AutoRuns had three yellows that I unchecked. There were four pink lines total, but I don't know what pink means and I left them alone.
VEW Log:
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 10/04/2014 3:59:09 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 10/04/2014 4:05:00 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{7a675af5-28ea-11e2-9cb8-8000600fe800}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 10/04/2014 3:05:30 PM
Type: Warning Category: 1
Event: 1008 Source: Microsoft-Windows-Search
The Windows Search Service is starting up and attempting to remove the old search index {Reason: Index Corruption}.
Log: 'Application' Date/Time: 10/04/2014 3:05:23 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=E44}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.2.22610 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: ICELAND Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 10/04/2014 3:05:15 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=E44}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 10/04/2014 3:03:25 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 10/04/2014 3:03:24 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 10/04/2014 2:58:14 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 10/04/2014 8:00:22 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{7a675af5-28ea-11e2-9cb8-8000600fe800}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 10/04/2014 5:00:03 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{7a675af5-28ea-11e2-9cb8-8000600fe800}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 10/04/2014 3:14:58 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{7a675af5-28ea-11e2-9cb8-8000600fe800}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 10/04/2014 2:30:53 AM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=DDC}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.2.22610 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: ICELAND Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 10/04/2014 2:30:44 AM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=DDC}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 10/04/2014 2:29:02 AM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 10/04/2014 2:29:02 AM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 10/04/2014 2:26:52 AM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Log: 'Application' Date/Time: 09/04/2014 8:17:40 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{7a675af5-28ea-11e2-9cb8-8000600fe800}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 09/04/2014 6:33:48 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=AD8}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.2.22610 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: ICELAND Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 09/04/2014 6:33:40 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=AD8}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 09/04/2014 6:31:00 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-387024861-1857405023-142887614-1000:
Process 684 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-387024861-1857405023-142887614-1000
Log: 'Application' Date/Time: 09/04/2014 6:01:04 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{7a675af5-28ea-11e2-9cb8-8000600fe800}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/04/2014 8:09:21 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ping.avast.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 10/04/2014 2:29:04 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/04/2014 6:31:40 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/04/2014 6:31:39 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 09/04/2014 2:04:45 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device USB\VID_05AC&PID_129C\199d4bce9ce85bffc58c45a151624ed40640aac9.
Log: 'System' Date/Time: 09/04/2014 1:42:32 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device USB\VID_05AC&PID_129C\199d4bce9ce85bffc58c45a151624ed40640aac9.
Log: 'System' Date/Time: 09/04/2014 1:41:34 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 09/04/2014 1:41:34 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 09/04/2014 1:30:53 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device USB\VID_05AC&PID_129C\199d4bce9ce85bffc58c45a151624ed40640aac9.
Log: 'System' Date/Time: 08/04/2014 10:12:37 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 08/04/2014 10:12:37 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 08/04/2014 7:43:42 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 08/04/2014 7:43:42 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
BlueScreenView came up with nothing.