[RESOLVED] system host error
Results 1 to 6 of 6

Thread: [RESOLVED] system host error

  1. #1
    Join Date
    Aug 2010
    Location
    India,Chennai
    Posts
    283

    Resolved [RESOLVED] system host error

    My table top " intel core i, O/S windows 8.1 pro.
    Protected by windows Defender Free version.
    since today , i am getting ' windows Script Host " Error Popup while starting.
    Pl advise a soln.

  2. #2
    Join Date
    Aug 2010
    Location
    India,Chennai
    Posts
    283
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.12.2018 01
    Ran by my pc (administrator) on RANGA (29-12-2018 16:40:08)
    Running from C:\Users\my pc\Downloads
    Loaded Profiles: my pc (Available Profiles: my pc)
    Platform: Windows 8.1 Pro (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
    (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
    (FreeConferenceCall) C:\Users\my pc\AppData\Local\FCC\FCC EN.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    "Path" (C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> %SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\) <==== Repaired successfully
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-21] (Realtek Semiconductor)
    HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
    HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\System32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-2010342076-676048620-2654598280-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [54788456 2018-12-11] (Skype Technologies S.A.)
    HKU\S-1-5-21-2010342076-676048620-2654598280-1001\...\Run: [CCAVInstaller] => wscript.exe "C:\Users\my pc\AppData\Local\Temp\CCAVInstaller.vbs" <==== ATTENTION
    HKU\S-1-5-21-2010342076-676048620-2654598280-1001\...\MountPoints2: {ca920bc9-33c1-11e8-8b8f-78e3b5ab55d6} - "E:\Lenovo_Suite.exe"
    HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
    HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
    Startup: C:\Users\my pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2016-09-14]
    ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 202.56.215.54 59.144.144.100
    Tcpip\..\Interfaces\{67CFFC19-0A2E-4829-BD2B-D694FB23E661}: [DhcpNameServer] 202.56.215.54 59.144.144.100
    Tcpip\..\Interfaces\{8249B71D-B392-47D0-AE85-E29481D9A5F4}: [DhcpNameServer] 192.168.8.1 192.168.8.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-2010342076-676048620-2654598280-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.in/?gfe_rd=cr&ei=bmy6WOvfH8iL8QeG45LoAQ&gws_rd=ssl
    HKU\S-1-5-21-2010342076-676048620-2654598280-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-in/?ocid=iehp
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-26] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-26] (Oracle Corporation)

    FireFox:
    ========
    FF HKLM-x32\...\Firefox\Extensions: [k7srff_enUS@k7computing.com] - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SR\K7WebProtection.xpi => not found
    FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-26] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-26] (Oracle Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2010342076-676048620-2654598280-1001: @freeconferencecall.com/launcher -> C:\Users\my pc\AppData\Local\FCCPlugins\npfcclauncher.dll [2017-05-04] (FreeConferenceCall)

    Chrome:
    =======
    CHR Profile: C:\Users\my pc\AppData\Local\Google\Chrome\User Data\Default [2018-12-29]
    CHR Extension: (Docs) - C:\Users\my pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-11]
    CHR Extension: (Google Drive) - C:\Users\my pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-11]
    CHR Extension: (YouTube) - C:\Users\my pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-11]
    CHR Extension: (Adobe Acrobat) - C:\Users\my pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-11]
    CHR Extension: (Google Docs Offline) - C:\Users\my pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\my pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
    CHR Extension: (Gmail) - C:\Users\my pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-11]
    CHR Extension: (Chrome Media Router) - C:\Users\my pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-19]
    CHR HKU\S-1-5-21-2010342076-676048620-2654598280-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2010342076-676048620-2654598280-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
    S2 AnyDesk; "C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --service [X]
    S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
    S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
    S2 tvnserver; "C:\Program Files (x86)\ShowMyPCService\tvnserver.exe" -service [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 RTL8023x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [51712 2013-06-18] (Realtek Semiconductor Corporation )
    S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
    R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
    R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-12-29 16:40 - 2018-12-29 16:40 - 000010369 _____ C:\Users\my pc\Downloads\FRST.txt
    2018-12-29 16:39 - 2018-12-29 16:40 - 000000000 ____D C:\FRST
    2018-12-29 16:35 - 2018-12-29 16:36 - 002423296 _____ (Farbar) C:\Users\my pc\Downloads\FRST64.exe
    2018-12-29 14:52 - 2018-12-29 14:52 - 000000000 ____D C:\Users\my pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FCC
    2018-12-29 13:34 - 2018-12-29 13:34 - 000000000 ____D C:\Program Files (x86)\AVAST Software
    2018-12-29 13:26 - 2018-12-29 13:26 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
    2018-12-29 13:25 - 2018-12-29 13:25 - 001142072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
    2018-12-29 13:25 - 2018-12-29 13:25 - 001001272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
    2018-12-29 13:25 - 2018-12-29 13:25 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
    2018-12-29 13:22 - 2018-12-29 14:28 - 000000000 ____D C:\ProgramData\AVAST Software
    2018-12-29 13:21 - 2018-12-29 13:21 - 007481664 _____ (AVAST Software) C:\Users\my pc\Downloads\avast_free_antivirus_setup_online.exe
    2018-12-28 11:41 - 2018-12-28 11:41 - 000010970 _____ C:\Users\my pc\Downloads\CCB_20181227_1573463_.HTM.zip
    2018-12-27 16:13 - 2018-12-27 16:13 - 000000000 ___HT C:\Windows\wusa.lock
    2018-12-27 16:13 - 2018-12-27 16:13 - 000000000 ____D C:\8da50dc63559b2337424ebc4da43
    2018-12-26 08:07 - 2018-12-26 08:07 - 000009288 _____ C:\Users\my pc\Downloads\CCB_20181224_1573463_.HTM.zip
    2018-12-22 16:20 - 2018-12-22 16:20 - 000442537 _____ C:\Users\my pc\Desktop\DontKnowCandlesticks_620096.pdf
    2018-12-21 12:24 - 2018-12-21 12:24 - 000000000 ____D C:\871c2f15b707fba897c704210d067aee
    2018-12-14 08:56 - 2018-12-14 08:56 - 000012288 _____ C:\Users\my pc\Downloads\CCB_20181213_1573463_.HTM.zip
    2018-12-13 08:38 - 2018-12-13 08:38 - 000010522 _____ C:\Users\my pc\Downloads\CCB_20181212_1573463_.HTM.zip
    2018-12-12 20:09 - 2018-12-12 20:09 - 000010532 _____ C:\Users\my pc\Downloads\CCB_20181211_1573463_.HTM.zip
    2018-12-11 19:00 - 2018-12-11 19:00 - 000000000 ____D C:\69a274c2ce8d3207f203
    2018-12-05 16:05 - 2018-12-05 16:05 - 000000000 ____D C:\f3f4fb3aab17b318fa4e79bd
    2018-12-02 12:32 - 2018-12-02 12:32 - 000000000 ____D C:\eccb89c7b21021cd836fbadafc

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-12-29 15:05 - 2015-09-13 02:15 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2010342076-676048620-2654598280-1001
    2018-12-29 14:52 - 2018-01-07 20:01 - 000000000 ____D C:\Users\my pc\.fcc
    2018-12-29 14:37 - 2013-08-22 20:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2018-12-29 14:37 - 2013-08-22 18:55 - 000262144 ___SH C:\Windows\system32\config\BBI
    2018-12-29 14:25 - 2017-12-08 17:46 - 000000000 ____D C:\Users\my pc\AppData\Local\CrashDumps
    2018-12-29 14:09 - 2017-07-17 15:43 - 000001150 _____ C:\Users\Public\Desktop\WinRAR.lnk
    2018-12-29 14:09 - 2015-10-30 12:10 - 000000000 ____D C:\Users\my pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2018-12-29 14:09 - 2015-10-30 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2018-12-29 14:09 - 2015-10-30 12:09 - 000000000 ____D C:\Program Files (x86)\WinRAR
    2018-12-29 14:08 - 2015-10-29 14:58 - 000001082 _____ C:\Users\Public\Desktop\VLC media player.lnk
    2018-12-29 13:46 - 2013-08-22 19:06 - 000000000 ____D C:\Windows\Inf
    2018-12-28 11:07 - 2015-11-21 18:29 - 000000000 ____D C:\Users\my pc\AppData\Local\ElevatedDiagnostics
    2018-12-28 09:31 - 2013-08-22 21:06 - 000000000 ____D C:\Windows\AppReadiness
    2018-12-25 20:13 - 2015-09-13 02:09 - 000000000 ____D C:\Users\my pc
    2018-12-19 08:50 - 2018-01-11 19:15 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2018-12-19 08:50 - 2018-01-11 19:15 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2018-12-18 19:23 - 2018-01-11 19:16 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-12-18 19:23 - 2018-01-11 19:16 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2018-12-14 08:54 - 2018-05-05 17:53 - 000001322 _____ C:\Users\Public\Desktop\Skype.lnk
    2018-12-14 08:54 - 2018-05-05 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2018-12-12 15:16 - 2015-10-29 14:58 - 000000000 ____D C:\Users\my pc\AppData\Roaming\vlc
    2018-12-11 03:34 - 2016-06-30 09:30 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2018-12-06 16:21 - 2018-01-11 19:32 - 000004468 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
    2018-12-06 16:21 - 2018-01-11 19:32 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2018-12-06 16:21 - 2013-08-22 21:06 - 000000000 ____D C:\Windows\SysWOW64\Macromed
    2018-12-06 16:21 - 2013-08-22 21:06 - 000000000 ____D C:\Windows\system32\Macromed

    ==================== Files in the root of some directories =======

    2016-10-11 19:02 - 2016-10-11 19:02 - 000007609 _____ () C:\Users\my pc\AppData\Local\Resmon.ResmonCfg
    2016-10-06 20:13 - 2016-10-06 20:13 - 000000000 _____ () C:\Users\my pc\AppData\Local\{F2E70E13-5AC6-4D9F-9E10-3CD44B0850E1}

    Some files in TEMP:
    ====================
    2018-12-28 16:56 - 2018-12-28 16:56 - 010518976 _____ (COMODO) C:\Users\my pc\AppData\Local\Temp\ccav_installer_chid33220010.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-12-25 08:47

    ==================== End of FRST.txt ============================

  3. #3
    Join Date
    Aug 2010
    Location
    India,Chennai
    Posts
    283
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.12.2018 01
    Ran by my pc (29-12-2018 16:41:16)
    Running from C:\Users\my pc\Downloads
    Windows 8.1 Pro (X64) (2015-09-12 20:39:30)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2010342076-676048620-2654598280-500 - Administrator - Disabled)
    Guest (S-1-5-21-2010342076-676048620-2654598280-501 - Limited - Disabled)
    my pc (S-1-5-21-2010342076-676048620-2654598280-1001 - Administrator - Enabled) => C:\Users\my pc

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
    Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
    CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
    erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
    FCC (HKU\S-1-5-21-2010342076-676048620-2654598280-1001\...\FCC) (Version: 2.6.16279.1001 - FreeConferenceCall LLC)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
    Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
    Java(TM) SE Development Kit 6 Update 43 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160430}) (Version: 1.6.0.430 - Oracle)
    Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
    Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
    Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Nest Trader version 3.13.0.7_xp (HKLM-x32\...\{69b5e4ab-2587-434a-a612-3bc47bd93c60}_is1) (Version: 3.13.0.7_xp - Omnesys Technologies Pvt. Ltd.)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
    Skype version 8.36 (HKLM-x32\...\Skype_is1) (Version: 8.36 - Skype Technologies S.A.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
    WinRAR 5.61 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
    ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
    ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-11-27] (Intel Corporation)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {069A257C-8483-463C-BBF1-8443355BA81D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
    Task: {1BB53701-065E-4CEF-8DC1-671D63006821} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-11] (Google Inc.)
    Task: {2E053ABF-261F-4251-828C-F1717A0F0755} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
    Task: {4242DAC1-A04B-41BA-95BF-3C10781E7A01} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-12-29] (AVAST Software)
    Task: {48833B88-D685-43B7-A352-2D7BA1B4585F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-11] (Google Inc.)
    Task: {9BE51400-ED32-4120-A7E2-F217E8A96C84} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated)
    Task: {A2AE379E-54C3-4973-B43C-DEF263465762} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
    Task: {A8C55E55-440F-4A80-A988-31785870B740} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-06] (Adobe Systems Incorporated)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ==================== Loaded Modules (Whitelisted) ==============

    2018-12-18 19:23 - 2018-12-12 10:42 - 002682336 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libglesv2.dll
    2018-12-18 19:23 - 2018-12-12 10:42 - 000156640 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libegl.dll
    2018-05-05 17:52 - 2018-12-11 18:46 - 001837672 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
    2018-12-14 08:54 - 2018-12-11 18:46 - 002413624 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
    2018-12-14 08:54 - 2018-12-11 18:46 - 000097840 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
    2018-12-14 08:54 - 2018-12-11 18:46 - 000219696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
    2018-12-14 08:54 - 2018-12-11 18:46 - 000081768 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
    2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
    2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
    2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
    2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
    2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
    2018-05-05 17:53 - 2018-12-11 18:46 - 002915328 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
    2018-05-05 17:53 - 2018-12-11 18:46 - 000015360 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
    2018-12-14 08:54 - 2018-12-11 18:46 - 000405056 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
    2018-12-14 08:54 - 2018-12-11 18:46 - 000138816 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
    2018-12-14 08:54 - 2018-12-11 18:47 - 003239984 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\Processing.NDI.Lib.x86.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 18:55 - 2018-01-16 17:41 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2010342076-676048620-2654598280-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\my pc\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
    DNS Servers: 202.56.215.54 - 59.144.144.100
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    HKLM\...\StartupApproved\Run: => "HotKeysCmds"
    HKLM\...\StartupApproved\Run: => "IgfxTray"
    HKLM\...\StartupApproved\Run: => "Persistence"
    HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
    HKLM\...\StartupApproved\Run32: => "Adobe ARM"
    HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
    HKLM\...\StartupApproved\Run32: => "tvncontrol"
    HKU\S-1-5-21-2010342076-676048620-2654598280-1001\...\StartupApproved\StartupFolder: => "Logitech . Product Registration.lnk"
    HKU\S-1-5-21-2010342076-676048620-2654598280-1001\...\StartupApproved\Run: => "Skype"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [TCP Query User{CCE3D4A3-9D98-4485-851C-4FE52B6637A7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
    FirewallRules: [UDP Query User{6EA2124D-BF10-4ADC-B55E-C29FF12DF732}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
    FirewallRules: [TCP Query User{CD404BA7-00BC-4713-8236-6C6E431B8145}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
    FirewallRules: [UDP Query User{776B0310-E449-4C55-8FCA-1C8C3DB07006}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
    FirewallRules: [TCP Query User{FD6EAE42-E32C-4564-961A-7AE5C9FAD170}C:\users\my pc\appdata\local\temp\showmypc\smpc3160\smpcph.exe] => (Allow) C:\users\my pc\appdata\local\temp\showmypc\smpc3160\smpcph.exe No File
    FirewallRules: [UDP Query User{BA79096E-BD57-4D71-AD5A-858C1A13A7D5}C:\users\my pc\appdata\local\temp\showmypc\smpc3160\smpcph.exe] => (Allow) C:\users\my pc\appdata\local\temp\showmypc\smpc3160\smpcph.exe No File
    FirewallRules: [{CA605C24-4A87-427F-BFE5-A2B56226E917}] => (Allow) C:\Program Files (x86)\Omnesys\NEST3\NestTrader.exe No File
    FirewallRules: [{01480E01-689D-48C8-AF09-DEEF223AA2F5}] => (Allow) C:\Program Files (x86)\Omnesys\NEST3\NestTrader.exe No File
    FirewallRules: [{3E956AFA-158E-4601-9186-4E10585D9D4A}] => (Allow) C:\Program Files (x86)\Omnesys\NEST3\NestTrader.exe No File
    FirewallRules: [{4FBD8373-A71D-4700-AC37-2BA37025986D}] => (Allow) C:\Program Files (x86)\Omnesys\NEST3\NestTrader.exe No File
    FirewallRules: [TCP Query User{5FE6B0C0-4E21-410C-BE71-BB0B68AC02A7}D:\now\now.exe] => (Allow) D:\now\now.exe No File
    FirewallRules: [UDP Query User{6F1CE776-9D97-41ED-B197-AFD55965FCFA}D:\now\now.exe] => (Allow) D:\now\now.exe No File
    FirewallRules: [TCP Query User{72635478-3B6E-4B34-8580-D3469F2F9524}C:\program files (x86)\now\now.exe] => (Allow) C:\program files (x86)\now\now.exe No File
    FirewallRules: [UDP Query User{9F029691-99A0-4317-A058-4ACAF099C935}C:\program files (x86)\now\now.exe] => (Allow) C:\program files (x86)\now\now.exe No File
    FirewallRules: [TCP Query User{A2C2DE13-17F5-4F0D-A987-B57F9537DEF4}D:\nest3\nesttrader.exe] => (Allow) D:\nest3\nesttrader.exe No File
    FirewallRules: [UDP Query User{EA3956FB-6FCE-46F7-A0B8-98A64957D321}D:\nest3\nesttrader.exe] => (Allow) D:\nest3\nesttrader.exe No File
    FirewallRules: [TCP Query User{2A7F242B-1610-4670-9C4B-933620458CBD}D:\nest3\nesttrader.exe] => (Allow) D:\nest3\nesttrader.exe No File
    FirewallRules: [UDP Query User{53258324-6744-472E-A2A4-EC44F874F4D9}D:\nest3\nesttrader.exe] => (Allow) D:\nest3\nesttrader.exe No File
    FirewallRules: [{8A165E82-A52F-4894-895A-13723F15BCC0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
    FirewallRules: [{5EB66AC1-9987-4A50-AC76-DD9A3A4FB1CD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
    FirewallRules: [{7DDFBFB8-3D8A-46F8-B768-79BD0A9D0969}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
    FirewallRules: [{136D3997-1EA1-4A1B-AE4C-D5BDA10BF119}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
    FirewallRules: [TCP Query User{BCC1D4E1-0C88-4DC9-B29A-EAB1097AE501}C:\program files (x86)\now\now.exe] => (Allow) C:\program files (x86)\now\now.exe No File
    FirewallRules: [UDP Query User{34F7AD25-0565-45BE-AA30-AFE2D8DFA98C}C:\program files (x86)\now\now.exe] => (Allow) C:\program files (x86)\now\now.exe No File
    FirewallRules: [TCP Query User{DDAD031C-F72A-49A4-9A95-824518401B12}C:\program files (x86)\omnesys\nest3_3.13.0.7\nesttrader.exe] => (Allow) C:\program files (x86)\omnesys\nest3_3.13.0.7\nesttrader.exe (Omnesys Technologies Pvt Ltd.)
    FirewallRules: [UDP Query User{DB90B9F1-9A46-4DE7-87A8-7DEFAB88A4D3}C:\program files (x86)\omnesys\nest3_3.13.0.7\nesttrader.exe] => (Allow) C:\program files (x86)\omnesys\nest3_3.13.0.7\nesttrader.exe (Omnesys Technologies Pvt Ltd.)
    FirewallRules: [{FAAE3CA6-A562-42F2-88DA-1150868F786F}] => (Block) C:\program files (x86)\omnesys\nest3_3.13.0.7\nesttrader.exe (Omnesys Technologies Pvt Ltd.)
    FirewallRules: [{C5F24A78-ED76-471A-B7F1-380D3E9530F1}] => (Block) C:\program files (x86)\omnesys\nest3_3.13.0.7\nesttrader.exe (Omnesys Technologies Pvt Ltd.)
    FirewallRules: [TCP Query User{C09D8831-42D5-4E09-99E6-D7DFF82AF766}C:\users\my pc\downloads\anydesk.exe] => (Allow) C:\users\my pc\downloads\anydesk.exe No File
    FirewallRules: [UDP Query User{DA24DE18-80E8-4598-95D1-E1D58D546358}C:\users\my pc\downloads\anydesk.exe] => (Allow) C:\users\my pc\downloads\anydesk.exe No File
    FirewallRules: [{C882D0B1-CBC8-4DFB-830E-46572223C40F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
    FirewallRules: [{C1FCE46B-055B-41DA-8448-2B7B607B4F55}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
    FirewallRules: [{99E1D012-7598-43FD-81BF-EBB659829532}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
    FirewallRules: [{17ACEF57-C641-4413-8FFA-7E74E0025E15}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
    FirewallRules: [{606B89B7-74FB-45C3-8C8F-69A7D6DC45C8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
    FirewallRules: [{D5CF70E0-97A3-4726-9DC2-CAE6E8075412}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
    FirewallRules: [{2DCDECB7-783F-41B7-8D8E-2B4EB3DDDF24}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
    FirewallRules: [{74FBCC5D-815D-463F-B31C-E6DE730A1BD9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
    FirewallRules: [{4DC40C17-08AE-45AC-8D87-0457FAA44945}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    FirewallRules: [{93C8AA90-F88A-4158-BB9C-0D73939FD910}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
    FirewallRules: [{4D2FCCC9-F91F-47F6-B134-3C79126AF0BA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File

    ==================== Restore Points =========================


    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/29/2018 02:43:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

    Error: (12/29/2018 02:43:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

    Error: (12/29/2018 02:38:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

    Error: (12/29/2018 02:38:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

    Error: (12/29/2018 02:27:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

    Error: (12/29/2018 02:27:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

    Error: (12/29/2018 02:25:51 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: AvastNM.exe, version: 0.0.0.0, time stamp: 0x5bec64f1
    Faulting module name: AvastNM.exe, version: 0.0.0.0, time stamp: 0x5bec64f1
    Exception code: 0xc0000409
    Fault offset: 0x00052158
    Faulting process id: 0x12d8
    Faulting application start time: 0x01d49f544c870e21
    Faulting application path: C:\Program Files\AVAST Software\Avast\AvastNM.exe
    Faulting module path: C:\Program Files\AVAST Software\Avast\AvastNM.exe
    Report Id: 8a3be80c-0b47-11e9-8d4b-78e3b5ab55d6
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (12/29/2018 02:25:48 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: AvastNM.exe, version: 0.0.0.0, time stamp: 0x5bec64f1
    Faulting module name: AvastNM.exe, version: 0.0.0.0, time stamp: 0x5bec64f1
    Exception code: 0xc0000409
    Fault offset: 0x00052158
    Faulting process id: 0xdfc
    Faulting application start time: 0x01d49f544ac5e4e3
    Faulting application path: C:\Program Files\AVAST Software\Avast\AvastNM.exe
    Faulting module path: C:\Program Files\AVAST Software\Avast\AvastNM.exe
    Report Id: 887da68b-0b47-11e9-8d4b-78e3b5ab55d6
    Faulting package full name:
    Faulting package-relative application ID:


    System errors:
    =============
    Error: (12/29/2018 03:06:51 PM) (Source: DCOM) (EventID: 10010) (User: RANGA)
    Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

    Error: (12/29/2018 03:06:20 PM) (Source: DCOM) (EventID: 10010) (User: RANGA)
    Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

    Error: (12/29/2018 02:39:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The %1!s! Update Service (avast) service failed to start due to the following error:
    The system cannot find the file specified.

    Error: (12/29/2018 02:37:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The TightVNC Server service failed to start due to the following error:
    %%2 = The system cannot find the file specified.

    Error: (12/29/2018 02:37:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The AnyDesk Service service failed to start due to the following error:
    %%2 = The system cannot find the file specified.

    Error: (12/29/2018 02:28:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The %1!s! Update Service (avast) service failed to start due to the following error:
    %%2 = The system cannot find the file specified.

    Error: (12/29/2018 02:26:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The TightVNC Server service failed to start due to the following error:
    %%2 = The system cannot find the file specified.

    Error: (12/29/2018 02:26:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The AnyDesk Service service failed to start due to the following error:
    %%2 = The system cannot find the file specified.


    Windows Defender:
    ===================================
    Date: 2018-12-29 09:08:43.769
    Description:
    Windows Defender scan has been stopped before completion.
    Scan ID: {C1005450-45C9-4CBF-8CC5-A5C31723500E}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-01-25 17:40:14.755
    Description:
    Windows Defender scan has been stopped before completion.
    Scan ID: {90CD2BC4-3EF9-4F95-987E-1AF490653B6E}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-01-24 10:28:52.275
    Description:
    Windows Defender scan has been stopped before completion.
    Scan ID: {154B534A-94AD-448E-8000-F2D8E7BC3FAE}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-01-23 16:15:15.072
    Description:
    Windows Defender scan has been stopped before completion.
    Scan ID: {BAF89C19-B0D4-4255-A8BC-53223FEDD868}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-01-19 17:11:51.837
    Description:
    Windows Defender scan has been stopped before completion.
    Scan ID: {6FE3A884-EDA5-4C4D-AADA-24BA558D3A77}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-12-29 13:28:11.013
    Description:
    Windows Defender Real-Time Protection feature has encountered an error and failed.
    Feature: Network Inspection System
    Error Code: 0x80004004
    Error description: Operation aborted
    Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

    Date: 2017-12-07 20:24:52.085
    Description:
    Windows Defender Real-Time Protection feature has encountered an error and failed.
    Feature: Network Inspection System
    Error Code: 0x80004004
    Error description: Operation aborted
    Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

    Date: 2017-08-29 18:20:57.610
    Description:
    Windows Defender has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.249.1352.0
    Update Source: Microsoft Update Server
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.14003.0
    Error code: 0x80240022
    Error description: The program can't check for definition updates.

    Date: 2017-08-29 18:20:57.610
    Description:
    Windows Defender has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.249.1352.0
    Update Source: Microsoft Update Server
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.14003.0
    Error code: 0x80240022
    Error description: The program can't check for definition updates.

    Date: 2017-08-29 18:13:28.520
    Description:
    Windows Defender has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 117.8.0.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: Network Inspection System
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 2.1.13804.0
    Error code: 0x800b0003
    Error description: The form specified for the subject is not one supported or known by the specified trust provider.

    CodeIntegrity:
    ===================================

    Date: 2018-12-28 16:57:57.772
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2018-12-28 16:54:39.557
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2018-12-28 08:56:40.200
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2018-12-27 09:01:14.337
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2018-12-26 18:16:09.607
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2018-12-26 07:14:10.120
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2018-12-25 11:39:44.518
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2018-12-25 08:38:07.728
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
    Percentage of memory in use: 69%
    Total physical RAM: 1783.11 MB
    Available physical RAM: 542.71 MB
    Total Virtual: 3575.11 MB
    Available Virtual: 1954.15 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:97.31 GB) (Free:73.64 GB) NTFS
    Drive d: (New Volume) (Fixed) (Total:135.23 GB) (Free:134.73 GB) NTFS

    \\?\Volume{784bb8a1-598d-11e5-8250-806e6f6e6963}\ () (Fixed) (Total:0.34 GB) (Free:0.03 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: B7A483F7)
    Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=97.3 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=135.2 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

  4. #4
    Join Date
    Aug 2010
    Location
    India,Chennai
    Posts
    283
    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 12/29/18
    Scan Time: 8:12 PM
    Log File: f7e9d80a-0b77-11e9-a8f1-78e3b5ab55d6.json

    -Software Information-
    Version: 3.6.1.2711
    Components Version: 1.0.508
    Update Package Version: 1.0.8547
    License: Trial

    -System Information-
    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: RANGA\my pc

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 248015
    Threats Detected: 2
    Threats Quarantined: 2
    Time Elapsed: 5 min, 32 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 1
    Trojan.Agent.Generic, HKU\S-1-5-21-2010342076-676048620-2654598280-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CCAVINSTALLER, Quarantined, [3686], [521269],1.0.8547

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 1
    Trojan.Agent.Generic, C:\USERS\MY PC\APPDATA\LOCAL\TEMP\CCAVINSTALLER.VBS, Quarantined, [3686], [521269],1.0.8547

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

  5. #5
    Join Date
    Aug 2010
    Location
    India,Chennai
    Posts
    283
    After scanning with Malware & deleting the Trojan detected, the problem disappeared.
    I took this Malware clue from one of yr posts in this section.
    Thanks for the guidance.
    As of now it is Resolved.

  6. #6
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,361
    Very well.
    Happy New Year

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •