Solved bsod errors every now and then

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Welcome to our Community
Wanting to join the rest of our members? Feel free to sign up today.
Sign up
Status
Not open for further replies.

maxim123

PCHF Member
PCHF Member
Aug 2, 2017
204
12
I have been getting bsod errors now and then these days and they are becoming more frequent. It used be once a week, now it is once per two days.


SYSTEM SERVICE EXCEPTION (occurred 4/14)
PAGE FAULT IN NON PAGED AREA (occurred 4/15)
FAULTY HARDWARE CORRUPTED PAGE (today)

these three bsod occured within 1 week.

Please help.
Thank you.
 

Bruce

Forum Regular
Support Team
PCHF Member
Oct 8, 2017
712
153
27
Yeppoon, QLD, Australia.
give us your PC specs by following these steps...
in Speccy, click File > Publish Snapshot > Copy to Clipboard > Close.
now you can paste(Ctrl+V) that link into a post.​
then, what have you tried so far to troubleshoot the problem?
is there any rhyme or reason to the BSOD - time, running software, something you just clicked etc?
what was the most recent hardware and software change?
 
  • Like
Reactions: maxim123

maxim123

PCHF Member
PCHF Member
Aug 2, 2017
204
12

It happens without rhyme or reason so far. Sometimes I open my laptop, and it occurs at the start screen. Then sometimes it happens when I am just browsing.

I thought it was RAM problem first which I changed already. But it is still happening and more frequently recently.

There has not been any new hardware or software change.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,915
515
Sysnative Tool.

1. Download the Sysnative BSOD Dump + System File Collection App - save to Documents folder -
2. Run the app - Double-click on the downloaded EXE file
Output = new folder created in Documents + a zipped version -- SysnativeFileCollectionApp + SysnativeFileCollectionApp.zip
3. Upload the SysnativeFileCollectionApp.zip file for review.
 
  • Like
Reactions: maxim123

maxim123

PCHF Member
PCHF Member
Aug 2, 2017
204
12
Sysnative Tool.

1. Download the Sysnative BSOD Dump + System File Collection App - save to Documents folder -
2. Run the app - Double-click on the downloaded EXE file
Output = new folder created in Documents + a zipped version -- SysnativeFileCollectionApp + SysnativeFileCollectionApp.zip
3. Upload the SysnativeFileCollectionApp.zip file for review.
hi i tried to attach the file, but it says "The uploaded file is too large for the server to process." the file's size is 2.74 mb.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,915
515
OK, let me have a look. You can expect a reply by this time tomorrow . I am pretty busy with work these days. But I am certainly going to take a look at your issue. :)
 
  • Like
Reactions: maxim123

maxim123

PCHF Member
PCHF Member
Aug 2, 2017
204
12
OK, let me have a look. You can expect a reply by this time tomorrow . I am pretty busy with work these days. But I am certainly going to take a look at your issue. :)
Thank you for taking the time :)

PS I got faulty hardware corrupted page again yesterday, and just few minutes ago, when I started my laptop, I got system thread exception error.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,915
515
There are no dump files. Are you running CCleaner? If so please do not run it and allow the machine to crash a couple more times and send new logs.
 
  • Like
Reactions: maxim123

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,915
515
Plus these scans.

PC Hunter Scan!

Download PCHunter
Disable your antivirus prior to this scan!!
Unzip the program to your desktop.
You will need to run the version that is compatible with your windows.
If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Right click either the 64 or 32 bit version and Run as Administrator.
After the program starts, go to the Examination Tab.
Click it once -- Look at the bottom and check mark Hide Safe Items.
Then click Generate Examination Report.
Allow 5 to 10 minutes for the program to generate the report.
Once complete you will be able to click the Export Examination Report button.
Save it where you like and name it what you like.
Then copy the entire report, and paste it here in your next reply.


Step 2: MiniToolBox Scan


Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go post the result.



Step 3: HijackThis.



1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.
 
  • Like
Reactions: maxim123

maxim123

PCHF Member
PCHF Member
Aug 2, 2017
204
12
There are no dump files. Are you running CCleaner? If so please do not run it and allow the machine to crash a couple more times and send new logs.
I am also somewhat confused, the dump files get automatically deleted. I have no idea what's causing this. I haven't run Ccleaner in a while( more than a month). I will follow the steps you posted and report tomorrow, it is night right now here.
 

maxim123

PCHF Member
PCHF Member
Aug 2, 2017
204
12
I am also somewhat confused, the dump files get automatically deleted. I have no idea what's causing this. I haven't run Ccleaner in a while( more than a month). I will follow the steps you posted and report tomorrow, it is night right now here.
could this also be some sort of problem?
I am currently waiting for a crash so I can rescan and send the logs.
 

maxim123

PCHF Member
PCHF Member
Aug 2, 2017
204
12
I am also somewhat confused, the dump files get automatically deleted. I have no idea what's causing this. I haven't run Ccleaner in a while( more than a month). I will follow the steps you posted and report tomorrow, it is night right now here.
could this also be some sort of problem?
I am currently waiting for a crash so I can rescan and send the logs.
 

maxim123

PCHF Member
PCHF Member
Aug 2, 2017
204
12
I have no idea what's wrong but I can't post the text contents in here. I mean when I enter post reply, it keeps on loading and doesn't post. I tried to enter the pchunter text contents directly, but it did not paste. So I have uploaded the text file in sendspace. can't attach here as it says the file is too large (it is 2.76 mb and probably the reason I couldn't post here directly)


i am running minitoolbox now.
 

maxim123

PCHF Member
PCHF Member
Aug 2, 2017
204
12
Minitoolbox scans:

Code:
MiniToolBox by Farbar  Version: 17-06-2016
Ran by Max (administrator) on 29-04-2019 at 06:33:53
Running from "C:\Users\USER\Desktop"
Microsoft Windows 10 Pro  (X64)
Model: 20369 Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet 2 (Connected)
Realtek RTL8723BE Wireless LAN 802.11n PCI-E NIC = Wi-Fi (Media disconnected)
TunnelBear Adapter V9 = Ethernet 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global dhcpmediasense=enabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 24" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 8" forwarding=enabled advertise=enabled metric=0 nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 3" forwarding=enabled advertise=enabled metric=0 nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : ADMIN
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TunnelBear Adapter V9
   Physical Address. . . . . . . . . : 00-FF-C2-D4-13-BD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8723BE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 74-29-AF-2C-90-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 76-29-AF-2C-90-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #3
   Physical Address. . . . . . . . . : 74-29-AF-2C-90-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 68-F7-28-50-6E-46
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d92e:7787:a0a0:5da%8(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.102(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, April 29, 2019 5:08:46 AM
   Lease Expires . . . . . . . . . . : Monday, April 29, 2019 8:09:04 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 107542312
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-58-95-B0-68-F7-28-50-6E-46
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  2404:6800:4003:806::200e
      172.217.27.46


Pinging google.com [172.217.27.46] with 32 bytes of data:
Reply from 172.217.27.46: bytes=32 time=79ms TTL=54
Reply from 172.217.27.46: bytes=32 time=79ms TTL=54

Ping statistics for 172.217.27.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 79ms, Maximum = 79ms, Average = 79ms
Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  2001:4998:44:41d::3
      2001:4998:c:1023::5
      2001:4998:58:1836::10
      2001:4998:58:1836::11
      2001:4998:c:1023::4
      2001:4998:44:41d::4
      72.30.35.10
      98.138.219.231
      72.30.35.9
      98.137.246.7
      98.138.219.232
      98.137.246.8


Pinging yahoo.com [98.138.219.232] with 32 bytes of data:
Reply from 98.138.219.232: bytes=32 time=277ms TTL=52
Reply from 98.138.219.232: bytes=32 time=276ms TTL=52

Ping statistics for 98.138.219.232:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 276ms, Maximum = 277ms, Average = 276ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 21...00 ff c2 d4 13 bd ......TunnelBear Adapter V9
 25...74 29 af 2c 90 55 ......Realtek RTL8723BE Wireless LAN 802.11n PCI-E NIC
  9...76 29 af 2c 90 55 ......Microsoft Wi-Fi Direct Virtual Adapter
 18...74 29 af 2c 90 55 ......Microsoft Wi-Fi Direct Virtual Adapter #3
  8...68 f7 28 50 6e 46 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.102     35
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.0.0    255.255.255.0         On-link     192.168.0.102    291
    192.168.0.102  255.255.255.255         On-link     192.168.0.102    291
    192.168.0.255  255.255.255.255         On-link     192.168.0.102    291
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link     192.168.0.102    291
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link     192.168.0.102    291
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    331 ::1/128                  On-link
  8    291 fe80::/64                On-link
  8    291 fe80::d92e:7787:a0a0:5da/128
                                    On-link
  1    331 ff00::/8                 On-link
  8    291 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/28/2019 04:11:35 PM) (Source: Perflib) (User: )
Description: DirectoryServices8

Error: (04/27/2019 02:33:28 PM) (Source: Perflib) (User: )
Description: DirectoryServices8

Error: (04/26/2019 12:14:53 PM) (Source: Perflib) (User: )
Description: DirectoryServices8

Error: (04/26/2019 09:05:03 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_42f0d9a244e0990d.manifest.

Error: (04/25/2019 09:29:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_42f0d9a244e0990d.manifest.

Error: (04/24/2019 02:21:34 PM) (Source: Perflib) (User: )
Description: DirectoryServices8

Error: (04/23/2019 10:56:57 AM) (Source: Perflib) (User: )
Description: DirectoryServices8

Error: (04/22/2019 02:49:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_42f0d9a244e0990d.manifest.

Error: (04/22/2019 08:21:12 AM) (Source: Perflib) (User: )
Description: DirectoryServices8

Error: (04/22/2019 07:42:00 AM) (Source: Application Hang) (User: )
Description: The program LockApp.exe version 10.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 316c

Start Time: 01d4f8ae96aa9d26

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: 6d88e380-0f3e-4bdc-bc01-036d9252f98f

Faulting package full name: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen


System errors:
=============
Error: (04/29/2019 05:13:33 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (04/29/2019 05:11:03 AM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (04/29/2019 05:11:03 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (04/29/2019 05:10:32 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/29/2019 05:09:17 AM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated with the following error:
%%1008 = An attempt was made to reference a token that does not exist.


Error: (04/29/2019 05:08:46 AM) (Source: BugCheck) (User: )
Description: 0x0000012b (0xffffffffc00002c4, 0x0000000000000741, 0x000000001b198ba0, 0xffff9c007d7f0000)C:\WINDOWS\Minidump\042919-38921-01.dmpf0e810b8-6ee8-43e2-871c-2556eb1962a6

Error: (04/29/2019 05:08:46 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:44:52 AM on ‎4/‎29/‎2019 was unexpected.

Error: (04/29/2019 04:33:00 AM) (Source: DCOM) (User: ADMIN)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ADMINMaxS-1-5-21-900945925-988278395-3478122750-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/28/2019 05:32:24 PM) (Source: DCOM) (User: ADMIN)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ADMINMaxS-1-5-21-900945925-988278395-3478122750-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/27/2019 11:39:16 PM) (Source: Service Control Manager) (User: )
Description: The Avast Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (04/28/2019 04:11:35 PM) (Source: Perflib)(User: )
Description: DirectoryServices8

Error: (04/27/2019 02:33:28 PM) (Source: Perflib)(User: )
Description: DirectoryServices8

Error: (04/26/2019 12:14:53 PM) (Source: Perflib)(User: )
Description: DirectoryServices8

Error: (04/26/2019 09:05:03 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_42f0d9a244e0990d.manifestD:\Program Files (x86)\Audacity\audacity.exe

Error: (04/25/2019 09:29:12 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_42f0d9a244e0990d.manifestD:\Program Files (x86)\Audacity\audacity.exe

Error: (04/24/2019 02:21:34 PM) (Source: Perflib)(User: )
Description: DirectoryServices8

Error: (04/23/2019 10:56:57 AM) (Source: Perflib)(User: )
Description: DirectoryServices8

Error: (04/22/2019 02:49:58 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_42f0d9a244e0990d.manifestD:\Program Files (x86)\Audacity\audacity.exe

Error: (04/22/2019 08:21:12 AM) (Source: Perflib)(User: )
Description: DirectoryServices8

Error: (04/22/2019 07:42:00 AM) (Source: Application Hang)(User: )
Description: LockApp.exe10.0.17134.1316c01d4f8ae96aa9d264294967295C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe6d88e380-0f3e-4bdc-bc01-036d9252f98fMicrosoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewyWindowsDefaultLockScreen


CodeIntegrity Errors:
===================================
  Date: 2019-03-13 09:20:12.946
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

  Date: 2019-03-13 09:20:12.908
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

  Date: 2019-03-13 09:20:12.712
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

  Date: 2019-03-13 09:20:12.641
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

  Date: 2019-03-13 09:20:12.592
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

  Date: 2019-03-13 09:20:12.553
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

  Date: 2019-03-13 09:20:10.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

  Date: 2019-03-13 09:20:09.944
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

  Date: 2019-01-12 12:28:39.824
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.1.1 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version:  - )
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
calibre (HKLM-x32\...\{00F91371-9FE2-4F75-9B49-8F7D1C135214}) (Version: 3.7.0 - Kovid Goyal)
Catalyst Control Center Next Localization BR (HKLM\...\{15EEB07A-3FB9-FA4C-8EFF-697728CB1E5C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{A63E3031-0522-18C6-F18F-7EE80973315F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{A2966D0F-43BB-116D-C9C7-49612FBFD0AE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{4C608ED2-535B-2119-3661-9E6F7DDB600F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9005C809-497A-FD45-CB96-76A3338E35B9}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D84300A6-72F1-5771-B3B1-8FC71184AB38}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{56D13277-FA9F-2842-682D-DD7298973585}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{8D0C7788-D519-7B65-36F6-D0D21296F173}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{930FD2C7-D026-197D-94E4-CB5917CE7420}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{086D11E3-9CA4-DBEF-2B48-5A2EFFD53145}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D0C1EAB6-92F1-EE91-04C2-5947EE150593}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{57EAA61A-CD02-DF34-0839-2549F57A334C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{AA477FD2-347B-1732-5D8C-AF35AF1B9703}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{BBFC5953-2CB9-5932-1D47-52E4AA99737B}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{01E7D692-D785-743F-5A55-F00162D26A1C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{5D8BA452-1264-7D13-E4EC-8236EC5B83FE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F49BA906-83DA-3F5A-5B24-03C8DE2A3936}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{5A466CAA-F071-D9EF-A799-EF63552DBE70}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{D7DC4DDB-3E0D-6F79-4258-4A461654B689}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{ACDFF800-6015-BEEC-8A27-7B1A80915273}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{A28B1FC5-3947-9D39-7FE5-A3CB18E16358}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
FormatFactory 4.5.5.0 (HKLM-x32\...\FormatFactory) (Version: 4.5.5.0 - Free Time)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
Garena (remove only) (HKLM-x32\...\gxx) (Version: 2.0.1904.0511 - Garena)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.)
IDM Crack 6.30 build 8 (HKLM-x32\...\IDM Crack 6.30 build 8) (Version: 6.30 build 8 - Crackingpatching.com Team)
ImageGlass (HKLM\...\{D539FBEF-4AA8-4415-B66F-6367DA5D0186}_is1) (Version: 5.5.7.26 - Duong Dieu Phap)
InstaTrader (HKLM-x32\...\InstaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 11.4.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Service Bridge (HKCU\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0078 - Lenovo)
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
MetaTrader - EXNESS (HKLM-x32\...\MetaTrader - EXNESS) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft Excel 2010 (HKLM-x32\...\Office14.EXCEL) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version:  - )
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Word 2010 (HKLM-x32\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 66.0 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0 (x64 en-US)) (Version: 66.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Network Recording Player (HKLM-x32\...\{79417ECE-DA9D-49B3-B1C9-83AA3EAE6AE0}) (Version: 31.9.3.13 - Cisco WebEx LLC)
NinjaTrader 8 (HKLM-x32\...\{2DAF98A0-9C96-4362-8AEB-5C548C01351E}) (Version: 8.0.13.1 - NinjaTrader, LLC)
OmegaT version 4.1.5_04_Beta (HKLM-x32\...\OmegaT 4.1.5_04_Beta_is1) (Version:  - OmegaT)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
RapidTyping 5 (HKLM-x32\...\RapidTyping5) (Version: 5.0.101 - RapidTyping Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Subtitle Edit 3.4.6 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.6.544 - Nikse)
Subtitle Edit 3.5.3 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.3.0 - Nikse)
Toolwiz Time Freeze 2017 (HKLM-x32\...\{3A74D01E-3AEF-4DF4-8404-0056150C97A3}) (Version: 4.3.1.5000 - Toolwiz)
TunnelBear (HKLM-x32\...\{58a01650-b45c-443b-a51e-90f586a63532}) (Version: 3.7.2.0 - TunnelBear)
TunnelBear (HKLM-x32\...\{C7E7F8CF-E23A-4FC1-8AAC-8710A70490E3}) (Version: 3.7.2.0 - TunnelBear) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windscribe version 1.70 build 4 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.70 build 4 - Windscribe)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wise Data Recovery 3.82 (HKLM-x32\...\Wise Data Recovery_is1) (Version: 3.82 - WiseCleaner.com, Inc.)
射手影音播放器 (HKLM-x32\...\SPlayer) (Version:  - )

========================= Memory info: ===================================

Percentage of memory in use: 59%
Total physical RAM: 8088.36 MB
Available physical RAM: 3276.87 MB
Total Virtual: 9048.36 MB
Available Virtual: 4793.77 MB

========================= Partitions: =====================================

1 Drive c: (SYSTEM) (Fixed) (Total:115.54 GB) (Free:27.75 GB) NTFS
2 Drive d: () (Fixed) (Total:348.57 GB) (Free:42.96 GB) NTFS

========================= Users: ========================================

User accounts for \\ADMIN

Administrator            DefaultAccount           Guest                   
Max                      WDAGUtilityAccount       


**** End of log ****
 

maxim123

PCHF Member
PCHF Member
Aug 2, 2017
204
12
Hijack this scans:

Code:
Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.24

Platform:  x64 Windows 10 (Pro), 10.0.17134 (ReleaseId: 1803), Service Pack: 0
Time:      29.04.2019 - 06:36
Language:  OS: English (0x409). Display: English (0x409). Non-Unicode: Chinese (Simplified) (0x804)
Elevated:  Yes
Ran by:    Max    (group: Administrator) on ADMIN

Chrome:  73.0.3683.103
Firefox: 66.0.0.7012
Edge:    11.0.17134.677
Internet Explorer: 11.0.17134.1

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
   1  C:\Program Files (x86)\Lenovo\System Update\SUService.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
   1  C:\Program Files\AVAST Software\Avast\AvastSvc.exe
   1  C:\Program Files\AVAST Software\Avast\AvastUI.exe
   1  C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
   1  C:\Program Files\AVAST Software\Avast\aswidsagent.exe
   1  C:\Program Files\Apoint2K\ApMsgFwd.exe
   1  C:\Program Files\Apoint2K\HidMonitorSvc.exe
   1  C:\Program Files\Elantech\ETDCtrl.exe
   1  C:\Program Files\Elantech\ETDCtrlHelper.exe
   1  C:\Program Files\Elantech\ETDIntelligent.exe
   1  C:\Program Files\Elantech\ETDService.exe
  11  C:\Program Files\Mozilla Firefox\firefox.exe
   1  C:\Program Files\lenovo\iMController\Service\Lenovo.Modern.ImController.exe
   1  C:\Program Files\rempl\sedsvc.exe
   1  C:\Users\USER\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
   1  C:\Users\USER\Desktop\HiJackThis.exe
   1  C:\Users\USER\Desktop\MemCompression
   1  C:\Users\USER\Desktop\Registry
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   2  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
   1  C:\Windows\RtkBtManServ.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0337968.inf_amd64_e9075e8c655a0e88\B337967\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0337968.inf_amd64_e9075e8c655a0e88\B337967\atiesrxx.exe
   1  C:\Windows\System32\InputMethod\CHS\ChsIME.exe
   2  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   2  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SgrmBroker.exe
   2  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\cmd.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\igfxCUIService.exe
   1  C:\Windows\System32\igfxEM.exe
   1  C:\Windows\System32\igfxHK.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\mqsvc.exe
   1  C:\Windows\System32\schtasks.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  66  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   2  C:\Windows\explorer.exe
   1  D:\Program Files (x86)\Internet Download Manager\IDMan.exe
   1  D:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
   1  D:\Program Files (x86)\kies\USB Drivers\27_ssconn\conn\ss_conn_service.exe
   1  D:\Program Files (x86)\tunnebear\TunnelBear\TunnelBear.Maintenance.exe
   1  D:\Program Files\Toolwiz Time Freeze 2017\ToolwizTimeFreeze.exe
   1  D:\garena\Garena\2.0.1904.0511\gxxsvc.exe
   1  D:\garena\Garena\Garena.exe

R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - Google - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
O1 - Hosts:
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
O2-32 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2-32 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O2-32 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2-32 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
O4 - HKCU\..\Run: [IDMan] D:\Program Files (x86)\Internet Download Manager\IDMan.exe  /onboot
O4 - HKCU\..\Run: [ToolwizTimeFreeze] d:\Program Files\Toolwiz Time Freeze 2017\ToolwizTimeFreeze.exe -autorun
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning]  (2019/01/01)C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\StartupApproved\Run: [OneDriveSetup]  (2019/01/01)C:\Windows\SysWOW64\OneDriveSetup.exe  /thfirstsetup
O4 - HKLM\..\Run: [AvastUI.exe] c:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth]  (2017/12/29)C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe  /thfirstsetup
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] C:\Program Files\Windows Mail\wab.exe  /Upgrade
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe  /thfirstsetup
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] C:\Program Files\Windows Mail\wab.exe  /Upgrade
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr (file missing)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (file missing)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (file missing)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (file missing)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (file missing)
O8 - Extra context menu item: Download all links with IDM - D:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - D:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
O8 - Extra context menu item: Se&nd to OneNote - D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll (file missing)
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send to OneNote - HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O16-32 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O17 - DHCP DNS - 1: 192.168.0.1
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O18 - Protocol: WSISAllmytubechrome - (no CLSID) - (no file)
O21 - ShellIconOverlayIdentifiers:             IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - D:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - ShellIconOverlayIdentifiers:  OneDrive1 - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive2 - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive3 - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive4 - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive5 - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive6 - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive7 - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21 - ShellIconOverlayIdentifiers: 00asw - {472083B0-C522-11CF-8763-00608CC02F24} - c:\Program Files\AVAST Software\Avast\ashShell.dll
O21-32 - ShellIconOverlayIdentifiers:  OneDrive1 - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive2 - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive3 - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive4 - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive5 - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive6 - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive7 - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (Disabled): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Disabled): \Microsoft\Windows\HelloFace\FODCleanupTask - C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe
O22 - Task (Disabled): \Microsoft\Windows\InstallService\WakeUpAndContinueUpdates - {0DC331EE-8438-49D5-A721-E10B937CE459} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task (Disabled): \Microsoft\Windows\InstallService\WakeUpAndScanForUpdates - {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task (Disabled): \Microsoft\Windows\PushToInstall\LoginCheck - C:\WINDOWS\system32\sc.exe start pushtoinstall login
O22 - Task (Disabled): \Microsoft\Windows\Subscription\LicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe
O22 - Task (Disabled): \Microsoft\Windows\UNP\RunUpdateNotificationMgr - C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe
O22 - Task (Disabled): \Microsoft\Windows\Workplace Join\Recovery-Check - C:\WINDOWS\System32\dsregcmd.exe /checkrecovery
O22 - Task (Disabled): \OfficeSoftwareProtectionPlatform\SvcRestartTask - C:\WINDOWS\system32\sc.exe start osppsvc
O22 - Task (Disabled): shutdown - C:\Windows\System32\shutdown.exe /h
O22 - Task (Ready): AMDLinkUpdate - C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task (Ready): Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe -check plugin
O22 - Task (Ready): Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe -check pepperplugin
O22 - Task (Ready): Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task (Ready): Avast Emergency Update - c:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Task (Ready): CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task (Ready): CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task (Ready): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task (Ready): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (Ready): ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task (Ready): StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task (Ready): StartDVR - C:\Program Files\AMD\CNext\CNext\dvrcmd.exe (file missing)
O22 - Task (Ready): \Avast Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task (Ready): \Lenovo\ImController\Lenovo iM Controller Monitor - C:\WINDOWS\system32\ImController.InfInstaller.exe -checkremoval
O22 - Task (Ready): \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService
O22 - Task (Ready): \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\d4cd9bd1-448e-4889-a166-5a3c2f35e36a - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger d4cd9bd1-448e-4889-a166-5a3c2f35e36a
O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\e44f58fb-3b37-4ffa-a10b-75c8f35e8762 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger e44f58fb-3b37-4ffa-a10b-75c8f35e8762
O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\fce48f2e-386d-4939-aa3b-7d8a829757ea - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger fce48f2e-386d-4939-aa3b-7d8a829757ea
O22 - Task (Ready): \Lenovo\Lenovo Service Bridge\S-1-5-21-900945925-988278395-3478122750-1001 - C:\Users\USER\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
O22 - Task (Ready): \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file)
O22 - Task (Ready): \Microsoft\Windows\Chkdsk\SyspartRepair - C:\WINDOWS\system32\bcdboot.exe %windir% /sysrepair
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\DirectX\DXGIAdapterCache - C:\WINDOWS\system32\dxgiadaptercache.exe
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh - {711001CD-CC1D-4470-9B7E-1EF73849C79E},ExploitGuardPolicy - C:\WINDOWS\System32\MitigationConfiguration.dll
O22 - Task (Ready): \Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures - {59EECBFE-C2F5-4419-9B99-13FE05FF2675} - C:\WINDOWS\System32\fcon.dll
O22 - Task (Ready): \Microsoft\Windows\InstallService\ScanForUpdates - {A558C6A5-B42B-4C98-B610-BF9559143139} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task (Ready): \Microsoft\Windows\InstallService\ScanForUpdatesAsUser - {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task (Ready): \Microsoft\Windows\InstallService\SmartRetry - {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task (Ready): \Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources - {D0582E3B-3126-4CAA-9155-AC37C912A489} - (no file)
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Cellular - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask
O22 - Task (Ready): \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Arg4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
O22 - Task (Ready): \Microsoft\Windows\Printing\EduPrintProv - C:\WINDOWS\system32\eduprintprov.exe
O22 - Task (Ready): \Microsoft\Windows\PushToInstall\Registration - C:\WINDOWS\system32\sc.exe start pushtoinstall registration
O22 - Task (Ready): \Microsoft\Windows\Speech\HeadsetButtonPress - C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe StartedFromTask
O22 - Task (Ready): \Microsoft\Windows\Subscription\EnableLicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe -e
O22 - Task (Ready): \Microsoft\Windows\USB\Usb-Notifications - {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} - C:\Windows\System32\UsbTask.dll
O22 - Task (Ready): \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - C:\WINDOWS\system32\MusNotification.exe Display
O22 - Task (Ready): \Microsoft\Windows\WaaSMedic\PerformRemediation - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},None - (no file)
O22 - Task (Ready): \Microsoft\Windows\WwanSvc\NotificationTask - C:\WINDOWS\System32\WiFiTask.exe wwan
O22 - Task (Ready): \Microsoft\Windows\rempl\shell - C:\Program Files\rempl\sedlauncher.exe
O22 - Task (Ready): \Microsoft\Windows\rempl\shell-usoscan - C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (file missing)
O22 - Task (Ready): \TVT\TVSUUpdateTask - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask
O22 - Task (Ready): \TVT\TVSUUpdateTask_UserLogOn - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask
O22 - Task (Ready): gxx speed launcher - D:\garena\Garena\Garena.exe -silentlaunch -gxxsvclaunch
O23 - Service R2: @oem42.inf,%HidMonitor.SvcDisp%;Alps SMBus Monitor Service - (ApHidMonitorService) - C:\Program Files\Apoint2K\HidMonitorSvc.exe
O23 - Service R2: @oem72.inf,%ImcSvcDisplayName%;System Interface Foundation Service - (ImControllerService) - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service R2: @oem81.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service - (RtkBtManServ) - C:\WINDOWS\RtkBtManServ.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0337968.inf_amd64_e9075e8c655a0e88\B337967\atiesrxx.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - c:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service R2: Elan Service - (ETDService) - C:\Program Files\Elantech\ETDService.exe
O23 - Service R2: Garena platform service - (GarenaPlatform) - D:\garena\Garena\2.0.1904.0511\gxxsvc.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - D:\Program Files (x86)\kies\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service R2: TunnelBear Maintenance - (TunnelBearMaintenance) - D:\Program Files (x86)\tunnebear\TunnelBear\TunnelBear.Maintenance.exe
O23 - Service R2: Windows Defender Security Center Service - (SecurityHealthService) - C:\WINDOWS\system32\SecurityHealthService.exe
O23 - Service R3: System Update - (SUService) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service R3: aswbIDSAgent - c:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: AvastWscReporter - c:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: Windows Defender Advanced Threat Protection Service - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
O23 - Service S3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe
O23 - Service S3: Windows Defender Antivirus Service - (WinDefend) - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe

--
End of file - Time spent: 37 sec. - 43896 bytes, CRC32: FFFFFFFF. Sign: C㽲
 
Status
Not open for further replies.