Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer slowed down, getting AVG warnings sometimes


  • Please log in to reply

#1
geekyandhow

geekyandhow

    Member

  • Member
  • PipPip
  • 57 posts

Hi guys,

 

 

PC is slow at startup since a few weeks and I get AVG warnings sometimes about some miner, etc.

 

Can someone please help me clean up my PC and remove unwanted/dangerous stuff that I may be unaware of?

 

Would highly appreciate thanks!


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,831 posts
  • MVP

Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7+ => right click and Run As Administrator).

Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.




  • Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Check the Addition.txt box
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here.
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo.com/download_speccy/ (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.





 


  • 1

#3
geekyandhow

geekyandhow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
# AdwCleaner 7.0.6.0 - Logfile created on Fri Jan 19 00:25:35 2018
# Updated on 2017/21/12 by Malwarebytes 
# Running on Windows 8.1 (X64)
# Mode: clean
 
***** [ Services ] *****
 
Deleted: WtuSystemSupport
Deleted: vToolbarUpdater40.3.8
 
 
***** [ Folders ] *****
 
Deleted: C:\Program Files\Hola
Deleted: C:\Users\Guest\AppData\Roaming\Hola
Deleted: C:\Users\Lily\AppData\Roaming\Hola
Deleted: C:\Users\Neville\AppData\Roaming\Hola
Deleted: C:\ProgramData\AVG Secure Search
Deleted: C:\ProgramData\Application Data\AVG Secure Search
Deleted: C:\Program Files\Common Files\AVG Secure Search
Deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted: C:\Users\All Users\AVG Secure Search
Deleted: C:\ProgramData\avg web tuneup
Deleted: C:\ProgramData\Application Data\avg web tuneup
Deleted: C:\Program Files\avg web tuneup
Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted: C:\Program Files (x86)\avg web tuneup
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted: C:\Users\All Users\avg web tuneup
Deleted: C:\Users\Guest\AppData\Local\avg web tuneup
Deleted: C:\Users\Neville\AppData\Local\avg web tuneup
Deleted: C:\Users\TEMP\AppData\Local\avg web tuneup
 
 
***** [ Files ] *****
 
Deleted: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\wguw992c.default\searchplugins\avg-secure-search.xml
Deleted: C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\searchplugins\avg-secure-search.xml
 
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
Deleted: AVG-SSU_1117tb
Deleted: AVG-SSU_1117tb_DELETE
Deleted: 0915tbUpdateInfo
Deleted: AVG-SSU_1117tb
Deleted: AVG-SSU_1117tb_DELETE
 
 
***** [ Registry ] *****
 
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [https:\\mysearch.avg.com\?cid={89FED01A-6BDF-4466-BF70-1A6B547FC663}&mid=7be7f47994a847cda1f5ed3ea03875a5-50bf7b189223f2721b05c771b87ec98f9fef8697&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-27 23:44:21&v=4.3.1.831&pid=wtu&sg=&sap=hp]
Deleted: [Key] - HKLM\SOFTWARE\AVG Secure Search
Deleted: [Key] - HKLM\SOFTWARE\Hola
Deleted: [Key] - HKU\.DEFAULT\Software\Hola
Deleted: [Key] - HKU\S-1-5-21-2107339062-2504870960-3837946639-1006\Software\Hola
Deleted: [Key] - HKU\S-1-5-18\Software\Hola
Deleted: [Key] - HKLM\SOFTWARE\AVG Tuneup
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|LightShot
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@avg.com\AVG SiteSafety plugin,version=11.0.0.1,application\x-avg-sitesafety-plugin
Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
Plugin deleted: AVG Web TuneUp - 
SearchProvider deleted: Conduit Search - conduit.search
 
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [4488 B] - [2018/1/19 0:24:19]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
 
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01
Ran by Neville (administrator) on VAIO (19-01-2018 06:04:13)
Running from C:\Users\Neville\Desktop
Loaded Profiles: Neville & postgres (Available Profiles: Neville & postgres & Lily & Guest)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(f.lux Software LLC) C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUSR.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-09-15] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [295512 2018-01-16] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-10-25] (Broadcom Corporation.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-06] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-11-01] (Wondershare)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-09-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2016-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [f.lux] => C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-11] (f.lux Software LLC)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [GoogleChromeAutoLaunch_025349DF926404DCBA5805A40191CC91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664 2018-01-03] (Google Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Adda52 Poker\poker.exe [1512960 2017-08-16] (Gauss Networks Pvt. Ltd.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\MountPoints2: {0d7b0f35-7c44-11e6-bf94-3c77e6dc9c56} - "E:\AutoRun.exe" 
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\MountPoints2: {0d7b0f59-7c44-11e6-bf94-3c77e6dc9c56} - "E:\AutoRun.exe" 
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [Google Update] => "C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [Facebook Update] => "C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [GoogleChromeAutoLaunch_025349DF926404DCBA5805A40191CC91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664 2018-01-03] (Google Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [f.lux] => C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-11] (f.lux Software LLC)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk [2016-02-29]
ShortcutTarget: PrivateTunnel.lnk -> C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\privatetunnel2.5.5.exe (OpenVPN Technologies)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 202.88.131.90 202.88.131.89 202.88.130.67
Tcpip\..\Interfaces\{04EB17EE-B2FF-4085-A727-6B08D79238AD}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{9B7B8155-9333-41CF-96FD-E241113CFF23}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{A7CA6FDC-65B3-4CF9-B6DE-3266EBD35973}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A7CA6FDC-65B3-4CF9-B6DE-3266EBD35973}: [DhcpNameServer] 202.88.131.90 202.88.131.89 202.88.130.67
 
Internet Explorer:
==================
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001 -> {518D4777-9FC5-4AA6-B923-CB7BB495481A} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={89FED01A-6BDF-4466-BF70-1A6B547FC663}&mid=7be7f47994a847cda1f5ed3ea03875a5-50bf7b189223f2721b05c771b87ec98f9fef8697&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2016-04-27 23:44:21&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll => No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-25] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll => No File
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
 
FireFox:
========
FF DefaultProfile: zpq2ecz1.default-1395808145287
FF ProfilePath: C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287 [2017-08-31]
FF user.js: detected! => C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\user.js [2015-10-29]
FF Homepage: Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287 -> google.com
FF Extension: (AVG Web TuneUp) - C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\Extensions\[email protected] [2016-07-22] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-03-11] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-10-27] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-27] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-25] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2012-07-13] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-12-18] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.ca/
CHR DefaultSearchKeyword: Default -> google.co.in
CHR Profile: C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default [2018-01-19]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2018-01-14]
CHR Extension: (Google Drive) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Chrome IG Story) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2018-01-14]
CHR Extension: (Adblock for Youtube™) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-20]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-11-02]
CHR Extension: (Google Search) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Voice Search) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfkcobomkalfdlmkongnhnhahkmnaad [2017-07-31]
CHR Extension: (Better YouTube Watch History) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\lleajdkalfbohpinoaekajagdefaeckd [2018-01-09]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2018-01-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-12-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [301720 2018-01-16] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7589200 2018-01-16] (AVG Technologies CZ, s.r.o.)
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-09-15] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2252504 2013-09-05] (Broadcom Corporation.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319376 2014-10-02] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [1493224 2016-02-19] ()
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-20] (Sony Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]
R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [177536 2018-01-16] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiska.sys [166624 2018-01-16] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [315152 2018-01-16] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [193096 2018-01-16] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [337408 2018-01-16] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51336 2018-01-16] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39424 2018-01-16] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [139112 2018-01-16] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [102792 2018-01-16] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [76832 2018-01-16] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1017624 2018-01-16] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [450360 2018-01-16] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [196904 2018-01-16] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [351128 2018-01-16] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-09-05] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [8469680 2014-03-14] (Broadcom Corporation)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2016-03-18] (Sony Mobile Communications)
R3 ptun0901; C:\WINDOWS\system32\DRIVERS\ptun0901.sys [27136 2014-04-25] (The OpenVPN Project)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [29352 2015-10-09] ()
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-07-31] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
S3 tapSF0901; C:\WINDOWS\system32\DRIVERS\tapSF0901.sys [39104 2014-03-21] (Spotflux, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R2 WinisoCDBus; C:\WINDOWS\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-19 06:04 - 2018-01-19 06:06 - 000027265 _____ C:\Users\Neville\Desktop\FRST.txt
2018-01-19 06:03 - 2018-01-19 06:04 - 000000000 ____D C:\FRST
2018-01-19 06:02 - 2018-01-19 06:02 - 002393088 _____ (Farbar) C:\Users\Neville\Desktop\FRST64.exe
2018-01-19 05:59 - 2018-01-19 05:59 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-01-19 05:51 - 2018-01-19 05:54 - 000000000 ____D C:\AdwCleaner
2018-01-19 05:46 - 2018-01-19 05:46 - 008198432 _____ (Malwarebytes) C:\Users\Neville\Desktop\AdwCleaner.exe
2018-01-19 00:32 - 2018-01-19 00:32 - 003454787 _____ C:\Users\Neville\Desktop\archive.zip
2018-01-18 20:55 - 2018-01-18 20:55 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-01-16 03:26 - 2018-01-16 03:26 - 000366800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2018-01-15 17:51 - 2018-01-15 17:51 - 000022756 _____ C:\Users\Neville\Desktop\TransactionHistory-45446fa771e3acfe4fbcfa83ebfbe29e7688ac02.csv
2018-01-06 17:50 - 2018-01-06 17:57 - 731078554 _____ C:\Users\Neville\Desktop\bb31dec.mp4
2017-12-29 03:57 - 2017-12-29 11:14 - 000000688 _____ C:\Users\Neville\Desktop\New Text Document (2).txt
2017-12-23 18:48 - 2017-12-23 18:48 - 000000000 ____D C:\ProgramData\Avg_Update_1117tb_a03376
2017-12-23 18:48 - 2017-12-04 21:53 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-23 18:48 - 2017-12-04 21:53 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-22 04:50 - 2017-12-22 04:50 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG
2017-12-22 04:50 - 2017-12-22 04:50 - 000000000 ____D C:\Program Files\Common Files\AVG
2017-12-22 02:14 - 2018-01-19 03:25 - 000000402 _____ C:\WINDOWS\Tasks\update-sys.job
2017-12-22 02:14 - 2018-01-19 02:38 - 000000402 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001.job
2017-12-22 02:14 - 2017-12-22 02:14 - 000003272 _____ C:\WINDOWS\System32\Tasks\update-sys
2017-12-22 02:14 - 2017-12-22 02:14 - 000003254 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001
2017-12-22 02:14 - 2017-12-22 02:14 - 000000546 _____ C:\Users\Neville\AppData\Local\UserProducts.xml
2017-12-22 02:14 - 2017-12-22 02:14 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2017-12-22 02:14 - 2017-12-22 02:14 - 000000000 ____D C:\Users\Neville\AppData\Local\Skillbrains
2017-12-22 02:14 - 2017-12-22 02:14 - 000000000 ____D C:\Program Files (x86)\Skillbrains
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-19 06:05 - 2013-12-11 14:36 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Adobe
2018-01-19 06:01 - 2015-01-23 06:27 - 000000000 ___DO C:\Users\Neville\OneDrive
2018-01-19 05:57 - 2013-08-22 20:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-19 05:55 - 2015-01-22 14:08 - 000000000 ____D C:\Users\postgres
2018-01-19 05:55 - 2013-08-22 18:55 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2018-01-19 05:51 - 2016-02-29 02:53 - 000000000 ____D C:\Users\Neville\AppData\Local\PrivateTunnel
2018-01-19 03:06 - 2015-01-25 13:56 - 000003774 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2EDEAA1B-DC61-4DA2-AC32-19AE130F8449}
2018-01-17 04:43 - 2013-12-30 12:01 - 000000000 ____D C:\Users\Neville\AppData\Local\PokerStars
2018-01-16 03:26 - 2017-11-30 04:20 - 000177536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000450360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000449848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys.151605340881204
2018-01-16 03:26 - 2017-06-02 04:54 - 000351128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000196904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys.151605340881204
2018-01-16 03:26 - 2017-06-02 04:54 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000003920 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-01-16 03:25 - 2017-06-02 04:54 - 001017624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-01-16 03:25 - 2017-06-02 04:54 - 000337408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-01-16 03:25 - 2017-06-02 04:54 - 000315152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-01-16 03:25 - 2017-06-02 04:54 - 000193096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-01-16 03:25 - 2017-06-02 04:54 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2018-01-16 03:25 - 2017-06-02 04:54 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2018-01-15 23:34 - 2013-12-11 14:46 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Skype
2018-01-14 02:19 - 2013-08-22 21:06 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-13 02:28 - 2013-12-11 14:43 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2107339062-2504870960-3837946639-1001
2018-01-12 20:41 - 2016-09-30 22:25 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2018-01-12 05:44 - 2014-08-21 02:45 - 000000707 _____ C:\Users\Neville\Desktop\Mileage Programs.txt
2018-01-10 16:14 - 2013-08-22 19:06 - 000000000 ____D C:\WINDOWS\Inf
2018-01-10 00:07 - 2013-12-11 15:13 - 000004288 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-01-10 00:07 - 2013-08-22 21:06 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-10 00:07 - 2013-08-22 21:06 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-09 17:16 - 2012-07-26 13:29 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-07 21:51 - 2016-08-08 00:51 - 000000627 _____ C:\Users\Neville\Desktop\A52.txt
2018-01-07 02:39 - 2016-10-03 23:00 - 000000000 ___HD C:\Users\Guest\AppData\Roaming\BitTorrent
2018-01-07 02:39 - 2015-01-22 14:08 - 000000000 ____D C:\Users\Guest
2018-01-07 02:38 - 2017-11-21 23:59 - 000000000 ____D C:\Users\Guest\AppData\LocalLow\BitTorrent
2018-01-06 19:38 - 2016-10-11 09:32 - 000000000 ____D C:\Users\Lily
2018-01-06 19:37 - 2015-01-22 14:08 - 000000000 ____D C:\Users\Neville
2018-01-06 19:04 - 2014-07-15 16:19 - 000000000 ____D C:\Users\Neville\AppData\Roaming\vlc
2018-01-06 18:09 - 2016-09-30 22:26 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Anvsoft
2018-01-06 17:54 - 2014-11-21 14:14 - 000869136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-06 17:33 - 2014-04-04 01:43 - 000002205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-28 08:15 - 2014-10-07 13:44 - 000000512 _____ C:\Users\Neville\Desktop\Days in Canada.txt
2017-12-25 21:06 - 2017-02-23 07:29 - 000003846 _____ C:\Users\Neville\Desktop\New Text Document.txt
2017-12-23 18:46 - 2013-08-22 20:14 - 000523504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-21 18:15 - 2013-12-29 04:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-21 18:09 - 2017-11-17 02:22 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-21 18:08 - 2013-12-29 04:18 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-21 16:00 - 2013-08-22 21:06 - 000000000 ___HD C:\Program Files\WindowsApps
 
==================== Files in the root of some directories =======
 
2015-10-27 00:46 - 2015-10-25 12:46 - 000000040 ____H () C:\Program Files (x86)\4e98b98d.tmp
2014-01-06 04:18 - 2014-01-06 04:18 - 000069291 _____ () C:\Program Files (x86)\hminstalllog.txt
2017-12-22 02:14 - 2017-12-22 02:14 - 000000003 _____ () C:\Users\Neville\AppData\Local\updater.log
2017-12-22 02:14 - 2017-12-22 02:14 - 000000546 _____ () C:\Users\Neville\AppData\Local\UserProducts.xml
 
Some files in TEMP:
====================
2016-08-23 18:19 - 2016-07-20 14:01 - 000186640 ____H (AVG Technologies CZ, s.r.o.) C:\Users\Guest\AppData\Local\Temp\avguirn_08838862531.exe
2017-08-31 15:30 - 2017-08-31 15:30 - 000046080 ____N () C:\Users\Neville\AppData\Local\Temp\javasysmo3659213139603519291.dll
2017-12-02 04:32 - 2017-12-02 04:32 - 000137696 _____ (tmssoftware.com) C:\Users\Neville\AppData\Local\Temp\wusetup.exE
2015-09-22 08:59 - 2015-09-22 08:59 - 000155729 _____ () C:\Users\TEMP\AppData\Local\Temp\JExplorer32.2.7.1.dll
2015-09-22 08:59 - 2015-09-22 08:59 - 000008273 _____ (TeamDev Ltd) C:\Users\TEMP\AppData\Local\Temp\JExplorer32.2.7.1.exe
2015-09-22 08:59 - 2015-09-22 08:59 - 000000000 _____ () C:\Users\TEMP\AppData\Local\Temp\JExplorer64.2.7.1.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2015-09-18 03:09
 
==================== End of FRST.txt ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.01.2018 01
Ran by Neville (19-01-2018 06:07:50)
Running from C:\Users\Neville\Desktop
Windows 8.1 (Update) (X64) (2015-01-23 00:52:19)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2107339062-2504870960-3837946639-500 - Administrator - Disabled)
Guest (S-1-5-21-2107339062-2504870960-3837946639-501 - Limited - Enabled) => C:\Users\Guest
Lily (S-1-5-21-2107339062-2504870960-3837946639-1006 - Limited - Enabled) => C:\Users\Lily
Neville (S-1-5-21-2107339062-2504870960-3837946639-1001 - Administrator - Enabled) => C:\Users\Neville
postgres (S-1-5-21-2107339062-2504870960-3837946639-1003 - Limited - Enabled) => C:\Users\postgres
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adda52Poker version M2.0.0 (HKLM-x32\...\{82F792B3-0133-4D9C-B4CC-3E53CDBC342B}_is1) (Version: M2.0.0 - Gauss Networks Pvt. Ltd.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.19 - Adobe Systems)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
AVG (HKLM\...\{434FBA38-0562-4F98-9436-4B45C0C0EF0B}) (Version: 1.201.2 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)
BitTorrent (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
BitTorrent (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\BitTorrent) (Version: 7.8.2.30445 - BitTorrent Inc.)
BodogPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E7}}_is1) (Version:   - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bovada Hand Converter (HKLM-x32\...\{1843AD45-F895-4E7B-BC65-CD1F76B48HDC}_is1) (Version: 1.0.0.43 - Ace Poker Solutions)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)
CarbonPoker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\CarbonPoker) (Version: 6.0 - )
CarbonPoker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\CarbonPoker) (Version: 6.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
Dropbox (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
ESDL (HKLM-x32\...\{9A2CA016-1C4C-4D44-BF70-C2C8639C34A4}) (Version: 1.0.0 - Sony Corporation) Hidden
f.lux (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Flux) (Version:  - f.lux Software LLC)
f.lux (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Flux) (Version:  - )
FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden
FMW 1 (HKLM\...\{F64508FE-73C8-4C27-9CCA-3799C428B70B}) (Version: 1.223.1 - AVG Technologies) Hidden
Foxit Advanced PDF Editor 3 (HKLM-x32\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Holdem Manager (HKLM-x32\...\HoldemManager) (Version:  - )
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel® PROSet/Wireless NFC Software (HKLM\...\Intel® PROSet/Wireless NFC Software) (Version: 1.1.1.002 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
lightshot-3.4.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 3.4.0.0 - Skillbrains)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Networkx64 (HKLM\...\{AD1A77F2-5E5F-4A1C-A5C5-74CE7CEC5EC6}) (Version: 1.0.0 - Sony Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
partypoker (HKLM-x32\...\PartyPoker) (Version:  - PartyGaming)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PokerSnowie (HKLM-x32\...\PokerSnowie_is1) (Version:  - Snowie Games Ltd)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PokerStars Beta (HKLM-x32\...\PokerStars Beta) (Version:  - PokerStars Beta)
PokerStove version 1.24 (HKLM-x32\...\{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1) (Version:  - )
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.5.5.14 - OpenVPN Technologies)
Reader for PC (HKLM-x32\...\{25340F94-F74E-4CCF-ABDF-ECBCF03911BE}) (Version: 2.0.00.07121 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{6466EF6E-700E-470F-94CB-D0050302C84E}) (Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.4.201603071758 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38475 - TeamViewer)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.4.0.15030 - Sony Corporation)
VAIO BIOS Data Transfer Utility (HKLM-x32\...\{5D772F4A-53DE-4E1F-83F5-B08DFF106C60}) (Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{9CE67959-AF22-4D93-8D49-CB73F015628E}) (Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VCCMMx64 (HKLM\...\{B812401D-BAB2-4E33-9AC7-9862BC8CAF64}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx86 (HKLM-x32\...\{CC87BAAD-AA25-4727-9B7C-E0876722B784}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 760 - Finarea S.A. Switzerland)
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)
William Hill Poker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\William Hill Poker) (Version:  - )
William Hill Poker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\William Hill Poker) (Version:  - )
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XperiaLinkx86 (HKLM-x32\...\{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}) (Version: 1.0.0 - Sony Corporation) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-01-16] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-03] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-03] (Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-10-02] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-01-16] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-03] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-03] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {024C722F-551D-41E6-A570-2FAAFF872442} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-01-16] ()
Task: {06579122-4774-4FE5-BA42-2DFCD63E686B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {0B929CE9-5CD0-47A6-9859-0423FCA07A18} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2016-03-05] (Sony Corporation)
Task: {0EB38FC8-EB83-41E6-862F-84002080840C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {11183CC6-475F-4A52-9EEF-622927D6FEE0} - System32\Tasks\{B0988E86-0FC5-4456-B793-57B83BE615AA} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Neville\Desktop\PokerStoveSetup121.exe -d C:\Users\Neville\Desktop
Task: {14247623-9215-4D5E-83DA-C5D35B069FF0} - System32\Tasks\Sony Corporation\VAIO Care\UpdateConfig => C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe [2015-03-03] (Sony Corporation)
Task: {28EAF5D8-B94E-418A-A4E3-DDB193749F87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2E43AAE8-AB2F-419D-9EDB-DA280E4FD25E} - System32\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-01-16] ()
Task: {2FBCE8A5-96DC-4092-B3AD-AC9E71801E2A} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {4FEB958B-B275-4675-A1FB-965F793A8CA0} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {5179E4E0-AA1B-48C0-B87F-9522BF8136AD} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-18] (Sony Corporation)
Task: {52E4841A-71D1-429B-8041-2303E3275D42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {5498C027-A95D-4CC9-99B4-6ACEC1536CED} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {56A8D7F9-58D8-48E0-BA81-2D60AAFB2BB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {5FFDE82F-2052-415A-9386-946E288BF596} - System32\Tasks\TinyTakeUpgrade => C:\Users\Neville\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake.exe
Task: {603759C9-3B36-44C1-A9CD-90E2171C9CBD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {618D2C93-D838-414F-AAD3-979C1ACB1642} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-15] (Apple Inc.)
Task: {684817BB-2A3D-4E29-94B0-CD3E80177905} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {6FB19CEE-A97B-468E-9405-292CFD3C450F} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-25] (Sony Corporation)
Task: {8ADFB8F6-4081-47E9-AA8D-018198CFE593} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-01-05] (AVG Technologies CZ, s.r.o.)
Task: {8F210BC0-738A-4D76-B866-CAAC5C3CEC4B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-21] (Microsoft Corporation)
Task: {901F6140-3B3C-48BE-BE18-809E09446CCA} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {9EFD2EEB-8E91-4986-A8F2-BAAE756043E8} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {A1806928-5204-420F-94D8-4390119A4658} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => C:\ProgramData\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {A226E913-2A47-4362-A349-EFFFA5792A3B} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe [2013-09-28] (Sony Corporation)
Task: {AB3F1085-EF63-45DB-A5E8-348B7E6E2857} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {B78E69AE-B46C-4F0C-B396-CA3D1FC99691} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-27] (Synaptics Incorporated)
Task: {C16E56E5-B20A-4B67-B8C3-590CFC4D8547} - System32\Tasks\{6648CC50-44D1-43B1-8BE7-860D3610D2F0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/en/abandoninstall?page=tsProgressBar
Task: {CC9C9BA3-0A4D-412E-9711-02ADBA449800} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-01-16] (AVG Technologies CZ, s.r.o.)
Task: {D0686BE4-176F-47F2-B1A1-26848FA9E4E9} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {D2BDFCC8-A2A9-45B4-96AB-2A7ECE41DD7B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-18] (Sony Corporation)
Task: {D5DE55C0-234E-45D9-9307-0CC90B346B85} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {DA446F9E-8A05-47FE-9B15-0C243127AFC0} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Neville\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-gpu"
ShortcutWithArgument: C:\Users\Neville\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bd11788ef691d780\Adda52.lnk -> C:\Program Files (x86)\Adda52 Poker\poker.exe (Gauss Networks Pvt. Ltd.) -> --user-data-dir="C:\Users\Neville\AppData\Local\Adda52\User Data" --profile-directory=Default --app-id=ghjijcjmdklnkdnoomgfobfmlehphhpp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-gpu"
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-09-05 09:47 - 2013-09-05 09:47 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-21 01:53 - 2010-10-21 01:53 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-14 06:20 - 2017-07-14 06:20 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-25 12:05 - 2013-10-25 12:05 - 000049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2016-02-19 02:52 - 2016-02-19 02:52 - 001493224 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
2018-01-06 17:33 - 2018-01-03 14:50 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-06 17:33 - 2018-01-03 14:50 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2014-01-06 04:15 - 2011-01-28 10:45 - 000172032 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\LIBPQ.dll
2014-01-06 04:15 - 2009-02-13 00:31 - 000976384 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\libxml2.dll
2014-01-06 04:15 - 2005-07-20 16:18 - 000059904 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\zlib1.dll
2016-11-28 22:09 - 2016-11-28 22:09 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2018-01-16 03:25 - 2018-01-16 03:25 - 000207272 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2018-01-16 03:25 - 2018-01-16 03:25 - 000059136 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll
2018-01-16 03:25 - 2018-01-16 03:25 - 000058624 _____ () C:\Program Files (x86)\AVG\Antivirus\dll_loader.dll
2017-07-12 04:06 - 2017-07-12 04:06 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2018-01-16 03:25 - 2018-01-16 03:25 - 000290392 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2013-10-27 11:30 - 2013-01-23 14:56 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Program Files (x86)\Intertops Poker:MID [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123simsen.com -> www.123simsen.com
 
There are 7864 more sites.
 
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123simsen.com -> www.123simsen.com
 
There are 7864 more sites.
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 18:55 - 2013-08-22 18:55 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\StartupFolder: => "PrivateTunnel.lnk"
HKLM\...\StartupApproved\Run: => "Bluetooth"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "CloudSystemBooster"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "CPN Notifier"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "*LABAL*"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\StartupApproved\Run: => "CloudSystemBooster"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\StartupApproved\Run: => "CPN Notifier"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F084201A-A7D8-44A9-A765-F0D9584E5EFD}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe
FirewallRules: [{4434A480-C8DA-41E6-A1B3-A739C9A96B69}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe
FirewallRules: [{3ECC34DC-19CA-4393-A2E3-41E2820A2225}] => (Allow) C:\Users\Neville\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A1D51E74-2948-469A-928F-704EBD4CDFA8}] => (Allow) C:\Users\Neville\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{7A7D3E58-B6F5-4532-A839-204CE20ACE00}] => (Allow) LPort=5432
FirewallRules: [{B3F73D6A-D788-4282-A2C9-7D394868C820}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{DF8C06FD-95DB-4BCE-AD7C-2FBE6CB042BF}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CE415401-76A6-40E4-8BB2-7FE79BA8AF22}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{1F93BCB9-CC2D-4BB4-B163-FEC221BBBCAD}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{B7761E61-F2AC-48BD-A196-07CCE1A1DF3D}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [{94592703-7F49-4685-97C3-1997490A0C8F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B467D672-A6BD-4AD7-863B-78ACA6FF3408}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3672522E-52BB-46C8-ADAE-56456380960F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1D97DD2B-FB72-4C9C-A448-357F636917ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{39E7E607-6D17-4793-BB76-D03AAAD55F23}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{646241AB-77E1-467B-AFFF-C2A2908663CB}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [TCP Query User{FCC9C41D-06D4-41C4-B398-B16209969AFA}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{BF7F3FA2-3AA9-4BB5-AB25-D6D2592458BB}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{62C78096-5BC7-48E3-BCA8-5EBB53B3D9DB}D:\ezwizard.exe] => (Allow) D:\ezwizard.exe
FirewallRules: [UDP Query User{2468B7C0-AA2E-40A5-BFC9-4C1FD60A1FF5}D:\ezwizard.exe] => (Allow) D:\ezwizard.exe
FirewallRules: [{3ADC594E-A7F8-457F-8DC0-D0F9B3318877}] => (Block) D:\ezwizard.exe
FirewallRules: [{51111525-21CD-4A69-ADD3-4E0E9A4C7BF7}] => (Block) D:\ezwizard.exe
FirewallRules: [{DFD8FEDE-1A30-4E81-A85D-6208F622E0A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0825714A-D8AD-4144-A3F3-B7D56AC6CE90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5241025F-F366-4041-9BEE-041CFB78C144}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe
FirewallRules: [{8A7FE851-DC0F-4127-B429-54D67EE3EB65}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe
FirewallRules: [{98321966-74DF-4B11-8692-B02212A3C595}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{5A36CD8D-BBA5-42D5-8F43-5019AB788A05}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{0A5F5EE9-A4B6-4AB8-A4F0-07A2252D978E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{24B507A7-4C23-4B31-A79B-B1207D41593F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4AAFA1F2-FB1D-4766-9FF5-D0013225D7D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E4232EA6-99E1-494B-80AB-0029BE401EF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{59799577-A542-48F7-AF9C-4CDC525BED29}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{521C03BC-DFF8-4A82-98B6-126F013F76CD}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{13A9C92F-819B-481F-AB35-C3C55B1C98F6}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{453A9FAD-9D52-44F4-B4BD-DDBE14BBAE02}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{DA2E4BE0-4348-41D2-B3CA-927760523F31}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E4EE3A9B-CB9D-45CC-B354-EE53414EFD57}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1CF19A98-1235-4A97-A512-8A829CE4493A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{75D3A94A-342E-476F-86F2-A0C54627834A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7FC05073-F315-403B-8503-8CA69848F3B8}] => (Allow) LPort=5556
FirewallRules: [{173A9B11-8EFB-438C-AF3E-7B11D21A6BB7}] => (Allow) LPort=5558
FirewallRules: [{AE8B1B41-EA4B-457A-AD19-BEEA36D0F8C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{61451A74-7562-4EDA-9FCD-8A2673A1D39E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7BA3A94F-5C24-49F8-ADC1-E27CA6F1F08E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A8A246D6-3BB1-46F7-AD31-123C7F6711DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
30-11-2017 04:39:27 Windows Update
02-12-2017 02:49:39 Broadcom BTW Restore Point
21-12-2017 18:07:32 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/19/2018 06:09:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:39:05Z. Error Code: 0x80041318.
 
Error: (01/19/2018 06:08:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:38:35Z. Error Code: 0x80041318.
 
Error: (01/19/2018 06:08:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:38:05Z. Error Code: 0x80041318.
 
Error: (01/19/2018 06:07:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:37:35Z. Error Code: 0x80041318.
 
Error: (01/19/2018 06:07:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:37:05Z. Error Code: 0x80041318.
 
Error: (01/19/2018 06:06:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:36:35Z. Error Code: 0x80041318.
 
Error: (01/19/2018 06:06:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:36:05Z. Error Code: 0x80041318.
 
Error: (01/19/2018 06:05:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:35:35Z. Error Code: 0x80041318.
 
Error: (01/19/2018 06:05:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:35:05Z. Error Code: 0x80041318.
 
Error: (01/19/2018 06:04:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:34:35Z. Error Code: 0x80041318.
 
 
System errors:
=============
Error: (01/19/2018 05:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (01/19/2018 05:57:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.
 
Error: (01/19/2018 05:57:10 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (01/19/2018 05:55:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
 
Error: (01/19/2018 05:55:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
 
Error: (01/19/2018 05:55:41 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
 
Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Genuine Software Integrity Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® ME Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Capability Licensing Service Interface service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
 
CodeIntegrity:
===================================
  Date: 2018-01-19 05:54:55.901
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-01-19 05:54:54.991
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-01-19 05:54:54.005
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-01-19 05:54:53.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-01-19 05:54:52.061
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-01-19 05:54:51.101
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-01-19 05:54:50.121
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-01-19 05:54:49.155
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-01-19 05:54:48.242
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-01-19 05:54:47.313
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 29%
Total physical RAM: 8070.8 MB
Available physical RAM: 5656.18 MB
Total Virtual: 10630.8 MB
Available Virtual: 8254.28 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:665.34 GB) (Free:410.43 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: F4E95A4A)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 94.68 0 K 4 K 0
procexp64.exe 2.26 39,452 K 51,596 K 4524 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
chrome.exe 1.11 247,112 K 254,220 K 772 Google Chrome Google Inc. (Verified) Google Inc
Interrupts 0.52 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.45 16,092 K 23,216 K 876
System 0.22 120 K 4,016 K 4
csrss.exe 0.20 2,628 K 20,632 K 568
explorer.exe 0.16 46,412 K 89,648 K 1788 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
AVGUI.exe 0.06 20,912 K 37,168 K 2032 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
svchost.exe 0.04 71,408 K 83,776 K 496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
VESMgrSub.exe 0.04 4,332 K 11,908 K 2856
AVGSvc.exe 0.04 99,132 K 40,656 K 1092 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
chrome.exe 0.04 102,892 K 167,792 K 4344 Google Chrome Google Inc. (Verified) Google Inc
AppleMobileDeviceService.exe 0.02 3,100 K 9,968 K 1852 MobileDeviceService Apple Inc. (Verified) Apple Inc.
BCMWLTRY.EXE 0.02 34,212 K 31,724 K 2896
chrome.exe 0.02 74,044 K 78,860 K 2644 Google Chrome Google Inc. (Verified) Google Inc
LMS.exe 0.02 1,396 K 4,544 K 5932 Local Manageability Service Intel Corporation (Verified) Intel Corporation
aswidsagenta.exe 0.02 15,932 K 31,888 K 4492 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
flux.exe 0.02 11,592 K 21,204 K 4908 f.lux f.lux Software LLC (Verified) F.lux Software LLC
WLTRAY.EXE 0.01 35,284 K 36,716 K 4748 Broadcom 802.11 Network Adapter Wireless Network Tray Applet Broadcom Corporation (No signature was present in the subject) Broadcom Corporation
chrome.exe < 0.01 52,912 K 64,492 K 2328 Google Chrome Google Inc. (Verified) Google Inc
AGSService.exe < 0.01 2,392 K 8,132 K 1796 Adobe Genuine Software Integrity Service Adobe Systems, Incorporated (Verified) Adobe Systems Incorporated
svchost.exe < 0.01 4,328 K 7,932 K 780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 29,004 K 42,672 K 952 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 18,832 K 24,944 K 1392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
csrss.exe < 0.01 2,048 K 4,240 K 516
SearchIndexer.exe < 0.01 25,220 K 24,732 K 4208 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
postgres.exe < 0.01 4,208 K 7,640 K 2692
mDNSResponder.exe < 0.01 1,428 K 4,884 K 1544 Bonjour Service Apple Inc. (Verified) Apple Inc.
services.exe < 0.01 3,536 K 6,992 K 664
avguix.exe < 0.01 6,392 K 19,660 K 4552 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
postgres.exe < 0.01 4,208 K 7,400 K 2700
conhost.exe < 0.01 772 K 3,008 K 2548
SynTPEnh.exe < 0.01 5,652 K 808 K 1740 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
lsass.exe < 0.01 4,704 K 12,196 K 672 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
postgres.exe < 0.01 4,116 K 7,084 K 2716
postgres.exe < 0.01 4,236 K 7,636 K 2708
taskhost.exe < 0.01 9,920 K 12,288 K 5980
WUDFHost.exe 2,600 K 7,616 K 1668
wuauclt.exe 1,792 K 6,672 K 5608 Windows Update Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,420 K 6,748 K 3068
WmiPrvSE.exe 2,372 K 6,328 K 5644
WLTRYSVC.EXE 632 K 2,848 K 2868
wlanext.exe 1,552 K 5,892 K 1080
winlogon.exe 1,412 K 8,104 K 604
wininit.exe 792 K 3,840 K 576
VUAgent.exe 4,776 K 13,096 K 6088 VUAgent Sony Corporation (Verified) Sony Corporation
vim.exe 3,352 K 640 K 4416
vim.exe 3,484 K 568 K 1748 VAIO Control Center (vim Module) Sony Corporation (Verified) Sony Corporation
VESMgrSub.exe 3,216 K 9,808 K 2832
VESMgr.exe 1,784 K 6,424 K 2684 VAIO Control Center (Service Module) Sony Corporation (Verified) Sony Corporation
VAIOUpdt.exe 2,572 K 1,332 K 5080
UNS.exe 3,588 K 11,216 K 1536 User Notification Service Intel Corporation (Verified) Intel Corporation
TeamViewer_Service.exe 4,972 K 12,968 K 2424 TeamViewer 10 TeamViewer GmbH (Verified) TeamViewer
taskhostex.exe 4,648 K 10,788 K 1636 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 1,036 K 212 K 1752
svchost.exe 3,712 K 9,596 K 3228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,672 K 11,144 K 740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 25,704 K 32,740 K 912 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 10,584 K 19,120 K 980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,920 K 14,440 K 80 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,488 K 12,932 K 1552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,948 K 6,464 K 2404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,332 K 4,704 K 1404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SUSSoundProxy.exe 2,788 K 6,472 K 3528
sppsvc.exe 2,936 K 9,052 K 6072 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 4,008 K 11,072 K 1364 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 340 K 1,044 K 372
SkyDrive.exe 8,680 K 14,288 K 4564 OneDrive Sync Engine Microsoft Corporation (Verified) Microsoft Windows
SettingSyncHost.exe 7,744 K 2,688 K 3876 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
RIconMan.exe 1,644 K 5,784 K 1948 Realtek Card Reader Patch Tool. Realsil Microelectronics Inc. (Verified) Realtek Semiconductor Corp
RAVBg64.exe 5,100 K 9,972 K 4688 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,640 K 7,396 K 3724 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 25,168 K 16,512 K 3336 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
postgres.exe 4,472 K 9,860 K 2540
pg_ctl.exe 2,488 K 6,832 K 2288 pg_ctl - starts/stops/restarts the PostgreSQL server PostgreSQL Global Development Group (No signature was present in the subject) PostgreSQL Global Development Group
ovpnagent.exe 1,016 K 4,604 K 2168
NetworkClient.exe 2,500 K 468 K 852 VAIO Control Center (Network Setting Client) Sony Corporation (Verified) Sony Corporation
Jhi_service.exe 1,084 K 4,572 K 2132 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation
IntelMeFWService.exe 1,176 K 3,964 K 5860 Intel® ME Service Intel Corporation (Verified) Intel Corporation
igfxTray.exe 12,676 K 18,152 K 2660 igfxTray Module Intel Corporation (Verified) Intel Corporation - pGFX
igfxHK.exe 5,016 K 10,016 K 2612 igfxHK Module Intel Corporation (Verified) Intel Corporation - pGFX
igfxEM.exe 7,320 K 13,620 K 2460 igfxEM Module Intel Corporation (Verified) Intel Corporation - pGFX
igfxCUIService.exe 1,612 K 6,352 K 400 igfxCUIService Module Intel Corporation (Verified) Intel Corporation - pGFX
HeciServer.exe 1,220 K 5,096 K 2100 Intel® Capability Licensing Service Interface Intel® Corporation (Verified) Intel® Upgrade Service
GoogleCrashHandler64.exe 1,520 K 172 K 5752
GoogleCrashHandler.exe 1,696 K 200 K 6028
dllhost.exe 1,380 K 4,172 K 4508
dllhost.exe 1,476 K 5,644 K 3164
dllhost.exe 2,636 K 7,780 K 5652
dasHost.exe 3,292 K 10,084 K 1564
conhost.exe 640 K 2,764 K 1100
chrome.exe 28,468 K 36,408 K 3904 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 32,120 K 39,676 K 3888 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 32,144 K 31,936 K 4900 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 1,920 K 5,932 K 2464 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,104 K 6,588 K 2668 Google Chrome Google Inc. (Verified) Google Inc
btwdins.exe 1,892 K 6,584 K 1688 Bluetooth Support Server Broadcom Corporation. (Verified) Broadcom Corporation
audiodg.exe 7,956 K 10,916 K 5460
armsvc.exe 1,052 K 4,144 K 1580 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AdobeARM.exe 3,352 K 392 K 5628 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems
acrotray.exe 2,096 K 6,448 K 2628 AcroTray Adobe Systems Inc. (Verified) Adobe Systems
 
 
 
 
 
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       372 N/A                                         
csrss.exe                      516 N/A                                         
csrss.exe                      568 N/A                                         
wininit.exe                    576 N/A                                         
winlogon.exe                   604 N/A                                         
services.exe                   664 N/A                                         
lsass.exe                      672 SamSs                                       
svchost.exe                    740 BrokerInfrastructure, DcomLaunch, LSM,      
                                   PlugPlay, Power, SystemEventsBroker         
svchost.exe                    780 RpcEptMapper, RpcSs                         
dwm.exe                        876 N/A                                         
svchost.exe                    912 Audiosrv, Dhcp, EventLog,                   
                                   HomeGroupProvider, lmhosts, Wcmsvc, wscsvc  
svchost.exe                    952 AeLookupSvc, Appinfo, BITS, Browser, gpsvc, 
                                   iphlpsvc, LanmanServer, MMCSS, ProfSvc,     
                                   Schedule, SENS, ShellHWDetection, Themes,   
                                   Winmgmt, wuauserv                           
svchost.exe                    980 bthserv, EventSystem, fdPHost, FontCache,   
                                   netprofm, nsi, WdiServiceHost,              
                                   WinHttpAutoProxySvc                         
igfxCUIService.exe             400 igfxCUIService1.0.0.0                       
svchost.exe                    496 AudioEndpointBuilder,                       
                                   DeviceAssociationService, hidserv,          
                                   NcbService, Netman, PcaSvc, SysMain,        
                                   TrkWks, WdiSystemHost, WlanSvc, wudfsvc     
svchost.exe                     80 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
wlanext.exe                   1080 N/A                                         
AVGSvc.exe                    1092 AVG Antivirus                               
conhost.exe                   1100 N/A                                         
spoolsv.exe                   1364 Spooler                                     
svchost.exe                   1392 BFE, DPS, MpsSvc, NcdAutoSetup              
armsvc.exe                    1580 AdobeARMservice                             
taskhostex.exe                1636 N/A                                         
SynTPEnh.exe                  1740 N/A                                         
explorer.exe                  1788 N/A                                         
AGSService.exe                1796 AGSService                                  
AppleMobileDeviceService.     1852 Apple Mobile Device Service                 
NetworkClient.exe              852 N/A                                         
mDNSResponder.exe             1544 Bonjour Service                             
btwdins.exe                   1688 btwdins                                     
svchost.exe                   1552 DiagTrack                                   
RIconMan.exe                  1948 IconMan_R                                   
dasHost.exe                   1564 N/A                                         
HeciServer.exe                2100 Intel® Capability Licensing Service Interf
                                   ace                                         
Jhi_service.exe               2132 jhi_service                                 
ovpnagent.exe                 2168 ovpnagent                                   
pg_ctl.exe                    2288 postgresql-8.4                              
svchost.exe                   2404 stisvc                                      
TeamViewer_Service.exe        2424 TeamViewer                                  
postgres.exe                  2540 N/A                                         
conhost.exe                   2548 N/A                                         
VESMgr.exe                    2684 VAIO Event Service                          
postgres.exe                  2692 N/A                                         
postgres.exe                  2700 N/A                                         
postgres.exe                  2708 N/A                                         
postgres.exe                  2716 N/A                                         
VESMgrSub.exe                 2832 N/A                                         
VESMgrSub.exe                 2856 N/A                                         
WLTRYSVC.EXE                  2868 wltrysvc                                    
BCMWLTRY.EXE                  2896 N/A                                         
dllhost.exe                   3164 N/A                                         
svchost.exe                   3228 FDResPub, SensrSvc, SSDPSRV, TimeBroker     
PresentationFontCache.exe     3336 FontCache3.0.0.0                            
SUSSoundProxy.exe             3528 N/A                                         
SettingSyncHost.exe           3876 N/A                                         
svchost.exe                   1404 PolicyAgent                                 
WUDFHost.exe                  1668 N/A                                         
igfxEM.exe                    2460 N/A                                         
igfxHK.exe                    2612 N/A                                         
igfxTray.exe                  2660 N/A                                         
SearchIndexer.exe             4208 WSearch                                     
aswidsagenta.exe              4492 avgbIDSAgent                                
SkyDrive.exe                  4564 N/A                                         
RAVBg64.exe                   4688 N/A                                         
WLTRAY.EXE                    4748 N/A                                         
VAIOUpdt.exe                  5080 N/A                                         
avguix.exe                    4552 N/A                                         
flux.exe                      4908 N/A                                         
chrome.exe                    4344 N/A                                         
chrome.exe                    2464 N/A                                         
WmiPrvSE.exe                  3068 N/A                                         
chrome.exe                    2668 N/A                                         
acrotray.exe                  2628 N/A                                         
chrome.exe                    2328 N/A                                         
chrome.exe                    4900 N/A                                         
chrome.exe                    2644 N/A                                         
chrome.exe                    3888 N/A                                         
chrome.exe                    3904 N/A                                         
AVGUI.exe                     2032 N/A                                         
IntelMeFWService.exe          5860 Intel® ME Service                         
LMS.exe                       5932 LMS                                         
GoogleCrashHandler.exe        6028 N/A                                         
sppsvc.exe                    6072 sppsvc                                      
UNS.exe                       1536 UNS                                         
GoogleCrashHandler64.exe      5752 N/A                                         
chrome.exe                     772 N/A                                         
wuauclt.exe                   5608 N/A                                         
SynTPHelper.exe               1752 N/A                                         
vim.exe                       4416 N/A                                         
vim.exe                       1748 N/A                                         
dllhost.exe                   5652 N/A                                         
VUAgent.exe                   6088 VUAgent                                     
AdobeARM.exe                  5628 N/A                                         
audiodg.exe                   5460 N/A                                         
procexp.exe                   3724 N/A                                         
procexp64.exe                 4524 N/A                                         
taskhost.exe                  5980 N/A                                         
WmiPrvSE.exe                  5644 N/A                                         
SearchProtocolHost.exe        3208 N/A                                         
SearchFilterHost.exe          5544 N/A                                         
taskeng.exe                   1320 N/A                                         
chrome.exe                    5872 N/A                                         
cmd.exe                       5260 N/A                                         
conhost.exe                   3552 N/A                                         
tasklist.exe                  2784 N/A                                         
 
 
 
 
 

 

Attached Files

  • Attached File  VAIO.txt   314.53KB   167 downloads

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,831 posts
  • MVP
Error: (01/19/2018 05:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (01/19/2018 05:57:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.
 

 

 

Reinstall AVG

 

Error: (01/19/2018 06:06:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:36:35Z. Error Code: 0x80041318.
 

 

 

See if you can follow the instructions here:

 

https://answers.micr...57-a98fe92a2746

 

 

Error: (01/19/2018 05:57:10 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 

 

 

Search for services.msc and hit Enter.
 
This should bring up the Services window.  Scroll down to Netlogon and right click and select Properties.  Change Startup Type: to Disabled.
OK

 

Error: (01/19/2018 05:55:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
 

 

 

See if you can find a newer version of

 

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)
 
on your PC maker's support site oer uninstall then reinstall the current version.
 
 
 
Date: 2018-01-19 05:54:55.901
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 

 

 

Open an elevated command prompt:

http://www.eightforu...indows-8-a.html

If you open an elevated command prompt it will by default open in c:\Windows\system32

Once you have an elevated command prompt:

Type:

 

DISM  /Online  /Cleanup-Image  /RestoreHealth

 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
 

sfc  /scannow



This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt


Hit Enter.  Then type::
 

notepad %UserProfile%\desktop\junk.txt


Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 


  • 0

#5
geekyandhow

geekyandhow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
I have a Sony Vaio laptop but not sure which drivers are the latest and which one to install. Could you help me out?
 
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 19/01/2018 8:59:47 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 18/01/2018 5:55:12 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 18/01/2018 5:55:12 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 07/01/2018 8:37:22 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 07/01/2018 8:37:22 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 07/01/2018 7:23:41 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 07/01/2018 7:23:41 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/01/2018 9:04:16 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 06/01/2018 9:04:16 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/01/2018 2:06:35 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 06/01/2018 2:06:35 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 29/12/2017 10:19:51 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 29/12/2017 10:19:51 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 21/12/2017 10:12:54 AM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 21/12/2017 10:12:53 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 07/12/2017 5:05:00 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 07/12/2017 5:05:00 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 30/11/2017 12:26:33 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 28/11/2017 1:57:10 AM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 28/11/2017 1:57:10 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 27/11/2017 3:57:44 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/01/2018 2:49:47 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender Antivirus - KB2267602 (Definition 1.261.44.0).
 
Log: 'System' Date/Time: 19/01/2018 1:40:45 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 19/01/2018 1:40:45 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Log: 'System' Date/Time: 19/01/2018 11:43:43 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AVG Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 19/01/2018 11:43:43 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.
 
Log: 'System' Date/Time: 19/01/2018 11:32:28 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x8007045B: 2018-01 Security Update for Adobe Flash Player for Windows 8.1 for x64-based Systems (KB4056887).
 
Log: 'System' Date/Time: 19/01/2018 12:27:28 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AVG Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 19/01/2018 12:27:28 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.
 
Log: 'System' Date/Time: 19/01/2018 12:27:10 AM
Type: Error Category: 0
Event: 3095 Source: NETLOGON
This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.
 
Log: 'System' Date/Time: 19/01/2018 12:25:45 AM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 19/01/2018 12:25:45 AM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 19/01/2018 12:25:41 AM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Adobe Genuine Software Integrity Service service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® ME Service service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Intel® Capability Licensing Service Interface service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Broadcom Wireless LAN Tray Service service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The vToolbarUpdater40.3.8 service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The VAIO Event Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 3000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The postgresql-8.4 - PostgreSQL Server 8.4 service terminated unexpectedly.  It has done this 1 time(s).
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/01/2018 1:39:18 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 19/01/2018 1:38:41 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.
 
Log: 'System' Date/Time: 19/01/2018 1:38:32 PM
Type: Warning Category: 0
Event: 98 Source: Microsoft-Windows-Ntfs
Volume C: (\Device\HarddiskVolume5) requires an Online Scan.  An Online Scan will automatically run as part of the next scheduled maintenance task.  Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.
 
Log: 'System' Date/Time: 19/01/2018 1:38:04 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 19/01/2018 11:42:45 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 19/01/2018 11:42:03 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.
 
Log: 'System' Date/Time: 19/01/2018 11:37:28 AM
Type: Warning Category: 0
Event: 98 Source: Microsoft-Windows-Ntfs
Volume C: (\Device\HarddiskVolume5) requires an Online Scan.  An Online Scan will automatically run as part of the next scheduled maintenance task.  Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.
 
Log: 'System' Date/Time: 19/01/2018 11:36:55 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 19/01/2018 11:17:26 AM
Type: Warning Category: 0
Event: 98 Source: Microsoft-Windows-Ntfs
Volume ?? (\Device\HarddiskVolumeShadowCopy4) requires an Online Scan.  An Online Scan will automatically run as part of the next scheduled maintenance task.  Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.
 
Log: 'System' Date/Time: 19/01/2018 12:26:41 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 19/01/2018 12:26:22 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.
 
Log: 'System' Date/Time: 19/01/2018 12:26:12 AM
Type: Warning Category: 0
Event: 98 Source: Microsoft-Windows-Ntfs
Volume C: (\Device\HarddiskVolume5) requires an Online Scan.  An Online Scan will automatically run as part of the next scheduled maintenance task.  Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.
 
Log: 'System' Date/Time: 18/01/2018 6:45:07 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name mtnlmumbai.in timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 18/01/2018 5:55:38 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 18/01/2018 5:55:12 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.
 
Log: 'System' Date/Time: 18/01/2018 5:55:08 PM
Type: Warning Category: 0
Event: 98 Source: Microsoft-Windows-Ntfs
Volume C: (\Device\HarddiskVolume5) requires an Online Scan.  An Online Scan will automatically run as part of the next scheduled maintenance task.  Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.
 
Log: 'System' Date/Time: 16/01/2018 7:07:02 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ssl.google-analytics.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 16/01/2018 6:36:05 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name tvpapi-as.ott.kaltura.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 16/01/2018 6:36:03 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ssl.google-analytics.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 16/01/2018 12:34:32 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name forumserver.twoplustwo.com timed out after none of the configured DNS servers responded.
 
 
 
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 19/01/2018 9:00:20 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/01/2018 3:30:20 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:30:20Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:29:50 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:29:50Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:29:20 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:29:20Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:28:50 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:28:50Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:28:20 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:28:20Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:27:50 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:27:50Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:27:20 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:27:20Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:26:50 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:26:50Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:26:20 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:26:20Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:25:50 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:25:50Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:25:20 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:25:20Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:24:50 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:24:50Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:24:20 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:24:20Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:23:50 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:23:50Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:23:20 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:23:20Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:22:50 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:22:50Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:22:20 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:22:20Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:21:50 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:21:50Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:21:20 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:21:20Z. Error Code: 0x80041318.
 
Log: 'Application' Date/Time: 19/01/2018 3:20:50 PM
Type: Error Category: 0
Event: 16385 Source: Microsoft-Windows-Security-SPP
Failed to schedule Software Protection service for re-start at 2117-12-26T15:20:50Z. Error Code: 0x80041318.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/01/2018 11:44:18 AM
Type: Warning Category: 0
Event: 6006 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <TrustedInstaller> took 63 second(s) to handle the notification event (CreateSession).
 
Log: 'Application' Date/Time: 19/01/2018 11:44:15 AM
Type: Warning Category: 0
Event: 6005 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <TrustedInstaller> is taking long time to handle the notification event (CreateSession).
 
Log: 'Application' Date/Time: 18/01/2018 3:27:30 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
SearchIndexer (2380) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log" at offset 495616 (0x0000000000079000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (17 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 18/01/2018 3:26:44 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
SearchIndexer (2380) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log" at offset 495616 (0x0000000000079000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 06/01/2018 2:11:01 PM
Type: Warning Category: 18
Event: 4627 Source: Microsoft-Windows-EventSystem
The COM+ Event System timed out attempting to fire the PostShell method on event class {D5978650-5B9F-11D1-8DD2-00AA004ABD5E} for publisher  and subscriber .  The subscriber failed to respond within 180 seconds. The display name of the subscription is "SENS Logon2 Subscription". The HRESULT was 80010002.
 
Log: 'Application' Date/Time: 21/12/2017 12:43:53 PM
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 with error 0x81000207.
 
Log: 'Application' Date/Time: 21/12/2017 12:32:28 PM
Type: Warning Category: 7
Event: 906 Source: ESENT
taskhost (6328) A significant portion of the database buffer cache has been written out to the system paging file. This may result in severe performance degradation.  See help link for complete details of possible causes.  Previous cache residency state: 100% (3871 out of 3871 buffers) (3842 seconds ago)  Current cache residency state: 4% (202 out of 4057 buffers)
 
Log: 'Application' Date/Time: 21/12/2017 10:16:49 AM
Type: Warning Category: 18
Event: 4627 Source: Microsoft-Windows-EventSystem
The COM+ Event System timed out attempting to fire the PostShell method on event class {D5978650-5B9F-11D1-8DD2-00AA004ABD5E} for publisher  and subscriber .  The subscriber failed to respond within 180 seconds. The display name of the subscription is "SENS Logon2 Subscription". The HRESULT was 80010002.
 

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,831 posts
  • MVP
Log: 'System' Date/Time: 19/01/2018 11:17:26 AM
Type: Warning Category: 0
Event: 98 Source: Microsoft-Windows-Ntfs
Volume ?? (\Device\HarddiskVolumeShadowCopy4) requires an Online Scan.  An Online Scan will automatically run as part of the next scheduled maintenance task.  Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.
 
 

 

 

Follow the instructions here:

 

http://www.thewindow...cking-windows-8

 

Start where it says:

 

If you wish to nevertheless manually run a scan, you can do so.


  • 0

#7
geekyandhow

geekyandhow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

^ Did that, it scanned and said "Your drive was successfully repaired". Didn't restart though, and no log.

 

Can you also please help me find the right drivers for the broadcom stuff? I have a Sony Vaio E series laptop. Their site has hundreds of drivers.


Edited by geekyandhow, 20 January 2018 - 09:08 AM.

  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,831 posts
  • MVP

Copy the next line:

for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"

Open an elevated command prompt:

Win 8: http://www.eightforu...indows-8-a.html
(Make sure the prompt says C:\Windows\System32 > or it's not an elevated command prompt.)

 

Right click and Paste or Edit then Paste.  Hit Enter.  You should get a few errors.  These can be ignored.  Once the prompt returns

 

Reboot.

 

 

Run VEW again as before and post both logs.

 

I need the model number which should be on a label on the bottom of your laptop.


  • 0

#9
geekyandhow

geekyandhow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 20/01/2018 10:07:50 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 18/01/2018 5:55:12 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 18/01/2018 5:55:12 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 07/01/2018 8:37:22 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 07/01/2018 8:37:22 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 07/01/2018 7:23:41 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 07/01/2018 7:23:41 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/01/2018 9:04:16 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 06/01/2018 9:04:16 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/01/2018 2:06:35 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 06/01/2018 2:06:35 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 29/12/2017 10:19:51 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 29/12/2017 10:19:51 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 21/12/2017 10:12:54 AM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 21/12/2017 10:12:53 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 07/12/2017 5:05:00 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 07/12/2017 5:05:00 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 30/11/2017 12:26:33 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 28/11/2017 1:57:10 AM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
Log: 'System' Date/Time: 28/11/2017 1:57:10 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 27/11/2017 3:57:44 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/01/2018 4:34:59 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 20/01/2018 4:34:59 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Log: 'System' Date/Time: 20/01/2018 4:34:22 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 20/01/2018 4:34:22 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Log: 'System' Date/Time: 20/01/2018 4:12:29 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache3.0.0.0 service.
 
Log: 'System' Date/Time: 19/01/2018 2:49:47 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender Antivirus - KB2267602 (Definition 1.261.44.0).
 
Log: 'System' Date/Time: 19/01/2018 1:40:45 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 19/01/2018 1:40:45 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Log: 'System' Date/Time: 19/01/2018 11:43:43 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AVG Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 19/01/2018 11:43:43 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.
 
Log: 'System' Date/Time: 19/01/2018 11:32:28 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x8007045B: 2018-01 Security Update for Adobe Flash Player for Windows 8.1 for x64-based Systems (KB4056887).
 
Log: 'System' Date/Time: 19/01/2018 12:27:28 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AVG Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 19/01/2018 12:27:28 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.
 
Log: 'System' Date/Time: 19/01/2018 12:27:10 AM
Type: Error Category: 0
Event: 3095 Source: NETLOGON
This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.
 
Log: 'System' Date/Time: 19/01/2018 12:25:45 AM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 19/01/2018 12:25:45 AM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 19/01/2018 12:25:41 AM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Adobe Genuine Software Integrity Service service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).
 
Log: 'System' Date/Time: 19/01/2018 12:25:06 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Intel® ME Service service terminated unexpectedly.  It has done this 1 time(s).
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/01/2018 4:32:48 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 20/01/2018 4:32:24 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.
 
Log: 'System' Date/Time: 20/01/2018 4:12:12 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 20/01/2018 2:52:23 PM
Type: Warning Category: 0
Event: 130 Source: Ntfs
The file system structure on volume C: has now been repaired.
 
Log: 'System' Date/Time: 20/01/2018 2:50:04 PM
Type: Warning Category: 0
Event: 130 Source: Ntfs
The file system structure on volume C: has now been repaired.
 
Log: 'System' Date/Time: 20/01/2018 6:10:35 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name fallback.nos-avg.cz timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 19/01/2018 1:39:18 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 19/01/2018 1:38:41 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.
 
Log: 'System' Date/Time: 19/01/2018 1:38:32 PM
Type: Warning Category: 0
Event: 98 Source: Microsoft-Windows-Ntfs
Volume C: (\Device\HarddiskVolume5) requires an Online Scan.  An Online Scan will automatically run as part of the next scheduled maintenance task.  Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.
 
Log: 'System' Date/Time: 19/01/2018 1:38:04 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 19/01/2018 11:42:45 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 19/01/2018 11:42:03 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.
 
Log: 'System' Date/Time: 19/01/2018 11:37:28 AM
Type: Warning Category: 0
Event: 98 Source: Microsoft-Windows-Ntfs
Volume C: (\Device\HarddiskVolume5) requires an Online Scan.  An Online Scan will automatically run as part of the next scheduled maintenance task.  Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.
 
Log: 'System' Date/Time: 19/01/2018 11:36:55 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll 
 
Log: 'System' Date/Time: 19/01/2018 11:17:26 AM
Type: Warning Category: 0
Event: 98 Source: Microsoft-Windows-Ntfs
Volume ?? (\Device\HarddiskVolumeShadowCopy4) requires an Online Scan.  An Online Scan will automatically run as part of the next scheduled maintenance task.  Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.
 
Log: 'System' Date/Time: 19/01/2018 12:26:41 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 19/01/2018 12:26:22 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.
 
Log: 'System' Date/Time: 19/01/2018 12:26:12 AM
Type: Warning Category: 0
Event: 98 Source: Microsoft-Windows-Ntfs
Volume C: (\Device\HarddiskVolume5) requires an Online Scan.  An Online Scan will automatically run as part of the next scheduled maintenance task.  Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.
 
Log: 'System' Date/Time: 18/01/2018 6:45:07 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name mtnlmumbai.in timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 18/01/2018 5:55:38 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 20/01/2018 10:12:06 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/01/2018 4:40:42 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:40:42 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:40:36 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:40:36 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:40:36 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:40:36 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:40:36 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:40:32 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:40:29 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:40:27 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:40:27 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:34:32 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:34:32 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:33:54 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:33:54 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:33:54 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:33:54 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:33:54 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 20/01/2018 4:33:42 PM
Type: Error Category: 0
Event: 0 Source: PostgreSQL
2018-01-20 22:03:42 ISTFATAL:  the database system is starting up
 
 
Log: 'Application' Date/Time: 20/01/2018 4:33:41 PM
Type: Error Category: 0
Event: 0 Source: PostgreSQL
2018-01-20 22:03:41 ISTFATAL:  the database system is starting up
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/01/2018 11:44:18 AM
Type: Warning Category: 0
Event: 6006 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <TrustedInstaller> took 63 second(s) to handle the notification event (CreateSession).
 
Log: 'Application' Date/Time: 19/01/2018 11:44:15 AM
Type: Warning Category: 0
Event: 6005 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <TrustedInstaller> is taking long time to handle the notification event (CreateSession).
 
Log: 'Application' Date/Time: 18/01/2018 3:27:30 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
SearchIndexer (2380) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log" at offset 495616 (0x0000000000079000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (17 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 18/01/2018 3:26:44 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
SearchIndexer (2380) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log" at offset 495616 (0x0000000000079000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 06/01/2018 2:11:01 PM
Type: Warning Category: 18
Event: 4627 Source: Microsoft-Windows-EventSystem
The COM+ Event System timed out attempting to fire the PostShell method on event class {D5978650-5B9F-11D1-8DD2-00AA004ABD5E} for publisher  and subscriber .  The subscriber failed to respond within 180 seconds. The display name of the subscription is "SENS Logon2 Subscription". The HRESULT was 80010002.
 
Log: 'Application' Date/Time: 21/12/2017 12:43:53 PM
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 with error 0x81000207.
 
Log: 'Application' Date/Time: 21/12/2017 12:32:28 PM
Type: Warning Category: 7
Event: 906 Source: ESENT
taskhost (6328) A significant portion of the database buffer cache has been written out to the system paging file. This may result in severe performance degradation.  See help link for complete details of possible causes.  Previous cache residency state: 100% (3871 out of 3871 buffers) (3842 seconds ago)  Current cache residency state: 4% (202 out of 4057 buffers)
 
Log: 'Application' Date/Time: 21/12/2017 10:16:49 AM
Type: Warning Category: 18
Event: 4627 Source: Microsoft-Windows-EventSystem
The COM+ Event System timed out attempting to fire the PostShell method on event class {D5978650-5B9F-11D1-8DD2-00AA004ABD5E} for publisher  and subscriber .  The subscriber failed to respond within 180 seconds. The display name of the subscription is "SENS Logon2 Subscription". The HRESULT was 80010002.
 

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,831 posts
  • MVP

Is it running any better now that the disk check has completed?

 

Do you have the PC's part number from the label on the bottom?


  • 0

#11
geekyandhow

geekyandhow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Sorry for the late reply, I was very occupied. PC seems okay. I'm attaching the back label in this reply since I'm not able to find the "part number".

 

Thanks much!

Attached Thumbnails

  • Sony label.jpg

Edited by geekyandhow, 27 January 2018 - 09:51 AM.

  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,831 posts
  • MVP

Model # SVF15215CXB is what I was looking for.

 

This is a newer driver for your wifi:

 

https://esupport.son...&os_group_id=24

 

They don't have a Broadcom driver for the wired network.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP