Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-11-2014 01 Ran by Family at 2014-11-30 02:33:33 Running from C:\Users\Family\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) .NET Utilities (HKLM\...\{DDAC04BD-EE0F-4A9A-99F2-D1A711683C87}) (Version: 128.0.0 - Manufacturer) 32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden 32 Bit HP CIO Components Installer (Version: 1.1.0 - Hewlett-Packard) Hidden 32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden 8STAR (HKLM\...\8STAR8.1) (Version: 8.1 - ) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.) Adobe Reader Chinese Traditional Fonts (HKLM\...\{AC76BA86-7AD7-2448-0000-705000000001}) (Version: 7.0.5 - Adobe Systems) Adobe Reader X (10.1.4) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated) AIO_CDA_ProductContext (Version: 82.0.223.000 - Hewlett-Packard) Hidden AIO_CDA_Software (Version: 82.0.223.000 - Hewlett-Packard) Hidden AIO_Scan (Version: 82.0.173.000 - Hewlett-Packard) Hidden ASUS Wireless Router Utilities (HKLM\...\ASUS Wireless Router Utilities) (Version: - ) AVG (HKLM\...\AvgZen) (Version: 1.0.387 - AVG Technologies) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies) AVG 2015 (Version: 15.0.4223 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden AVG PC TuneUp 2015 (en-US) (Version: 15.0.1001.238 - AVG Technologies) Hidden AVG PC TuneUp 2015 (HKLM\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies) AVG PC TuneUp 2015 (Version: 15.0.1001.238 - AVG Technologies) Hidden AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.0.0.19 - AVG Technologies) AVG Zen (Version: 1.0.387 - AVG Technologies) Hidden BlackBerry Device Software Updater (HKLM\...\{23C12370-3A82-4558-B727-F345B473AD87}) (Version: 6.0.1.6 - Research In Motion Ltd) BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden C3100 (Version: 82.0.223.000 - Hewlett-Packard) Hidden c3100_Help (Version: 82.0.58.000 - Hewlett-Packard) Hidden Canon Camera Access Library (HKLM\...\CAL) (Version: 8.2.0.1 - ) Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.3.0.11 - ) Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: 6.2.0.11 - ) Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.0.1.3 - ) Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 1.0.198.10000 - CANON INC.) Canon Laser Printer/Scanner/Fax Extended Survey Program (Version: 1.0.198 - CANON INC.) Hidden Canon MF Toolbox 4.9.1.1.mf14 (HKLM\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf14 - CANON INC.) Canon MF8200C Series (HKLM\...\{C2938963-3BB0-41cd-9769-E28814C59075}) (Version: 4.2.0.0 - CANON INC.) Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 2.3.0.19 - ) Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 2.4.0.7 - ) Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.6.0.9 - ) Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 1.0.4.18 - ) Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.18.42 - ) Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 5.7.0.74 - ) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Copy (Version: 82.0.188.000 - Hewlett-Packard) Hidden Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden DivX (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 5.2.1 - DivXNetworks, Inc.) DocProc (Version: 8.1.0.0 - Hewlett-Packard) Hidden DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden Dropbox (HKU\S-1-5-21-1281781510-1492145563-2711715990-1002\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) DYNA Font (HKLM\...\{23A5A4AF-5CC1-4009-B8E2-F4C4E9A1D6FC}) (Version: 1.00.0000 - Penpower) easyOFFER 2007 TREB (HKLM\...\{47BBD3C6-4C8C-408A-9E5F-EFCF2A161AE4}) (Version: 1.00.2007 - Your Company Name) easyOFFER 2007 TREB Service Pack 2 (HKLM\...\{51FECE8E-F698-4752-9F06-539500985CA4}) (Version: 1.00.2007 - Reagency Systems Corp.) Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - Hewlett-Packard) eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden Fax (Version: 82.0.188.000 - Hewlett-Packard) Hidden FMW 1 (Version: 1.0.259 - AVG Technologies) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Hewlett-Packard Active Check for Health Check (Version: 1.1.15.2 - Hewlett-Packard) Hidden Hewlett-Packard Asset Agent for Health Check (Version: 2.0.64.0 - HP) Hidden HP Easy Setup - Core (HKLM\...\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}) (Version: 1.00.0000 - Hewlett-Packard) HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP) HP OCR Software 8.0 (HKLM\...\HPOCR) (Version: 8.0 - HP) HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP) HP Photosmart.All-In-One Driver Software 8.0 .A (HKLM\...\{282E5AB2-8E47-4571-B6FA-6B512555B557}) (Version: 8.0 - HP) HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP) hppLaserJetService (Version: 002.015.00599 - Hewlett-Packard) Hidden HPProductAssistant (Version: 82.0.173.000 - Hewlett-Packard) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - ) LaserJet 1020 series (HKLM\...\HP-LaserJet 1020 series) (Version: - ) LightScribe 1.4.124.1 (Version: 1.4.124.1 - http://www.lightscribe.com) Hidden Making Sales Happen 2.7.16 (HKLM\...\Making Sales Happen_is1) (Version: - Mojo Selling Solutions) Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Memeo AutoSync (Version: 2.50.1935 - Memeo, Inc) Hidden Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}) (Version: 9.00.3042.00 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation) Mojo Sales Engine 2.4.74 (HKLM\...\Mojo Sales Engine_is1) (Version: 2.4.74 - Mojo Selling Solutions) Mozilla Firefox 32.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla) Mpeg2Decoder 1.3 (HKLM\...\Mpeg2Decoder_is1) (Version: - DeskShare) MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) muvee autoProducer 5.0 (HKLM\...\{B83A15A7-2BD5-4416-BC43-AF5F9A4B08A9}) (Version: 5.00.050 - muvee Technologies) MySQL Connector/ODBC 5.1 (HKLM\...\{29042B1C-0713-4575-B7CA-5C8E7B0899D4}) (Version: 5.1.6 - MySQL AB) OcxSetup (Version: 1.0.0 - Hewlett-Packard Company) Hidden OrderReminder HP LaserJet 1020 (HKLM\...\OrderReminder HP LaserJet 1020) (Version: 2.0 - ) PaperPort Image Printer (HKLM\...\{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}) (Version: 1.00.0000 - Nuance Communications, Inc.) PenpowerJR (HKLM\...\{F7D53B02-2C51-4CF5-9A51-F7A6D658EA5A}) (Version: 7.1f - Penpower) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) Python 2.4.3 (HKLM\...\{75E71ADD-042C-4F30-BFAC-A9EC42351313}) (Version: 2.4.3150 - Martin v. Löwis) Quicken 2007 (HKLM\...\{0D2E80C8-0875-43EB-9623-47118E2DFBCA}) (Version: 16.00.0000 - Intuit) QuickTax 2006 (HKLM\...\{FAFDA89B-1031-4BDB-8619-DE20CBDEDF32}) (Version: - ) QuickTax 2007 (HKLM\...\{22EC35BD-F8F2-45EB-8DCB-1C7FB65D0A71}) (Version: 1.00.0000 - Intuit Canada) QuickTax 2008 (HKLM\...\{AA0D2D5F-612B-45D3-8759-DA87206E5CC9}) (Version: 1.00.0000 - Intuit Canada) QuickTax 2009 (HKLM\...\{ECB9C58E-C565-4683-9599-B72290BD3B25}) (Version: 1.00.0000 - Intuit Canada) QuickTax Tracker (HKLM\...\InstallShield_{78AD4938-7EE6-4DC0-A5BC-3AF82750A617}) (Version: 12.01.0000 - Intuit) QuickTax Tracker (Version: 12.01.0000 - Intuit) Hidden QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - ) Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio) Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio) Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio) Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio) Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.3.0 - Roxio) Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio) Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden ScanSoft PaperPort 11 (HKLM\...\{B6C89654-A6A2-477C-873B-724EC1C56407}) (Version: 11.1.0000 - Nuance Communications, Inc.) Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) SolutionCenter (Version: 82.0.188.000 - Hewlett-Packard) Hidden Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden Top Producer Editor (HKLM\...\Top Producer Editor_is1) (Version: - ) TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden TurboTax 2010 (HKLM\...\{24AE6B5B-3D5A-488C-9224-1BEE11F75DD9}) (Version: 1.00.0000 - Intuit Canada) UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies) WD Drive Manager (x86) (HKLM\...\{51B833D8-66B0-4E72-92B9-4E4977EF37F2}) (Version: 2.62 - Western Digital) WD Drive Utilities (HKLM\...\{439A51F7-84B1-4603-BEC8-647EB2AC307F}) (Version: 1.0.1.5 - Western Digital) WD Security (HKLM\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{E48995AF-B140-44F5-9A20-A3E4E627F2C2}) (Version: 1.6.2.6 - Western Digital) Webcam (HKU\S-1-5-21-1281781510-1492145563-2711715990-1002\...\{ED1674F5-5165-49BF-B546-AE5343111540}) (Version: 1.0.3.6 - ETRON) WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= Could not list Restore Points. Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ? Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ? Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ? Task: C:\Windows\Tasks\User_Feed_Synchronization-{3A381596-DF53-49F1-B516-6C1B19F06422}.job => ? ==================== Loaded Modules (whitelisted) ============= 2014-10-27 11:04 - 2014-11-04 10:46 - 03060248 _____ () C:\Program Files\AVG Web TuneUp\vprot.exe 2014-10-27 11:04 - 2014-10-27 11:03 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\log4cplusU.dll 2014-10-27 11:04 - 2014-11-04 10:46 - 40630296 _____ () C:\Program Files\AVG Web TuneUp\libcef.dll 2014-11-29 18:23 - 2014-11-29 18:23 - 31842816 _____ () C:\Program Files\AVG\Framework\Common\libcef.dll 2014-10-27 11:04 - 2014-10-27 11:03 - 01685528 _____ () C:\Program Files\AVG Web TuneUp\TBAPI.dll 2014-11-24 06:49 - 2014-11-24 06:49 - 00730936 _____ () C:\Program Files\AVG\AVG PC TuneUp\tulngx.dll 2014-11-29 20:15 - 2014-11-29 20:15 - 00043008 _____ () c:\users\family\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn8yu5n.dll 2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\Family\AppData\Roaming\Dropbox\bin\libcef.dll 2014-11-26 16:48 - 2014-11-25 01:39 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libglesv2.dll 2014-11-26 16:48 - 2014-11-25 01:39 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libegl.dll 2014-11-26 16:48 - 2014-11-25 01:39 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll 2014-11-26 16:48 - 2014-11-25 01:39 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-1281781510-1492145563-2711715990-500 - Administrator - Disabled) ASPNET (S-1-5-21-1281781510-1492145563-2711715990-1004 - Limited - Enabled) Family (S-1-5-21-1281781510-1492145563-2711715990-1002 - Limited - Enabled) => C:\Users\Family Guest (S-1-5-21-1281781510-1492145563-2711715990-501 - Limited - Enabled) => C:\Users\Guest Lewis (S-1-5-21-1281781510-1492145563-2711715990-1001 - Administrator - Enabled) => C:\Users\Lewis ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/29/2014 10:29:52 PM) (Source: VSS) (EventID: 12298) (User: ) Description: Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume \\?\Volume{4698fca1-9200-11db-970e-806e6f6e6963}\. The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully. ], Flush[0x00000000, The operation completed successfully. ], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced. ], OnRun[0x00000000, The operation completed successfully. ]. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (11/29/2014 10:29:52 PM) (Source: VSS) (EventID: 12310) (User: ) Description: Volume Shadow Copy Service error: The shadow copy could not be committed - operation timed out. Error context: DeviceIoControl(\\?\Volume{4698fca1-9200-11db-970e-806e6f6e6963} - 00000120,0x0053c010,009C9F28,0,009CBF38,4096,[0]). Operation: Committing shadow copies Context: Execution Context: System Provider Error: (11/29/2014 06:44:32 PM) (Source: VSS) (EventID: 12298) (User: ) Description: Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume \\?\Volume{4698fca1-9200-11db-970e-806e6f6e6963}\. The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully. ], Flush[0x00000000, The operation completed successfully. ], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced. ], OnRun[0x00000000, The operation completed successfully. ]. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (11/29/2014 06:44:32 PM) (Source: VSS) (EventID: 12310) (User: ) Description: Volume Shadow Copy Service error: The shadow copy could not be committed - operation timed out. Error context: DeviceIoControl(\\?\Volume{4698fca1-9200-11db-970e-806e6f6e6963} - 0000012C,0x0053c010,00966D98,0,00967DA0,4096,[0]). Operation: Committing shadow copies Context: Execution Context: System Provider Error: (11/26/2014 10:12:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver. System Error: The system cannot find the file specified. . Error: (11/26/2014 10:12:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver. System Error: The system cannot find the file specified. . Error: (11/26/2014 10:11:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver. System Error: The system cannot find the file specified. . Error: (11/26/2014 10:10:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver. System Error: The system cannot find the file specified. . Error: (11/23/2014 02:51:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program iexplore.exe version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1a40 Start Time: 01d007560ed205d5 Termination Time: 42 Application Path: C:\Program Files\Internet Explorer\iexplore.exe Report Id: Error: (11/12/2014 08:29:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver. System Error: The system cannot find the file specified. . System errors: ============= Error: (11/30/2014 00:25:53 AM) (Source: volsnap) (EventID: 36) (User: ) Description: The shadow copies of volume D: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (11/29/2014 10:30:02 PM) (Source: volsnap) (EventID: 8) (User: ) Description: The flush and hold writes operation on volume C: timed out while waiting for a release writes command. Error: (11/29/2014 09:22:37 PM) (Source: BROWSER) (EventID: 8032) (User: ) Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{07A7C227-CA85-4131-A3D9-C7CB36011BA6}. The backup browser is stopping. Error: (11/29/2014 08:20:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The HP Health Check Service service failed to start due to the following error: %%1053 Error: (11/29/2014 08:20:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the HP Health Check Service service to connect. Error: (11/29/2014 08:16:27 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Canon Camera Access Library 8 service hung on starting. Error: (11/29/2014 08:14:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (11/29/2014 07:21:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (11/29/2014 07:20:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMScheduler service failed to start due to the following error: %%1053 Error: (11/29/2014 07:20:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect. Microsoft Office Sessions: ========================= Error: (11/29/2014 10:29:52 PM) (Source: VSS) (EventID: 12298) (User: ) Description: \\?\Volume{4698fca1-9200-11db-970e-806e6f6e6963}\00x00000000, The operation completed successfully. 0x00000000, The operation completed successfully. 0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced. 0x00000000, The operation completed successfully. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (11/29/2014 10:29:52 PM) (Source: VSS) (EventID: 12310) (User: ) Description: DeviceIoControl(\\?\Volume{4698fca1-9200-11db-970e-806e6f6e6963} - 00000120,0x0053c010,009C9F28,0,009CBF38,4096,[0]) Operation: Committing shadow copies Context: Execution Context: System Provider Error: (11/29/2014 06:44:32 PM) (Source: VSS) (EventID: 12298) (User: ) Description: \\?\Volume{4698fca1-9200-11db-970e-806e6f6e6963}\00x00000000, The operation completed successfully. 0x00000000, The operation completed successfully. 0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced. 0x00000000, The operation completed successfully. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (11/29/2014 06:44:32 PM) (Source: VSS) (EventID: 12310) (User: ) Description: DeviceIoControl(\\?\Volume{4698fca1-9200-11db-970e-806e6f6e6963} - 0000012C,0x0053c010,00966D98,0,00967DA0,4096,[0]) Operation: Committing shadow copies Context: Execution Context: System Provider Error: (11/26/2014 10:12:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver. System Error: The system cannot find the file specified. Error: (11/26/2014 10:12:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver. System Error: The system cannot find the file specified. Error: (11/26/2014 10:11:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver. System Error: The system cannot find the file specified. Error: (11/26/2014 10:10:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver. System Error: The system cannot find the file specified. Error: (11/23/2014 02:51:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: iexplore.exe11.0.9600.174201a4001d007560ed205d542C:\Program Files\Internet Explorer\iexplore.exe Error: (11/12/2014 08:29:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver. System Error: The system cannot find the file specified. CodeIntegrity Errors: =================================== Date: 2014-09-15 03:03:25.520 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-15 03:03:25.411 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-15 03:03:25.302 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-15 03:03:25.208 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-15 03:03:25.083 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-24 09:23:11.142 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\msiltcfg.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-26 11:58:36.387 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\msiltcfg.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-26 11:51:57.868 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\msiltcfg.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-26 11:49:46.643 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\msiltcfg.dll because the set of per-page image hashes could not be found on the system. Date: 2013-08-05 07:09:01.929 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\msiltcfg.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz Percentage of memory in use: 67% Total physical RAM: 2038.46 MB Available physical RAM: 655.65 MB Total Pagefile: 4076.93 MB Available Pagefile: 1693.58 MB Total Virtual: 2047.88 MB Available Virtual: 1905.38 MB ==================== Drives ================================ Drive c: (HP) (Fixed) (Total:291.82 GB) (Free:127.84 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (Recovery) (Fixed) (Total:6.27 GB) (Free:0.9 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ==================== End Of Log ============================