Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Task Scheduler Corrupt?

Started by BrucieK , Jul 18 2014 02:47 PM

Please log in to reply

#1
BrucieK

Posted 18 July 2014 - 02:47 PM

Member

Member
11 posts

I bought a new computer (two months old) that runs Windows 7 Professional (64-bit), and, after customizing it a bit to suit my needs, I'm now having a bit of trouble with the Task Scheduler. I do NOT get error messages when I open it; and, according to the Task Status list (in the middle pane), it SAYS it's performing the tasks successfully. And I even see the hard drive's little red light blinking when a scheduled task is being performed. But I can't be sure the tasks are really being performed -- b/c the one I care about the most (the automatic creation of System Restore Points) doesn't seem to be working: When I run the System Restore GUI, none of the new System Restore Points allegedly "created successfully" by the Task Scheduler are listed -- just the ones I'd made manually. I downloaded a (great) 3rd-party Restore Point creator that does this task for me automatically, but I'd still like to get to the root of my Task Scheduler problem. Among its errors:

1) When I click on Display All Running Tasks in the far right pane of Task Scheduler, I get the message, "Task Scheduler service is not available. Task Scheduler will attempt to reconnect to it."

2) When I click on certain individual tasks in the Task Scheduler Library (far left pane), I often get a blank screen in the middle pane, where the detailed data should be.

I've tried numerous solutions proposed online, including deleting certain files lists in the registry. On my computer, the key at:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Schedule\TaskCache\Tasks

lists 94 Tasks (!)...

and the key at

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Schedule\TaskCache\Tree

lists 23 tree files.

But none of my attempted "fixes" corrects the problem.

I've read about five dozen online tech board entrees about this, and still can't figure it out; and I've been on the phone with Microsoft three times, and they, too, are clueless about it. Meantime, I don't have any System Restore Points from before the problem began. Ordinarily, I'd just reinstall Task Scheduler from a distribution disk -- or from my wife's computer, which also runs Windows 7 Professional -- but Task Scheduler isn't a stand-alone file that can be copied -- it's a "snap-in" for the Microsoft Management Console (MMC). So I don't know how to replace it.

Finally -- if it's any clue -- the problem seemed to have started around the time I installed Microsoft Security Essentials (which I have since removed), which was also the time I backed up my entire computer onto an external drive.

So...any suggestions/responses to the above?

#2
SleepyDude

Posted 19 July 2014 - 09:15 AM

Trusted Helper

Malware Removal
4,976 posts

Hi,

Let's take a look, please execute the following tasks and post the generated logs.

» Minitoolbox log
Download MiniToolBox and save the file to the Desktop.
Close the browser and run the tool, check the following options:

List last 10 Event Viewer log
List Installed Programs
List Devices (Only Problems)
List Users, Partitions and Memory size
List Minidump Files
List Restore Points

Click on Go.

Post the resulting log in your next reply.

» Farbar Service Scanner (FSS) log
Let's check some windows critical services...
Download Farbar Service Scanner and save the file to the Desktop.

Run FSS
Check all the options
click Scan

Post the generated log in your reply.

#3
BrucieK

Posted 19 July 2014 - 11:18 AM

Member

Topic Starter
Member
11 posts

Thanks, SleepyDude.

Here are theMiniToolbokx Results:

MiniToolBox by Farbar Version: 06-07-2014
Ran by Bruce (administrator) on 19-07-2014 at 13:15:15
Running from "C:\Users\Bruce\Documents\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Bruce-PC
   Primary Dns Suffix . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : C8-1F-66-3D-0E-28
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::38df:371b:49c2:add9%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, July 19, 2014 12:57:48 PM
   Lease Expires . . . . . . . . . . : Sunday, July 20, 2014 12:57:48 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 247996262
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-4E-A3-0F-C8-1F-66-3D-0E-28
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{86AB6CCF-3938-4AFC-BFD9-4E02924B8BE9}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:14b9:219f:bc0b:8a27(Preferred)
   Link-local IPv6 Address . . . . . : fe80::14b9:219f:bc0b:8a27%14(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name:    google.com
Addresses: 2607:f8b0:4006:809::1001
      74.125.226.162
      74.125.226.163
      74.125.226.164
      74.125.226.165
      74.125.226.166
      74.125.226.167
      74.125.226.168
      74.125.226.169
      74.125.226.174
      74.125.226.160
      74.125.226.161

Pinging google.com [74.125.226.163] with 32 bytes of data:
Reply from 74.125.226.163: bytes=32 time=15ms TTL=54
Reply from 74.125.226.163: bytes=32 time=17ms TTL=54

Ping statistics for 74.125.226.163:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 15ms, Maximum = 17ms, Average = 16ms
Server: UnKnown
Address: 192.168.1.1

Name:    yahoo.com
Addresses: 98.139.183.24
      206.190.36.45
      98.138.253.109

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=98ms TTL=46
Reply from 206.190.36.45: bytes=32 time=102ms TTL=46

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 98ms, Maximum = 102ms, Average = 100ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...c8 1f 66 3d 0e 28 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.11     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1 255.255.255.255         On-link         127.0.0.1    306
127.255.255.255 255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.11    266
     192.168.1.11 255.255.255.255         On-link      192.168.1.11    266
    192.168.1.255 255.255.255.255         On-link      192.168.1.11    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.11    266
255.255.255.255 255.255.255.255         On-link         127.0.0.1    306
255.255.255.255 255.255.255.255         On-link      192.168.1.11    266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
14     58 ::/0                     On-link
1    306 ::1/128                  On-link
14     58 2001::/32                On-link
14    306 2001:0:9d38:6abd:14b9:219f:bc0b:8a27/128
                                    On-link
10    266 fe80::/64                On-link
14    306 fe80::/64                On-link
14    306 fe80::14b9:219f:bc0b:8a27/128
                                    On-link
10    266 fe80::38df:371b:49c2:add9/128
                                    On-link
1    306 ff00::/8                 On-link
14    306 ff00::/8                 On-link
10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4400}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
   The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
   The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt.   0xc0041801 (0xc0041801)

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=2400}. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt.   0xc0041801 (0xc0041801)

Error: (07/19/2014 00:37:53 PM) (Source: Application Hang) (User: )
Description: The program mmc.exe version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e98

Start Time: 01cfa36f9229e51e

Termination Time: 15

Application Path: C:\Windows\SysWOW64\mmc.exe

Report Id: f52480cb-0f62-11e4-a8d7-c81f663d0e28

Error: (07/19/2014 09:41:27 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

System errors:
=============
Error: (07/19/2014 00:53:13 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/19/2014 00:53:13 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473536.

Error: (07/17/2014 09:23:39 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/17/2014 09:23:39 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473536.

Error: (07/16/2014 03:56:40 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/16/2014 03:56:40 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473536.

Error: (07/16/2014 03:54:52 PM) (Source: Microsoft Antimalware) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

   Signatures Attempted: %24

   Error Code: 0x80070002

   Error description: The system cannot find the file specified.

   Signature version: 0.0.0.0;0.0.0.0

   Engine version: %600

Error: (07/12/2014 11:41:04 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (07/12/2014 11:40:34 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/12/2014 11:34:35 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================
Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service)(User: )
Description:
Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service)(User: )
Description:
Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
4400

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service)(User: )
Description:
Details:
   The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
   The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)
Search.TripoliIndexer

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt.   0xc0041801 (0xc0041801)
The catalog is corrupt

Error: (07/19/2014 00:53:13 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt.   0xc0041801 (0xc0041801)
2400

Error: (07/19/2014 00:37:53 PM) (Source: Application Hang)(User: )
Description: mmc.exe6.1.7600.16385e9801cfa36f9229e51e15C:\Windows\SysWOW64\mmc.exef52480cb-0f62-11e4-a8d7-c81f663d0e28

Error: (07/19/2014 09:41:27 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

CodeIntegrity Errors:
===================================
Date: 2014-05-19 23:36:27.568
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-19 23:36:27.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-19 23:36:27.478
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-19 23:36:27.428
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-19 23:36:27.388
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-19 23:36:27.358
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-19 23:36:27.268
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-19 23:36:27.058
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-19 23:36:26.778
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-19 23:36:26.728
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Leawo Video Converter version 5.2.0.1 (HKLM-x32\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version: - )
=========================== Installed Programs ============================
Across Lite 2.0 (HKLM-x32\...\Across Lite 2.0) (Version: 2.0 - Literate Software Systems)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.10 - Adobe Systems)
Adobe After Effects 7.0 (HKLM-x32\...\Adobe After Effects 7.0) (Version: 7.0.0.244 - Adobe Systems, Inc.)
Adobe After Effects 7.0 (x32 Version: 7.0.0.244 - Adobe Systems, Inc.) Hidden
Adobe Bridge 1.0 (x32 Version: 1.0.1.1 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.002 - Adobe System Incorporated) Hidden
Adobe ExtendScript Toolkit 1.0 (x32 Version: 001.000.002 - Adobe Systems) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe GoLive CS2 (x32 Version: 8.0 - Adobe Systems) Hidden
Adobe GoLive CS2 English (HKLM-x32\...\Adobe GoLive CS2 English) (Version: 8.0 - Adobe Systems)
Adobe Help Center 2.0 (x32 Version: 2.0.0 - Adobe Systems) Hidden
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe InDesign CS2 (x32 Version: 004.000.000 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Stock Photos 1.0 (x32 Version: 1.0.2 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Ahead PDF Password Remover 2.0.0 (HKLM-x32\...\{B114A585-8D20-4409-80E3-03E53C6F9E9F}_is1) (Version: - AheadPDF)
Anagram Genius version 9 (HKLM-x32\...\Anagram Genius version 9) (Version: - Genius 2000 Ltd)
Any Flv Player 2.5.1 (HKLM-x32\...\Any Flv Player_is1) (Version: - any-flv-player.com)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: - SlySoft)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Avery Design & Print (HKLM-x32\...\Avery Design & Print 1.0.0) (Version: 1.0.0 - Avery Products Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camfrog Video Chat 6.3 (HKLM-x32\...\Camfrog 6.3) (Version: 6.3.223 - Camshare Inc.)
Camfrog Web Advanced 2.0 ActiveX Plugin (remove only) (HKLM-x32\...\CFWebAdvancedU2) (Version: - )
CamfrogWEB Advanced ActiveX Plugin (remove only) (HKLM-x32\...\CFWebAdvancedU) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version: - )
Canon MX340 series User Registration (HKLM-x32\...\Canon MX340 series User Registration) (Version: - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (remove only) (HKLM-x32\...\CCleaner) (Version: - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: - Elaborate Bytes)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.8.0.203 - Corel Inc.)
CPUID CPU-Z 1.53.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Creative Live! Central 3 (HKLM-x32\...\Creative Live! Central 2) (Version: 3.01.26 - Creative Technology Ltd)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.0.3 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.0.3 - Dell Inc.)
Dell Client System Update (HKLM-x32\...\{04566294-A6B6-4462-9721-031073EB3694}) (Version: 1.3.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 2.3.15835 - Invincea, Inc.)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DLL Suite 2013 (HKLM-x32\...\{885843E7-6CAC-4791-B7BF-1CD516017954}_is1) (Version: - )
DOC Regenerator (HKLM-x32\...\{5C128CF4-AD6B-42C6-A6E0-DF62406C1D44}) (Version: 2.11.0000 - Dmitriy Primochenko)
DVD Knife 4.0 (HKLM-x32\...\DVD Knife_is1) (Version: - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Eudora (HKLM-x32\...\{9F9EDD65-CFEC-4853-B130-40FFD8CF9741}) (Version: 7.0 - )
FastAccess Web Alert (HKLM-x32\...\FastAccess Web Alert) (Version: 1.00 - Sensible Vision)
FastPreview (HKLM\...\{D15D6000-1FEC-4607-B66F-7C5DC37C47C8}) (Version: 4.0.0 - Nils Maier)
Flash Optimizer 2 (HKLM-x32\...\Flash Optimizer_is1) (Version: 2.1 - Eltima Software)
Flash Slideshow Maker Pro 4.62 (HKLM-x32\...\Flash Slideshow Maker Pro) (Version: 4.62 - AnvSoft, Inc.)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 0.5.0 - Hotger)
FTP Surfer (HKLM-x32\...\{E518C80C-C549-40E1-844C-669ED64195D3}) (Version: 1.00.0700 - Whisper Technology Limited)
Get Yahoo! Messenger (HKLM-x32\...\Get Yahoo! Messenger) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
History Viewer v4.9 (HKLM-x32\...\History Viewer_is1) (Version: - Digital Forensics Studio)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
IconEdit2 v4.2 (HKLM-x32\...\IconEdit2_is1) (Version: - Dmitry G. Kozhinov)
ImageConverter Plus 8.0 (HKLM-x32\...\ImageConverter Plus_is1) (Version: 8.0.95 (build: 100209) - fCoder Group, Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
iWisoft Flash SWF to Video Converter 3.4 (HKLM-x32\...\iWisoft Flash SWF to Video Converter_is1) (Version: 3.4.0 - www.flash-swf-converter.com)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.7.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
Live! Cam Chat HD VF0790 Driver (1.00.01.00) (HKLM\...\Creative VF0790) (Version: - Creative Technology Ltd.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
MemoriesOnTV 4.1.2 (HKLM-x32\...\MemoriesOnTV4_is1) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Morpheus Photo Morpher v3.10 (HKLM-x32\...\Morpheus Photo Morpher_is1) (Version: - Morpheus Software, LLC)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Rotator 1.2 (HKLM-x32\...\Movie Rotator_is1) (Version: - Chris Pearce)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.1.0 - Mozilla)
Mozilla Thunderbird 24.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.1.0 (x86 en-US)) (Version: 24.1.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Musicnotes Software Suite 1.4.6 (HKLM-x32\...\Musicnotes Combined Installer_is1) (Version: 1.4.6 - Musicnotes Inc.)
Pegasus Mail HTML Renderer 2.4.9.2 (HKLM-x32\...\{A9F5E1E1-1281-4862-90B4-6CF8E6AF83CE}_is1) (Version: - Micha's Midnight Manufacture)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5987 - Realtek Semiconductor Corp.)
Roxio Creator NXT Pro 2 Disc 2 (x32 Version: 15.0 - Roxio) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sothink SWF Easy (HKLM-x32\...\{C8F4800F-52F4-4115-BE64-FF1C23604E86}_is1) (Version: 6.4 - SourceTec Software Co., LTD)
Sound Organizer (HKLM-x32\...\{2F88B11C-544B-4148-AB59-512FD788E6BB}) (Version: 1.5.0.10210 - Sony Corporation)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.5.5.4 - Splashtop Inc.)
Total Uninstall 5.10.0 (HKLM-x32\...\Total Uninstall 5_is1) (Version: 5.10.0 - Gavrila Martau)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.8.0 - Tweaking.com)
Ultra Video To Flash Converter 2.0 (HKLM-x32\...\Ultra Video To Flash Converter_is1) (Version: - Ultra Shareware, Inc.)
Universal Document Converter Server Edition (HKLM-x32\...\Universal Document Converter_is1) (Version: 5.7 - fCoder Group, Inc.)
VideoReDo/Plus Version 2.5.6.512 (HKLM-x32\...\VideoReDo-Plus_is1) (Version: - DRD Systems, Inc.)
WebLog Expert 5.2 (HKLM-x32\...\WebLog Expert_is1) (Version: 5.2 - Alentum Software, Inc.)
WebLog Expert Lite 6.4 (HKLM-x32\...\WebLog Expert Lite_is1) (Version: 6.4 - Alentum Software, Inc.)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinZip 14.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BC}) (Version: 14.0.9029 - WinZip Computing, S.L. )
Wondershare Media Converter(Build 1.3.5.0) (HKLM-x32\...\Wondershare Media Converter_is1) (Version: - Wondershare Software)
XNote Stopwatch (HKLM-x32\...\XNote Stopwatch) (Version: 1.65 - dnSoft Research Group)
Yahoo SiteBuilder (HKLM-x32\...\Yahoo SiteBuilder) (Version: 2.8.7 - Yahoo Inc.)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 8110.8 MB
Available physical RAM: 5822.35 MB
Total Pagefile: 16219.77 MB
Available Pagefile: 13869.3 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.01 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:455.52 GB) (Free:93.22 GB) NTFS
3 Drive y: (RECOVERY) (Fixed) (Total:10.2 GB) (Free:2.88 GB) NTFS

========================= Users: ========================================

User accounts for \\BRUCE-PC

Administrator            Bruce                    Guest

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

11-07-2014 16:31:42 Uninstalled with Total Uninstall "Spybot - Search & Destroy"
12-07-2014 15:29:09 Restore Operation
12-07-2014 16:00:00 System Checkpoint made by System Restore Point Creator
13-07-2014 17:20:35 System Checkpoint made by System Restore Point Creator
14-07-2014 03:43:44 System Checkpoint made by System Restore Point Creator
14-07-2014 16:06:29 System Checkpoint made by System Restore Point Creator
14-07-2014 18:42:34 Windows Update
15-07-2014 16:00:01 System Checkpoint made by System Restore Point Creator
16-07-2014 16:00:05 System Checkpoint made by System Restore Point Creator
16-07-2014 19:51:43 Restore Operation
16-07-2014 21:59:18 Pre-Secheduler Fix
17-07-2014 13:17:55 Restore Operation
17-07-2014 16:00:11 System Checkpoint made by System Restore Point Creator
18-07-2014 16:00:10 System Checkpoint made by System Restore Point Creator
18-07-2014 18:49:02 Windows Update
19-07-2014 05:44:44 System Checkpoint made by System Restore Point Creator
19-07-2014 16:00:09 System Checkpoint made by System Restore Point Creator
19-07-2014 16:46:40 Restore Operation

**** End of log ****

#4
BrucieK

Posted 19 July 2014 - 11:23 AM

Member

Topic Starter
Member
11 posts

And here are the FarberScannerService results:

Farbar Service Scanner Version: 18-07-2014
Ran by Bruce (administrator) on 19-07-2014 at 13:19:55
Running from "C:\Users\Bruce\Documents\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

#5
SleepyDude

Posted 19 July 2014 - 01:55 PM

Trusted Helper

Malware Removal
4,976 posts

Hi,

I'm running some tests on this problem, in the meantime

Check Windows System files integrity

open the Command Prompt as Administrator (Tutorial)
type the following command and press Enter:
```
sfc /scannow
```
Note: This may take some time to finish.

if it doesn't say "No integrity violations found" them do this:

In the command prompt window, type or Copy & Paste the following:

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >"%userprofile%\Desktop\sfcdetails.txt"

Close the command prompt.
Attach to your post the sfcdetails.txt file that was just placed on your Desktop
You can safely delete the sfcdetails.txt file afterwards if you like

#6
BrucieK

Posted 19 July 2014 - 04:03 PM

Member

Topic Starter
Member
11 posts

I ran the scannow command, and no integrity violations were found.

#7
SleepyDude

Posted 20 July 2014 - 03:32 PM

Trusted Helper

Malware Removal
4,976 posts

I ran the scannow command, and no integrity violations were found.

Good, we did a basic check on windows and there are no signs of problems.

I did some reading about how System Restore works on Windows 7 and it seems is working as it should, please check the following Microsoft page.

- Windows Restore Points

Scheduled restore points
System Restore can be configured to create restore points at regular intervals. Users can also manually create and name a restore point at any time from within the System Restore user interface. These restore points are saved and compressed, and these choices are available to the user through the System Restore user interface. System Restore in Windows 7 creates a scheduled restore point only if no other restore points have been created in the last 7 days. System Restore in Windows Vista creates a checkpoint every 24 hours if no other restore points were created that day. System Restore in Windows XP creates a checkpoint every 24 hours of absolute time.

You can confirm if the Schedule task is running properly by enabling the Enable All Tasks History available on the right side of Task Scheduler, restart the PC and check the History tab for the \Microsoft\Windows\SystemRestore\SR task, The log will show if the task run successfully or not.

The fact of the task ran successfully will not guarantee a new System Restore point because windows will decide if it's time to create a SRP or not.

On this link there is a thread about exactly the same problem, there is a VBS script available and detailed instructions posted by Johngalt on post #8 if you decide to force windows to create additional Restore Points.

#8
BrucieK

Posted 21 July 2014 - 11:12 AM

Member

Topic Starter
Member
11 posts

Thanks, Sleepy Dude. What I don't understand is why Windows would give you an option to create restore points more frequently than every seven days, but then override that with the seven-day rule. Johngalt says in his post that he thinks the rule is hard-coded, but then why give the option to create restore points more frequently in Task Scheduler? Also, I still don't understand why my Task Scheduler says "Task Scheduler service is not available. Task Scheduler will attempt to reconnect to it" when I click on "Display All Running Tasks." I've read a few things that said it may have to do with my user permissions -- but user permission stuff always confuses me.

#9
SleepyDude

Posted 22 July 2014 - 05:03 AM

Trusted Helper

Malware Removal
4,976 posts

Thanks, Sleepy Dude. What I don't understand is why Windows would give you an option to create restore points more frequently than every seven days, but then override that with the seven-day rule. Johngalt says in his post that he thinks the rule is hard-coded, but then why give the option to create restore points more frequently in Task Scheduler?

Actually they don't give you that option. There are lot's of tasks created my Microsoft that you can see on the Task Scheduler and shouldn't be changed because they are important to the system.

Also, I still don't understand why my Task Scheduler says "Task Scheduler service is not available. Task Scheduler will attempt to reconnect to it" when I click on "Display All Running Tasks." I've read a few things that said it may have to do with my user permissions -- but user permission stuff always confuses me.

If you check the Task Scheduler on service is it set to Startup Type: Automatic and Log On as: Local System like on the image?

#10
BrucieK

Posted 22 July 2014 - 09:44 AM

Member

Topic Starter
Member
11 posts

Certainly Task Scheduler gives you an option to customize your restore point schule. (I just made a screengrab for you of my settings tab on my Task Scheduler, but I don't know how to upload it here!)

#11
SleepyDude

Posted 22 July 2014 - 10:59 AM

Trusted Helper

Malware Removal
4,976 posts

Certainly Task Scheduler gives you an option to customize your restore point schule. (I just made a screengrab for you of my settings tab on my Task Scheduler, but I don't know how to upload it here!)

You need to use the More Reply Options button and attach.

Yes you can adjust the schedule but the System Restore internally will decide if it's time to create a New System Check Restore point or not.

I tried to find a way to change the 7 days interval but didn't find it...