Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer slowed down, getting AVG warnings sometimes

Started by geekyandhow , Jan 18 2018 12:07 PM

Please log in to reply

#1
geekyandhow

Posted 18 January 2018 - 12:07 PM

Member

Member
74 posts

Hi guys,

PC is slow at startup since a few weeks and I get AVG warnings sometimes about some miner, etc.

Can someone please help me clean up my PC and remove unwanted/dangerous stuff that I may be unaware of?

Would highly appreciate thanks!

#2
RKinner

Posted 18 January 2018 - 06:05 PM

Malware Expert

Expert
24,624 posts

Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7+ => right click and Run As Administrator).

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.

Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC. If you don't know if you have a 32 or 64 bit system get them both. Only one will work and that's the right one.
Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Check the Addition.txt box
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Note the file name. Open the file on your desktop and copy and paste the text to a reply.

Copy the next 2 lines:

TASKLIST /SVC > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply.

Get the free version of Speccy:

http://www.filehippo.com/download_speccy/ (Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it. Point it at the file and hit Open.
Now click on Attach this file.

#3
geekyandhow

Posted 18 January 2018 - 06:56 PM

Member

Topic Starter
Member
74 posts

# AdwCleaner 7.0.6.0 - Logfile created on Fri Jan 19 00:25:35 2018

# Updated on 2017/21/12 by Malwarebytes

# Running on Windows 8.1 (X64)

# Mode: clean

# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: WtuSystemSupport

Deleted: vToolbarUpdater40.3.8

***** [ Folders ] *****

Deleted: C:\Program Files\Hola

Deleted: C:\Users\Guest\AppData\Roaming\Hola

Deleted: C:\Users\Lily\AppData\Roaming\Hola

Deleted: C:\Users\Neville\AppData\Roaming\Hola

Deleted: C:\ProgramData\AVG Secure Search

Deleted: C:\ProgramData\Application Data\AVG Secure Search

Deleted: C:\Program Files\Common Files\AVG Secure Search

Deleted: C:\Program Files (x86)\Common Files\AVG Secure Search

Deleted: C:\Users\All Users\AVG Secure Search

Deleted: C:\ProgramData\avg web tuneup

Deleted: C:\ProgramData\Application Data\avg web tuneup

Deleted: C:\Program Files\avg web tuneup

Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\avg web tuneup

Deleted: C:\Program Files (x86)\avg web tuneup

Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup

Deleted: C:\Users\All Users\avg web tuneup

Deleted: C:\Users\Guest\AppData\Local\avg web tuneup

Deleted: C:\Users\Neville\AppData\Local\avg web tuneup

Deleted: C:\Users\TEMP\AppData\Local\avg web tuneup

***** [ Files ] *****

Deleted: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\wguw992c.default\searchplugins\avg-secure-search.xml

Deleted: C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\searchplugins\avg-secure-search.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: AVG-SSU_1117tb

Deleted: AVG-SSU_1117tb_DELETE

Deleted: 0915tbUpdateInfo

Deleted: AVG-SSU_1117tb

Deleted: AVG-SSU_1117tb_DELETE

***** [ Registry ] *****

Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [https:\\mysearch.avg.com\?cid={89FED01A-6BDF-4466-BF70-1A6B547FC663}&mid=7be7f47994a847cda1f5ed3ea03875a5-50bf7b189223f2721b05c771b87ec98f9fef8697&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-27 23:44:21&v=4.3.1.831&pid=wtu&sg=&sap=hp]

Deleted: [Key] - HKLM\SOFTWARE\AVG Secure Search

Deleted: [Key] - HKLM\SOFTWARE\Hola

Deleted: [Key] - HKU\.DEFAULT\Software\Hola

Deleted: [Key] - HKU\S-1-5-21-2107339062-2504870960-3837946639-1006\Software\Hola

Deleted: [Key] - HKU\S-1-5-18\Software\Hola

Deleted: [Key] - HKLM\SOFTWARE\AVG Tuneup

Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}

Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}

Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|LightShot

Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@avg.com\AVG SiteSafety plugin,version=11.0.0.1,application\x-avg-sitesafety-plugin

Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh

Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: AVG Web TuneUp -

SearchProvider deleted: Conduit Search - conduit.search

*************************

::Tracing keys deleted

::Winsock settings cleared

::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [4488 B] - [2018/1/19 0:24:19]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01

Ran by Neville (administrator) on VAIO (19-01-2018 06:04:13)

Running from C:\Users\Neville\Desktop

Loaded Profiles: Neville & postgres (Available Profiles: Neville & postgres & Lily & Guest)

Platform: Windows 8.1 (Update) (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe

(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe

(f.lux Software LLC) C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe

(Sony Corporation) C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUSR.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)

HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-09-15] (AVG Technologies CZ, s.r.o.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [295512 2018-01-16] (AVG Technologies CZ, s.r.o.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)

HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-10-25] (Broadcom Corporation.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-06] (Microsoft Corporation)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-11-01] (Wondershare)

HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-09-15] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2016-12-18] (Adobe Systems Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [f.lux] => C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-11] (f.lux Software LLC)

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [GoogleChromeAutoLaunch_025349DF926404DCBA5805A40191CC91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664 2018-01-03] (Google Inc.)

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Adda52 Poker\poker.exe [1512960 2017-08-16] (Gauss Networks Pvt. Ltd.)

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\MountPoints2: {0d7b0f35-7c44-11e6-bf94-3c77e6dc9c56} - "E:\AutoRun.exe"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\MountPoints2: {0d7b0f59-7c44-11e6-bf94-3c77e6dc9c56} - "E:\AutoRun.exe"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [Google Update] => "C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe" /c

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [Facebook Update] => "C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [GoogleChromeAutoLaunch_025349DF926404DCBA5805A40191CC91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664 2018-01-03] (Google Inc.)

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [f.lux] => C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-11] (f.lux Software LLC)

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk [2016-02-29]

ShortcutTarget: PrivateTunnel.lnk -> C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\privatetunnel2.5.5.exe (OpenVPN Technologies)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 202.88.131.90 202.88.131.89 202.88.130.67

Tcpip\..\Interfaces\{04EB17EE-B2FF-4085-A727-6B08D79238AD}: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{9B7B8155-9333-41CF-96FD-E241113CFF23}: [DhcpNameServer] 192.168.0.1 192.168.0.1

Tcpip\..\Interfaces\{A7CA6FDC-65B3-4CF9-B6DE-3266EBD35973}: [NameServer] 8.8.8.8,8.8.4.4

Tcpip\..\Interfaces\{A7CA6FDC-65B3-4CF9-B6DE-3266EBD35973}: [DhcpNameServer] 202.88.131.90 202.88.131.89 202.88.130.67

Internet Explorer:

==================

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\Software\Microsoft\Internet Explorer\Main,Start Page =

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie

SearchScopes: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001 -> {518D4777-9FC5-4AA6-B923-CB7BB495481A} URL = hxxp://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={89FED01A-6BDF-4466-BF70-1A6B547FC663}&mid=7be7f47994a847cda1f5ed3ea03875a5-50bf7b189223f2721b05c771b87ec98f9fef8697&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2016-04-27 23:44:21&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)

BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll => No File

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-25] (Oracle Corporation)

BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll => No File

BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-25] (Oracle Corporation)

BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)

Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

FireFox:

========

FF DefaultProfile: zpq2ecz1.default-1395808145287

FF ProfilePath: C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287 [2017-08-31]

FF user.js: detected! => C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\user.js [2015-10-29]

FF Homepage: Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287 -> google.com

FF Extension: (AVG Web TuneUp) - C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\Extensions\[email protected] [2016-07-22] [Legacy]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-03-11] [Legacy]

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()

FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-10-27] (Oracle Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-27] (Google, Inc.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-25] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-25] (Oracle Corporation)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)

FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2012-07-13] (Sony Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-12-18] (Adobe Systems Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxps://www.google.ca/

CHR DefaultSearchKeyword: Default -> google.co.in

CHR Profile: C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default [2018-01-19]

CHR Extension: (Magic Actions for YouTube™) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2018-01-14]

CHR Extension: (Google Drive) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]

CHR Extension: (YouTube) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]

CHR Extension: (Chrome IG Story) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2018-01-14]

CHR Extension: (Adblock for Youtube™) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-20]

CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-11-02]

CHR Extension: (Google Search) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]

CHR Extension: (Voice Search) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfkcobomkalfdlmkongnhnhahkmnaad [2017-07-31]

CHR Extension: (Better YouTube Watch History) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\lleajdkalfbohpinoaekajagdefaeckd [2018-01-09]

CHR Extension: (Lightshot (screenshot tool)) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2018-01-19]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]

CHR Extension: (Chrome Media Router) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-11]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-12-18]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)

R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [301720 2018-01-16] (AVG Technologies CZ, s.r.o.)

R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7589200 2018-01-16] (AVG Technologies CZ, s.r.o.)

S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-09-15] (AVG Technologies CZ, s.r.o.)

S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2252504 2013-09-05] (Broadcom Corporation.)

R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319376 2014-10-02] (Intel Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)

S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)

R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [1493224 2016-02-19] ()

S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-20] (Sony Corporation) [File not signed]

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-07] (Sony Corporation)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]

R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [177536 2018-01-16] (AVG Technologies CZ, s.r.o.)

R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiska.sys [166624 2018-01-16] (AVG Technologies CZ, s.r.o.)

R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [315152 2018-01-16] (AVG Technologies CZ, s.r.o.)

R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [193096 2018-01-16] (AVG Technologies CZ, s.r.o.)

R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [337408 2018-01-16] (AVG Technologies CZ, s.r.o.)

R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51336 2018-01-16] (AVG Technologies CZ, s.r.o.)

S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39424 2018-01-16] (AVG Technologies CZ, s.r.o.)

R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [139112 2018-01-16] (AVG Technologies CZ, s.r.o.)

R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [102792 2018-01-16] (AVG Technologies CZ, s.r.o.)

R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [76832 2018-01-16] (AVG Technologies CZ, s.r.o.)

R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1017624 2018-01-16] (AVG Technologies CZ, s.r.o.)

R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [450360 2018-01-16] (AVG Technologies CZ, s.r.o.)

R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [196904 2018-01-16] (AVG Technologies CZ, s.r.o.)

R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [351128 2018-01-16] (AVG Technologies CZ, s.r.o.)

R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-09-05] (Broadcom Corporation.)

R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [8469680 2014-03-14] (Broadcom Corporation)

S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)

S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)

S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2016-03-18] (Sony Mobile Communications)

R3 ptun0901; C:\WINDOWS\system32\DRIVERS\ptun0901.sys [27136 2014-04-25] (The OpenVPN Project)

S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [29352 2015-10-09] ()

S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-07-31] ()

R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)

S3 tapSF0901; C:\WINDOWS\system32\DRIVERS\tapSF0901.sys [39104 2014-03-21] (Spotflux, Inc.)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

R2 WinisoCDBus; C:\WINDOWS\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-19 06:04 - 2018-01-19 06:06 - 000027265 _____ C:\Users\Neville\Desktop\FRST.txt

2018-01-19 06:03 - 2018-01-19 06:04 - 000000000 ____D C:\FRST

2018-01-19 06:02 - 2018-01-19 06:02 - 002393088 _____ (Farbar) C:\Users\Neville\Desktop\FRST64.exe

2018-01-19 05:59 - 2018-01-19 05:59 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC

2018-01-19 05:51 - 2018-01-19 05:54 - 000000000 ____D C:\AdwCleaner

2018-01-19 05:46 - 2018-01-19 05:46 - 008198432 _____ (Malwarebytes) C:\Users\Neville\Desktop\AdwCleaner.exe

2018-01-19 00:32 - 2018-01-19 00:32 - 003454787 _____ C:\Users\Neville\Desktop\archive.zip

2018-01-18 20:55 - 2018-01-18 20:55 - 000000000 ____D C:\WINDOWS\LastGood.Tmp

2018-01-16 03:26 - 2018-01-16 03:26 - 000366800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe

2018-01-15 17:51 - 2018-01-15 17:51 - 000022756 _____ C:\Users\Neville\Desktop\TransactionHistory-45446fa771e3acfe4fbcfa83ebfbe29e7688ac02.csv

2018-01-06 17:50 - 2018-01-06 17:57 - 731078554 _____ C:\Users\Neville\Desktop\bb31dec.mp4

2017-12-29 03:57 - 2017-12-29 11:14 - 000000688 _____ C:\Users\Neville\Desktop\New Text Document (2).txt

2017-12-23 18:48 - 2017-12-23 18:48 - 000000000 ____D C:\ProgramData\Avg_Update_1117tb_a03376

2017-12-23 18:48 - 2017-12-04 21:53 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2017-12-23 18:48 - 2017-12-04 21:53 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2017-12-22 04:50 - 2017-12-22 04:50 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG

2017-12-22 04:50 - 2017-12-22 04:50 - 000000000 ____D C:\Program Files\Common Files\AVG

2017-12-22 02:14 - 2018-01-19 03:25 - 000000402 _____ C:\WINDOWS\Tasks\update-sys.job

2017-12-22 02:14 - 2018-01-19 02:38 - 000000402 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001.job

2017-12-22 02:14 - 2017-12-22 02:14 - 000003272 _____ C:\WINDOWS\System32\Tasks\update-sys

2017-12-22 02:14 - 2017-12-22 02:14 - 000003254 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001

2017-12-22 02:14 - 2017-12-22 02:14 - 000000546 _____ C:\Users\Neville\AppData\Local\UserProducts.xml

2017-12-22 02:14 - 2017-12-22 02:14 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot

2017-12-22 02:14 - 2017-12-22 02:14 - 000000000 ____D C:\Users\Neville\AppData\Local\Skillbrains

2017-12-22 02:14 - 2017-12-22 02:14 - 000000000 ____D C:\Program Files (x86)\Skillbrains

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-19 06:05 - 2013-12-11 14:36 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Adobe

2018-01-19 06:01 - 2015-01-23 06:27 - 000000000 ___DO C:\Users\Neville\OneDrive

2018-01-19 05:57 - 2013-08-22 20:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2018-01-19 05:55 - 2015-01-22 14:08 - 000000000 ____D C:\Users\postgres

2018-01-19 05:55 - 2013-08-22 18:55 - 000524288 ___SH C:\WINDOWS\system32\config\BBI

2018-01-19 05:51 - 2016-02-29 02:53 - 000000000 ____D C:\Users\Neville\AppData\Local\PrivateTunnel

2018-01-19 03:06 - 2015-01-25 13:56 - 000003774 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2EDEAA1B-DC61-4DA2-AC32-19AE130F8449}

2018-01-17 04:43 - 2013-12-30 12:01 - 000000000 ____D C:\Users\Neville\AppData\Local\PokerStars

2018-01-16 03:26 - 2017-11-30 04:20 - 000177536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys

2018-01-16 03:26 - 2017-06-02 04:54 - 000450360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys

2018-01-16 03:26 - 2017-06-02 04:54 - 000449848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys.151605340881204

2018-01-16 03:26 - 2017-06-02 04:54 - 000351128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys

2018-01-16 03:26 - 2017-06-02 04:54 - 000196904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys

2018-01-16 03:26 - 2017-06-02 04:54 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys.151605340881204

2018-01-16 03:26 - 2017-06-02 04:54 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys

2018-01-16 03:26 - 2017-06-02 04:54 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys

2018-01-16 03:26 - 2017-06-02 04:54 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys

2018-01-16 03:26 - 2017-06-02 04:54 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys

2018-01-16 03:26 - 2017-06-02 04:54 - 000003920 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update

2018-01-16 03:25 - 2017-06-02 04:54 - 001017624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys

2018-01-16 03:25 - 2017-06-02 04:54 - 000337408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys

2018-01-16 03:25 - 2017-06-02 04:54 - 000315152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys

2018-01-16 03:25 - 2017-06-02 04:54 - 000193096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys

2018-01-16 03:25 - 2017-06-02 04:54 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys

2018-01-16 03:25 - 2017-06-02 04:54 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys

2018-01-15 23:34 - 2013-12-11 14:46 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Skype

2018-01-14 02:19 - 2013-08-22 21:06 - 000000000 ____D C:\WINDOWS\AppReadiness

2018-01-13 02:28 - 2013-12-11 14:43 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2107339062-2504870960-3837946639-1001

2018-01-12 20:41 - 2016-09-30 22:25 - 000000000 ____D C:\Program Files (x86)\Anvsoft

2018-01-12 05:44 - 2014-08-21 02:45 - 000000707 _____ C:\Users\Neville\Desktop\Mileage Programs.txt

2018-01-10 16:14 - 2013-08-22 19:06 - 000000000 ____D C:\WINDOWS\Inf

2018-01-10 00:07 - 2013-12-11 15:13 - 000004288 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2018-01-10 00:07 - 2013-08-22 21:06 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed

2018-01-10 00:07 - 2013-08-22 21:06 - 000000000 ____D C:\WINDOWS\system32\Macromed

2018-01-09 17:16 - 2012-07-26 13:29 - 000000000 ____D C:\WINDOWS\CbsTemp

2018-01-07 21:51 - 2016-08-08 00:51 - 000000627 _____ C:\Users\Neville\Desktop\A52.txt

2018-01-07 02:39 - 2016-10-03 23:00 - 000000000 ___HD C:\Users\Guest\AppData\Roaming\BitTorrent

2018-01-07 02:39 - 2015-01-22 14:08 - 000000000 ____D C:\Users\Guest

2018-01-07 02:38 - 2017-11-21 23:59 - 000000000 ____D C:\Users\Guest\AppData\LocalLow\BitTorrent

2018-01-06 19:38 - 2016-10-11 09:32 - 000000000 ____D C:\Users\Lily

2018-01-06 19:37 - 2015-01-22 14:08 - 000000000 ____D C:\Users\Neville

2018-01-06 19:04 - 2014-07-15 16:19 - 000000000 ____D C:\Users\Neville\AppData\Roaming\vlc

2018-01-06 18:09 - 2016-09-30 22:26 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Anvsoft

2018-01-06 17:54 - 2014-11-21 14:14 - 000869136 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2018-01-06 17:33 - 2014-04-04 01:43 - 000002205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-12-28 08:15 - 2014-10-07 13:44 - 000000512 _____ C:\Users\Neville\Desktop\Days in Canada.txt

2017-12-25 21:06 - 2017-02-23 07:29 - 000003846 _____ C:\Users\Neville\Desktop\New Text Document.txt

2017-12-23 18:46 - 2013-08-22 20:14 - 000523504 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-12-21 18:15 - 2013-12-29 04:18 - 000000000 ____D C:\WINDOWS\system32\MRT

2017-12-21 18:09 - 2017-11-17 02:22 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe

2017-12-21 18:08 - 2013-12-29 04:18 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-12-21 16:00 - 2013-08-22 21:06 - 000000000 ___HD C:\Program Files\WindowsApps

==================== Files in the root of some directories =======

2015-10-27 00:46 - 2015-10-25 12:46 - 000000040 ____H () C:\Program Files (x86)\4e98b98d.tmp

2014-01-06 04:18 - 2014-01-06 04:18 - 000069291 _____ () C:\Program Files (x86)\hminstalllog.txt

2017-12-22 02:14 - 2017-12-22 02:14 - 000000003 _____ () C:\Users\Neville\AppData\Local\updater.log

2017-12-22 02:14 - 2017-12-22 02:14 - 000000546 _____ () C:\Users\Neville\AppData\Local\UserProducts.xml

Some files in TEMP:

====================

2016-08-23 18:19 - 2016-07-20 14:01 - 000186640 ____H (AVG Technologies CZ, s.r.o.) C:\Users\Guest\AppData\Local\Temp\avguirn_08838862531.exe

2017-08-31 15:30 - 2017-08-31 15:30 - 000046080 ____N () C:\Users\Neville\AppData\Local\Temp\javasysmo3659213139603519291.dll

2017-12-02 04:32 - 2017-12-02 04:32 - 000137696 _____ (tmssoftware.com) C:\Users\Neville\AppData\Local\Temp\wusetup.exE

2015-09-22 08:59 - 2015-09-22 08:59 - 000155729 _____ () C:\Users\TEMP\AppData\Local\Temp\JExplorer32.2.7.1.dll

2015-09-22 08:59 - 2015-09-22 08:59 - 000008273 _____ (TeamDev Ltd) C:\Users\TEMP\AppData\Local\Temp\JExplorer32.2.7.1.exe

2015-09-22 08:59 - 2015-09-22 08:59 - 000000000 _____ () C:\Users\TEMP\AppData\Local\Temp\JExplorer64.2.7.1.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-18 03:09

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.01.2018 01

Ran by Neville (19-01-2018 06:07:50)

Running from C:\Users\Neville\Desktop

Windows 8.1 (Update) (X64) (2015-01-23 00:52:19)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2107339062-2504870960-3837946639-500 - Administrator - Disabled)

Guest (S-1-5-21-2107339062-2504870960-3837946639-501 - Limited - Enabled) => C:\Users\Guest

Lily (S-1-5-21-2107339062-2504870960-3837946639-1006 - Limited - Enabled) => C:\Users\Lily

Neville (S-1-5-21-2107339062-2504870960-3837946639-1001 - Administrator - Enabled) => C:\Users\Neville

postgres (S-1-5-21-2107339062-2504870960-3837946639-1003 - Limited - Enabled) => C:\Users\postgres

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}

AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adda52Poker version M2.0.0 (HKLM-x32\...\{82F792B3-0133-4D9C-B4CC-3E53CDBC342B}_is1) (Version: M2.0.0 - Gauss Networks Pvt. Ltd.)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.19 - Adobe Systems)

Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.23) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)

Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)

AVG (HKLM\...\{434FBA38-0562-4F98-9436-4B45C0C0EF0B}) (Version: 1.201.2 - AVG Technologies) Hidden

AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies)

AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)

BitTorrent (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)

BitTorrent (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\BitTorrent) (Version: 7.8.2.30445 - BitTorrent Inc.)

BodogPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E7}}_is1) (Version: - )

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Bovada Hand Converter (HKLM-x32\...\{1843AD45-F895-4E7B-BC65-CD1F76B48HDC}_is1) (Version: 1.0.0.43 - Ace Poker Solutions)

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)

Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)

CarbonPoker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\CarbonPoker) (Version: 6.0 - )

CarbonPoker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\CarbonPoker) (Version: 6.0 - )

CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)

Dropbox (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)

ESDL (HKLM-x32\...\{9A2CA016-1C4C-4D44-BF70-C2C8639C34A4}) (Version: 1.0.0 - Sony Corporation) Hidden

f.lux (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Flux) (Version: - f.lux Software LLC)

f.lux (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Flux) (Version: - )

FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden

FMW 1 (HKLM\...\{F64508FE-73C8-4C27-9CCA-3799C428B70B}) (Version: 1.223.1 - AVG Technologies) Hidden

Foxit Advanced PDF Editor 3 (HKLM-x32\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)

Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden

Holdem Manager (HKLM-x32\...\HoldemManager) (Version: - )

Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)

Intel® PROSet/Wireless NFC Software (HKLM\...\Intel® PROSet/Wireless NFC Software) (Version: 1.1.1.002 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)

Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)

lightshot-3.4.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 3.4.0.0 - Skillbrains)

Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)

Microsoft SkyDrive (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft SkyDrive (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)

Networkx64 (HKLM\...\{AD1A77F2-5E5F-4A1C-A5C5-74CE7CEC5EC6}) (Version: 1.0.0 - Sony Corporation) Hidden

OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)

partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)

PokerSnowie (HKLM-x32\...\PokerSnowie_is1) (Version: - Snowie Games Ltd)

PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)

PokerStars Beta (HKLM-x32\...\PokerStars Beta) (Version: - PokerStars Beta)

PokerStove version 1.24 (HKLM-x32\...\{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1) (Version: - )

PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)

PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.5.5.14 - OpenVPN Technologies)

Reader for PC (HKLM-x32\...\{25340F94-F74E-4CCF-ABDF-ECBCF03911BE}) (Version: 2.0.00.07121 - Sony Corporation)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)

Remote Keyboard (HKLM-x32\...\{6466EF6E-700E-470F-94CB-D0050302C84E}) (Version: 1.2.0.09270 - Sony Corporation) Hidden

Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden

SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)

Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)

Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)

Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.4.201603071758 - Sony Mobile Communications Inc.)

Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)

Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)

SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden

SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)

TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38475 - TeamViewer)

VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)

VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)

VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.4.0.15030 - Sony Corporation)

VAIO BIOS Data Transfer Utility (HKLM-x32\...\{5D772F4A-53DE-4E1F-83F5-B08DFF106C60}) (Version: 1.0.0.02050 - Sony Corporation) Hidden

VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)

VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)

VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)

VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)

VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)

VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)

VAIO Gesture Control (HKLM-x32\...\{9CE67959-AF22-4D93-8D49-CB73F015628E}) (Version: 2.2.0.01230 - Sony Corporation) Hidden

VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation) Hidden

VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)

VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)

VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)

VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation) Hidden

VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)

VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)

VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)

VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)

VCCMMx64 (HKLM\...\{B812401D-BAB2-4E33-9AC7-9862BC8CAF64}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCMMx86 (HKLM-x32\...\{CC87BAAD-AA25-4727-9B7C-E0876722B784}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCx64 (HKLM\...\{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCx86 (HKLM-x32\...\{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden

VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden

VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden

VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)

VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 760 - Finarea S.A. Switzerland)

VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden

VSSTx64 (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Sony Corporation ) Hidden

VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden

VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden

VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden

VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden

WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)

William Hill Poker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\William Hill Poker) (Version: - )

William Hill Poker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\William Hill Poker) (Version: - )

Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)

WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)

WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

XperiaLinkx86 (HKLM-x32\...\{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}) (Version: 1.0.0 - Sony Corporation) Hidden

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)

ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-01-16] (AVG Technologies CZ, s.r.o.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-03] (Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-03] (Alexander Roshal)

ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-10-02] (Intel Corporation)

ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)

ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-01-16] (AVG Technologies CZ, s.r.o.)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-03] (Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-03] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {024C722F-551D-41E6-A570-2FAAFF872442} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-01-16] ()

Task: {06579122-4774-4FE5-BA42-2DFCD63E686B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)

Task: {0B929CE9-5CD0-47A6-9859-0423FCA07A18} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2016-03-05] (Sony Corporation)

Task: {0EB38FC8-EB83-41E6-862F-84002080840C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)

Task: {11183CC6-475F-4A52-9EEF-622927D6FEE0} - System32\Tasks\{B0988E86-0FC5-4456-B793-57B83BE615AA} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Neville\Desktop\PokerStoveSetup121.exe -d C:\Users\Neville\Desktop

Task: {14247623-9215-4D5E-83DA-C5D35B069FF0} - System32\Tasks\Sony Corporation\VAIO Care\UpdateConfig => C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe [2015-03-03] (Sony Corporation)

Task: {28EAF5D8-B94E-418A-A4E3-DDB193749F87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {2E43AAE8-AB2F-419D-9EDB-DA280E4FD25E} - System32\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-01-16] ()

Task: {2FBCE8A5-96DC-4092-B3AD-AC9E71801E2A} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)

Task: {4FEB958B-B275-4675-A1FB-965F793A8CA0} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe

Task: {5179E4E0-AA1B-48C0-B87F-9522BF8136AD} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-18] (Sony Corporation)

Task: {52E4841A-71D1-429B-8041-2303E3275D42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {5498C027-A95D-4CC9-99B4-6ACEC1536CED} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)

Task: {56A8D7F9-58D8-48E0-BA81-2D60AAFB2BB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)

Task: {5FFDE82F-2052-415A-9386-946E288BF596} - System32\Tasks\TinyTakeUpgrade => C:\Users\Neville\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake.exe

Task: {603759C9-3B36-44C1-A9CD-90E2171C9CBD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)

Task: {618D2C93-D838-414F-AAD3-979C1ACB1642} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-15] (Apple Inc.)

Task: {684817BB-2A3D-4E29-94B0-CD3E80177905} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)

Task: {6FB19CEE-A97B-468E-9405-292CFD3C450F} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-25] (Sony Corporation)

Task: {8ADFB8F6-4081-47E9-AA8D-018198CFE593} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-01-05] (AVG Technologies CZ, s.r.o.)

Task: {8F210BC0-738A-4D76-B866-CAAC5C3CEC4B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-21] (Microsoft Corporation)

Task: {901F6140-3B3C-48BE-BE18-809E09446CCA} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)

Task: {9EFD2EEB-8E91-4986-A8F2-BAAE756043E8} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)

Task: {A1806928-5204-420F-94D8-4390119A4658} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => C:\ProgramData\Sony Corporation\VAIO Care\UpdateContacts.exe

Task: {A226E913-2A47-4362-A349-EFFFA5792A3B} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe [2013-09-28] (Sony Corporation)

Task: {AB3F1085-EF63-45DB-A5E8-348B7E6E2857} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)

Task: {B78E69AE-B46C-4F0C-B396-CA3D1FC99691} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-27] (Synaptics Incorporated)

Task: {C16E56E5-B20A-4B67-B8C3-590CFC4D8547} - System32\Tasks\{6648CC50-44D1-43B1-8BE7-860D3610D2F0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/en/abandoninstall?page=tsProgressBar

Task: {CC9C9BA3-0A4D-412E-9711-02ADBA449800} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-01-16] (AVG Technologies CZ, s.r.o.)

Task: {D0686BE4-176F-47F2-B1A1-26848FA9E4E9} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)

Task: {D2BDFCC8-A2A9-45B4-96AB-2A7ECE41DD7B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-18] (Sony Corporation)

Task: {D5DE55C0-234E-45D9-9307-0CC90B346B85} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe

Task: {DA446F9E-8A05-47FE-9B15-0C243127AFC0} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

ShortcutWithArgument: C:\Users\Neville\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-gpu"

ShortcutWithArgument: C:\Users\Neville\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bd11788ef691d780\Adda52.lnk -> C:\Program Files (x86)\Adda52 Poker\poker.exe (Gauss Networks Pvt. Ltd.) -> --user-data-dir="C:\Users\Neville\AppData\Local\Adda52\User Data" --profile-directory=Default --app-id=ghjijcjmdklnkdnoomgfobfmlehphhpp

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-gpu"

==================== Loaded Modules (Whitelisted) ==============

2013-09-05 09:47 - 2013-09-05 09:47 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-21 01:53 - 2010-10-21 01:53 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2017-07-14 06:20 - 2017-07-14 06:20 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2013-10-25 12:05 - 2013-10-25 12:05 - 000049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll

2016-02-19 02:52 - 2016-02-19 02:52 - 001493224 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe

2018-01-06 17:33 - 2018-01-03 14:50 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll

2018-01-06 17:33 - 2018-01-03 14:50 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll

2014-01-06 04:15 - 2011-01-28 10:45 - 000172032 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\LIBPQ.dll

2014-01-06 04:15 - 2009-02-13 00:31 - 000976384 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\libxml2.dll

2014-01-06 04:15 - 2005-07-20 16:18 - 000059904 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\zlib1.dll

2016-11-28 22:09 - 2016-11-28 22:09 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

2018-01-16 03:25 - 2018-01-16 03:25 - 000207272 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll

2018-01-16 03:25 - 2018-01-16 03:25 - 000059136 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll

2018-01-16 03:25 - 2018-01-16 03:25 - 000058624 _____ () C:\Program Files (x86)\AVG\Antivirus\dll_loader.dll

2017-07-12 04:06 - 2017-07-12 04:06 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll

2018-01-16 03:25 - 2018-01-16 03:25 - 000290392 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll

2013-10-27 11:30 - 2013-01-23 14:56 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files (x86)\Intertops Poker:MID [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\10sek.com -> www.10sek.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123simsen.com -> www.123simsen.com

There are 7864 more sites.

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\10sek.com -> www.10sek.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123simsen.com -> www.123simsen.com

There are 7864 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 18:55 - 2013-08-22 18:55 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg

DNS Servers: 8.8.8.8 - 8.8.4.4

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "PrivateTunnel.lnk"

HKLM\...\StartupApproved\Run: => "Bluetooth"

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

HKLM\...\StartupApproved\Run32: => "BCSSync"

HKLM\...\StartupApproved\Run32: => "vProt"

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"

HKLM\...\StartupApproved\Run32: => "Dropbox"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "CloudSystemBooster"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "Google Update"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "CPN Notifier"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "*LABAL*"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "iCloudServices"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "ApplePhotoStreams"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "iCloudDrive"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\StartupApproved\Run: => "CloudSystemBooster"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\StartupApproved\Run: => "Google Update"

HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\StartupApproved\Run: => "CPN Notifier"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F084201A-A7D8-44A9-A765-F0D9584E5EFD}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe

FirewallRules: [{4434A480-C8DA-41E6-A1B3-A739C9A96B69}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe

FirewallRules: [{3ECC34DC-19CA-4393-A2E3-41E2820A2225}] => (Allow) C:\Users\Neville\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{A1D51E74-2948-469A-928F-704EBD4CDFA8}] => (Allow) C:\Users\Neville\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{7A7D3E58-B6F5-4532-A839-204CE20ACE00}] => (Allow) LPort=5432

FirewallRules: [{B3F73D6A-D788-4282-A2C9-7D394868C820}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

FirewallRules: [{DF8C06FD-95DB-4BCE-AD7C-2FBE6CB042BF}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

FirewallRules: [{CE415401-76A6-40E4-8BB2-7FE79BA8AF22}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [TCP Query User{1F93BCB9-CC2D-4BB4-B163-FEC221BBBCAD}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe

FirewallRules: [UDP Query User{B7761E61-F2AC-48BD-A196-07CCE1A1DF3D}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe

FirewallRules: [{94592703-7F49-4685-97C3-1997490A0C8F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{B467D672-A6BD-4AD7-863B-78ACA6FF3408}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{3672522E-52BB-46C8-ADAE-56456380960F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{1D97DD2B-FB72-4C9C-A448-357F636917ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [TCP Query User{39E7E607-6D17-4793-BB76-D03AAAD55F23}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe

FirewallRules: [UDP Query User{646241AB-77E1-467B-AFFF-C2A2908663CB}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe

FirewallRules: [TCP Query User{FCC9C41D-06D4-41C4-B398-B16209969AFA}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe

FirewallRules: [UDP Query User{BF7F3FA2-3AA9-4BB5-AB25-D6D2592458BB}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe

FirewallRules: [TCP Query User{62C78096-5BC7-48E3-BCA8-5EBB53B3D9DB}D:\ezwizard.exe] => (Allow) D:\ezwizard.exe

FirewallRules: [UDP Query User{2468B7C0-AA2E-40A5-BFC9-4C1FD60A1FF5}D:\ezwizard.exe] => (Allow) D:\ezwizard.exe

FirewallRules: [{3ADC594E-A7F8-457F-8DC0-D0F9B3318877}] => (Block) D:\ezwizard.exe

FirewallRules: [{51111525-21CD-4A69-ADD3-4E0E9A4C7BF7}] => (Block) D:\ezwizard.exe

FirewallRules: [{DFD8FEDE-1A30-4E81-A85D-6208F622E0A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{0825714A-D8AD-4144-A3F3-B7D56AC6CE90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{5241025F-F366-4041-9BEE-041CFB78C144}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe

FirewallRules: [{8A7FE851-DC0F-4127-B429-54D67EE3EB65}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe

FirewallRules: [{98321966-74DF-4B11-8692-B02212A3C595}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe

FirewallRules: [{5A36CD8D-BBA5-42D5-8F43-5019AB788A05}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe

FirewallRules: [{0A5F5EE9-A4B6-4AB8-A4F0-07A2252D978E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{24B507A7-4C23-4B31-A79B-B1207D41593F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{4AAFA1F2-FB1D-4766-9FF5-D0013225D7D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{E4232EA6-99E1-494B-80AB-0029BE401EF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{59799577-A542-48F7-AF9C-4CDC525BED29}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{521C03BC-DFF8-4A82-98B6-126F013F76CD}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{13A9C92F-819B-481F-AB35-C3C55B1C98F6}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{453A9FAD-9D52-44F4-B4BD-DDBE14BBAE02}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{DA2E4BE0-4348-41D2-B3CA-927760523F31}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{E4EE3A9B-CB9D-45CC-B354-EE53414EFD57}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{1CF19A98-1235-4A97-A512-8A829CE4493A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{75D3A94A-342E-476F-86F2-A0C54627834A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{7FC05073-F315-403B-8503-8CA69848F3B8}] => (Allow) LPort=5556

FirewallRules: [{173A9B11-8EFB-438C-AF3E-7B11D21A6BB7}] => (Allow) LPort=5558

FirewallRules: [{AE8B1B41-EA4B-457A-AD19-BEEA36D0F8C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{61451A74-7562-4EDA-9FCD-8A2673A1D39E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{7BA3A94F-5C24-49F8-ADC1-E27CA6F1F08E}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{A8A246D6-3BB1-46F7-AD31-123C7F6711DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

30-11-2017 04:39:27 Windows Update

02-12-2017 02:49:39 Broadcom BTW Restore Point

21-12-2017 18:07:32 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (01/19/2018 06:09:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:39:05Z. Error Code: 0x80041318.

Error: (01/19/2018 06:08:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:38:35Z. Error Code: 0x80041318.

Error: (01/19/2018 06:08:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:38:05Z. Error Code: 0x80041318.

Error: (01/19/2018 06:07:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:37:35Z. Error Code: 0x80041318.

Error: (01/19/2018 06:07:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:37:05Z. Error Code: 0x80041318.

Error: (01/19/2018 06:06:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:36:35Z. Error Code: 0x80041318.

Error: (01/19/2018 06:06:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:36:05Z. Error Code: 0x80041318.

Error: (01/19/2018 06:05:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:35:35Z. Error Code: 0x80041318.

Error: (01/19/2018 06:05:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:35:05Z. Error Code: 0x80041318.

Error: (01/19/2018 06:04:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:34:35Z. Error Code: 0x80041318.

System errors:

=============

Error: (01/19/2018 05:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AVG Service service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (01/19/2018 05:57:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.

Error: (01/19/2018 05:57:10 AM) (Source: NETLOGON) (EventID: 3095) (User: )

Description: This computer is configured as a member of a workgroup, not as

a member of a domain. The Netlogon service does not need to run in this

configuration.

Error: (01/19/2018 05:55:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (01/19/2018 05:55:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (01/19/2018 05:55:41 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Adobe Genuine Software Integrity Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Intel® Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

CodeIntegrity:

===================================

Date: 2018-01-19 05:54:55.901

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-19 05:54:54.991

Date: 2018-01-19 05:54:54.005

Date: 2018-01-19 05:54:53.052

Date: 2018-01-19 05:54:52.061

Date: 2018-01-19 05:54:51.101

Date: 2018-01-19 05:54:50.121

Date: 2018-01-19 05:54:49.155

Date: 2018-01-19 05:54:48.242

Date: 2018-01-19 05:54:47.313

==================== Memory info ===========================

Processor: Intel® Core™ i5-3337U CPU @ 1.80GHz

Percentage of memory in use: 29%

Total physical RAM: 8070.8 MB

Available physical RAM: 5656.18 MB

Total Virtual: 10630.8 MB

Available Virtual: 8254.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:665.34 GB) (Free:410.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 698.6 GB) (Disk ID: F4E95A4A)

Partition: GPT.

==================== End of Addition.txt ============================

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

System Idle Process 94.68 0 K 4 K 0

procexp64.exe 2.26 39,452 K 51,596 K 4524 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

chrome.exe 1.11 247,112 K 254,220 K 772 Google Chrome Google Inc. (Verified) Google Inc

Interrupts 0.52 0 K 0 K n/a Hardware Interrupts and DPCs

dwm.exe 0.45 16,092 K 23,216 K 876

System 0.22 120 K 4,016 K 4

csrss.exe 0.20 2,628 K 20,632 K 568

explorer.exe 0.16 46,412 K 89,648 K 1788 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

AVGUI.exe 0.06 20,912 K 37,168 K 2032 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

svchost.exe 0.04 71,408 K 83,776 K 496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

VESMgrSub.exe 0.04 4,332 K 11,908 K 2856

AVGSvc.exe 0.04 99,132 K 40,656 K 1092 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

chrome.exe 0.04 102,892 K 167,792 K 4344 Google Chrome Google Inc. (Verified) Google Inc

AppleMobileDeviceService.exe 0.02 3,100 K 9,968 K 1852 MobileDeviceService Apple Inc. (Verified) Apple Inc.

BCMWLTRY.EXE 0.02 34,212 K 31,724 K 2896

chrome.exe 0.02 74,044 K 78,860 K 2644 Google Chrome Google Inc. (Verified) Google Inc

LMS.exe 0.02 1,396 K 4,544 K 5932 Local Manageability Service Intel Corporation (Verified) Intel Corporation

aswidsagenta.exe 0.02 15,932 K 31,888 K 4492 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

flux.exe 0.02 11,592 K 21,204 K 4908 f.lux f.lux Software LLC (Verified) F.lux Software LLC

WLTRAY.EXE 0.01 35,284 K 36,716 K 4748 Broadcom 802.11 Network Adapter Wireless Network Tray Applet Broadcom Corporation (No signature was present in the subject) Broadcom Corporation

chrome.exe < 0.01 52,912 K 64,492 K 2328 Google Chrome Google Inc. (Verified) Google Inc

AGSService.exe < 0.01 2,392 K 8,132 K 1796 Adobe Genuine Software Integrity Service Adobe Systems, Incorporated (Verified) Adobe Systems Incorporated

svchost.exe < 0.01 4,328 K 7,932 K 780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe < 0.01 29,004 K 42,672 K 952 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe < 0.01 18,832 K 24,944 K 1392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

csrss.exe < 0.01 2,048 K 4,240 K 516

SearchIndexer.exe < 0.01 25,220 K 24,732 K 4208 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

postgres.exe < 0.01 4,208 K 7,640 K 2692

mDNSResponder.exe < 0.01 1,428 K 4,884 K 1544 Bonjour Service Apple Inc. (Verified) Apple Inc.

services.exe < 0.01 3,536 K 6,992 K 664

avguix.exe < 0.01 6,392 K 19,660 K 4552 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

postgres.exe < 0.01 4,208 K 7,400 K 2700

conhost.exe < 0.01 772 K 3,008 K 2548

SynTPEnh.exe < 0.01 5,652 K 808 K 1740 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated

lsass.exe < 0.01 4,704 K 12,196 K 672 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher

postgres.exe < 0.01 4,116 K 7,084 K 2716

postgres.exe < 0.01 4,236 K 7,636 K 2708

taskhost.exe < 0.01 9,920 K 12,288 K 5980

WUDFHost.exe 2,600 K 7,616 K 1668

wuauclt.exe 1,792 K 6,672 K 5608 Windows Update Microsoft Corporation (Verified) Microsoft Windows

WmiPrvSE.exe 2,420 K 6,748 K 3068

WmiPrvSE.exe 2,372 K 6,328 K 5644

WLTRYSVC.EXE 632 K 2,848 K 2868

wlanext.exe 1,552 K 5,892 K 1080

winlogon.exe 1,412 K 8,104 K 604

wininit.exe 792 K 3,840 K 576

VUAgent.exe 4,776 K 13,096 K 6088 VUAgent Sony Corporation (Verified) Sony Corporation

vim.exe 3,352 K 640 K 4416

vim.exe 3,484 K 568 K 1748 VAIO Control Center (vim Module) Sony Corporation (Verified) Sony Corporation

VESMgrSub.exe 3,216 K 9,808 K 2832

VESMgr.exe 1,784 K 6,424 K 2684 VAIO Control Center (Service Module) Sony Corporation (Verified) Sony Corporation

VAIOUpdt.exe 2,572 K 1,332 K 5080

UNS.exe 3,588 K 11,216 K 1536 User Notification Service Intel Corporation (Verified) Intel Corporation

TeamViewer_Service.exe 4,972 K 12,968 K 2424 TeamViewer 10 TeamViewer GmbH (Verified) TeamViewer

taskhostex.exe 4,648 K 10,788 K 1636 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows

SynTPHelper.exe 1,036 K 212 K 1752

svchost.exe 3,712 K 9,596 K 3228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,672 K 11,144 K 740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 25,704 K 32,740 K 912 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 10,584 K 19,120 K 980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,920 K 14,440 K 80 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,488 K 12,932 K 1552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,948 K 6,464 K 2404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,332 K 4,704 K 1404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

SUSSoundProxy.exe 2,788 K 6,472 K 3528

sppsvc.exe 2,936 K 9,052 K 6072 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows

spoolsv.exe 4,008 K 11,072 K 1364 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

smss.exe 340 K 1,044 K 372

SkyDrive.exe 8,680 K 14,288 K 4564 OneDrive Sync Engine Microsoft Corporation (Verified) Microsoft Windows

SettingSyncHost.exe 7,744 K 2,688 K 3876 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows

RIconMan.exe 1,644 K 5,784 K 1948 Realtek Card Reader Patch Tool. Realsil Microelectronics Inc. (Verified) Realtek Semiconductor Corp

RAVBg64.exe 5,100 K 9,972 K 4688 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp

procexp.exe 2,640 K 7,396 K 3724 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

PresentationFontCache.exe 25,168 K 16,512 K 3336 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation

postgres.exe 4,472 K 9,860 K 2540

pg_ctl.exe 2,488 K 6,832 K 2288 pg_ctl - starts/stops/restarts the PostgreSQL server PostgreSQL Global Development Group (No signature was present in the subject) PostgreSQL Global Development Group

ovpnagent.exe 1,016 K 4,604 K 2168

NetworkClient.exe 2,500 K 468 K 852 VAIO Control Center (Network Setting Client) Sony Corporation (Verified) Sony Corporation

Jhi_service.exe 1,084 K 4,572 K 2132 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation

IntelMeFWService.exe 1,176 K 3,964 K 5860 Intel® ME Service Intel Corporation (Verified) Intel Corporation

igfxTray.exe 12,676 K 18,152 K 2660 igfxTray Module Intel Corporation (Verified) Intel Corporation - pGFX

igfxHK.exe 5,016 K 10,016 K 2612 igfxHK Module Intel Corporation (Verified) Intel Corporation - pGFX

igfxEM.exe 7,320 K 13,620 K 2460 igfxEM Module Intel Corporation (Verified) Intel Corporation - pGFX

igfxCUIService.exe 1,612 K 6,352 K 400 igfxCUIService Module Intel Corporation (Verified) Intel Corporation - pGFX

HeciServer.exe 1,220 K 5,096 K 2100 Intel® Capability Licensing Service Interface Intel® Corporation (Verified) Intel® Upgrade Service

GoogleCrashHandler64.exe 1,520 K 172 K 5752

GoogleCrashHandler.exe 1,696 K 200 K 6028

dllhost.exe 1,380 K 4,172 K 4508

dllhost.exe 1,476 K 5,644 K 3164

dllhost.exe 2,636 K 7,780 K 5652

dasHost.exe 3,292 K 10,084 K 1564

conhost.exe 640 K 2,764 K 1100

chrome.exe 28,468 K 36,408 K 3904 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 32,120 K 39,676 K 3888 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 32,144 K 31,936 K 4900 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 1,920 K 5,932 K 2464 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 2,104 K 6,588 K 2668 Google Chrome Google Inc. (Verified) Google Inc

btwdins.exe 1,892 K 6,584 K 1688 Bluetooth Support Server Broadcom Corporation. (Verified) Broadcom Corporation

audiodg.exe 7,956 K 10,916 K 5460

armsvc.exe 1,052 K 4,144 K 1580 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems

AdobeARM.exe 3,352 K 392 K 5628 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems

acrotray.exe 2,096 K 6,448 K 2628 AcroTray Adobe Systems Inc. (Verified) Adobe Systems

Image Name PID Services

========================= ======== ============================================

System Idle Process 0 N/A

System 4 N/A

smss.exe 372 N/A

csrss.exe 516 N/A

csrss.exe 568 N/A

wininit.exe 576 N/A

winlogon.exe 604 N/A

services.exe 664 N/A

lsass.exe 672 SamSs

svchost.exe 740 BrokerInfrastructure, DcomLaunch, LSM,

PlugPlay, Power, SystemEventsBroker

svchost.exe 780 RpcEptMapper, RpcSs

dwm.exe 876 N/A

svchost.exe 912 Audiosrv, Dhcp, EventLog,

HomeGroupProvider, lmhosts, Wcmsvc, wscsvc

svchost.exe 952 AeLookupSvc, Appinfo, BITS, Browser, gpsvc,

iphlpsvc, LanmanServer, MMCSS, ProfSvc,

Schedule, SENS, ShellHWDetection, Themes,

Winmgmt, wuauserv

svchost.exe 980 bthserv, EventSystem, fdPHost, FontCache,

netprofm, nsi, WdiServiceHost,

WinHttpAutoProxySvc

igfxCUIService.exe 400 igfxCUIService1.0.0.0

svchost.exe 496 AudioEndpointBuilder,

DeviceAssociationService, hidserv,

NcbService, Netman, PcaSvc, SysMain,

TrkWks, WdiSystemHost, WlanSvc, wudfsvc

svchost.exe 80 CryptSvc, Dnscache, LanmanWorkstation,

NlaSvc

wlanext.exe 1080 N/A

AVGSvc.exe 1092 AVG Antivirus

conhost.exe 1100 N/A

spoolsv.exe 1364 Spooler

svchost.exe 1392 BFE, DPS, MpsSvc, NcdAutoSetup

armsvc.exe 1580 AdobeARMservice

taskhostex.exe 1636 N/A

SynTPEnh.exe 1740 N/A

explorer.exe 1788 N/A

AGSService.exe 1796 AGSService

AppleMobileDeviceService. 1852 Apple Mobile Device Service

NetworkClient.exe 852 N/A

mDNSResponder.exe 1544 Bonjour Service

btwdins.exe 1688 btwdins

svchost.exe 1552 DiagTrack

RIconMan.exe 1948 IconMan_R

dasHost.exe 1564 N/A

HeciServer.exe 2100 Intel® Capability Licensing Service Interf

ace

Jhi_service.exe 2132 jhi_service

ovpnagent.exe 2168 ovpnagent

pg_ctl.exe 2288 postgresql-8.4

svchost.exe 2404 stisvc

TeamViewer_Service.exe 2424 TeamViewer

postgres.exe 2540 N/A

conhost.exe 2548 N/A

VESMgr.exe 2684 VAIO Event Service

postgres.exe 2692 N/A

postgres.exe 2700 N/A

postgres.exe 2708 N/A

postgres.exe 2716 N/A

VESMgrSub.exe 2832 N/A

VESMgrSub.exe 2856 N/A

WLTRYSVC.EXE 2868 wltrysvc

BCMWLTRY.EXE 2896 N/A

dllhost.exe 3164 N/A

svchost.exe 3228 FDResPub, SensrSvc, SSDPSRV, TimeBroker

PresentationFontCache.exe 3336 FontCache3.0.0.0

SUSSoundProxy.exe 3528 N/A

SettingSyncHost.exe 3876 N/A

svchost.exe 1404 PolicyAgent

WUDFHost.exe 1668 N/A

igfxEM.exe 2460 N/A

igfxHK.exe 2612 N/A

igfxTray.exe 2660 N/A

SearchIndexer.exe 4208 WSearch

aswidsagenta.exe 4492 avgbIDSAgent

SkyDrive.exe 4564 N/A

RAVBg64.exe 4688 N/A

WLTRAY.EXE 4748 N/A

VAIOUpdt.exe 5080 N/A

avguix.exe 4552 N/A

flux.exe 4908 N/A

chrome.exe 4344 N/A

chrome.exe 2464 N/A

WmiPrvSE.exe 3068 N/A

chrome.exe 2668 N/A

acrotray.exe 2628 N/A

chrome.exe 2328 N/A

chrome.exe 4900 N/A

chrome.exe 2644 N/A

chrome.exe 3888 N/A

chrome.exe 3904 N/A

AVGUI.exe 2032 N/A

IntelMeFWService.exe 5860 Intel® ME Service

LMS.exe 5932 LMS

GoogleCrashHandler.exe 6028 N/A

sppsvc.exe 6072 sppsvc

UNS.exe 1536 UNS

GoogleCrashHandler64.exe 5752 N/A

chrome.exe 772 N/A

wuauclt.exe 5608 N/A

SynTPHelper.exe 1752 N/A

vim.exe 4416 N/A

vim.exe 1748 N/A

dllhost.exe 5652 N/A

VUAgent.exe 6088 VUAgent

AdobeARM.exe 5628 N/A

audiodg.exe 5460 N/A

procexp.exe 3724 N/A

procexp64.exe 4524 N/A

taskhost.exe 5980 N/A

WmiPrvSE.exe 5644 N/A

SearchProtocolHost.exe 3208 N/A

SearchFilterHost.exe 5544 N/A

taskeng.exe 1320 N/A

chrome.exe 5872 N/A

cmd.exe 5260 N/A

conhost.exe 3552 N/A

tasklist.exe 2784 N/A

Attached Files

VAIO.txt 314.53KB 437 downloads

#4
RKinner

Posted 18 January 2018 - 11:19 PM

Malware Expert

Expert
24,624 posts

Error: (01/19/2018 05:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AVG Service service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (01/19/2018 05:57:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.

Reinstall AVG

Error: (01/19/2018 06:06:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:36:35Z. Error Code: 0x80041318.

See if you can follow the instructions here:

https://answers.micr...57-a98fe92a2746

Error: (01/19/2018 05:57:10 AM) (Source: NETLOGON) (EventID: 3095) (User: )

Description: This computer is configured as a member of a workgroup, not as

a member of a domain. The Netlogon service does not need to run in this

configuration.

Search for services.msc and hit Enter.

This should bring up the Services window. Scroll down to Netlogon and right click and select Properties. Change Startup Type: to Disabled.

Error: (01/19/2018 05:55:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

See if you can find a newer version of

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)

Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)

on your PC maker's support site oer uninstall then reinstall the current version.

Date: 2018-01-19 05:54:55.901
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Open an elevated command prompt:

http://www.eightforu...indows-8-a.html

If you open an elevated command prompt it will by default open in c:\Windows\system32

Once you have an elevated command prompt:

Type:

DISM  /Online  /Cleanup-Image  /RestoreHealth

(I use two spaces so you can be sure to see where one space goes.)
Hit Enter. This will take a while (10-20 minutes) to complete. Once the prompt returns:

Reboot. Open an elevated Command Prompt again and type (with an Enter after the line):

sfc  /scannow

This will also take a few minutes.

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt

Hit Enter. Then type::

notepad %UserProfile%\desktop\junk.txt

Hit Enter.

Copy the text from notepad and paste it into a reply.

After you finish SFC, regardless of the result:

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

#5
geekyandhow

Posted 19 January 2018 - 09:33 AM

Member

Topic Starter
Member
74 posts

I have a Sony Vaio laptop but not sure which drivers are the latest and which one to install. Could you help me out?

Vino's Event Viewer v01c run on Windows 7 in English

Report run at 19/01/2018 8:59:47 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 18/01/2018 5:55:12 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 18/01/2018 5:55:12 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 07/01/2018 8:37:22 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 07/01/2018 8:37:22 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 07/01/2018 7:23:41 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 07/01/2018 7:23:41 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 06/01/2018 9:04:16 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 06/01/2018 9:04:16 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 06/01/2018 2:06:35 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 06/01/2018 2:06:35 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/12/2017 10:19:51 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 29/12/2017 10:19:51 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 21/12/2017 10:12:54 AM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 21/12/2017 10:12:53 AM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 07/12/2017 5:05:00 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 07/12/2017 5:05:00 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 30/11/2017 12:26:33 AM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 28/11/2017 1:57:10 AM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 28/11/2017 1:57:10 AM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/11/2017 3:57:44 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 19/01/2018 2:49:47 PM

Type: Error Category: 1

Event: 20 Source: Microsoft-Windows-WindowsUpdateClient

Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender Antivirus - KB2267602 (Definition 1.261.44.0).

Log: 'System' Date/Time: 19/01/2018 1:40:45 PM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 19/01/2018 1:40:45 PM

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Log: 'System' Date/Time: 19/01/2018 11:43:43 AM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The AVG Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 19/01/2018 11:43:43 AM

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.

Log: 'System' Date/Time: 19/01/2018 11:32:28 AM

Type: Error Category: 1

Event: 20 Source: Microsoft-Windows-WindowsUpdateClient

Installation Failure: Windows failed to install the following update with error 0x8007045B: 2018-01 Security Update for Adobe Flash Player for Windows 8.1 for x64-based Systems (KB4056887).

Log: 'System' Date/Time: 19/01/2018 12:27:28 AM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The AVG Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 19/01/2018 12:27:28 AM

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.

Log: 'System' Date/Time: 19/01/2018 12:27:10 AM

Type: Error Category: 0

Event: 3095 Source: NETLOGON

This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.

Log: 'System' Date/Time: 19/01/2018 12:25:45 AM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 19/01/2018 12:25:45 AM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 19/01/2018 12:25:41 AM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Adobe Genuine Software Integrity Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7031 Source: Service Control Manager

The Intel® Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Broadcom Wireless LAN Tray Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The vToolbarUpdater40.3.8 service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7031 Source: Service Control Manager

The VAIO Event Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 3000 milliseconds: Restart the service.

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The postgresql-8.4 - PostgreSQL Server 8.4 service terminated unexpectedly. It has done this 1 time(s).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 19/01/2018 1:39:18 PM

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.

Log: 'System' Date/Time: 19/01/2018 1:38:41 PM

Type: Warning Category: 212

Event: 219 Source: Microsoft-Windows-Kernel-PnP

The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.

Log: 'System' Date/Time: 19/01/2018 1:38:32 PM

Type: Warning Category: 0

Event: 98 Source: Microsoft-Windows-Ntfs

Volume C: (\Device\HarddiskVolume5) requires an Online Scan. An Online Scan will automatically run as part of the next scheduled maintenance task. Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.

Log: 'System' Date/Time: 19/01/2018 1:38:04 PM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 19/01/2018 11:42:45 AM

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Log: 'System' Date/Time: 19/01/2018 11:42:03 AM

Type: Warning Category: 212

Event: 219 Source: Microsoft-Windows-Kernel-PnP

The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.

Log: 'System' Date/Time: 19/01/2018 11:37:28 AM

Type: Warning Category: 0

Event: 98 Source: Microsoft-Windows-Ntfs

Log: 'System' Date/Time: 19/01/2018 11:36:55 AM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 19/01/2018 11:17:26 AM

Type: Warning Category: 0

Event: 98 Source: Microsoft-Windows-Ntfs

Volume ?? (\Device\HarddiskVolumeShadowCopy4) requires an Online Scan. An Online Scan will automatically run as part of the next scheduled maintenance task. Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.

Log: 'System' Date/Time: 19/01/2018 12:26:41 AM

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Log: 'System' Date/Time: 19/01/2018 12:26:22 AM

Type: Warning Category: 212

Event: 219 Source: Microsoft-Windows-Kernel-PnP

The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.

Log: 'System' Date/Time: 19/01/2018 12:26:12 AM

Type: Warning Category: 0

Event: 98 Source: Microsoft-Windows-Ntfs

Log: 'System' Date/Time: 18/01/2018 6:45:07 PM

Type: Warning Category: 1014

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name mtnlmumbai.in timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/01/2018 5:55:38 PM

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Log: 'System' Date/Time: 18/01/2018 5:55:12 PM

Type: Warning Category: 212

Event: 219 Source: Microsoft-Windows-Kernel-PnP

The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.

Log: 'System' Date/Time: 18/01/2018 5:55:08 PM

Type: Warning Category: 0

Event: 98 Source: Microsoft-Windows-Ntfs

Log: 'System' Date/Time: 16/01/2018 7:07:02 PM

Type: Warning Category: 1014

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name ssl.google-analytics.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 16/01/2018 6:36:05 PM

Type: Warning Category: 1014

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name tvpapi-as.ott.kaltura.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 16/01/2018 6:36:03 PM

Type: Warning Category: 1014

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name ssl.google-analytics.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 16/01/2018 12:34:32 AM

Type: Warning Category: 1014

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name forumserver.twoplustwo.com timed out after none of the configured DNS servers responded.

Vino's Event Viewer v01c run on Windows 7 in English

Report run at 19/01/2018 9:00:20 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 19/01/2018 3:30:20 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:30:20Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:29:50 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:29:50Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:29:20 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:29:20Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:28:50 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:28:50Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:28:20 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:28:20Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:27:50 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:27:50Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:27:20 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:27:20Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:26:50 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:26:50Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:26:20 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:26:20Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:25:50 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:25:50Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:25:20 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:25:20Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:24:50 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:24:50Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:24:20 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:24:20Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:23:50 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:23:50Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:23:20 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:23:20Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:22:50 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:22:50Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:22:20 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:22:20Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:21:50 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:21:50Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:21:20 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:21:20Z. Error Code: 0x80041318.

Log: 'Application' Date/Time: 19/01/2018 3:20:50 PM

Type: Error Category: 0

Event: 16385 Source: Microsoft-Windows-Security-SPP

Failed to schedule Software Protection service for re-start at 2117-12-26T15:20:50Z. Error Code: 0x80041318.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 19/01/2018 11:44:18 AM

Type: Warning Category: 0

Event: 6006 Source: Microsoft-Windows-Winlogon

The winlogon notification subscriber <TrustedInstaller> took 63 second(s) to handle the notification event (CreateSession).

Log: 'Application' Date/Time: 19/01/2018 11:44:15 AM

Type: Warning Category: 0

Event: 6005 Source: Microsoft-Windows-Winlogon

The winlogon notification subscriber <TrustedInstaller> is taking long time to handle the notification event (CreateSession).

Log: 'Application' Date/Time: 18/01/2018 3:27:30 PM

Type: Warning Category: 7

Event: 508 Source: ESENT

SearchIndexer (2380) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log" at offset 495616 (0x0000000000079000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (17 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 18/01/2018 3:26:44 PM

Type: Warning Category: 1

Event: 533 Source: ESENT

SearchIndexer (2380) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log" at offset 495616 (0x0000000000079000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 06/01/2018 2:11:01 PM

Type: Warning Category: 18

Event: 4627 Source: Microsoft-Windows-EventSystem

The COM+ Event System timed out attempting to fire the PostShell method on event class {D5978650-5B9F-11D1-8DD2-00AA004ABD5E} for publisher and subscriber . The subscriber failed to respond within 180 seconds. The display name of the subscription is "SENS Logon2 Subscription". The HRESULT was 80010002.

Log: 'Application' Date/Time: 21/12/2017 12:43:53 PM

Type: Warning Category: 0

Event: 8303 Source: Microsoft-Windows-System-Restore

Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 with error 0x81000207.

Log: 'Application' Date/Time: 21/12/2017 12:32:28 PM

Type: Warning Category: 7

Event: 906 Source: ESENT

taskhost (6328) A significant portion of the database buffer cache has been written out to the system paging file. This may result in severe performance degradation. See help link for complete details of possible causes. Previous cache residency state: 100% (3871 out of 3871 buffers) (3842 seconds ago) Current cache residency state: 4% (202 out of 4057 buffers)

Log: 'Application' Date/Time: 21/12/2017 10:16:49 AM

Type: Warning Category: 18

Event: 4627 Source: Microsoft-Windows-EventSystem

#6
RKinner

Posted 19 January 2018 - 11:31 AM

Malware Expert

Expert
24,624 posts

Log: 'System' Date/Time: 19/01/2018 11:17:26 AM

Type: Warning Category: 0

Event: 98 Source: Microsoft-Windows-Ntfs

Volume ?? (\Device\HarddiskVolumeShadowCopy4) requires an Online Scan. An Online Scan will automatically run as part of the next scheduled maintenance task. Alternatively you may run "CHKDSK /SCAN" locally via the command line, or run "REPAIR-VOLUME <drive:> -SCAN" locally or remotely via PowerShell.

Follow the instructions here:

http://www.thewindow...cking-windows-8

Start where it says:

If you wish to nevertheless manually run a scan, you can do so.

#7
geekyandhow

Posted 20 January 2018 - 09:07 AM

Member

Topic Starter
Member
74 posts

^ Did that, it scanned and said "Your drive was successfully repaired". Didn't restart though, and no log.

Can you also please help me find the right drivers for the broadcom stuff? I have a Sony Vaio E series laptop. Their site has hundreds of drivers.

Edited by geekyandhow, 20 January 2018 - 09:08 AM.

#8
RKinner

Posted 20 January 2018 - 09:40 AM

Malware Expert

Expert
24,624 posts

Copy the next line:

for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"

Open an elevated command prompt:

Win 8: http://www.eightforu...indows-8-a.html
(Make sure the prompt says C:\Windows\System32 > or it's not an elevated command prompt.)

Right click and Paste or Edit then Paste. Hit Enter. You should get a few errors. These can be ignored. Once the prompt returns

Reboot.

Run VEW again as before and post both logs.

I need the model number which should be on a label on the bottom of your laptop.

#9
geekyandhow

Posted 20 January 2018 - 10:43 AM

Member

Topic Starter
Member
74 posts

Vino's Event Viewer v01c run on Windows 7 in English

Report run at 20/01/2018 10:07:50 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 18/01/2018 5:55:12 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 18/01/2018 5:55:12 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 07/01/2018 8:37:22 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 07/01/2018 8:37:22 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 07/01/2018 7:23:41 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 07/01/2018 7:23:41 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 06/01/2018 9:04:16 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 06/01/2018 9:04:16 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 06/01/2018 2:06:35 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 06/01/2018 2:06:35 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/12/2017 10:19:51 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 29/12/2017 10:19:51 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 21/12/2017 10:12:54 AM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 21/12/2017 10:12:53 AM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 07/12/2017 5:05:00 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 07/12/2017 5:05:00 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 30/11/2017 12:26:33 AM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 28/11/2017 1:57:10 AM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 28/11/2017 1:57:10 AM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/11/2017 3:57:44 PM

Type: Critical Category: 173

Event: 142 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 20/01/2018 4:34:59 PM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 20/01/2018 4:34:59 PM

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Log: 'System' Date/Time: 20/01/2018 4:34:22 PM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 20/01/2018 4:34:22 PM

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Log: 'System' Date/Time: 20/01/2018 4:12:29 PM

Type: Error Category: 0

Event: 7011 Source: Service Control Manager

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache3.0.0.0 service.

Log: 'System' Date/Time: 19/01/2018 2:49:47 PM

Type: Error Category: 1

Event: 20 Source: Microsoft-Windows-WindowsUpdateClient

Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender Antivirus - KB2267602 (Definition 1.261.44.0).

Log: 'System' Date/Time: 19/01/2018 1:40:45 PM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 19/01/2018 1:40:45 PM

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Log: 'System' Date/Time: 19/01/2018 11:43:43 AM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The AVG Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 19/01/2018 11:43:43 AM

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.

Log: 'System' Date/Time: 19/01/2018 11:32:28 AM

Type: Error Category: 1

Event: 20 Source: Microsoft-Windows-WindowsUpdateClient

Installation Failure: Windows failed to install the following update with error 0x8007045B: 2018-01 Security Update for Adobe Flash Player for Windows 8.1 for x64-based Systems (KB4056887).

Log: 'System' Date/Time: 19/01/2018 12:27:28 AM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The AVG Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 19/01/2018 12:27:28 AM

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.

Log: 'System' Date/Time: 19/01/2018 12:27:10 AM

Type: Error Category: 0

Event: 3095 Source: NETLOGON

This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.

Log: 'System' Date/Time: 19/01/2018 12:25:45 AM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 19/01/2018 12:25:45 AM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 19/01/2018 12:25:41 AM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Adobe Genuine Software Integrity Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 19/01/2018 12:25:06 AM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 20/01/2018 4:32:48 PM

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Log: 'System' Date/Time: 20/01/2018 4:32:24 PM

Type: Warning Category: 212

Event: 219 Source: Microsoft-Windows-Kernel-PnP

The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.

Log: 'System' Date/Time: 20/01/2018 4:12:12 PM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 20/01/2018 2:52:23 PM

Type: Warning Category: 0

Event: 130 Source: Ntfs

The file system structure on volume C: has now been repaired.

Log: 'System' Date/Time: 20/01/2018 2:50:04 PM

Type: Warning Category: 0

Event: 130 Source: Ntfs

The file system structure on volume C: has now been repaired.

Log: 'System' Date/Time: 20/01/2018 6:10:35 AM

Type: Warning Category: 1014

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name fallback.nos-avg.cz timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 19/01/2018 1:39:18 PM

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Log: 'System' Date/Time: 19/01/2018 1:38:41 PM

Type: Warning Category: 212

Event: 219 Source: Microsoft-Windows-Kernel-PnP

The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.

Log: 'System' Date/Time: 19/01/2018 1:38:32 PM

Type: Warning Category: 0

Event: 98 Source: Microsoft-Windows-Ntfs

Log: 'System' Date/Time: 19/01/2018 1:38:04 PM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 19/01/2018 11:42:45 AM

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Log: 'System' Date/Time: 19/01/2018 11:42:03 AM

Type: Warning Category: 212

Event: 219 Source: Microsoft-Windows-Kernel-PnP

The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.

Log: 'System' Date/Time: 19/01/2018 11:37:28 AM

Type: Warning Category: 0

Event: 98 Source: Microsoft-Windows-Ntfs

Log: 'System' Date/Time: 19/01/2018 11:36:55 AM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 19/01/2018 11:17:26 AM

Type: Warning Category: 0

Event: 98 Source: Microsoft-Windows-Ntfs

Log: 'System' Date/Time: 19/01/2018 12:26:41 AM

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Log: 'System' Date/Time: 19/01/2018 12:26:22 AM

Type: Warning Category: 212

Event: 219 Source: Microsoft-Windows-Kernel-PnP

The driver \Driver\WUDFRd failed to load for the device ACPI\SKTD000\4&cbd6309&0.

Log: 'System' Date/Time: 19/01/2018 12:26:12 AM

Type: Warning Category: 0

Event: 98 Source: Microsoft-Windows-Ntfs

Log: 'System' Date/Time: 18/01/2018 6:45:07 PM

Type: Warning Category: 1014

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name mtnlmumbai.in timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/01/2018 5:55:38 PM

Type: Warning Category: 0

Event: 11 Source: Microsoft-Windows-Wininit

Vino's Event Viewer v01c run on Windows 7 in English

Report run at 20/01/2018 10:12:06 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 20/01/2018 4:40:42 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 20/01/2018 4:40:42 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:40:36 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:40:36 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:40:36 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:40:36 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:40:36 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:40:32 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:40:29 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:40:27 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:40:27 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:34:32 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:34:32 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:33:54 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:33:54 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:33:54 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:33:54 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:33:54 PM

Type: Error Category: 5973

Event: 5973 Source: Microsoft-Windows-Immersive-Shell

Log: 'Application' Date/Time: 20/01/2018 4:33:42 PM

Type: Error Category: 0

Event: 0 Source: PostgreSQL

2018-01-20 22:03:42 ISTFATAL: the database system is starting up

Log: 'Application' Date/Time: 20/01/2018 4:33:41 PM

Type: Error Category: 0

Event: 0 Source: PostgreSQL

2018-01-20 22:03:41 ISTFATAL: the database system is starting up

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 19/01/2018 11:44:18 AM

Type: Warning Category: 0

Event: 6006 Source: Microsoft-Windows-Winlogon

The winlogon notification subscriber <TrustedInstaller> took 63 second(s) to handle the notification event (CreateSession).

Log: 'Application' Date/Time: 19/01/2018 11:44:15 AM

Type: Warning Category: 0

Event: 6005 Source: Microsoft-Windows-Winlogon

The winlogon notification subscriber <TrustedInstaller> is taking long time to handle the notification event (CreateSession).

Log: 'Application' Date/Time: 18/01/2018 3:27:30 PM

Type: Warning Category: 7

Event: 508 Source: ESENT

Log: 'Application' Date/Time: 18/01/2018 3:26:44 PM

Type: Warning Category: 1

Event: 533 Source: ESENT

SearchIndexer (2380) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log" at offset 495616 (0x0000000000079000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 06/01/2018 2:11:01 PM

Type: Warning Category: 18

Event: 4627 Source: Microsoft-Windows-EventSystem

Log: 'Application' Date/Time: 21/12/2017 12:43:53 PM

Type: Warning Category: 0

Event: 8303 Source: Microsoft-Windows-System-Restore

Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 with error 0x81000207.

Log: 'Application' Date/Time: 21/12/2017 12:32:28 PM

Type: Warning Category: 7

Event: 906 Source: ESENT

Log: 'Application' Date/Time: 21/12/2017 10:16:49 AM

Type: Warning Category: 18

Event: 4627 Source: Microsoft-Windows-EventSystem

#10
RKinner

Posted 20 January 2018 - 04:37 PM

Malware Expert

Expert
24,624 posts

Is it running any better now that the disk check has completed?

Do you have the PC's part number from the label on the bottom?

#11
geekyandhow

Posted 27 January 2018 - 09:49 AM

Member

Topic Starter
Member
74 posts

Sorry for the late reply, I was very occupied. PC seems okay. I'm attaching the back label in this reply since I'm not able to find the "part number".

Thanks much!