• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

In Progress Inexplicable Crashes and Restarts

Caspar de la Poer

PCHF Member
PCHF Member
Aug 8, 2018
10
0
28
#1
Hi, all!

I've been having issues on and off with my PC for the last couple of years. It restarts at random times. It can be while playing a Youtube video, while gaming (regardless of the game), while just sitting idle. It can happen 2 minutes into an activity or 2 hours. I can't really find a pattern. I've shown the Event Log to friends who know things about computers and they can identify nothing. I've updated all the software I can think of. I've taken it to repair shops and they tell me there's nothing wrong with the PC; no viruses, no damaged hardware, no malfunctioning software.
The PC usually starts the boot up cycle immediately after restarting but there have been periods where I've had to press the button manually.
I started on Windows 8 and changed to Windows 10 and had this issue with both.

I'm not hugely familiar with the inner workings of computers so if you need me to check something other than a DxDiag, I might need some instructions.
I'm at my wits' end with this machine but I don't have a great deal of money so I'd prefer to not just buy another.

Any help would be hugely appreciated.

Thanks
- Cas
 

jmarket

PCHF's Almighty Ruler
PCHF Owner
Support Team
Security Team
Jan 10, 2015
1,725
434
PCHF Bunker
pchelpforum.net
#2
Hi there @Caspar de la Poer and Welcome to PCHF :)

Do you get Blue Screens? Also do the following for me:

Please download MiniToolBox and save it to your desktop. Run the program by right clicking on it and selecting Run as administrator. When the program opens select the following boxes:

Flush DNS
List IP Configuration
List Winsock Entries
List last 10 Event Viewer Errors
List Installed Programs
List Devices (Only Problems)
List Users, Partitions and Memory size


Please post the log in your next reply :)
 

Caspar de la Poer

PCHF Member
PCHF Member
Aug 8, 2018
10
0
28
#3
Thanks for the quick response, jmarket :)

Funnily enough, I've never once gotten the dreaded blue screen.

MiniToolBox by Farbar Version: 17-06-2016
Ran by Connal Cranson (administrator) on 08-08-2018 at 17:56:38
Running from "C:\Users\Connal Cranson\Downloads"
Microsoft Windows 10 Pro (X64)
Model: MS-7917 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.
========================= IP Configuration: ================================

Killer E2200 Gigabit Ethernet Controller = Ethernet (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DESKTOP-G21BS2V
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Killer E2200 Gigabit Ethernet Controller
Physical Address. . . . . . . . . : D8-CB-8A-57-36-17
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : fdc8:1451:6215:1a00:2403:3dff:5ebd:5275(Preferred)
Temporary IPv6 Address. . . . . . : fdc8:1451:6215:1a00:8900:8e03:ffbc:543e(Preferred)
Link-local IPv6 Address . . . . . : fe80::2403:3dff:5ebd:5275%5(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, 8 August 2018 4:56:09 PM
Lease Expires . . . . . . . . . . : Thursday, 9 August 2018 4:56:09 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 81316746
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-18-6B-0C-D8-CB-8A-57-36-17
DNS Servers . . . . . . . . . . . : fe80::1%5
192.168.1.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: UnKnown
Address: fe80::1

Name: google.com
Addresses: 2404:6800:4006:803::200e
216.58.199.46


Pinging google.com [216.58.199.46] with 32 bytes of data:
Reply from 216.58.199.46: bytes=32 time=64ms TTL=57
Reply from 216.58.199.46: bytes=32 time=71ms TTL=57

Ping statistics for 216.58.199.46:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 71ms, Average = 67ms
Server: UnKnown
Address: fe80::1

Name: yahoo.com
Addresses: 2001:4998:58:1836::10
2001:4998:44:41d::4
2001:4998:c:1023::5
2001:4998:44:41d::3
2001:4998:58:1836::11
2001:4998:c:1023::4
98.137.246.7
72.30.35.9
98.137.246.8
98.138.219.232
72.30.35.10
98.138.219.231


Pinging yahoo.com [98.137.246.7] with 32 bytes of data:
Reply from 98.137.246.7: bytes=32 time=237ms TTL=54
Reply from 98.137.246.7: bytes=32 time=210ms TTL=54

Ping statistics for 98.137.246.7:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 210ms, Maximum = 237ms, Average = 223ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
5...d8 cb 8a 57 36 17 ......Killer E2200 Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.7 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.1.0 255.255.255.0 On-link 192.168.1.7 281
192.168.1.7 255.255.255.255 On-link 192.168.1.7 281
192.168.1.255 255.255.255.255 On-link 192.168.1.7 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.1.7 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.1.7 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 331 ::1/128 On-link
5 41 fdc8:1451:6215:1a00::/64 On-link
5 281 fdc8:1451:6215:1a00:2403:3dff:5ebd:5275/128
On-link
5 281 fdc8:1451:6215:1a00:8900:8e03:ffbc:543e/128
On-link
5 281 fe80::/64 On-link
5 281 fe80::2403:3dff:5ebd:5275/128
On-link
1 331 ff00::/8 On-link
5 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/08/2018 04:48:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x5374d416
Faulting module name: ntdll.dll, version: 10.0.17134.165, time stamp: 0x845de87a
Exception code: 0xc0000374
Fault offset: 0x000d8879
Faulting process id: 0x1c98
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
Faulting package full name: hl2.exe4
Faulting package-relative application ID: hl2.exe5

Error: (08/08/2018 04:21:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/08/2018 10:59:05 AM) (Source: Application Error) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x5374d416
Faulting module name: ntdll.dll, version: 10.0.17134.165, time stamp: 0x845de87a
Exception code: 0xc0000374
Fault offset: 0x000d8879
Faulting process id: 0x3a48
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
Faulting package full name: hl2.exe4
Faulting package-relative application ID: hl2.exe5

Error: (08/08/2018 10:02:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/08/2018 09:11:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/07/2018 09:49:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/07/2018 07:48:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/06/2018 08:17:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/06/2018 04:39:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/06/2018 07:44:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.


System errors:
=============
Error: (08/08/2018 05:01:00 PM) (Source: Service Control Manager) (User: )
Description: The Delivery Optimization service hung on starting.

Error: (08/08/2018 04:59:35 PM) (Source: DCOM) (User: DESKTOP-G21BS2V)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-G21BS2VConnal CransonS-1-5-21-2129831622-456617242-2225385699-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/08/2018 04:58:40 PM) (Source: DCOM) (User: DESKTOP-G21BS2V)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-G21BS2VConnal CransonS-1-5-21-2129831622-456617242-2225385699-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/08/2018 04:56:09 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:55:06 PM on ‎8/‎8/‎2018 was unexpected.

Error: (08/08/2018 04:22:29 PM) (Source: DCOM) (User: DESKTOP-G21BS2V)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-G21BS2VConnal CransonS-1-5-21-2129831622-456617242-2225385699-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/08/2018 04:22:26 PM) (Source: DCOM) (User: DESKTOP-G21BS2V)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-G21BS2VConnal CransonS-1-5-21-2129831622-456617242-2225385699-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/08/2018 11:07:05 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:05:52 AM on ‎8/‎8/‎2018 was unexpected.

Error: (08/08/2018 10:05:47 AM) (Source: DCOM) (User: DESKTOP-G21BS2V)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-G21BS2VConnal CransonS-1-5-21-2129831622-456617242-2225385699-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/08/2018 10:05:45 AM) (Source: DCOM) (User: DESKTOP-G21BS2V)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-G21BS2VConnal CransonS-1-5-21-2129831622-456617242-2225385699-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/08/2018 10:04:30 AM) (Source: DCOM) (User: DESKTOP-G21BS2V)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-G21BS2VConnal CransonS-1-5-21-2129831622-456617242-2225385699-1001LocalHost (Using LRPC)UnavailableUnavailable


Microsoft Office Sessions:
=========================
Error: (08/08/2018 04:48:23 PM) (Source: Application Error)(User: )
Description: hl2.exe0.0.0.05374d416ntdll.dll10.0.17134.165845de87ac0000374000d88791c9801d42ee38ea11f89C:\Program Files (x86)\Steam\steamapps\common\Transmissions Element 120\hl2.exeC:\WINDOWS\SYSTEM32\ntdll.dll84255c29-5987-4bf3-93b0-dc6e6a82b943

Error: (08/08/2018 04:21:47 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifestC:\Program Files (x86)\Audacity\audacity.exe

Error: (08/08/2018 10:59:05 AM) (Source: Application Error)(User: )
Description: hl2.exe0.0.0.05374d416ntdll.dll10.0.17134.165845de87ac0000374000d88793a4801d42eb2775d9819C:\Program Files (x86)\Steam\steamapps\common\Transmissions Element 120\hl2.exeC:\WINDOWS\SYSTEM32\ntdll.dlldd293b05-2c97-4572-9d45-2b8ff16d1939

Error: (08/08/2018 10:02:53 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifestC:\Program Files (x86)\Audacity\audacity.exe

Error: (08/08/2018 09:11:21 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifestC:\Program Files (x86)\Audacity\audacity.exe

Error: (08/07/2018 09:49:13 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifestC:\Program Files (x86)\Audacity\audacity.exe

Error: (08/07/2018 07:48:14 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifestC:\Program Files (x86)\Audacity\audacity.exe

Error: (08/06/2018 08:17:36 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifestC:\Program Files (x86)\Audacity\audacity.exe

Error: (08/06/2018 04:39:49 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifestC:\Program Files (x86)\Audacity\audacity.exe

Error: (08/06/2018 07:44:44 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifestC:\Program Files (x86)\Audacity\audacity.exe


=========================== Installed Programs ============================

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version: - Frictional Games)
Arcanum (HKLM\...\Steam App 500810) (Version: - Troika Games)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avira (HKLM-x32\...\{B5B610D2-992E-45B8-A888-0BC163C539C9}) (Version: 1.2.117.17323 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{fcfe3cca-17f1-49fe-8deb-729b45d9c923}) (Version: 1.2.117.17323 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.36.211 - Avira Operations GmbH & Co. KG)
Baldur's Gate: Enhanced Edition (HKLM\...\Steam App 228280) (Version: - Beamdog)
Betrayer (HKLM\...\Steam App 243120) (Version: - Blackpowder Games)
BioShock Infinite (HKLM\...\Steam App 8870) (Version: - Irrational Games)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version: - Torn Banner Studios)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH)
Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version: - FromSoftware)
DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version: - FromSoftware, Inc)
DARK SOULS™ III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
DARK SOULS™: REMASTERED (HKLM\...\Steam App 570940) (Version: - QLOC)
Day of Defeat: Source (HKLM\...\Steam App 300) (Version: - Valve)
Dead Space (HKLM\...\Steam App 17470) (Version: - EA Redwood Shores)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Discord (HKCU\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dishonored (HKLM\...\Steam App 205100) (Version: - Arkane Studios)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
Don't Starve (HKLM\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together (HKLM\...\Steam App 322330) (Version: - Klei Entertainment)
Empire: Total War (HKLM\...\Steam App 10500) (Version: - The Creative Assembly)
F.E.A.R. 2: Project Origin (HKLM\...\Steam App 16450) (Version: - Monolith)
F.E.A.R. 3 (HKLM\...\Steam App 21100) (Version: - Day 1 Studios)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM\...\{83F2CE66-1F17-38DE-83BD-1BAD39009FB6}) (Version: 68.0.3440.84 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HL-1210W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
KHOLAT (HKLM\...\Steam App 343710) (Version: - IMGN.PRO)
Killing Floor (HKLM\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 (HKLM\...\Steam App 232090) (Version: - Tripwire Interactive)
Logi Firmware Update Tool for C930e (HKLM-x32\...\FWUpdateC930e) (Version: 8.0.916.0 - Logitech Europe S.A.)
Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 2.1.136.0 - Logitech Europe S.A.)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.766.1 - McAfee, Inc.)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mordheim: City of the Damned (HKLM\...\Steam App 276810) (Version: - Rogue Factor)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Studio 14.0 (HKLM\...\{50500EC0-733E-11E7-8FB3-95BE57594EAC}) (Version: 14.0.127 - VEGAS)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.36 - MSI)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Outlast (HKLM\...\Steam App 238320) (Version: - Red Barrels)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - PUBG Corporation)
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version: - )
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{42F56083-A726-4599-A231-EF6200A39AF6}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{1CC47E9F-A34A-44B3-8C5A-D45C1A3CB94C}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.47.1058 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{A32F7F52-0DC5-40EF-84BD-7D30CC20D157}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.20.606 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Red Faction (HKLM\...\Steam App 20530) (Version: - Volition, Inc.)
Riven (HKLM\...\Steam App 63610) (Version: - Cyan Worlds)
Sniper Elite: Nazi Zombie Army (HKLM\...\Steam App 227100) (Version: - Rebellion)
Sniper Elite: Nazi Zombie Army 2 (HKLM\...\Steam App 247910) (Version: - )
SOMA (HKLM\...\Steam App 282140) (Version: - Frictional Games)
STAR WARS™: Knights of the Old Republic™ (HKLM\...\Steam App 32370) (Version: - BioWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls III: Morrowind (HKLM\...\Steam App 22320) (Version: - Bethesda Game Studios®)
The Elder Scrolls IV: Oblivion (HKLM\...\Steam App 22330) (Version: - Bethesda Game Studios)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Elder Scrolls: Legends (HKLM\...\Steam App 364470) (Version: - Dire Wolf Digital)
Total War: SHOGUN 2 (HKLM\...\Steam App 34330) (Version: - The Creative Assembly)
Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version: - Creative Assembly)
Transmissions: Element 120 (HKLM\...\Steam App 365300) (Version: - Shokunin)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{8BA11E80-4FB0-11E7-9B6D-A9EF5249FCEF}) (Version: 14.0.270 - VEGAS)
Verdun (HKLM\...\Steam App 242860) (Version: - M2H)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Warhammer 40,000 Space Marine (HKLM\...\Steam App 55150) (Version: - Relic)
Warhammer 40,000: Dawn of War – Dark Crusade (HKLM\...\Steam App 4580) (Version: - Relic Entertainment)
Warhammer 40,000: Dawn of War - Game of the Year Edition (HKLM\...\Steam App 4570) (Version: - Relic Entertainment)
Warhammer 40,000: Dawn of War – Soulstorm (HKLM\...\Steam App 9450) (Version: - Relic Entertainment)
Warhammer 40,000: Dawn of War – Winter Assault (HKLM\...\Steam App 9310) (Version: - Relic Entertainment)
Warhammer 40,000: Inquisitor - Martyr (HKLM\...\Steam App 527430) (Version: - NeocoreGames)
Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version: - Fatshark)
Warhammer: Vermintide 2 (HKLM\...\Steam App 552500) (Version: - Fatshark)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM\...\Steam App 20570) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM\...\Steam App 56400) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM\...\Steam App 15620) (Version: - Relic Entertainment)
Windows Driver Package - Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wolfenstein: The New Order (HKLM\...\Steam App 201810) (Version: - Machine Games)
Wolfenstein: The Old Blood (HKLM\...\Steam App 350080) (Version: - MachineGames)
Wondershare Filmora(Build 7.8.9) (HKLM-x32\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
XSplit Broadcaster (HKLM-x32\...\{A7BA2EEB-8B51-4043-A75F-47C9587864C9}) (Version: 3.2.1711.2927 - SplitmediaLabs)
XSplit Gamecaster (HKLM-x32\...\{1B52322C-EEDB-42CE-BF10-DC577E89DDB6}) (Version: 3.1.1708.2943 - SplitmediaLabs)
Z (HKLM\...\Steam App 275530) (Version: - TickTock Games)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 16332.79 MB
Available physical RAM: 10118.9 MB
Total Virtual: 18764.79 MB
Available Virtual: 10151.46 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:1862.06 GB) (Free:604.66 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP-G21BS2V

Administrator Cas DefaultAccount
defaultuser0 Guest WDAGUtilityAccount


**** End of log ****
 
Last edited by a moderator:

jmarket

PCHF's Almighty Ruler
PCHF Owner
Support Team
Security Team
Jan 10, 2015
1,725
434
PCHF Bunker
pchelpforum.net
#6
Please download the Sysnative BSOD Dump + System File Collection App - save to Documents folder.

Run the app - Double-click on the downloaded EXE file
Output = new folder created in Documents + a zipped version -- SysnativeFileCollectionApp folder + SysnativeFileCollectionApp.zip.

Please note that the app averages ~3 minutes to run on most systems; other systems - it my take as long as 10-15 minutes to run. Please be patient.

Also note: The app auto-zips the SysnativeFileCollectionApp output folder. It is located in your Documents folder.
Windows Explorer should open and highlight the zipped folder

Please attach the SysnativeFileCollectionApp.zip to your post and await further instructions :)
 

Caspar de la Poer

PCHF Member
PCHF Member
Aug 8, 2018
10
0
28
#7
Here's the requested zip folder. For what it's worth, these last couple of nights I've accidentally tapped the tower with my foot and that appears to have caused a restart. I guess that would indicate an issue with the power source but the last couple of times at the repair shops, they've said they found now issues with that.
Just thought providing this information could be helpful :)
 

Attachments

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,797
491
#8
Here is a big issue, you can not run two antivirus applications at once. you must remove one and then reboot your machine. I'd also uninstall Mcafee seurity scan as well.

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avira (HKLM-x32\...\{B5B610D2-992E-45B8-A888-0BC163C539C9}) (Version: 1.2.117.17323 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{fcfe3cca-17f1-49fe-8deb-729b45d9c923}) (Version: 1.2.117.17323 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.36.211 - Avira Operations GmbH & Co. KG)
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,797
491
#9
Once you have removed one of the antivirus applications and Mcafee, please post this log.

HijackThis.



1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.
 

Caspar de la Poer

PCHF Member
PCHF Member
Aug 8, 2018
10
0
28
#10
Here you go

Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.24

Platform: x64 Windows 10 (Pro), 10.0.17134 (ReleaseId: 1803), Service Pack: 0
Time: 13.08.2018 - 07:58
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0xC09)
Elevated: Yes
Ran by: Connal Cranson (group: Administrator) on DESKTOP-G21BS2V

Chrome: 68.0.3440.106
Edge: 11.0.17134.165
Internet Explorer: 11.0.17134.1

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Browny02\BrYNSvc.exe
1 C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
1 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
1 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
1 C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
1 C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe
31 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
1 C:\Program Files (x86)\MSI\Live Update\Live Update.exe
1 C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
1 C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
1 C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
1 C:\Program Files (x86)\Steam\Steam.exe
5 C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
1 C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
1 C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe
1 C:\Program Files\Logitech Gaming Software\LCore.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
1 C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\Windows Defender\MSASCuiL.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18061.16430.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
3 C:\Users\Connal Cranson\AppData\Local\Discord\app-0.0.301\Discord.exe
1 C:\Users\Connal Cranson\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\Connal Cranson\Documents\Help Files\HiJackThis.exe
1 C:\Users\Connal Cranson\Documents\Help Files\MemCompression
1 C:\Users\Connal Cranson\Documents\Help Files\Registry
1 C:\Windows\System32\ApplicationFrameHost.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\browser_broker.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
62 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hs...ebcompa__1_0__ya__hp_WCYID10454__180604__yaie
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes: DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (no name) - (no URL)
R4 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes: DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (no name) - (no URL)
O4 - Global User Startup: Killer Network Manager.lnk -> C:\Windows\Installer\{A32F7F52-0DC5-40EF-84BD-7D30CC20D157}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize
O4 - HKCU\..\Run: [CorsairLink4] C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe -startup
O4 - HKCU\..\Run: [Discord] C:\Users\Connal Cranson\AppData\Local\Discord\app-0.0.301\Discord.exe
O4 - HKCU\..\Run: [OneDrive] C:\Users\Connal Cranson\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background
O4 - HKCU\..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing)
O4 - HKLM\..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] (1601/01/01)C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] (1601/01/01)C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4-32 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4-32 - HKLM\..\Run: [LogiCameraSettingsWidget] C:\Program Files (x86)\Common Files\LogiShrd\LogiUCDpp\BGWidget.exe
O4-32 - HKLM\..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
O4-32 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O15 - Trusted Zone: http://*.webcompanion.com
O17 - DHCP DNS - 1: 192.168.1.1
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - ShellIconOverlayIdentifiers: 00asw - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O22 - Task (Disabled): Connect - C:\Program Files (x86)\MAGIX\Connect\connect.exe
O22 - Task (Disabled): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task (Disabled): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (Disabled): NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task (Disabled): NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Task (Disabled): NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task (Disabled): NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task (Disabled): NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task (Disabled): NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task (Disabled): NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
O22 - Task (Disabled): NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe /noshim
O22 - Task (Disabled): NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe /noshim
O22 - Task (Disabled): NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe /noshim
O22 - Task (Disabled): NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
O22 - Task (Disabled): OneDrive Standalone Update Task-S-1-5-21-2129831622-456617242-2225385699-1001 - C:\Users\Connal Cranson\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
O22 - Task (Disabled): Steam Downloads - C:\Program Files (x86)\Steam\Steam.exe
O22 - Task (Disabled): \AVAST Software\Gaming mode Task Scheduler recovery - C:\WINDOWS\system32\schtasks.exe /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
O22 - Task (Disabled): \Microsoft\Windows\HelloFace\FODCleanupTask - C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe
O22 - Task (Disabled): \Microsoft\Windows\InstallService\WakeUpAndContinueUpdates - {0DC331EE-8438-49D5-A721-E10B937CE459} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task (Disabled): \Microsoft\Windows\InstallService\WakeUpAndScanForUpdates - {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task (Disabled): \Microsoft\Windows\PushToInstall\LoginCheck - C:\WINDOWS\system32\sc.exe start pushtoinstall login
O22 - Task (Disabled): \Microsoft\Windows\Subscription\LicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe
O22 - Task (Disabled): \Microsoft\Windows\UNP\RunUpdateNotificationMgr - C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe
O22 - Task (Disabled): \Microsoft\Windows\Workplace Join\Recovery-Check - C:\WINDOWS\System32\dsregcmd.exe /checkrecovery
O22 - Task (Disabled): \S-1-5-21-2129831622-456617242-2225385699-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task (Ready): \AVAST Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
O22 - Task (Ready): \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll
O22 - Task (Ready): \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file)
O22 - Task (Ready): \Microsoft\Windows\Chkdsk\SyspartRepair - C:\WINDOWS\system32\bcdboot.exe %windir% /sysrepair
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\DirectX\DXGIAdapterCache - C:\WINDOWS\system32\dxgiadaptercache.exe
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh - {711001CD-CC1D-4470-9B7E-1EF73849C79E},ExploitGuardPolicy - C:\WINDOWS\System32\MitigationConfiguration.dll
O22 - Task (Ready): \Microsoft\Windows\InstallService\ScanForUpdates - {A558C6A5-B42B-4C98-B610-BF9559143139} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task (Ready): \Microsoft\Windows\InstallService\ScanForUpdatesAsUser - {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task (Ready): \Microsoft\Windows\InstallService\SmartRetry - {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} - C:\Windows\System32\InstallServiceTasks.dll
O22 - Task (Ready): \Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources - {D0582E3B-3126-4CAA-9155-AC37C912A489} - (no file)
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Cellular - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask
O22 - Task (Ready): \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Arg4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
O22 - Task (Ready): \Microsoft\Windows\Printing\EduPrintProv - C:\WINDOWS\system32\eduprintprov.exe
O22 - Task (Ready): \Microsoft\Windows\PushToInstall\Registration - C:\WINDOWS\system32\sc.exe start pushtoinstall registration
O22 - Task (Ready): \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task (Ready): \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task (Ready): \Microsoft\Windows\Setup\Notifier - C:\WINDOWS\system32\Notifier.exe (file missing)
O22 - Task (Ready): \Microsoft\Windows\Speech\HeadsetButtonPress - C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe StartedFromTask
O22 - Task (Ready): \Microsoft\Windows\Subscription\EnableLicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe -e
O22 - Task (Ready): \Microsoft\Windows\USB\Usb-Notifications - {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} - C:\Windows\System32\UsbTask.dll
O22 - Task (Ready): \Microsoft\Windows\UpdateOrchestrator\Schedule Retry Scan - C:\WINDOWS\system32\usoclient.exe StartScan
O22 - Task (Ready): \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - C:\WINDOWS\system32\MusNotification.exe Display
O22 - Task (Ready): \Microsoft\Windows\WaaSMedic\PerformRemediation - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},None - (no file)
O22 - Task (Ready): \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
O22 - Task (Ready): \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup
O22 - Task (Ready): \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
O22 - Task (Ready): \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe -IdleTask -TaskName WdVerification
O22 - Task (Ready): \Microsoft\Windows\WwanSvc\NotificationTask - C:\WINDOWS\System32\WiFiTask.exe wwan
O23 - Service R2: Logitech Gaming Registry Service - (LogiRegistryService) - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service R2: MSI Live Update Service - (MSI_LiveUpdate_Service) - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service R2: Qualcomm Atheros Killer Service V2 - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service R2: Razer Chroma SDK Server - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service R2: Razer Chroma SDK Service - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service R2: Razer Game Scanner - (Razer Game Scanner Service) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service R2: Windows Defender Antivirus Service - (WinDefend) - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe
O23 - Service R2: Windows Defender Security Center Service - (SecurityHealthService) - C:\WINDOWS\system32\SecurityHealthService.exe
O23 - Service R3: BrYNSvc - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service R3: Corsair LINK 4 - (CLink4Service) - C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service R3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service S3: Windows Defender Advanced Threat Protection Service - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe

--
End of file - Time spent: 15 sec. - 41092 bytes, CRC32: FFFFFFFF. Sign: 萁뵢
 

Attachments

Last edited by a moderator:

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,797
491
#11
Clean up temp files and reduce startup load with CCleaner.


Note: This tool will clean your browsing history as well.



  • Download CCleaner from here.
  • After install Click Options.
  • Go to monitoring.
  • Uncheck All Monitoring items.
  • Go to advanced -- Click close program after cleaning.
  • Go to settings -- click run ccleaner when the computer starts.
  • Now that you have ccleaner installed and set-up:
  • Open the program.
  • Go to Tools
  • Go to Startup
  • Now double click each item. To Disable.
  • Leave only your antivirus enabled.
  • Then disable All items in your scheduled task as well.
  • Unless they are related to windows defender.Or your antivirus.
  • Reboot the machine.
  • Let us know how the machine is running now.
 

Caspar de la Poer

PCHF Member
PCHF Member
Aug 8, 2018
10
0
28
#12
Right now I can't get the PC to turn on. It shut down unexpectedly and just won't turn on again.
This has happened before so hopefully I'll get to run the CCleaner in the next day or two when it decides to work again.

Is there anything you can recommend I do in the mean time?
Do you have any suspicions about what's happen with the machine? Is that something you'll be able to answer once we've gone through this process?
 

jmarket

PCHF's Almighty Ruler
PCHF Owner
Support Team
Security Team
Jan 10, 2015
1,725
434
PCHF Bunker
pchelpforum.net
#16
Let's test your RAM to ensure your RAM is OK :)

  • Click Start, type mdsched.exe in the Search box, and then press Enter.
  • Choose whether to restart the computer and run the tool immediately or schedule the tool to run at the next restart.
  • Windows Memory Diagnostics runs automatically after the computer restarts and performs a standard memory test automatically. If you want to perform fewer or more tests, press F1, use the Up and Down arrow keys to set the Test Mix as Basic, Standard, or Extended, and then press F10 to apply the desired settings and resume testing.
  • When testing is completed, the computer restarts automatically. You’ll see the test results when you log on.
 
Likes: Malnutrition

Rustys

Escaped Mental Patient
Administrator
Support Team
Jul 22, 2016
1,359
543
127.0.0.1
pchelpforum.net
#18
I've run mdsched.exe twice now as instructed but there is no log or report that shows when the computer restarts.
From what I have read for what ever reason Windows 10 does not display the file (results) yet there is a way to retrieve it.

Try following the information in this LINK and see if it helps.
 

Caspar de la Poer

PCHF Member
PCHF Member
Aug 8, 2018
10
0
28
#19
Log Name: System
Source: Microsoft-Windows-MemoryDiagnostics-Results
Date: 16/08/2018 9:25:51 AM
Event ID: 1201
Task Category: None
Level: Information
Keywords:
User: SYSTEM
Computer: DESKTOP-G21BS2V
Description:
The Windows Memory Diagnostic tested the computer's memory and detected no errors
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-MemoryDiagnostics-Results" Guid="{5F92BC59-248F-4111-86A9-E393E12C6139}" />
<EventID>1201</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2018-08-15T23:25:51.871093400Z" />
<EventRecordID>8875</EventRecordID>
<Correlation />
<Execution ProcessID="6192" ThreadID="6196" />
<Channel>System</Channel>
<Computer>DESKTOP-G21BS2V</Computer>
<Security UserID="S-1-5-18" />
</System>
<UserData>
<Results xmlns="http://manifests.microsoft.com/win/2005/08/windows/Reliability/Postboot/Events">
<CompletionType>Pass</CompletionType>
</Results>
</UserData>
</Event>
 
Last edited by a moderator: