I changed he user mode windows driver startup from manual to automatic
I uninstalled microsoft office click-to-run 2010
I cleared windows system and application logs
Here are the View files
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 16/02/2015 6:44:30 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/02/2015 11:35:55 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 16/02/2015 11:18:39 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 16/02/2015 6:45:54 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/02/2015 11:18:19 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine Unexpected error: dwIndex out of scope 6 7. hr = 0x8000ffff, Catastrophic failure .
Operation:
OnPostSnapshot event
PostSnapshot Event
Context:
Execution Context: Shadow Copy Optimization Writer
Execution Context: Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {e6b3aa0c-c617-4682-b587-3c0518252c4a}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/02/2015 11:35:54 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 8 user registry handles leaked from \Registry\User\S-1-5-21-4215829332-950673753-2765580295-1001:
Process 600 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001
Process 600 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001
Process 456 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001\Software\Microsoft\SystemCertificates\trust
Process 456 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001\Software\Microsoft\SystemCertificates\Root
Process 600 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001\Software\Microsoft\SystemCertificates\My
Process 600 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001\Software\Microsoft\SystemCertificates\CA
Process 456 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 600 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001\Software\Microsoft\SystemCertificates\Disallowed
Log: 'Application' Date/Time: 16/02/2015 11:18:35 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-4215829332-950673753-2765580295-1001:
Process 612 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001
Process 612 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001
Process 612 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001\Software\Microsoft\SystemCertificates\My
Process 612 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001\Software\Microsoft\SystemCertificates\CA
Process 612 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-4215829332-950673753-2765580295-1001\Software\Microsoft\SystemCertificates\Disallowed
Log: 'Application' Date/Time: 16/02/2015 11:18:19 PM
Type: Warning Category: 0
Event: 8229 Source: VSS
A VSS writer has rejected an event with error 0x00000000, The operation completed successfully. . Changes that the writer made to the writer components while handling the event will not be available to the requester. Check the event log for related events from the application hosting the VSS writer.
Operation:
PostSnapshot Event
Context:
Execution Context: Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {e6b3aa0c-c617-4682-b587-3c0518252c4a}
Command Line: C:\Windows\system32\vssvc.exe
Process ID: 4680
Log: 'Application' Date/Time: 16/02/2015 11:17:57 PM
Type: Warning Category: 51
Event: 3208 Source: Application Virtualization Client
The event description cannot be found.
Log: 'Application' Date/Time: 16/02/2015 11:17:24 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{48d7ed77-480d-11e0-abee-1a659da7f5ba}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider