : 20.11.2017 17:15:41.270
Record ID         : 48741
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 4956
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 17:15:59.727
Record ID         : 48742
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 4956
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 17:16:19.960
Record ID         : 48743
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 5236
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 17:16:29.850
Record ID         : 48744
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 5236
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 17:16:29.931
Record ID         : 48745
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 4220
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 17:16:34.884
Record ID         : 48746
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 4220
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 17:16:36.323
Record ID         : 48747
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 4220
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 17:16:36.347
Record ID         : 48748
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 4220
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 17:16:36.762
Record ID         : 48749
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 7408
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 17:16:36.763
Record ID         : 48750
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 7408
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 20:39:47.856
Record ID         : 48751
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 7596
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 20:39:47.858
Record ID         : 48752
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 7596
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 20:40:31.664
Record ID         : 48753
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 6964
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 20:40:31.665
Record ID         : 48754
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 6964
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 20:41:26.248
Record ID         : 48755
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 1316
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 20:41:26.249
Record ID         : 48756
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 1316
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 21:22:19.965
Record ID         : 48757
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 5592
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 21:22:19.965
Record ID         : 48758
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1052
Thread ID         : 5592
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 21:24:38.388
Record ID         : 829
Event ID          : 3001
Level             : Warning
Channel           : Microsoft-Windows-CodeIntegrity/Operational
Provider          : Microsoft-Windows-CodeIntegrity
Description       : Code Integrity determined an unsigned kernel module \Device\HarddiskVolume2\Windows\System32\giveio.sys is loaded into the system. Check with the publisher to see if a signed version of the kernel module is available.
Opcode            : 101
Task              : 1
Keywords          : 0x8000000000000000
Process ID        : 4
Thread ID         : 80
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 20.11.2017 21:26:32.221
Record ID         : 5917
Event ID          : 1001
Level             : Error
Channel           : Microsoft-Windows-Dhcp-Client/Admin
Provider          : Microsoft-Windows-Dhcp-Client
Description       : Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0x22224352B408.  The following error occurred: 0x79. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Opcode            : IpAddressNotAssigned (75)
Task              : Address Configuration State Event (3)
Keywords          : 0x4000000000000000
Process ID        : 1048
Thread ID         : 1692
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 21:27:18.668
Record ID         : 2613
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1672
Thread ID         : 3456
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 20.11.2017 21:27:18.668
Record ID         : 2612
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1672
Thread ID         : 3456
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 20.11.2017 21:28:30.939
Record ID         : 48761
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1048
Thread ID         : 4280
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 21:28:30.940
Record ID         : 48763
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1048
Thread ID         : 4280
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 21:28:41.138
Record ID         : 48764
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1048
Thread ID         : 1096
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 21:28:41.139
Record ID         : 48765
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1048
Thread ID         : 1096
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 21:28:41.213
Record ID         : 48766
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1048
Thread ID         : 5556
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 21:28:41.214
Record ID         : 48767
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1048
Thread ID         : 5556
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 20.11.2017 21:44:07.967
Record ID         : 2614
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1672
Thread ID         : 5360
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 20.11.2017 21:44:07.967
Record ID         : 2615
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1672
Thread ID         : 5360
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 20.11.2017 21:56:57.626
Record ID         : 9774
Event ID          : 310
Level             : Warning
Channel           : Microsoft-Windows-Bits-Client/Operational
Provider          : Microsoft-Windows-Bits-Client
Description       : The initialization of the peer helper modules failed with the following error:  0x80070032.
Opcode            :
Task              :
Keywords          : 0x4000000000000000
Process ID        : 1188
Thread ID         : 4800
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 21.11.2017 1:10:46.782
Record ID         : 1515
Event ID          : 100
Level             : Critical
Channel           : Microsoft-Windows-Diagnosis-Scheduled/Operational
Provider          : Microsoft-Windows-Diagnosis-Scheduled
Description       : System maintenance detected issues requiring your attention. A notification was sent to the Action Center.
Opcode            :
Task              :
Keywords          : WHC Notification Keyword
Process ID        : 4924
Thread ID         : 6104
Computer          : Mathew-PC
User              : Mathew-PC\Mathew
==================================================

==================================================
Event Time        : 21.11.2017 3:14:25.829
Record ID         : 48769
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1048
Thread ID         : 4816
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 3:14:25.829
Record ID         : 48768
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1048
Thread ID         : 4816
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 3:16:42.564
Record ID         : 830
Event ID          : 3001
Level             : Warning
Channel           : Microsoft-Windows-CodeIntegrity/Operational
Provider          : Microsoft-Windows-CodeIntegrity
Description       : Code Integrity determined an unsigned kernel module \Device\HarddiskVolume2\Windows\System32\giveio.sys is loaded into the system. Check with the publisher to see if a signed version of the kernel module is available.
Opcode            : 101
Task              : 1
Keywords          : 0x8000000000000000
Process ID        : 4
Thread ID         : 68
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 21.11.2017 3:18:36.959
Record ID         : 5919
Event ID          : 1001
Level             : Error
Channel           : Microsoft-Windows-Dhcp-Client/Admin
Provider          : Microsoft-Windows-Dhcp-Client
Description       : Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0x22224352B408.  The following error occurred: 0x79. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Opcode            : IpAddressNotAssigned (75)
Task              : Address Configuration State Event (3)
Keywords          : 0x4000000000000000
Process ID        : 1072
Thread ID         : 1764
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 3:19:03.307
Record ID         : 2617
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1732
Thread ID         : 3880
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 21.11.2017 3:19:03.307
Record ID         : 2616
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1732
Thread ID         : 3880
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 21.11.2017 3:20:39.208
Record ID         : 48774
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5540
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 3:20:39.208
Record ID         : 48772
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5540
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 3:20:44.309
Record ID         : 48775
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4748
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 3:20:44.309
Record ID         : 48776
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4748
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 3:20:44.606
Record ID         : 48778
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 1336
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 3:20:44.606
Record ID         : 48777
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 1336
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 3:22:01.272
Record ID         : 2619
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1732
Thread ID         : 3612
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 21.11.2017 3:22:01.272
Record ID         : 2618
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1732
Thread ID         : 3612
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 21.11.2017 5:43:38.784
Record ID         : 48779
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 2404
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 5:43:38.784
Record ID         : 48780
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 2404
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:16:33.738
Record ID         : 48781
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 3680
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:16:33.754
Record ID         : 48782
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 3680
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:16:33.878
Record ID         : 48783
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 3680
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:16:33.894
Record ID         : 48784
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 3680
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:16:40.804
Record ID         : 48785
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5764
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:16:40.804
Record ID         : 48786
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5764
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:16:48.167
Record ID         : 96384
Event ID          : 29
Level             : Warning
Channel           : Microsoft-Windows-WindowsUpdateClient/Operational
Provider          : Microsoft-Windows-WindowsUpdateClient
Description       : Windows Update lost connectivity.
Opcode            : State Change (17)
Task              : Windows Update Agent (1)
Keywords          : Connection
Process ID        : 1216
Thread ID         : 3684
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 21.11.2017 12:32:29.867
Record ID         : 48787
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5324
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:32:29.867
Record ID         : 48788
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5324
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:41:06.385
Record ID         : 48789
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 3804
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:41:06.385
Record ID         : 48790
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 3804
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 12:41:10.441
Record ID         : 96390
Event ID          : 29
Level             : Warning
Channel           : Microsoft-Windows-WindowsUpdateClient/Operational
Provider          : Microsoft-Windows-WindowsUpdateClient
Description       : Windows Update lost connectivity.
Opcode            : State Change (17)
Task              : Windows Update Agent (1)
Keywords          : Connection
Process ID        : 1216
Thread ID         : 4736
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 21.11.2017 13:38:36.040
Record ID         : 48791
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 2396
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 13:38:36.056
Record ID         : 48792
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 2396
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 13:39:45.471
Record ID         : 48793
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 1276
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 13:39:45.471
Record ID         : 48794
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 1276
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 13:39:54.176
Record ID         : 9780
Event ID          : 310
Level             : Warning
Channel           : Microsoft-Windows-Bits-Client/Operational
Provider          : Microsoft-Windows-Bits-Client
Description       : The initialization of the peer helper modules failed with the following error:  0x80070032.
Opcode            :
Task              :
Keywords          : 0x4000000000000000
Process ID        : 1216
Thread ID         : 4408
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 21.11.2017 14:44:41.700
Record ID         : 48796
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5188
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 14:44:41.700
Record ID         : 48795
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5188
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 14:44:43.244
Record ID         : 48798
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5188
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 21.11.2017 14:44:43.244
Record ID         : 48797
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5188
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 12:31:49.979
Record ID         : 48799
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4236
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 12:31:50.011
Record ID         : 48800
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4236
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 12:31:50.135
Record ID         : 48801
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 1688
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 12:31:50.182
Record ID         : 48802
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 1688
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 12:31:50.557
Record ID         : 48803
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 1688
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 12:31:50.588
Record ID         : 48804
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 1688
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 12:55:16.342
Record ID         : 48805
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7792
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 12:55:16.358
Record ID         : 48806
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7792
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:34.210
Record ID         : 96473
Event ID          : 29
Level             : Warning
Channel           : Microsoft-Windows-WindowsUpdateClient/Operational
Provider          : Microsoft-Windows-WindowsUpdateClient
Description       : Windows Update lost connectivity.
Opcode            : State Change (17)
Task              : Windows Update Agent (1)
Keywords          : Connection
Process ID        : 1216
Thread ID         : 1408
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 24.11.2017 21:40:35.053
Record ID         : 48807
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 6048
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:35.333
Record ID         : 48808
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 6048
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:35.536
Record ID         : 48809
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7820
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:35.567
Record ID         : 48810
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7820
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:35.755
Record ID         : 48812
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7820
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:35.755
Record ID         : 48811
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7820
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:37.221
Record ID         : 48813
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7148
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:37.252
Record ID         : 48814
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7148
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:57.442
Record ID         : 48815
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7148
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:57.442
Record ID         : 48816
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7148
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:58.254
Record ID         : 48818
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7028
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 24.11.2017 21:40:58.254
Record ID         : 48817
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7028
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:02:04.356
Record ID         : 96478
Event ID          : 29
Level             : Warning
Channel           : Microsoft-Windows-WindowsUpdateClient/Operational
Provider          : Microsoft-Windows-WindowsUpdateClient
Description       : Windows Update lost connectivity.
Opcode            : State Change (17)
Task              : Windows Update Agent (1)
Keywords          : Connection
Process ID        : 1216
Thread ID         : 1408
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 15:02:06.025
Record ID         : 48819
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4376
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:02:06.025
Record ID         : 48820
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4376
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:02:07.519
Record ID         : 48822
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7224
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:02:07.519
Record ID         : 48821
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 7224
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:06:38.941
Record ID         : 44743
Event ID          : 1530
Level             : Warning
Channel           : Application
Provider          : Microsoft-Windows-User Profiles Service
Description       : Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.  

 DETAIL -
 17 user registry handles leaked from \Registry\User\S-1-5-21-1990737404-2085512467-1734709770-1001:
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Policies\Microsoft\SystemCertificates
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Policies\Microsoft\SystemCertificates
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Policies\Microsoft\SystemCertificates
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Policies\Microsoft\SystemCertificates
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Microsoft\SystemCertificates\trust
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Microsoft\SystemCertificates\Root
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Microsoft\SystemCertificates\My
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Microsoft\SystemCertificates\CA
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 1732 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Microsoft\SystemCertificates\SmartCardRoot

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1216
Thread ID         : 8128
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 15:06:40.000
Record ID         : 277964
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:06:40.158
Record ID         : 48823
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5024
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:06:40.158
Record ID         : 277968
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 684
Thread ID         : 6860
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:06:40.158
Record ID         : 277967
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 684
Thread ID         : 7660
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:06:40.158
Record ID         : 48824
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5024
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:07:07.645
Record ID         : 278010
Event ID          : 4001
Level             : Warning
Channel           : System
Provider          : Microsoft-Windows-WLAN-AutoConfig
Description       : WLAN AutoConfig service has successfully stopped.

Opcode            : Stop (2)
Task              :
Keywords          : 0x4000000000000000
Process ID        : 1140
Thread ID         : 6164
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 15:07:56.591
Record ID         : 278021
Event ID          : 219
Level             : Warning
Channel           : System
Provider          : Microsoft-Windows-Kernel-PnP
Description       : The driver \Driver\WUDFRd failed to load for the device USB\VID_147E&PID_1000\5&12646a26&0&2.
Opcode            :
Task              : 212
Keywords          : 0x8000000000000000
Process ID        : 4
Thread ID         : 76
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 15:08:52.944
Record ID         : 831
Event ID          : 3001
Level             : Warning
Channel           : Microsoft-Windows-CodeIntegrity/Operational
Provider          : Microsoft-Windows-CodeIntegrity
Description       : Code Integrity determined an unsigned kernel module \Device\HarddiskVolume2\Windows\System32\giveio.sys is loaded into the system. Check with the publisher to see if a signed version of the kernel module is available.
Opcode            : 101
Task              : 1
Keywords          : 0x8000000000000000
Process ID        : 4
Thread ID         : 72
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 15:09:44.175
Record ID         : 278083
Event ID          : 7009
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : A timeout was reached (30000 milliseconds) while waiting for the CyberGhost 5 Client Service service to connect.
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 736
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:09:44.175
Record ID         : 278084
Event ID          : 7000
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The CyberGhost 5 Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 736
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:09:44.190
Record ID         : 278085
Event ID          : 7026
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The following boot-start or system-start driver(s) failed to load:
EterlogicVirtualSerialDriver
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 736
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:09:46.000
Record ID         : 44758
Event ID          : 10
Level             : Error
Channel           : Application
Provider          : Microsoft-Windows-WMI
Description       : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:10:30.928
Record ID         : 5926
Event ID          : 1001
Level             : Error
Channel           : Microsoft-Windows-Dhcp-Client/Admin
Provider          : Microsoft-Windows-Dhcp-Client
Description       : Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0x22224352B408.  The following error occurred: 0x79. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Opcode            : IpAddressNotAssigned (75)
Task              : Address Configuration State Event (3)
Keywords          : 0x4000000000000000
Process ID        : 1072
Thread ID         : 1728
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:11:29.553
Record ID         : 2621
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1672
Thread ID         : 4068
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 15:11:29.553
Record ID         : 2620
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1672
Thread ID         : 4068
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 15:12:02.000
Record ID         : 278114
Event ID          : 8021
Level             : Warning
Channel           : System
Provider          : BROWSER
Description       : The browser service was unable to retrieve a list of servers from the browser master \\LENOVO-PC on the network \Device\NetBT_Tcpip_{D2D5868A-4340-4853-8DD5-C36310836696}.
 
 Browser master: \\LENOVO-PC
 Network: \Device\NetBT_Tcpip_{D2D5868A-4340-4853-8DD5-C36310836696}
 
 This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:12:56.000
Record ID         : 278121
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:12:56.410
Record ID         : 48829
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5808
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:12:56.410
Record ID         : 48827
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 5808
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:12:56.410
Record ID         : 278124
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 3824
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:12:56.410
Record ID         : 278125
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 824
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.000
Record ID         : 278128
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.000
Record ID         : 278126
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.000
Record ID         : 278127
Event ID          : 8032
Level             : Error
Channel           : System
Provider          : BROWSER
Description       : The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{D2D5868A-4340-4853-8DD5-C36310836696}. The backup browser is stopping.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.893
Record ID         : 278129
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 844
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.893
Record ID         : 278131
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 3824
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.893
Record ID         : 48830
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4640
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.893
Record ID         : 48831
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4640
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.971
Record ID         : 278134
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 3824
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.971
Record ID         : 278133
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 844
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.987
Record ID         : 48833
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4640
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:13:06.987
Record ID         : 48832
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4640
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 15:59:19.603
Record ID         : 2622
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1672
Thread ID         : 4052
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 15:59:19.603
Record ID         : 2623
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1672
Thread ID         : 4052
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:23:41.623
Record ID         : 9786
Event ID          : 310
Level             : Warning
Channel           : Microsoft-Windows-Bits-Client/Operational
Provider          : Microsoft-Windows-Bits-Client
Description       : The initialization of the peer helper modules failed with the following error:  0x80070032.
Opcode            :
Task              :
Keywords          : 0x4000000000000000
Process ID        : 1156
Thread ID         : 4984
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:28.353
Record ID         : 44781
Event ID          : 1530
Level             : Warning
Channel           : Application
Provider          : Microsoft-Windows-User Profiles Service
Description       : Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.  

 DETAIL -
 3 user registry handles leaked from \Registry\User\S-1-5-21-1990737404-2085512467-1734709770-1001:
Process 1672 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001
Process 1672 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001
Process 1672 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1156
Thread ID         : 1064
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:31.395
Record ID         : 44782
Event ID          : 1530
Level             : Warning
Channel           : Application
Provider          : Microsoft-Windows-User Profiles Service
Description       : Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.  

 DETAIL -
 1 user registry handles leaked from \Registry\User\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes:
Process 1672 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1990737404-2085512467-1734709770-1001_CLASSES

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1156
Thread ID         : 1064
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:33.000
Record ID         : 278184
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:34:33.750
Record ID         : 278185
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 5068
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:34:33.750
Record ID         : 278187
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 4348
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:34:33.766
Record ID         : 48835
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4600
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 16:34:33.766
Record ID         : 48834
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4600
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 16:34:44.374
Record ID         : 161
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:44.483
Record ID         : 162
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:44.639
Record ID         : 163
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:44.842
Record ID         : 164
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:45.000
Record ID         : 278189
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:34:45.107
Record ID         : 165
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:45.419
Record ID         : 166
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:45.778
Record ID         : 278192
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 5068
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:34:45.778
Record ID         : 278190
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 4348
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:34:45.778
Record ID         : 167
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:45.778
Record ID         : 48836
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4600
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 16:34:45.793
Record ID         : 48837
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 4600
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 16:34:46.183
Record ID         : 168
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:46.636
Record ID         : 169
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:47.151
Record ID         : 170
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:47.712
Record ID         : 171
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:48.321
Record ID         : 172
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:48.976
Record ID         : 173
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:49.678
Record ID         : 174
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:50.442
Record ID         : 175
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:51.253
Record ID         : 176
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:52.111
Record ID         : 177
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:53.016
Record ID         : 178
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:53.968
Record ID         : 179
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:34:54.982
Record ID         : 180
Event ID          : 2
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035
Opcode            : Start (12)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:35:01.000
Record ID         : 278194
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:35:01.000
Record ID         : 278193
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:35:01.377
Record ID         : 278197
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 5068
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:35:01.377
Record ID         : 278195
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 4348
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:35:01.392
Record ID         : 48838
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 2424
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 16:35:01.408
Record ID         : 48839
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 2424
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 16:35:01.533
Record ID         : 48840
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 2424
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 16:35:01.533
Record ID         : 278198
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 4348
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:35:01.533
Record ID         : 278200
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 732
Thread ID         : 5068
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:35:01.533
Record ID         : 48841
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1072
Thread ID         : 2424
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 16:57:16.798
Record ID         : 278235
Event ID          : 41
Level             : Critical
Channel           : System
Provider          : Microsoft-Windows-Kernel-Power
Description       : The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Opcode            :
Task              : 63
Keywords          : 0x8000000000000002
Process ID        : 4
Thread ID         : 8
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:57:24.380
Record ID         : 278240
Event ID          : 219
Level             : Warning
Channel           : System
Provider          : Microsoft-Windows-Kernel-PnP
Description       : The driver \Driver\WUDFRd failed to load for the device USB\VID_147E&PID_1000\5&12646a26&0&2.
Opcode            :
Task              : 212
Keywords          : 0x8000000000000000
Process ID        : 4
Thread ID         : 92
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:57:29.000
Record ID         : 278231
Event ID          : 6008
Level             : Error
Channel           : System
Provider          : EventLog
Description       : The previous system shutdown at 16:55:05 on ‎25.‎11.‎2017 was unexpected.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:57:41.267
Record ID         : 832
Event ID          : 3001
Level             : Warning
Channel           : Microsoft-Windows-CodeIntegrity/Operational
Provider          : Microsoft-Windows-CodeIntegrity
Description       : Code Integrity determined an unsigned kernel module \Device\HarddiskVolume2\Windows\System32\giveio.sys is loaded into the system. Check with the publisher to see if a signed version of the kernel module is available.
Opcode            : 101
Task              : 1
Keywords          : 0x8000000000000000
Process ID        : 4
Thread ID         : 100
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:57:52.281
Record ID         : 98
Event ID          : 315
Level             : Error
Channel           : Microsoft-Windows-PrintService/Admin
Provider          : Microsoft-Windows-PrintService
Description       : The print spooler failed to share printer hp deskjet 960c with shared resource name hp deskjet 960c. Error 2114. The printer cannot be used by others on the network.
Opcode            : Spooler Operation Failed (12)
Task              : Sharing a printer (30)
Keywords          : Printer
Process ID        : 504
Thread ID         : 2388
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:58:32.888
Record ID         : 278302
Event ID          : 7000
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The CyberGhost 5 Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 672
Thread ID         : 676
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:58:32.888
Record ID         : 278301
Event ID          : 7009
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : A timeout was reached (30000 milliseconds) while waiting for the CyberGhost 5 Client Service service to connect.
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 672
Thread ID         : 676
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:58:32.903
Record ID         : 278303
Event ID          : 7026
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The following boot-start or system-start driver(s) failed to load:
EterlogicVirtualSerialDriver
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 672
Thread ID         : 676
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:58:50.000
Record ID         : 44802
Event ID          : 10
Level             : Error
Channel           : Application
Provider          : Microsoft-Windows-WMI
Description       : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 16:59:31.653
Record ID         : 2625
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1732
Thread ID         : 3660
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:59:31.653
Record ID         : 2624
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1732
Thread ID         : 3660
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 16:59:38.891
Record ID         : 5929
Event ID          : 1001
Level             : Error
Channel           : Microsoft-Windows-Dhcp-Client/Admin
Provider          : Microsoft-Windows-Dhcp-Client
Description       : Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0x22224352B408.  The following error occurred: 0x79. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Opcode            : IpAddressNotAssigned (75)
Task              : Address Configuration State Event (3)
Keywords          : 0x4000000000000000
Process ID        : 1112
Thread ID         : 1832
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 17:01:51.000
Record ID         : 278338
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 17:01:51.934
Record ID         : 278342
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 672
Thread ID         : 4020
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 17:01:51.934
Record ID         : 278340
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 672
Thread ID         : 3972
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 17:01:51.934
Record ID         : 48844
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1112
Thread ID         : 4848
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 17:01:51.950
Record ID         : 48846
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1112
Thread ID         : 4848
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 17:01:58.000
Record ID         : 278344
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 17:01:58.000
Record ID         : 278343
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 17:01:58.018
Record ID         : 278346
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 672
Thread ID         : 3972
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 17:01:58.018
Record ID         : 278347
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 672
Thread ID         : 4020
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 17:01:58.018
Record ID         : 48847
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1112
Thread ID         : 4392
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 17:01:58.034
Record ID         : 48848
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1112
Thread ID         : 4392
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 17:01:58.237
Record ID         : 48849
Event ID          : 5003
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Failed to initialize the group.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1112
Thread ID         : 4392
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 17:01:58.237
Record ID         : 48850
Event ID          : 5001
Level             : Error
Channel           : Microsoft-Windows-HomeGroup Provider Service/Operational
Provider          : Microsoft-Windows-HomeGroup-ProviderService
Description       : Provider service initialization failed.  Details: The dependency service or group failed to start.

Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1112
Thread ID         : 4392
Computer          : Mathew-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================

==================================================
Event Time        : 25.11.2017 17:01:58.237
Record ID         : 278350
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 672
Thread ID         : 3972
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 17:01:58.237
Record ID         : 278348
Event ID          : 7001
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 672
Thread ID         : 4020
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 17:52:20.966
Record ID         : 2627
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1732
Thread ID         : 3632
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 17:52:20.966
Record ID         : 2626
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 1732
Thread ID         : 3632
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 18:11:00.000
Record ID         : 44828
Event ID          : 1002
Level             : Error
Channel           : Application
Provider          : Application Hang
Description       : The program firefox.exe version 57.0.0.6525 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 Process ID: 17e0
 Start Time: 01d3660705dc53ad
 Termination Time: 936
 Application Path: C:\Program Files\Mozilla Firefox\firefox.exe
 Report Id: 99666fbb-d203-11e7-8749-00248c8aa04a

Opcode            :
Task              : 101
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 18:44:29.794
Record ID         : 278391
Event ID          : 36887
Level             : Error
Channel           : System
Provider          : Schannel
Description       : The following fatal alert was received: 70.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 704
Thread ID         : 1496
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 18:44:29.872
Record ID         : 278392
Event ID          : 36887
Level             : Error
Channel           : System
Provider          : Schannel
Description       : The following fatal alert was received: 40.
Opcode            :
Task              :
Keywords          : 0x8000000000000000
Process ID        : 704
Thread ID         : 1496
Computer          : Mathew-PC
User              : NT AUTHORITY\SYSTEM
==================================================

==================================================
Event Time        : 25.11.2017 18:45:25.000
Record ID         : 278393
Event ID          : 102
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-PNRPSvc
Description       : The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
Opcode            :
Task              :
Keywords          : Classic
Process ID        :
Thread ID         :
Computer          : Mathew-PC
User              :
==================================================

==================================================
Event Time        : 25.11.2017 18:45:25.705
Record ID         : 278396
Event ID          : 7023
Level             : Error
Channel           : System
Provider          : Service Control Manager
Description       : The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Opcode            :
Task              :
Keywords          : Classic
Process ID        : 672
Thread ID         : 3956
Computer          : Mathew-PC
User              :
==================================================

 


  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Uninstall HitmanPRO.  This is not a well written program and will often remove stuff in such a way that the PC winds up in our unbootable - malware related forum.

 

After you uninstall it, make a new FRST scan as it seldom uninstalls cleanly and we will probably need to remove the driver it left behind.

 

For Nvidia try:

 

http://www.nvidia.co...dia-update.html

 

I've got to run to the hardware store.  Be offline for a few hours.   We bought a new TV & they left out 4 screws. 


  • 0

#20
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

The HitmanPRO (ProgramFiles/HitmanPRO) folder was empty, there was no HitmanPRO in the Uninstall/ControlPanel. I deleted the empty folder and the HitmanPRO.exe on the desktop. No idea if it's fully uninstalled at this point.

 

I have a GeForce 9650M GT. Can't seem to find the correct drivers on the Nvidia site.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-11-2017 01
Ran by Mathew (administrator) on MATHEW-PC (25-11-2017 21:54:47)
Running from C:\Users\Mathew\Desktop
Loaded Profiles: Mathew (Available Profiles: Mathew)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\PnkBstrA.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
() C:\Program Files\SimracewayUpdater\SRWUpdate.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-18] (AVAST Software)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-05-05] (Logitech Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2247568 2013-01-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [5422432 2014-05-13] (Sentelic Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7772704 2009-10-02] (Realtek Semiconductor)
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3111712 2017-11-17] (Valve Corporation)
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\...\Run: [DownloadAccelerator] => C:\Program Files\DAP\DAP.EXE [4110992 2014-04-27] (Speedbit Ltd.)
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\...\MountPoints2: {cfc95b6d-a835-11e5-ad7b-c89ac6531659} - I:\LaunchU3.exe -a
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D2D5868A-4340-4853-8DD5-C36310836696}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{D2D5868A-4340-4853-8DD5-C36310836696}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.si/?gws_rd=cr,ssl&ei=QJs_VNL-KqTnygOQj4DoCA
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-19] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-18] (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Mathew\AppData\Roaming\Mozilla\Firefox\Profiles\yp7khgkp.default-1486819378120 [2017-11-25]
FF Homepage: Mozilla\Firefox\Profiles\yp7khgkp.default-1486819378120 -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\yp7khgkp.default-1486819378120 -> about:newtab
FF Extension: (Avast SafePrice) - C:\Users\Mathew\AppData\Roaming\Mozilla\Firefox\Profiles\yp7khgkp.default-1486819378120\Extensions\[email protected] [2017-11-24]
FF Extension: (Avast Online Security) - C:\Users\Mathew\AppData\Roaming\Mozilla\Firefox\Profiles\yp7khgkp.default-1486819378120\Extensions\[email protected] [2017-11-11]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Mathew\AppData\Roaming\Mozilla\Firefox\Profiles\yp7khgkp.default-1486819378120\features\{588555c9-651c-48bd-bb17-7870496eee14}\[email protected] [2017-11-24] [Lagacy]
FF SearchPlugin: C:\Users\Mathew\AppData\Roaming\Mozilla\Firefox\Profiles\yp7khgkp.default-1486819378120\searchplugins\google-avast.xml [2017-02-17]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DAP\daplinkchecker => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-20] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-1990737404-2085512467-1734709770-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mathew\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-24] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://search.entru.com/?s=21983
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
CHR Extension: (Docs) - C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (YouTube) - C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
CHR Extension: (Google Search) - C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Google Docs Offline) - C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-25]
CHR Extension: (Avast Online Security) - C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-15]
CHR Extension: (You've Got Gmail) - C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default\Extensions\malfeooooleemdfajjpighcjgnbmmbam [2014-10-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Gmail) - C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-20]
CHR Extension: (Chrome Media Router) - C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-18]
CHR Profile: C:\Users\Mathew\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-04-21]
CHR HKLM\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [djcpfkccckpeeghiklnhienllljccglb] - D:\Program Files\SPEEDbit Video Downloader\Chrome\DownloaderChrome.crx [2014-06-28]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files\DAP\DAPChrome\DAPChrome6.crx [2014-04-27]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [ledcpigomgblcmofccnacobhmcdkpiea] - C:\Program Files\SearchPredict\Chrome\SearchPredictChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5904136 2017-11-18] (AVAST Software)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-15] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-18] (AVAST Software)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
R2 FoxitReaderService; C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-10-29] (Foxit Software Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4563920 2017-11-01] (Malwarebytes)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2905656 2016-06-15] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2018360 2016-06-15] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-11-14] ()
R2 Simraceway Update Service; C:\Program Files\SimracewayUpdater\SRWUpdate.exe [1630720 2013-07-11] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-07-15] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
S3 asmthub3; C:\Windows\system32\drivers\asmthub3.sys [110920 2012-11-08] (ASMedia Technology Inc)
S3 asmtxhci; C:\Windows\system32\drivers\asmtxhci.sys [333128 2012-11-08] (ASMedia Technology Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [157176 2017-11-18] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [255616 2017-11-18] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157408 2017-11-18] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276728 2017-11-18] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50376 2017-11-18] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42848 2017-11-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [124952 2017-11-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [99560 2017-11-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70864 2017-11-18] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783136 2017-11-18] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [388760 2017-11-19] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [150848 2017-11-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [298360 2017-11-18] (AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3310592 2014-11-10] (Qualcomm Atheros Communications, Inc.)
S3 b06diag; C:\Windows\system32\drivers\bxdiagx.sys [75816 2012-03-08] (Broadcom Corporation)
S3 BFN7x86; C:\Windows\system32\drivers\Xeno7x86.sys [130152 2012-02-22] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [150568 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [435240 2012-02-22] (Broadcom Corporation)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2012-12-13] (Windows ® Win 7 DDK provider)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-04-25] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59896 2017-11-01] ()
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [296336 2013-01-03] (ELAN Microelectronics Corp.)
S3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65152 2012-07-24] (Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
S3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [88832 2012-07-24] (Etron Technology Inc)
S3 fspad_win732; C:\Windows\System32\DRIVERS\fspad_win732.sys [144736 2014-05-13] (Sentelic Corporation)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [527344 2013-03-05] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26096 2013-03-05] (Intel Corporation)
S3 iusb3hub; C:\Windows\system32\drivers\iusb3hub.sys [359560 2012-12-21] (Intel Corporation)
S3 iusb3xhc; C:\Windows\system32\drivers\iusb3xhc.sys [792712 2012-12-21] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [167352 2017-11-19] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [91576 2017-11-25] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40376 2017-11-25] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [221112 2017-11-25] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [65824 2017-11-25] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-13] (ASUS)
S3 nusb3hub; C:\Windows\system32\drivers\nusb3hub.sys [73984 2011-10-25] (Renesas Electronics Corporation)
S3 nusb3xhc; C:\Windows\system32\drivers\nusb3xhc.sys [165120 2011-10-25] (Renesas Electronics Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [50744 2016-04-14] (NVIDIA Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL32.sys [24832 2015-07-13] (Resplendence Software Projects Sp.)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [11968 2000-07-24] () [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1761024 2010-09-07] (Sonix Technology Co., Ltd.)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; C:\Windows\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.)
R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
S1 EterlogicVirtualSerialDriver; \??\C:\Users\Mathew\AppData\Local\Temp\VSPE.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-25 21:51 - 2017-11-25 21:51 - 000000000 ____D C:\Users\Mathew\Desktop\FRST-OlderVersion
2017-11-25 20:52 - 2017-11-25 20:52 - 000000000 ____D C:\Windows\LastGood
2017-11-25 20:47 - 2014-11-10 11:10 - 003310592 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athr.sys
2017-11-25 19:09 - 2017-11-25 19:09 - 000083134 _____ C:\Users\Mathew\Desktop\Drivers.txt
2017-11-25 19:05 - 2017-11-25 19:05 - 002449736 _____ (Resplendence Software Projects Sp. ) C:\Users\Mathew\Desktop\LatencyMon.exe
2017-11-25 19:05 - 2017-11-25 19:05 - 000000971 _____ C:\Users\Mathew\Desktop\LatencyMon.lnk
2017-11-25 19:05 - 2017-11-25 19:05 - 000000959 _____ C:\Users\Mathew\Desktop\In Depth Latency Tests.lnk
2017-11-25 19:05 - 2017-11-25 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2017-11-25 19:05 - 2017-11-25 19:05 - 000000000 ____D C:\Program Files\LatencyMon
2017-11-25 19:05 - 2015-07-13 10:16 - 000024832 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL32.sys
2017-11-25 18:46 - 2017-11-25 18:49 - 000395292 _____ C:\Users\Mathew\Desktop\MATHEW-PC.txt
2017-11-25 18:45 - 2017-11-25 18:45 - 000000941 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-11-25 18:45 - 2017-11-25 18:45 - 000000000 ____D C:\Program Files\Speccy
2017-11-25 18:33 - 2017-11-25 18:33 - 000008164 _____ C:\Users\Mathew\Desktop\System Idle Process.txt
2017-11-25 17:53 - 2017-11-25 19:01 - 000000000 ____D C:\Users\Mathew\Desktop\FULLEventLog
2017-11-25 16:18 - 2017-11-25 18:28 - 002724512 _____ (Sysinternals - www.sysinternals.com) C:\Users\Mathew\Desktop\procexp.exe
2017-11-25 15:58 - 2017-11-25 15:58 - 000061440 _____ ( ) C:\Users\Mathew\Desktop\VEW.exe
2017-11-25 15:43 - 2017-11-25 18:36 - 000006887 _____ C:\junk.txt
2017-11-25 15:11 - 2017-11-25 17:01 - 000091576 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-11-25 15:11 - 2017-11-25 15:11 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-25 15:10 - 2017-11-25 20:04 - 000065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-11-24 12:32 - 2017-11-24 12:34 - 000096880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2017-11-21 13:52 - 2017-11-21 13:52 - 000062780 _____ C:\Users\Mathew\Desktop\Addition.txt
2017-11-21 13:46 - 2017-11-25 22:01 - 000019395 _____ C:\Users\Mathew\Desktop\FRST.txt
2017-11-21 13:46 - 2017-11-25 21:54 - 000000000 ____D C:\FRST
2017-11-21 13:45 - 2017-11-25 21:51 - 001789440 _____ (Farbar) C:\Users\Mathew\Desktop\FRST.exe
2017-11-21 12:33 - 2017-11-21 12:40 - 000229830 _____ C:\TDSSKiller.3.1.0.15_21.11.2017_12.33.00_log.txt
2017-11-21 03:54 - 2017-11-21 03:56 - 000233460 _____ C:\TDSSKiller.3.1.0.15_21.11.2017_03.54.32_log.txt
2017-11-21 03:52 - 2017-11-21 03:52 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2017-11-21 03:30 - 2017-11-21 03:54 - 000000000 ____D C:\ProgramData\HitmanPro
2017-11-21 03:21 - 2017-11-21 03:25 - 000233626 _____ C:\TDSSKiller.3.1.0.15_21.11.2017_03.21.58_log.txt
2017-11-21 03:00 - 2017-11-21 03:25 - 000000000 ____D C:\Users\Mathew\AppData\Local\NPE
2017-11-21 03:00 - 2017-11-21 03:00 - 000000000 ____D C:\ProgramData\Norton
2017-11-21 02:58 - 2017-11-21 02:59 - 003422944 _____ (Symantec Corporation) C:\Users\Mathew\Desktop\NPE.exe
2017-11-21 02:19 - 2017-11-21 02:59 - 000231826 _____ C:\TDSSKiller.3.1.0.15_21.11.2017_02.19.03_log.txt
2017-11-21 01:35 - 2017-11-21 02:13 - 000460978 _____ C:\TDSSKiller.3.1.0.15_21.11.2017_01.35.42_log.txt
2017-11-20 21:50 - 2017-11-20 21:50 - 000000000 ____D C:\Users\Mathew\AppData\Local\AVAST Software
2017-11-20 21:45 - 2017-11-20 21:45 - 000002095 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-11-20 21:45 - 2017-11-20 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-11-20 21:25 - 2017-11-20 21:30 - 000985390 _____ C:\TDSSKiller.3.1.0.15_20.11.2017_21.25.33_log.txt
2017-11-20 21:09 - 2017-11-20 21:21 - 000230872 _____ C:\TDSSKiller.3.1.0.15_20.11.2017_21.09.00_log.txt
2017-11-20 20:41 - 2017-11-20 21:08 - 000456586 _____ C:\TDSSKiller.3.1.0.15_20.11.2017_20.41.46_log.txt
2017-11-20 20:41 - 2017-11-20 20:41 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Mathew\Desktop\tdsskiller.exe
2017-11-20 20:37 - 2017-11-20 20:37 - 003227608 _____ C:\Users\Mathew\Downloads\Unconfirmed 25082.crdownload
2017-11-20 20:32 - 2017-11-20 20:32 - 004551260 _____ C:\Users\Mathew\Downloads\Unconfirmed 376312.crdownload
2017-11-20 20:31 - 2017-11-20 20:31 - 003084203 _____ C:\Users\Mathew\Downloads\Unconfirmed 286259.crdownload
2017-11-19 02:45 - 2017-11-25 17:00 - 000221112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-19 02:45 - 2017-11-25 17:00 - 000040376 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-11-19 02:45 - 2017-11-19 02:45 - 000167352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-11-19 02:45 - 2017-11-19 02:45 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-19 02:45 - 2017-11-19 02:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-19 02:44 - 2017-11-19 02:44 - 000000000 ____D C:\ProgramData\MB2Migration
2017-11-19 02:44 - 2017-11-19 02:44 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-19 02:44 - 2017-11-01 08:54 - 000059896 _____ C:\Windows\system32\Drivers\mbae.sys
2017-11-19 02:42 - 2017-11-19 02:42 - 000000000 ____D C:\Program Files\Common Files\Java
2017-11-19 02:26 - 2017-11-18 02:21 - 000305328 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-11-19 02:22 - 2017-11-19 02:22 - 007176464 _____ (AVAST Software) C:\Users\Mathew\Downloads\avast_free_antivirus_setup_online.exe
2017-11-19 02:18 - 2017-11-19 02:18 - 008893232 _____ (AVAST Software) C:\Users\Mathew\Downloads\Unconfirmed 106996.crdownload
2017-11-19 02:14 - 2017-11-18 02:22 - 000157176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2017-11-15 12:11 - 2017-10-18 07:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-15 12:11 - 2017-10-18 02:55 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-15 12:11 - 2017-10-18 02:55 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-15 12:11 - 2017-10-18 02:55 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-15 12:11 - 2017-10-18 02:55 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-15 12:11 - 2017-10-18 02:55 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-15 12:11 - 2017-10-18 02:55 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-15 12:11 - 2017-10-18 02:55 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-15 12:11 - 2017-10-16 23:49 - 001213672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-15 12:11 - 2017-10-16 23:25 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-15 12:11 - 2017-10-16 22:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2017-11-15 12:11 - 2017-10-14 08:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-15 12:11 - 2017-10-14 08:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-15 12:11 - 2017-10-14 08:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-15 12:11 - 2017-10-14 07:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-15 12:11 - 2017-10-14 07:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-15 12:11 - 2017-10-14 07:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-15 12:11 - 2017-10-14 07:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-15 12:11 - 2017-10-14 07:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-15 12:11 - 2017-10-14 07:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-15 12:11 - 2017-10-14 07:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-15 12:11 - 2017-10-14 07:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-15 12:11 - 2017-10-14 07:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-15 12:11 - 2017-10-14 07:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-15 12:11 - 2017-10-14 07:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-15 12:11 - 2017-10-14 07:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-15 12:11 - 2017-10-14 07:45 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-15 12:11 - 2017-10-14 07:41 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-15 12:11 - 2017-10-14 07:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-15 12:11 - 2017-10-14 07:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-15 12:11 - 2017-10-14 07:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-15 12:11 - 2017-10-14 07:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-15 12:11 - 2017-10-14 07:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-15 12:11 - 2017-10-14 07:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-15 12:11 - 2017-10-14 07:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-15 12:11 - 2017-10-14 07:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-15 12:11 - 2017-10-14 07:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-15 12:11 - 2017-10-14 07:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-15 12:11 - 2017-10-14 07:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-15 12:11 - 2017-10-14 07:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-15 12:11 - 2017-10-14 07:24 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-15 12:11 - 2017-10-14 07:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-15 12:11 - 2017-10-14 07:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-11-15 12:11 - 2017-10-14 07:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-15 12:11 - 2017-10-14 07:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-15 12:11 - 2017-10-14 07:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-15 12:11 - 2017-10-12 01:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-15 12:11 - 2017-10-12 01:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-15 12:11 - 2017-10-12 01:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-15 12:11 - 2017-10-12 01:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-15 12:11 - 2017-10-12 01:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-15 12:11 - 2017-10-12 01:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-15 12:11 - 2017-10-12 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-15 12:11 - 2017-10-12 01:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-15 12:11 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-15 12:11 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-15 12:11 - 2017-10-12 01:16 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-15 12:11 - 2017-10-12 01:14 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-15 12:11 - 2017-09-07 14:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-15 12:11 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-12 15:03 - 2017-11-12 15:04 - 001204720 _____ (Adobe Systems Incorporated) C:\Users\Mathew\Downloads\flashplayer27_xa_install.exe
2017-11-10 21:29 - 2017-11-10 21:30 - 014158948 _____ C:\Users\Mathew\Downloads\2014 CRF Enduro.saf
2017-11-06 13:16 - 2017-11-06 13:16 - 000000000 ____D C:\Program Files\Motocross The Force 9XX
2017-11-06 13:15 - 2017-11-06 13:16 - 016862444 _____ C:\Users\Mathew\Downloads\MotocrossTheForce964Setup.exe
2017-11-06 00:52 - 2017-11-06 00:52 - 000453832 _____ C:\Windows\Minidump\110617-25724-01.dmp
2017-10-30 13:14 - 2017-10-30 13:14 - 001060179 _____ C:\Users\Mathew\Downloads\grand-theft-auto-vice-city-v10-english-no-cdfixed-exe-passwd-lonebullet.7z
2017-10-30 12:55 - 2017-10-30 12:55 - 000232689 _____ C:\Users\Mathew\Downloads\1505777222_First Person View Mod For Vice City.rar
2017-10-30 12:55 - 2017-10-30 12:55 - 000232689 _____ C:\Users\Mathew\Downloads\1505777222_First Person View Mod For Vice City (1).rar
2017-10-30 12:54 - 2017-10-30 12:55 - 016062857 _____ C:\Users\Mathew\Downloads\1508063391_VC Remastered 2.0.zip
2017-10-29 21:12 - 2017-10-30 13:04 - 000000000 ____D C:\Users\Mathew\Documents\GTA Vice City User Files
2017-10-29 19:05 - 2017-10-29 19:05 - 000000215 _____ C:\Users\Mathew\Desktop\Grand Theft Auto Vice City.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-25 21:39 - 2009-07-14 05:34 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-25 21:39 - 2009-07-14 05:34 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-25 20:52 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-11-25 17:00 - 2016-10-08 00:32 - 000000000 ____D C:\Program Files\Steam
2017-11-25 16:57 - 2014-08-07 14:39 - 000000348 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2017-11-25 16:57 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-25 16:35 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2017-11-25 16:32 - 2011-04-12 03:24 - 000000000 ____D C:\Program Files\Windows Journal
2017-11-25 16:32 - 2011-04-12 03:16 - 000000000 ____D C:\Windows\system32\WCN
2017-11-25 16:32 - 2009-07-14 05:52 - 000000000 ____D C:\Program Files\Windows Sidebar
2017-11-25 16:32 - 2009-07-14 05:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-25 16:32 - 2009-07-14 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2017-11-25 16:32 - 2009-07-14 05:52 - 000000000 ____D C:\Program Files\DVD Maker
2017-11-25 16:32 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\sysprep
2017-11-25 16:32 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\oobe
2017-11-25 16:32 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\migwiz
2017-11-25 16:32 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\servicing
2017-11-25 16:32 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-11-25 16:32 - 2009-07-14 03:37 - 000000000 ____D C:\Program Files\Common Files\System
2017-11-24 12:44 - 2014-04-25 16:03 - 000000000 ____D C:\Windows\system32\MRT
2017-11-24 12:33 - 2017-10-16 16:15 - 124282896 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-24 12:32 - 2014-04-24 13:53 - 124282896 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-21 01:36 - 2017-09-04 14:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-21 01:36 - 2016-06-10 16:42 - 000000000 ____D C:\Users\Mathew\AppData\Roaming\Mozilla
2017-11-20 22:00 - 2016-10-09 12:32 - 000000000 ____D C:\Users\Mathew\AppData\Roaming\Octoshape
2017-11-20 21:47 - 2014-11-03 23:05 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-11-20 21:47 - 2014-11-03 23:05 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-11-20 21:47 - 2014-11-03 23:05 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-20 21:45 - 2017-05-18 21:31 - 000000000 ____D C:\ProgramData\Foxit Software
2017-11-19 02:44 - 2014-04-24 20:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-19 02:44 - 2014-04-24 20:08 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2017-11-19 02:42 - 2014-09-01 10:32 - 000095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-11-19 02:42 - 2014-09-01 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-19 02:41 - 2014-09-01 10:32 - 000000000 ____D C:\Program Files\Java
2017-11-19 02:27 - 2015-06-29 14:17 - 000002079 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-11-19 02:27 - 2014-04-24 14:05 - 000000000 ____D C:\ProgramData\AVAST Software
2017-11-19 02:26 - 2014-04-24 14:08 - 000388760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-11-19 02:17 - 2017-08-13 21:32 - 000000000 _____ C:\Windows\system32\last.dump
2017-11-18 02:22 - 2014-04-24 14:08 - 000298360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-11-18 02:22 - 2014-04-24 14:08 - 000150848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-11-18 02:22 - 2014-04-24 14:08 - 000124952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-11-18 02:22 - 2014-04-24 14:08 - 000099560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-11-18 02:22 - 2014-04-24 14:08 - 000070864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-11-18 02:22 - 2014-04-24 14:08 - 000042848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-11-18 02:21 - 2017-08-15 12:46 - 000276728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-11-18 02:21 - 2017-08-15 12:46 - 000255616 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-11-18 02:21 - 2017-08-15 12:46 - 000157408 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-11-18 02:21 - 2017-08-15 12:46 - 000050376 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-11-18 02:21 - 2014-04-24 14:08 - 000783136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-11-16 12:37 - 2009-07-14 05:33 - 000444336 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-15 00:21 - 2014-04-24 14:10 - 000002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 12:43 - 2016-10-08 00:32 - 000000000 ____D C:\Program Files\Common Files\Steam
2017-11-13 19:06 - 2017-08-10 18:52 - 000000000 ____D C:\Users\Mathew\AppData\Local\CrashDumps
2017-11-12 15:05 - 2014-11-03 23:03 - 000000000 ____D C:\Users\Mathew\AppData\Local\Adobe
2017-11-10 21:54 - 2015-01-07 17:10 - 000000000 ____D C:\Users\Mathew\AppData\Local\MX Simulator
2017-11-10 21:52 - 2015-01-07 17:02 - 000000000 ____D C:\Program Files\Mx simulator
2017-11-08 21:11 - 2016-11-16 20:35 - 000000000 ____D C:\Users\Mathew\AppData\LocalLow\Mozilla
2017-11-07 18:49 - 2016-11-13 19:08 - 000039410 _____ C:\Users\Mathew\Desktop\Next Arma suggestion.txt
2017-11-06 00:52 - 2014-07-03 21:55 - 000000000 ____D C:\Windows\Minidump
2017-11-06 00:51 - 2016-06-10 16:41 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-11-05 09:49 - 2014-04-25 18:56 - 000000000 ____D C:\Users\Mathew\AppData\Local\NVIDIA
2017-11-04 08:23 - 2014-04-25 18:57 - 000000000 ____D C:\Users\Mathew\AppData\Local\NVIDIA Corporation
2017-11-04 08:23 - 2014-04-25 18:52 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-04 08:23 - 2014-04-25 18:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-03 14:29 - 2010-11-20 22:01 - 000778834 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-29 21:11 - 2014-04-29 11:29 - 000000000 ____D C:\Users\Mathew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

==================== Files in the root of some directories =======

2015-11-14 10:12 - 2015-11-14 10:12 - 000138576 _____ () C:\Users\Mathew\AppData\Roaming\PnkBstrK.sys
2014-06-12 16:08 - 2014-06-12 16:13 - 000003584 _____ () C:\Users\Mathew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-27 18:34 - 2017-02-11 13:39 - 000007669 _____ () C:\Users\Mathew\AppData\Local\resmon.resmoncfg
2016-02-11 21:56 - 2016-02-11 21:56 - 000000000 _____ () C:\Users\Mathew\AppData\Local\{82A76771-8F6F-42F6-A934-737C31A590CE}

Some files in TEMP:
====================
2017-11-20 21:44 - 2017-08-21 17:01 - 003700288 _____ (Foxit Corporation) C:\Users\Mathew\AppData\Local\Temp\FoxitUpdater.exe
2017-11-14 12:36 - 2017-11-14 12:36 - 000000000 _____ () C:\Users\Mathew\AppData\Local\Temp\{810D1997-C0A5-4BF7-AFE3-D3734A2DAD57}-GoogleUpdateSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-19 18:22

==================== End of FRST.txt ============================

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-11-2017 01
Ran by Mathew (25-11-2017 22:01:38)
Running from C:\Users\Mathew\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2014-04-24 12:55:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1990737404-2085512467-1734709770-500 - Administrator - Disabled)
Guest (S-1-5-21-1990737404-2085512467-1734709770-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1990737404-2085512467-1734709770-1002 - Limited - Enabled)
Mathew (S-1-5-21-1990737404-2085512467-1734709770-1001 - Administrator - Enabled) => C:\Users\Mathew

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
1 (HKLM\...\MOTORM4X Offroad Extreme_is1) (Version:  - )
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-0015-0424-0000-0000000FF1CE}_PROPLUS_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-0016-0424-0000-0000000FF1CE}_PROPLUS_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-0018-0424-0000-0000000FF1CE}_PROPLUS_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-0019-0424-0000-0000000FF1CE}_PROPLUS_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-001A-0424-0000-0000000FF1CE}_PROPLUS_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-001B-0424-0000-0000000FF1CE}_PROPLUS_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-001F-041A-0000-0000000FF1CE}_PROPLUS_{C9CC66D9-D7D3-46C1-A485-9601E4DE8D28}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-001F-0424-0000-0000000FF1CE}_PROPLUS_{6E8DFF8D-F7D1-4451-952A-61CAB73A59E2}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-0044-0424-0000-0000000FF1CE}_PROPLUS_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-006E-0424-0000-0000000FF1CE}_PROPLUS_{5983F0B6-A661-4378-AEA8-9EB1992D2FB0}) (Version:  - Microsoft) Hidden
3D Route Builder (HKLM\...\{22EA8886-788F-449C-9ADE-417F41E9C954}) (Version: 7.3.9 - Hybrid GeoTools)
3D Sound Back Beta0.1 (HKLM\...\{39DB116F-E088-486F-B13C-8925ECE7A6E5}) (Version: 0.1 - Realtek Semiconductor Corp.)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Armed Assault Türkiye Mod Paketi (HKLM\...\Armed Assault Türkiye Mod Paketiv1.0) (Version: v1.0 - Armed Assault Türkiye)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
B375 Peugeot 206 1.00 (HKLM\...\B375 Peugeot 206 1.00) (Version:  - )
Bathurst v1.5 (2010 V8SC) (HKLM\...\{DDD54BB5-416B-41AE-A67A-F7BAC01C6CA1}_is1) (Version: v1.5 - Team ORSM)
BobsTrackBuilder (HKLM\...\{ECDF8120-703D-4A96-B36C-A565419B3900}) (Version: 1.0.0 - Bobs Track Builder)
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.66.1075 - AB Team, d.o.o.)
CBR Reader (HKLM\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
Cities XL Platinum (HKLM\...\Cities XL Platinum_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D.O.D. Map Pack v1.2 (HKLM\...\D.O.D. Map Pack v1.2) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Deus Ex - Game of the Year Edition (HKLM\...\Deus Ex - Game of the Year Edition_is1) (Version:  - GOG.com)
Disney's Simba's Pride GameBreak (HKLM\...\Simba's Pride GameBreak) (Version:  - )
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10059 (Build 2593) - Speedbit Ltd.)
Electronic Arts Game Updater (HKLM\...\Electronic Arts Game Updater) (Version:  - )
ETDWare PS/2-X86 11.5.6.6_WHQL (HKLM\...\Elantech) (Version: 11.5.6.6 - ELAN Microelectronic Corp.)
Façade (HKLM\...\{24E34264-D483-477C-A9A0-4E53F69834CF}) (Version: 1.1.2 - Procedural Arts)
Fender FUSE (HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\...\4051934814.fuse.fender.com) (Version:  - fuse.fender.com)
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 9.4.7.1 - Sentelic)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.)
Freelancer (HKLM\...\Freelancer 1.0) (Version:  - )
Game Copa Petrobras de Marcas version 1.02 (HKLM\...\{A5075C60-242E-432B-B935-31C90D127DA9}}_is1) (Version: 1.02 - Reiza Studios Ltda.)
Google Chrome (HKLM\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Earth Pro (HKLM\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IMVU Avatar Chat Software (HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\...\IMVU Avatar chat client software BETA) (Version:  - )
Installer (HKLM\...\{97E12F84-C033-4DA2-97D2-F540C3E292EA}) (Version: 1.0.0 - Sierra Entertainment, Inc.) Hidden
Java 8 Update 131 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
LatencyMon 6.51 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Logitech Gaming Software 5.09 (HKLM\...\{4EDD761B-5253-4CD1-A309-9DFEE960E344}) (Version: 5.09.131 - Logitech)
Mafia II (HKLM\...\Mafia II_is1) (Version:  - R.G. Mechanics, DANTE2050)
Mafia The City of Lost Heaven version 1.0.0.1 (HKLM\...\Mafia The City of Lost Heaven_is1) (Version: 1.0.0.1 - KNIGHT)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Midtown Madness 2 (HKLM\...\Midtown Madness 2.0) (Version:  - )
Microsoft Midtown Madness 2 Trial (HKLM\...\Midtown Madness 2.0 Trial) (Version:  - )
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version:  - )
Minecraft1.8 (HKLM\...\Minecraft1.8) (Version:  - )
Motocross The Force (remove only) (HKLM\...\Motocross The Force) (Version:  - )
Mount&Blade Warband (HKLM\...\Mount&Blade Warband) (Version:  - )
Mozilla Firefox 57.0 (x86 sl) (HKLM\...\Mozilla Firefox 57.0 (x86 sl)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
muvee Reveal 11 (HKLM\...\{92150CEE-F017-9FF5-17C4-B1CEB1048A3D}) (Version: 11.0.0.26762 - muvee Technologies Pte Ltd)
muvee Reveal Runtime (HKLM\...\{89018418-6136-4BA8-BAF9-FC0D3C4D4DDA}) (Version: 11.0.0.26762 - muvee Technologies Pte Ltd)
Mx simulator version 1 (HKLM\...\{E7D1E14C-153A-4EBF-8F20-616EB8B45CDF}_is1) (Version: 1 - Josh Vanderhoof)
Need for Speed - Hot Pursuit 2 (HKLM\...\Need for Speed - Hot Pursuit 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Need For Speed - Porsche 2000 (HKLM\...\Need For Speed - Porsche 2000) (Version:  - )
NirSoft VideoCacheView (HKLM\...\NirSoft VideoCacheView) (Version:  - )
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Operation Flashpoint 1.96 Multi Serial Edition (HKLM\...\{8FF6FFEC-E59D-40FD-9089-8B71F51CF67F}) (Version: 1.20 - GanjaBlood)
ParaflySim 3D Simulator BETA Demo (HKLM\...\{747E9E45-921F-4A99-BAB8-298F96F63A81}) (Version: 1.0.0 - RealSimSoft)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version:  - )
Posodobitev za Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0424-0000-0000000FF1CE}_PROPLUS_{FD705E62-13B4-4BF5-A4B2-A7599309751B}) (Version:  - Microsoft)
Posodobitev za Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0424-0000-0000000FF1CE}_PROPLUS_{045DC059-1CCC-47B9-BA35-713E269D33B8}) (Version:  - Microsoft)
Posodobitev za Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0424-0000-0000000FF1CE}_PROPLUS_{AD1C31E7-4856-4887-9307-1ABDE0F2DF7C}) (Version:  - Microsoft)
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.3 - Project Reality)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Raven Shield 2.0 English (HKLM\...\Raven_0) (Version:  - KetsuCorp Enterprises)
Real Lives 2010 (HKLM\...\Real Lives 2010) (Version: 10.0.0.13 - Educational Simulations)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R - Shadow of Chernobyl (HKLM\...\S.T.A.L.K.E.R - Shadow of Chernobyl_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Screamer 4x4 (HKLM\...\Screamer 4x4) (Version:  - )
SeeYou Version 3.1 (HKLM\...\SeeYou_is1) (Version:  - )
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Sid Meier's Pirates! (HKLM\...\{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Firaxis Games) Hidden
Sid Meier's Pirates! (HKLM\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Firaxis Games)
Simraceway 28.92 (HKLM\...\Simraceway) (Version: 28.92 - Simraceway)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
SpeedBit Video Downloader (HKLM\...\SPEEDbit Video Downloader) (Version: 1155(build_502) - SPEEDbit Ltd.)
Splinter Cell Chaos Theory version 1.0.5 (HKLM\...\Splinter Cell Chaos Theory_is1) (Version: 1.0.5 - Ubisoft)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SWAT 3 - Tactical Game of The Year Edition (HKLM\...\SWAT 3 - Tactical Game of The Year Edition_is1) (Version:  - GOG.com)
SWAT 4 - The Stetchkov Syndicate (HKLM\...\InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}) (Version: 1.0.0 - Sierra Entertainment, Inc.)
SWAT 4 (HKLM\...\{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31973 - Sierra Entertainment, Inc.) Hidden
SWAT 4 (HKLM\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31973 - Sierra Entertainment, Inc.)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syberia (HKLM\...\Syberia_is1) (Version:  - GOG.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.11.7 - Synaptics Incorporated)
System Requirements Lab (HKLM\...\{B35DBBD7-B42E-494A-8913-431A2E448131}) (Version: 6.1.1.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM\...\{CF2519AE-18CA-49DD-B590-11C08AC216F4}) (Version: 6.1.6.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Terror Strike (HKLM\...\{11B3D22F-AAAA-4A52-99A5-A2966CE640EA}) (Version:  - Encore)
TGZ TDM Map Pack 1 (HKLM\...\TGZ TDM Map Pack 1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Outlook 2007 Junk Email Filter (kb976884) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FB60F280-C70F-4174-BADB-471412AA42F0}) (Version:  - Microsoft)
USB 2.0 2.0M UVC WebCam (HKLM\...\USB 2.0 2.0M UVC WebCam) (Version:  - )
UserTesting (HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\...\UserTestingPlugin) (Version:  - UserTesting.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Mathew\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-11-18] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-11-18] (AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-11-18] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-11-18] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C89291-F0F3-4587-819A-00D525056BF7} - System32\Tasks\{5526E1A7-8AD9-45E2-91BB-82A5C906A6B0} => C:\Windows\system32\pcalua.exe -a "E:\see you\wcusetup.exe" -d "E:\see you"
Task: {01D14CA3-FAE7-43B1-9708-30E499CD40EC} - System32\Tasks\{807C03D6-2F4A-480C-8CA0-AC8198EF4933} => C:\Windows\system32\pcalua.exe -a "E:\see you\pcusetup.exe" -d "E:\see you"
Task: {080AC514-22EA-4C5B-87D0-B80234D42AC2} - System32\Tasks\{41C75AC0-628D-40B9-B03B-52FD7A3BC093} => C:\Program Files\Bohemia Interactive\ArmA\arma.exe
Task: {0C27DD63-45C9-4CF0-A132-DE73B8B3FCD4} - System32\Tasks\{1BEDF4F3-0FD7-4162-B440-A8A0C51A06B7} => C:\Windows\system32\pcalua.exe -a C:\Users\Mathew\Desktop\SWAT4XSRIInstaller_19122013_2156_F4.exe -d C:\Users\Mathew\Desktop
Task: {1584D162-1732-4EF3-AD97-D8245790B77D} - System32\Tasks\ATKOSD2 => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {16F12432-5798-4DA7-84C4-7FCA1B65EFE5} - System32\Tasks\{A7AC577A-51DA-4319-8472-6C6E3788E20D} => D:\Pcx2\pcsx2-r5875.exe
Task: {1EB39D68-559E-42D9-B9E9-BD6C9BFFBFB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {206BCD4C-651B-438F-907F-849113E4B96E} - System32\Tasks\{90973D2C-DC55-4F62-9FB1-2EB0A8B0E2AD} => D:\Program Files\Red Storm Entertainment\RavenShield\RavenShield.exe [2004-11-07] ()
Task: {2573EEA7-13AC-4119-B896-6BB95E462357} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-18] (AVAST Software)
Task: {3100433B-1060-4ED7-A67D-6FD456585ABE} - System32\Tasks\{361B90C5-B454-46B9-9BC1-DF0908C9A02F} => D:\Program Files\Red Storm Entertainment\RavenShield\RavenShield.exe [2004-11-07] ()
Task: {491B71A8-92C8-468D-9BB0-07AFE9BC02F6} - System32\Tasks\{AA3C8F08-07F5-4DDB-95D2-2C01716546E5} => C:\Windows\system32\pcalua.exe -a "E:\see you\alps_cit.exe" -d "E:\see you"
Task: {50155067-7FB4-4DB8-9E90-292111043CE8} - System32\Tasks\{E7987ECD-059F-4B3D-A0EC-4D7895256A97} => C:\Windows\system32\pcalua.exe -a "C:\Users\Mathew\Downloads\RAINBOW SIX\Raven Shield Complete\Rainbow Six - Raven Shield - Athena Sword\athena_sword_v1.00_to_v1.10_us.exe" -d "C:\Users\Mathew\Downloads\RAINBOW SIX\Raven Shield Complete\Rainbow Six - Raven Shield - Athena Sword"
Task: {592D3C7E-7AA5-401E-8164-EA6600C9AD7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-20] (Adobe Systems Incorporated)
Task: {6BFA1515-C906-4422-88C2-19CC09E88219} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {807F4D55-974D-4667-8FFF-A6485F846FDF} - System32\Tasks\{A71E74B9-400F-4BE5-A127-4B5185F0FEF0} => D:\Pcx2\pcsx2-r5875.exe
Task: {82E4CF9C-6A95-4954-8826-9EA52EEBA155} - System32\Tasks\{11F4B189-75CF-4F2B-BDBD-216595340620} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Mount&Blade Warband\Modules\TLD\.exe" -d "D:\Program Files\Mount&Blade Warband\Modules\TLD"
Task: {983E5AE6-EEC6-4512-B67D-83B7D0F10CF8} - System32\Tasks\{57A9B9E8-C773-4996-ABEE-5B977EBA7B16} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Microsoft Games\Midtown Madness 2\mm1xppat.EXE" -d "C:\Program Files\Microsoft Games\Midtown Madness 2"
Task: {9B05C977-B011-4FA5-B9C9-13DEE669E250} - System32\Tasks\{E5957E5B-AC2B-437B-913F-460F192E5217} => C:\Program Files\Bohemia Interactive\ArmA\arma.exe
Task: {A11990F2-7550-44A3-BE36-94FC642FE894} - System32\Tasks\{8039A73C-C336-435D-ACB6-AB5FA97818FE} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Red Storm Entertainment\RavenShield\IronWrathSetup_US.exe" -d "D:\Program Files\Red Storm Entertainment\RavenShield"
Task: {A492C135-2A02-4F09-8EFB-AA0CBE98A3D3} - System32\Tasks\DriverToolkit Autorun => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: {A54C47BF-5C6E-447A-9B9C-A823C7428DD2} - System32\Tasks\{CFB91BDE-3F0A-4327-9F92-8F1BBBBF71E3} => D:\Pcx2\pcsx2-r5875.exe
Task: {A598B1E6-1776-42ED-88BE-C203D7E47032} - System32\Tasks\{D7A9FAF8-E8C1-4E15-8C78-2CC37A894333} => C:\Windows\system32\pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {AC2271E5-FF2D-4B43-A418-AA3BEDA37F99} - System32\Tasks\{7295C6F3-157E-4264-B0A2-C3FE9D7D9327} => C:\Windows\system32\pcalua.exe -a F:\Setup.exe -d F:\
Task: {ACA9AC95-D2BD-4AC4-832D-0466CB7DE555} - System32\Tasks\{977D0F07-3C67-4770-98B5-D27CA70317BE} => C:\Windows\system32\pcalua.exe -a "F:\See You\zemljevidi\see you\italy_cit.exe" -d "F:\See You\zemljevidi\see you"
Task: {AE63424B-4E30-4050-99C5-78FEA931C38A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B611825A-6748-4DCE-ACFA-8251CABD7830} - System32\Tasks\{DF220F30-33A2-4EE2-BEC8-701A7D6C4CB6} => C:\Users\Mathew\AppData\Local\VelvetSundown\VelvetSundown.exe
Task: {C99F2DCB-FD40-416D-98C0-1D93F3D74C5D} - System32\Tasks\{AEAB169B-AD88-440E-B016-747A08D43020} => C:\Windows\system32\pcalua.exe -a "E:\see you\alps_cit.exe" -d "E:\see you"
Task: {D8BBD54C-11B4-4757-84CB-E786CD1C0BF4} - System32\Tasks\{80086FA0-C125-4351-8297-5A1E05BCB3A0} => C:\Windows\system32\pcalua.exe -a "F:\See You\zemljevidi\see you\alps_e_cmr.exe" -d "F:\See You\zemljevidi\see you"
Task: {DB8CC00E-FFF5-4202-AD2C-2E9A10F98583} - System32\Tasks\{92A7044C-88C6-496C-8A6E-A7C9AAB9DE0B} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Red Storm Entertainment\RavenShield\system\Setup.exe" -d "D:\Program Files\Red Storm Entertainment\RavenShield\system"
Task: {EF89DD9B-D528-4659-B043-D6C494D503A6} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {F9E4DF57-CA79-4F17-BA40-127296F642C2} - System32\Tasks\{F78B9C97-3D06-442A-AF31-B4FC10D07AB0} => C:\Users\Mathew\AppData\Local\VelvetSundown\VelvetSundown.exe
Task: {FC3E0844-0D4C-474A-BAAD-BA59984AC6F4} - System32\Tasks\{902C7244-6053-4828-8207-DC7D2F14DAD1} => D:\Pcx2\pcsx2-r5875.exe
Task: {FF6BE837-4060-4578-B2C1-91E23E2DAB07} - System32\Tasks\{9CB8ACF6-B226-4629-96E3-D223F37194AB} => C:\Windows\system32\pcalua.exe -a "D:\see you\alps_cit.exe" -d "D:\see you"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Mathew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Mathew\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Loaded Modules (Whitelisted) ==============

2014-04-25 18:53 - 2015-02-04 03:05 - 000106640 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2017-11-18 02:21 - 2017-11-18 02:21 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-11-18 02:21 - 2017-11-18 02:21 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-11-18 02:21 - 2017-11-18 02:21 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-11-18 02:21 - 2017-11-18 02:21 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-11-18 02:21 - 2017-11-18 02:21 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-11-25 15:03 - 2017-11-25 15:03 - 005881920 _____ () C:\Program Files\AVAST Software\Avast\defs\17112406\algo.dll
2017-11-18 02:21 - 2017-11-18 02:21 - 000710056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-11-18 02:21 - 2017-11-18 02:21 - 000245608 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-11-25 17:02 - 2017-11-25 17:02 - 005881920 _____ () C:\Program Files\AVAST Software\Avast\defs\17112500\algo.dll
2015-11-14 10:12 - 2015-11-14 10:12 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
2013-07-11 22:04 - 2013-07-11 22:04 - 001630720 _____ () C:\Program Files\SimracewayUpdater\SRWUpdate.exe
2013-07-11 22:03 - 2013-07-11 22:03 - 000252832 _____ () C:\Program Files\SimracewayUpdater\PATCHW32.dll
2017-11-19 02:44 - 2017-11-01 08:55 - 001930696 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-19 02:44 - 2017-11-01 08:54 - 001798608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-18 02:21 - 2017-11-18 02:21 - 000142792 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll
2015-06-14 15:04 - 2016-06-15 02:14 - 000020536 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2017-08-15 12:44 - 2017-08-15 12:44 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-18 02:21 - 2017-11-18 02:21 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\.rdata:X [526]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [244]
AlternateDataStreams: C:\ProgramData\TEMP:862BDB1A [132]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60543831.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60543831.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1990737404-2085512467-1734709770-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mathew\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRW Download Manager.lnk => C:\Windows\pss\SRW Download Manager.lnk.CommonStartup
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files\DAP\DAP.EXE" /STARTUP

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4DD5E91C-5DF6-42E8-BE82-4CCD56A2A26A}] => (Allow) C:\Users\Mathew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{262F9DEA-19D9-452C-87CD-791016A91855}] => (Allow) C:\Users\Mathew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{31C54D4B-5672-4DCB-8C45-9A87FE82F527}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{4C071302-58D6-4E45-9576-550E8D61C6AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C4CBA154-ABF1-4CAB-976F-40CD3576C9A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{392E21F7-6031-460D-8CC4-D84F2D1F0C03}C:\program files\dap\dap.exe] => (Allow) C:\program files\dap\dap.exe
FirewallRules: [UDP Query User{CA1A5252-919E-42B7-BD7A-89514CD9972B}C:\program files\dap\dap.exe] => (Allow) C:\program files\dap\dap.exe
FirewallRules: [TCP Query User{3667509C-B9D9-453C-BC99-1DAD751AD833}D:\program files\red storm entertainment\ravenshield\ravenshield.exe] => (Block) D:\program files\red storm entertainment\ravenshield\ravenshield.exe
FirewallRules: [UDP Query User{D89534E5-9B63-434C-BE5F-B6AC3867CAD3}D:\program files\red storm entertainment\ravenshield\ravenshield.exe] => (Block) D:\program files\red storm entertainment\ravenshield\ravenshield.exe
FirewallRules: [{2518DBC8-F8C5-4A79-8525-7A34DA4D5822}] => (Allow) D:\IgniteGT\Simraceway\SimracewayGame.exe
FirewallRules: [{F2F062B1-C20B-4BFD-B22C-7224D4EC260D}] => (Allow) D:\IgniteGT\Simraceway\SimracewayGame.exe
FirewallRules: [{A6F73AB1-55B8-411F-B294-645A959B02F9}] => (Allow) D:\IgniteGT\Simraceway\SimracewayGame.exe
FirewallRules: [{F8B5D939-309B-4082-BF45-6644DA1C0FFC}] => (Allow) D:\IgniteGT\Simraceway\SimracewayGame.exe
FirewallRules: [{9A8471CC-973F-4157-8917-6F986156C161}] => (Allow) D:\IgniteGT\Simraceway\SRWAgent.exe
FirewallRules: [{92A99E4A-89A7-4BAD-BBEA-D6BF47F381DA}] => (Allow) D:\IgniteGT\Simraceway\SRWAgent.exe
FirewallRules: [{AE367BBC-29CB-4254-8263-75114D8A12EE}] => (Allow) D:\IgniteGT\Simraceway\SRWAgent.exe
FirewallRules: [{B7898FA4-38E7-4D24-A33F-540D3062C2A9}] => (Allow) D:\IgniteGT\Simraceway\SRWAgent.exe
FirewallRules: [TCP Query User{9A68EAC7-542A-4E16-BD73-F99F0428CD32}D:\program files\operation flashpoint\flashpointresistance.exe] => (Allow) D:\program files\operation flashpoint\flashpointresistance.exe
FirewallRules: [UDP Query User{D885F59C-B000-4F14-8D09-7604C12B9EB5}D:\program files\operation flashpoint\flashpointresistance.exe] => (Allow) D:\program files\operation flashpoint\flashpointresistance.exe
FirewallRules: [{8BE31250-6D9A-4F18-83D7-D8473A9C28F7}] => (Block) D:\program files\operation flashpoint\flashpointresistance.exe
FirewallRules: [{A0D5A1D9-905C-4AB3-B708-A85A31BAF929}] => (Block) D:\program files\operation flashpoint\flashpointresistance.exe
FirewallRules: [TCP Query User{88FEB055-B353-409B-8DEF-6D3E699B9E15}D:\program files\rfactor\rfactor.exe] => (Allow) D:\program files\rfactor\rfactor.exe
FirewallRules: [UDP Query User{43C14CF6-9698-44B8-A42F-05C8EB764E5A}D:\program files\rfactor\rfactor.exe] => (Allow) D:\program files\rfactor\rfactor.exe
FirewallRules: [{379C16A1-81CD-4E85-AC96-A665ABF66443}] => (Block) D:\program files\rfactor\rfactor.exe
FirewallRules: [{04B88080-6829-48FC-A402-7A8CEC5A89B9}] => (Block) D:\program files\rfactor\rfactor.exe
FirewallRules: [{6265EEA4-33C9-4286-A905-ACFDEC0A6580}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{478FE079-0D9B-49FF-96D3-BFD0B85CA82E}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{A269DBC6-9061-4184-B4F8-F66AD27FB143}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{B8E78A08-50CF-49A7-8F43-3307DDA3098D}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{41A65162-1C5B-46C0-A77A-7101DC94C07F}] => (Allow) C:\Program Files\Project Reality\Project Reality BF2\prbf2.exe
FirewallRules: [{38F40F2D-F141-45F6-8F8A-2295A93C0CE2}] => (Allow) C:\Program Files\Project Reality\Project Reality BF2\mods\pr\bin\PRLauncher.exe
FirewallRules: [{D272909C-5CDE-4AF1-AAA8-53FC9F414AF0}] => (Allow) C:\Program Files\Project Reality\Project Reality BF2\mods\pr\bin\PRUpdater.exe
FirewallRules: [{E6152171-877C-4111-B5E6-619201217474}] => (Allow) C:\Program Files\Project Reality\Project Reality BF2\mods\pr\bin\PRMumble\PRMumble.exe
FirewallRules: [TCP Query User{08B05F11-DC8C-43B8-BB12-AE52BEF2DF79}D:\program files\red storm entertainment\ravenshield\system\ravenshield.exe] => (Allow) D:\program files\red storm entertainment\ravenshield\system\ravenshield.exe
FirewallRules: [UDP Query User{FA6D00AC-9818-4608-B7D0-F0793C8EB7DC}D:\program files\red storm entertainment\ravenshield\system\ravenshield.exe] => (Allow) D:\program files\red storm entertainment\ravenshield\system\ravenshield.exe
FirewallRules: [TCP Query User{990FADB7-02DE-49BD-AFB3-F2B150EF7F35}C:\program files\ubisoft\splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files\ubisoft\splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [UDP Query User{B618ED6D-84AA-46CE-9E4B-699634B72364}C:\program files\ubisoft\splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files\ubisoft\splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [{276AB34D-6B60-45F3-9CCE-103BCBA18DDC}] => (Block) C:\program files\ubisoft\splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [{8EF818FE-B96F-499B-838E-2727AC7D20A0}] => (Block) C:\program files\ubisoft\splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [{32B7B097-ECB1-40A7-96E4-B3D9B7A735D1}] => (Allow) C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe
FirewallRules: [{996B20A4-1CD6-4716-BB05-45EAB2DEFC59}] => (Allow) C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe
FirewallRules: [{01F8C205-D591-4624-8920-E8EEDAF98028}] => (Allow) C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe
FirewallRules: [{6C59BFD7-8345-4546-BDBD-3E97DFDF79F9}] => (Allow) C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe
FirewallRules: [{142835AE-4657-4BC2-9904-D8DAB2FC1024}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{29340537-89EC-414F-9F42-3C2EE7347A53}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A36C2FBF-5D95-41A0-AF91-48D0D6F832F8}D:\igg-rimworld.alpha.14\rimworldwin.exe] => (Block) D:\igg-rimworld.alpha.14\rimworldwin.exe
FirewallRules: [UDP Query User{A45554D6-32B3-4B2C-9871-94A1AAF98875}D:\igg-rimworld.alpha.14\rimworldwin.exe] => (Block) D:\igg-rimworld.alpha.14\rimworldwin.exe
FirewallRules: [TCP Query User{758070AA-1711-4A93-BA77-B3503A4543C3}D:\program files\encore\terror strike\system\ts.exe] => (Block) D:\program files\encore\terror strike\system\ts.exe
FirewallRules: [UDP Query User{39C4A6FA-3BFF-4243-A69F-1DD0CB65BCCD}D:\program files\encore\terror strike\system\ts.exe] => (Block) D:\program files\encore\terror strike\system\ts.exe
FirewallRules: [{7FE63155-73AF-4D77-AE47-D7EFB9DD5583}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{5AAE7CC4-3D3F-4705-AED1-22D1DEA6D39D}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{20116EF8-35DA-4FD9-BE81-D0E0AA8B5E04}] => (Allow) C:\Program Files\Steam\steamapps\common\ARMA Gold\arma.exe
FirewallRules: [{0F38A0F5-EFFD-4855-8628-30EDABA32DBE}] => (Allow) C:\Program Files\Steam\steamapps\common\ARMA Gold\arma.exe
FirewallRules: [{B1F3594D-5ADC-45EF-BE40-F694CCD0BA9A}] => (Allow) C:\Program Files\Steam\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{E53E862A-6333-4725-A808-BEE19375272C}] => (Allow) C:\Program Files\Steam\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{3F2634F8-737C-488C-9E72-93BA83D93EC0}] => (Allow) C:\Program Files\Steam\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [{93B3620E-0CAE-4E62-B692-7DA04B9B2331}] => (Allow) C:\Program Files\Steam\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [TCP Query User{30E66A4A-8BD5-4B0D-B986-8D41F24EFB70}C:\users\mathew\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\mathew\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{A98CC43C-26E7-452C-B058-94D22D2E476A}C:\users\mathew\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\mathew\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{88E63957-D523-4878-9A2D-E1C82A53F96B}] => (Block) C:\users\mathew\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{A4DEF5F5-43CD-44A4-9AE5-23213CD159BD}] => (Block) C:\users\mathew\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{7E6D70BD-5ABA-4F1F-8691-E5B0EFCABC9D}] => (Allow) C:\Program Files\Steam\steamapps\common\Ghost Master\ghost.exe
FirewallRules: [{B5CE0A47-2C1A-42B1-BD12-AD5762F58139}] => (Allow) C:\Program Files\Steam\steamapps\common\Ghost Master\ghost.exe
FirewallRules: [{7ECAA8F3-BA09-4397-AEE4-EAFD9EAC2145}] => (Allow) C:\Program Files\Steam\steamapps\common\WOG\disasm.exe
FirewallRules: [{5CE93207-7470-4808-8AA5-3DCBF2D1F8EA}] => (Allow) C:\Program Files\Steam\steamapps\common\WOG\disasm.exe
FirewallRules: [{5871D4C7-11D5-4C1B-BF96-41A9432CFB6D}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{142B7AFF-B90A-40DB-920B-F7FDCF2DC3B3}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A2598BEF-B0DF-4758-8BB2-AD76485D9037}] => (Allow) C:\Program Files\Steam\steamapps\common\Enclave\Enclave.exe
FirewallRules: [{293026D5-41BA-462D-9962-9BEB38AEE06E}] => (Allow) C:\Program Files\Steam\steamapps\common\Enclave\Enclave.exe
FirewallRules: [{EFBF68DF-53E9-40E2-96B8-40094A4DD358}] => (Allow) C:\Program Files\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe
FirewallRules: [{661CF132-31C9-4DD0-8C41-20DAD4803653}] => (Allow) C:\Program Files\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe
FirewallRules: [{6034DCC7-F960-46D5-8CCB-5A07CAB0940F}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Rainbow Six Lockdown\lockdown.exe
FirewallRules: [{75FBD5BB-83FB-4A58-BE91-F0727CE6806A}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Rainbow Six Lockdown\lockdown.exe
FirewallRules: [{ACED9187-0ADF-449E-804B-2452C6782B4F}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Another World\anowor.exe
FirewallRules: [{315AFAE8-8A9C-4A11-94C5-2F4AA13014A7}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Another World\anowor.exe
FirewallRules: [{F97DA682-43C1-4769-ADB2-E5731E146D63}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{E152EF10-4A70-45A8-85B1-9123AC9B97E7}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{DCDE74F4-F04E-4CB4-8A04-8A2E47E3C90B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1DD5BF34-14FC-4A31-A460-6A25152A324B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{641DC58E-45D7-4CA8-90EE-0B979EAA7AB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{841A1A3B-1C59-4CC9-8FA1-2EF8C7235895}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FC7DDEE9-850A-4C38-88B0-BEC35A8DCE2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BE42EA93-37BF-4EE9-8B37-7053D86AB6F8}] => (Allow) C:\Program Files\Steam\steamapps\common\Theatre of War\tow.exe
FirewallRules: [{489A23C8-34AF-4CC5-AAA3-310EBE95F5AF}] => (Allow) C:\Program Files\Steam\steamapps\common\Theatre of War\tow.exe
FirewallRules: [{4F411B8A-6168-4597-8664-8223FE164335}] => (Allow) C:\Program Files\Steam\steamapps\common\Theatre of War\MissionEditor\MissionGen.exe
FirewallRules: [{77D57FEF-98D8-410D-BF1B-BD55DEFF6396}] => (Allow) C:\Program Files\Steam\steamapps\common\Theatre of War\MissionEditor\MissionGen.exe
FirewallRules: [{51109AB5-E7B3-41A5-8FAC-468584CC140B}] => (Allow) C:\Program Files\Steam\steamapps\common\Theatre of War\MissionEditor\Editor.exe
FirewallRules: [{87CE4F46-BEA2-4EED-9C66-2EB863C9ADF4}] => (Allow) C:\Program Files\Steam\steamapps\common\Theatre of War\MissionEditor\Editor.exe
FirewallRules: [{26014F3B-FC79-443E-993C-A0AE3A10E1E3}] => (Allow) C:\Program Files\Steam\steamapps\common\Theatre of War\Builder.exe
FirewallRules: [{D23492F7-5099-4B0F-9353-C7E8D9239C58}] => (Allow) C:\Program Files\Steam\steamapps\common\Theatre of War\Builder.exe
FirewallRules: [{2ADB96CE-FCA7-41F0-AAA9-A648F9009D71}] => (Allow) C:\Program Files\Steam\steamapps\common\Theatre of War\towsetup.exe
FirewallRules: [{3A19E02E-7A98-4B07-A8BD-010DCD06B5F2}] => (Allow) C:\Program Files\Steam\steamapps\common\Theatre of War\towsetup.exe
FirewallRules: [{C1F6D369-02D5-410E-BA1D-2592787EE3B1}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{D36A6836-05F8-4B27-BC5A-27E05A4DC31F}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{F920886C-2B4F-495A-BA09-901F005D6EB7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

21-11-2017 03:12:26 Norton_Power_Eraser_20171121031224925
21-11-2017 03:50:58 Checkpoint by HitmanPro
21-11-2017 03:52:20 Checkpoint by HitmanPro
25-11-2017 16:24:22 Windows Update
25-11-2017 20:21:55 Windows Update

==================== Faulty Device Manager Devices =============

Name: EterlogicVirtualSerialDriver
Description: EterlogicVirtualSerialDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: EterlogicVirtualSerialDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/25/2017 06:11:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 57.0.0.6525 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 17e0

Start Time: 01d3660705dc53ad

Termination Time: 936

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 99666fbb-d203-11e7-8749-00248c8aa04a

Error: (11/25/2017 04:58:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/25/2017 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (11/25/2017 09:42:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (11/25/2017 09:42:59 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (11/25/2017 09:03:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (11/25/2017 09:03:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (11/25/2017 09:03:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (11/25/2017 09:03:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (11/25/2017 09:03:03 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (11/25/2017 09:03:02 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (11/25/2017 09:02:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (11/25/2017 09:02:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535


CodeIntegrity:
===================================
  Date: 2017-08-14 17:29:37.846
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-14 17:29:37.783
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-13 22:34:06.892
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-13 22:30:47.969
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-13 22:30:47.922
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-13 20:40:49.265
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-13 20:40:49.202
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-10 12:34:46.402
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-10 12:31:53.226
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-08-10 12:31:53.180
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU P8400 @ 2.26GHz
Percentage of memory in use: 67%
Total physical RAM: 3071.11 MB
Available physical RAM: 1010.69 MB
Total Virtual: 7677.44 MB
Available Virtual: 5204.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:21.5 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:139.28 GB) (Free:9.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=139.3 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================


  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
I have a GeForce 9650M GT. Can't seem to find the correct drivers on the Nvidia site.

 

 

The trick is to look for 9M

then Show All Operating Systems and it will show you Win 7 32

 

That should take you to

 

http://www.nvidia.co...px/112597/en-us

which is GeForce 342.01 Driver

Under Supported Products you will see:

 

GeForce 9M Series (Notebooks):

GeForce 9800M GTX, GeForce 9800M GTS, GeForce 9800M GT, GeForce 9800M GS, GeForce 9700M GTS, GeForce 9700M GT, GeForce 9650M GT, GeForce 9650M GS, GeForce 9600M GT, GeForce 9600M GS, GeForce 9500M GS, GeForce 9500M G, GeForce 9400M G, GeForce 9400M, GeForce 9300M GS, GeForce 9300M G, GeForce 9200M GS, GeForce 9100M G

 

So we know we have the right one.

 

After you update run process explorer again and post the log.

 

Looks like you took care of htiman.  It's no longer in the FRST scan but there is a lot of deadwood so let's run a fixlist:

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   10.31KB   7 downloads

Run FRST and press Fix
A fix log will be generated please post that

 

Uninstall:

Java 8 Update 131 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)

 

They are obsolete.

 

You have something wrong with Peer Group.  See if:

 

https://technet.micr...4(v=ws.10).aspx

 

will work for you.  (Use the Vista instructions)

 

The secdrv.sys file that you mentioned in your first post is not really a system file.  It's an anti-piracy program that keeps you from burning copies of game CDs.  Some games will not run if it's removed and recently a Win 10 security update killed it off generating a lot of protests on the net.

 

See if you can run aswmbr:

 

Download aswMBR.exe  to your desktop.
The link is a direct download so the page won't change.

Right click the aswMBR.exe and select Run As Administrator to run it
Wait until the AV Scan shows up at the bottom left.
Change AV Scan: from Quick Scan to  C:\
Click the "Scan" button to start scan
If it asks you to allow the Avast engine to download then say Yes.  It will take a while to finish.  
On completion of the scan (Note if the Fix button is enabled and tell me but do not push any buttons) click save log, save it to your desktop and post in your next reply

If it crashes then try it again but uncheck Trace Disk IO Calls before hitting Scan.


 

 

 

 

 

 

 


  • 0

#22
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Fix result of Farbar Recovery Scan Tool (x86) Version: 24-11-2017 01
Ran by Mathew (26-11-2017 01:03:49) Run:1
Running from C:\Users\Mathew\Desktop\FRST
Loaded Profiles: Mathew (Available Profiles: Mathew)
Boot Mode: Normal

==============================================

fixlist content:
*****************
BootExecute: autocheck autochk * sdnclean.exe
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DAP\daplinkchecker => not found
CHR HomePage: Default -> hxxp://search.entru.com/?s=21983
CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files\DAP\DAPChrome\DAPChrome6.crx [2014-04-27]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [ledcpigomgblcmofccnacobhmcdkpiea] - C:\Program Files\SearchPredict\Chrome\SearchPredictChrome.crx <not found>
S1 EterlogicVirtualSerialDriver; \??\C:\Users\Mathew\AppData\Local\Temp\VSPE.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
Task: {01C89291-F0F3-4587-819A-00D525056BF7} - System32\Tasks\{5526E1A7-8AD9-45E2-91BB-82A5C906A6B0} => C:\Windows\system32\pcalua.exe -a "E:\see you\wcusetup.exe" -d "E:\see you"
Task: {01D14CA3-FAE7-43B1-9708-30E499CD40EC} - System32\Tasks\{807C03D6-2F4A-480C-8CA0-AC8198EF4933} => C:\Windows\system32\pcalua.exe -a "E:\see you\pcusetup.exe" -d "E:\see you"
Task: {491B71A8-92C8-468D-9BB0-07AFE9BC02F6} - System32\Tasks\{AA3C8F08-07F5-4DDB-95D2-2C01716546E5} => C:\Windows\system32\pcalua.exe -a "E:\see you\alps_cit.exe" -d "E:\see you"
Task: {A492C135-2A02-4F09-8EFB-AA0CBE98A3D3} - System32\Tasks\DriverToolkit Autorun => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: {A598B1E6-1776-42ED-88BE-C203D7E47032} - System32\Tasks\{D7A9FAF8-E8C1-4E15-8C78-2CC37A894333} => C:\Windows\system32\pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {AC2271E5-FF2D-4B43-A418-AA3BEDA37F99} - System32\Tasks\{7295C6F3-157E-4264-B0A2-C3FE9D7D9327} => C:\Windows\system32\pcalua.exe -a F:\Setup.exe -d F:\
Task: {ACA9AC95-D2BD-4AC4-832D-0466CB7DE555} - System32\Tasks\{977D0F07-3C67-4770-98B5-D27CA70317BE} => C:\Windows\system32\pcalua.exe -a "F:\See You\zemljevidi\see you\italy_cit.exe" -d "F:\See You\zemljevidi\see you"
Task: {C99F2DCB-FD40-416D-98C0-1D93F3D74C5D} - System32\Tasks\{AEAB169B-AD88-440E-B016-747A08D43020} => C:\Windows\system32\pcalua.exe -a "E:\see you\alps_cit.exe" -d "E:\see you"
Task: {D8BBD54C-11B4-4757-84CB-E786CD1C0BF4} - System32\Tasks\{80086FA0-C125-4351-8297-5A1E05BCB3A0} => C:\Windows\system32\pcalua.exe -a "F:\See You\zemljevidi\see you\alps_e_cmr.exe" -d "F:\See You\zemljevidi\see you"
AlternateDataStreams: C:\ProgramData\.rdata:X [526]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [244]
AlternateDataStreams: C:\ProgramData\TEMP:862BDB1A [132]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60543831.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60543831.sys => ""="Driver"
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRW Download Manager.lnk => C:\Windows\pss\SRW Download Manager.lnk.CommonStartup
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files\DAP\DAP.EXE" /STARTUP
CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"


*****************

HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\Software\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully.
Chrome HomePage => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb => key removed successfully.
C:\Program Files\DAP\DAPChrome\DAPChrome6.crx => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ledcpigomgblcmofccnacobhmcdkpiea => key removed successfully.
HKLM\System\CurrentControlSet\Services\EterlogicVirtualSerialDriver => key removed successfully.
EterlogicVirtualSerialDriver => service removed successfully.
HKLM\System\CurrentControlSet\Services\VGPU => key removed successfully.
VGPU => service removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4} => key removed successfully.
HKU\S-1-5-21-1990737404-2085512467-1734709770-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01C89291-F0F3-4587-819A-00D525056BF7} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01C89291-F0F3-4587-819A-00D525056BF7} => key removed successfully.
C:\Windows\System32\Tasks\{5526E1A7-8AD9-45E2-91BB-82A5C906A6B0} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5526E1A7-8AD9-45E2-91BB-82A5C906A6B0} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01D14CA3-FAE7-43B1-9708-30E499CD40EC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01D14CA3-FAE7-43B1-9708-30E499CD40EC} => key removed successfully.
C:\Windows\System32\Tasks\{807C03D6-2F4A-480C-8CA0-AC8198EF4933} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{807C03D6-2F4A-480C-8CA0-AC8198EF4933} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{491B71A8-92C8-468D-9BB0-07AFE9BC02F6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{491B71A8-92C8-468D-9BB0-07AFE9BC02F6} => key removed successfully.
C:\Windows\System32\Tasks\{AA3C8F08-07F5-4DDB-95D2-2C01716546E5} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AA3C8F08-07F5-4DDB-95D2-2C01716546E5} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A492C135-2A02-4F09-8EFB-AA0CBE98A3D3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A492C135-2A02-4F09-8EFB-AA0CBE98A3D3} => key removed successfully.
C:\Windows\System32\Tasks\DriverToolkit Autorun => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverToolkit Autorun => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A598B1E6-1776-42ED-88BE-C203D7E47032} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A598B1E6-1776-42ED-88BE-C203D7E47032} => key removed successfully.
C:\Windows\System32\Tasks\{D7A9FAF8-E8C1-4E15-8C78-2CC37A894333} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D7A9FAF8-E8C1-4E15-8C78-2CC37A894333} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC2271E5-FF2D-4B43-A418-AA3BEDA37F99} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC2271E5-FF2D-4B43-A418-AA3BEDA37F99} => key removed successfully.
C:\Windows\System32\Tasks\{7295C6F3-157E-4264-B0A2-C3FE9D7D9327} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7295C6F3-157E-4264-B0A2-C3FE9D7D9327} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACA9AC95-D2BD-4AC4-832D-0466CB7DE555} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACA9AC95-D2BD-4AC4-832D-0466CB7DE555} => key removed successfully.
C:\Windows\System32\Tasks\{977D0F07-3C67-4770-98B5-D27CA70317BE} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{977D0F07-3C67-4770-98B5-D27CA70317BE} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C99F2DCB-FD40-416D-98C0-1D93F3D74C5D} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C99F2DCB-FD40-416D-98C0-1D93F3D74C5D} => key removed successfully.
C:\Windows\System32\Tasks\{AEAB169B-AD88-440E-B016-747A08D43020} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AEAB169B-AD88-440E-B016-747A08D43020} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8BBD54C-11B4-4757-84CB-E786CD1C0BF4} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8BBD54C-11B4-4757-84CB-E786CD1C0BF4} => key removed successfully.
C:\Windows\System32\Tasks\{80086FA0-C125-4351-8297-5A1E05BCB3A0} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{80086FA0-C125-4351-8297-5A1E05BCB3A0} => key removed successfully.
C:\ProgramData\.rdata => ":X" ADS removed successfully..
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully..
C:\ProgramData\TEMP => ":862BDB1A" ADS removed successfully..
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\60543831.sys => key removed successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\60543831.sys => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRW Download Manager.lnk => key removed successfully.
C:\Windows\pss\SRW Download Manager.lnk.CommonStartup => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DownloadAccelerator => key removed successfully.

========= for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" =========


========= End of CMD: =========


==== End of Fixlog 01:04:54 ====


  • 0

#23
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Ok, it's getting kinda late here(3:20am). The scan is still running.I'm gonna leave it running through the night. I'll get back to you tomorrow.


  • 0

#24
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Ok, it's getting kinda late here(3:20am). The scan is still running.I'm gonna leave it running through the night. I'll get back to you tomorrow.


  • 0

#25
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Ok, it's getting kinda late here(3:20am). The scan is still running.I'm gonna leave it running through the night. I'll get back to you tomorrow.


  • 0

Advertisements


#26
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

The first time I ran aswmbr (with Trace Disk IO) the computer froze. I ran the scan again through the night (without TraceDisk IO). It seemed to run fine, but took several hours so I let it run and went to bed. This morning I wake up to a blue screen. After reboot I get the Following message.

 

Windows has recovered from an unexpected shutdown

Problem signature:
  Problem Event Name:    BlueScreen
  OS Version:    6.1.7601.2.1.0.256.1
  Locale ID:    1060

Additional information about the problem:
  BCCode:    116
  BCP1:    D459F510
  BCP2:    D013ACB4
  BCP3:    00000000
  BCP4:    00000002
  OS Version:    6_1_7601
  Service Pack:    1_0
  Product:    256_1

Files that help describe the problem:
  C:\Windows\Minidump\112517-63648-01.dmp
  C:\Users\Mathew\AppData\Local\Temp\WER-166858-0.sysdata.xml
 


  • 0

#27
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Also looking around I found a HitmanPRO folder(466KB) in C:ProgramData. Should I delete it?


  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Did aswmbr leave any log files on your desktop?

 

 

 

You can delete the hitmanpro folder.

 

Can you run Rogue Killer?  This one takes about 20 minutes.

 

http://www.adlice.co...iller/#download
Portable 32 bits <=Use this one.


Download and Save.


Right click on the downloaded file (RogueKillerX64.exe or RogueKiller.exe)  and Run As admin

Start Scan
Start Scan

Will take about 20 minutes to complete.

Open Report
Export TXT (save it to your desktop as rk) Save

Do not let Rogue Killer remove anything until you hear from me.  Leave Rogue Killer up (but minimized) so you won't have to rescan.

Open rk.txt and copy and paste it to your next Reply.
 


  • 0

#29
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Aswmbr did not leave any log files.It's not cbs.log right?

 

RougeKiller just finished scanning (took over 2h). It really got hung up on Web.dll for a good while. Don't know if that means anything.

Here's the report:

 

RogueKiller V12.11.25.0 [Nov 20 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.co...ad/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Mathew [Administrator]
Started from : C:\Users\Mathew\Desktop\RogueKiller_portable32.exe
Mode : Scan -- Date : 11/26/2017 18:35:29 (Duration : 02:09:54)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 16 ¤¤¤
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} (C:\Program Files\DAP\DAPIE.DLL) -> Found
[PUP.Gen0] HKEY_CLASSES_ROOT\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000} (C:\Windows\System32\AniGIF.ocx) -> Found
[PUP.Gen0] HKEY_CLASSES_ROOT\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF} (C:\Windows\System32\AniGIF.ocx) -> Found
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{79D343F3-E4CE-40DF-8FD8-7D9349A1FAB1} (C:\Program Files\DAP\dexthlp.dll) -> Found
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{8110AEA1-AD5B-4B90-883F-04A9A33B106E} (C:\Program Files\DAP\DAPIE.DLL) -> Found
[PUP.Gen0] HKEY_CLASSES_ROOT\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF} (C:\Windows\System32\AniGIF.ocx) -> Found
[PUP.Conduit|PUP.Gen1] HKEY_USERS\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\Conduit -> Found
[PUP.Gen1] HKEY_USERS\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\DriverToolkit -> Found
[PUP.DriverPack] HKEY_USERS\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\drpsu -> Found
[PUP.Gen1] HKEY_USERS\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\SpeedBit -> Found
[PUP.Gen1] HKEY_USERS\S-1-5-21-1990737404-2085512467-1734709770-1001\Software\AppDataLow\Toolbar -> Found
[PUP.Gen1] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SPEEDbit Video Downloader -> Found
[PUP.Gen1] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{392E21F7-6031-460D-8CC4-D84F2D1F0C03}C:\program files\dap\dap.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\dap\dap.exe|Name=Download Accelerator Plus (DAP)|Desc=Download Accelerator Plus (DAP)|Defer=User| [7] -> Found
[PUP.Gen1] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{CA1A5252-919E-42B7-BD7A-89514CD9972B}C:\program files\dap\dap.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\dap\dap.exe|Name=Download Accelerator Plus (DAP)|Desc=Download Accelerator Plus (DAP)|Defer=User| [7] -> Found
[PUP.Gen1] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{392E21F7-6031-460D-8CC4-D84F2D1F0C03}C:\program files\dap\dap.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\dap\dap.exe|Name=Download Accelerator Plus (DAP)|Desc=Download Accelerator Plus (DAP)|Defer=User| [7] -> Found
[PUP.Gen1] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{CA1A5252-919E-42B7-BD7A-89514CD9972B}C:\program files\dap\dap.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\dap\dap.exe|Name=Download Accelerator Plus (DAP)|Desc=Download Accelerator Plus (DAP)|Defer=User| [7] -> Found

¤¤¤ Tasks : 3 ¤¤¤
[PUP.Gen0|PUP.Gen1] %WINDIR%\Tasks\DriverToolkit Autorun.job -- C:\Program Files\DriverToolkit\DriverToolkit.exe (--autorun) -> Found
[Suspicious.Path] \{DF220F30-33A2-4EE2-BEC8-701A7D6C4CB6} -- C:\Users\Mathew\AppData\Local\VelvetSundown\VelvetSundown.exe -> Found
[Suspicious.Path] \{F78B9C97-3D06-442A-AF31-B4FC10D07AB0} -- C:\Users\Mathew\AppData\Local\VelvetSundown\VelvetSundown.exe -> Found

¤¤¤ Files : 20 ¤¤¤
[PUP.Gen1][Folder] C:\ProgramData\SpeedBit -> Found
[PUP.Gen1][File] C:\Users\Mathew\Desktop\Download Accelerator Plus (DAP).lnk [[email protected]] C:\PROGRA~1\DAP\DAP.exe -> Found
[PUP.Gen1][Folder] C:\Users\Mathew\AppData\Roaming\SpeedBit -> Found
[PUP.uTorrentAds][File] C:\Users\Mathew\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe -> Found
[PUP.uTorrentAds][File] C:\Users\Mathew\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe -> Found
[PUP.uTorrentAds][File] C:\Users\Mathew\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe -> Found
[PUP.uTorrentAds][File] C:\Users\Mathew\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe -> Found
[PUP.uTorrentAds][File] C:\Users\Mathew\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Found
[PUP.uTorrentAds][File] C:\Users\Mathew\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe -> Found
[PUP.uTorrentAds][File] C:\Users\Mathew\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe -> Found
[PUP.uTorrentAds][File] C:\Users\Mathew\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Found
[PUP.uTorrentAds][File] C:\Users\Mathew\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe -> Found
[PUP.Gen1][Folder] C:\Users\Mathew\AppData\Local\DriverToolkit -> Found
[PUP.Gen1][File] C:\ProgramData\Microsoft\Windows\Start Menu\Download Accelerator Plus (DAP).lnk [[email protected]] C:\PROGRA~1\DAP\DAP.exe -> Found
[PUP.Gen1][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Accelerator Plus (DAP)\DAP Update.lnk [[email protected]] C:\PROGRA~1\DAP\dapupd.exe -> Found
[PUP.Gen1][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Accelerator Plus (DAP)\Download Accelerator Plus.lnk [[email protected]] C:\PROGRA~1\DAP\DAP.exe -> Found
[PUP.Gen1][Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDbit Video Downloader -> Found
[PUP.Gen1][Folder] C:\ProgramData\SpeedBit -> Found
[PUP.Gen1][Folder] C:\Program Files\DAP -> Found
[PUP.Gen1][File] C:\Users\Mathew\Desktop\Download Accelerator Plus (DAP).lnk [[email protected]] C:\PROGRA~1\DAP\DAP.exe -> Found

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://search.entru.com/?s=21983]-> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ATA Hitachi HTS54323 SCSI Disk Device +++++
--- User ---
[MBR] d29f2754edd8a448b82b7ae7517cebdc
[BSP] c83f6d3cdea8c218388548da794008b8 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 10001 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 20482875 | Size: 152617 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 333043515 | Size: 142623 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Ricoh SD/MMC Disk Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! ([32] The request is not supported. )
Error reading LL2 MBR! ([32] The request is not supported. )

 


  • 0

#30
MattMMM

MattMMM

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Another folder RougeKiller took a while to go through is C:\Users\Mathew\AppData\Roaming\IMVU

IMVU is an online chat program. The ...AppData\Roaming\IMVU folder is 2.56GB. Isn't that big?

I don't much care for that program anymore. If I uninstall it will the ...AppData\Roaming\IMVU be deleted as well?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP